From abe36a0ec87cd52d46a4292f11e8b03ba6e2a662 Mon Sep 17 00:00:00 2001 From: Andrii Chubatiuk Date: Fri, 12 Apr 2024 23:58:21 +0300 Subject: [PATCH] made probes configurable, fixed formatting, ci cleanup (#171) * made probes configurable, fixed formatting, ci cleanup * added probes conditions * common volume mounts --- .github/workflows/ci.yml | 1 - charts/redash/Chart.yaml | 4 +- charts/redash/README.md | 11 ++++- charts/redash/templates/_helpers.tpl | 44 +++++++++-------- .../redash/templates/hook-migrations-job.yaml | 13 +++-- .../templates/scheduler-deployment.yaml | 16 ++++--- charts/redash/templates/secrets.yaml | 4 +- .../redash/templates/server-deployment.yaml | 41 ++++++---------- .../redash/templates/worker-deployment.yaml | 21 +++++---- charts/redash/values.yaml | 47 +++++++++++++++++-- 10 files changed, 117 insertions(+), 85 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 4fd0339..f509879 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -74,7 +74,6 @@ jobs: - uses: actions/checkout@v4 with: fetch-depth: 0 - - uses: azure/setup-helm@v4 - name: configure git run: | git config user.name "$GITHUB_ACTOR" diff --git a/charts/redash/Chart.yaml b/charts/redash/Chart.yaml index 89f440c..2d2db33 100644 --- a/charts/redash/Chart.yaml +++ b/charts/redash/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v1 name: redash -version: 3.1.0-alpha1 -appVersion: 24.04.0-dev-b8640593524.10 +version: 3.1.0-alpha2 +appVersion: 24.04.0-dev-b8665145752.21 description: Redash is an open source tool built for teams to query, visualize and collaborate. keywords: - redash diff --git a/charts/redash/README.md b/charts/redash/README.md index 1f2b14f..5dff3da 100644 --- a/charts/redash/README.md +++ b/charts/redash/README.md @@ -8,7 +8,7 @@ This chart bootstraps a [Redash](https://github.com/getredash/redash) deployment This is a contributed project developed by volunteers and not officially supported by Redash. -Current chart version is `3.1.0-alpha1` +Current chart version is `3.1.0-alpha2` * @@ -104,6 +104,8 @@ The following table lists the configurable parameters of the Redash chart and th | migrations.securityContext | object | `{}` | | | migrations.tolerations | list | `[]` | Tolerations for server pod assignment [ref](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | | migrations.ttlSecondsAfterFinished | int | `600` | ttl for install job [ref](https://kubernetes.io/docs/concepts/workloads/controllers/ttlafterfinished/) | +| migrations.volumeMounts | list | `[]` | volume mounts for migrations pods | +| migrations.volumes | list | `[]` | volumes that will be mounted to migrations pods only | | nameOverride | string | `""` | | | postgresql.auth.database | string | `"redash"` | PostgreSQL database name (when postgresql chart enabled) | | postgresql.auth.password | string | `nil` | REQUIRED: PostgreSQL password for redash user (when postgresql chart enabled) | @@ -201,6 +203,7 @@ The following table lists the configurable parameters of the Redash chart and th | redis.master.service.ports.redis | int | `6379` | | | scheduler.affinity | object | `{}` | Affinity for scheduler pod assignment [ref](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity) | | scheduler.env | object | `{}` | Redash scheduler specific environment variables. | +| scheduler.livenessProbe | object | `{}` | Liveness probe for scheduler to ensure workers are running fine | | scheduler.nodeSelector | object | `{}` | Node labels for scheduler pod assignment [ref](https://kubernetes.io/docs/user-guide/node-selection/) | | scheduler.podAnnotations | object | `{}` | Annotations for scheduler pod assignment [ref](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) | | scheduler.podLabels | object | `{}` | Labels for scheduler pod assignment [ref](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) | @@ -213,10 +216,12 @@ The following table lists the configurable parameters of the Redash chart and th | server.affinity | object | `{}` | Affinity for server pod assignment [ref](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity) | | server.env | object | `{}` | Redash server specific environment variables Don't use this for variables that are in the configuration above, however. | | server.httpPort | int | `5000` | Server container port (only useful if you are using a customized image) | +| server.livenessProbe | object | `{"failureThreshold":10,"initialDelaySeconds":90,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":1}` | Server liveness probe configuration | | server.nodeSelector | object | `{}` | Node labels for server pod assignment [ref](https://kubernetes.io/docs/user-guide/node-selection/) | | server.podAnnotations | object | `{}` | Annotations for server pod assignment [ref](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) | | server.podLabels | object | `{}` | Labels for server pod assignment [ref](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) | | server.podSecurityContext | object | `{}` | Security contexts for server pod assignment [ref](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) | +| server.readinessProbe | object | `{"failureThreshold":3,"initialDelaySeconds":10,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":1}` | Server readiness probe configuration | | server.replicaCount | int | `1` | Number of server pods to run | | server.resources | object | `{}` | Server resource requests and limits [ref](http://kubernetes.io/docs/user-guide/compute-resources/) | | server.securityContext | object | `{}` | | @@ -231,8 +236,10 @@ The following table lists the configurable parameters of the Redash chart and th | serviceAccount.annotations | object | `{}` | Annotations to add to the service account | | serviceAccount.create | bool | `true` | Specifies whether a service account should be created | | serviceAccount.name | string | `nil` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | +| volumeMounts | list | `[]` | Redash global volume mounts configuration - applied to all containers | +| volumes | list | `[]` | Redash global volumes configuration - applied to all containers | | worker.affinity | object | `{}` | Default affinity for worker pod assignment [ref](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity) | -| worker.livenessProbe | string | `nil` | Default worker's liveness probe to ensure workers are running fine | +| worker.livenessProbe | object | `{}` | Default worker's liveness probe to ensure workers are running fine | | worker.nodeSelector | object | `{}` | Default node labels for worker pod assignment [ref](https://kubernetes.io/docs/user-guide/node-selection/) | | worker.podAnnotations | object | `{}` | Default annotations for worker pod assignment [ref](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) | | worker.podLabels | object | `{}` | Default labels for worker pod assignment [ref](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) | diff --git a/charts/redash/templates/_helpers.tpl b/charts/redash/templates/_helpers.tpl index 8f27cb5..bd2ab7d 100644 --- a/charts/redash/templates/_helpers.tpl +++ b/charts/redash/templates/_helpers.tpl @@ -74,20 +74,19 @@ Get the secret name. {{/* Shared environment block used across each component. */}} -{{- define "redash.env" }} -{{- if not .Values.redash.selfManagedSecrets }} -{{- if not .Values.postgresql.enabled }} +{{- define "redash.env" -}} +{{- if not .Values.redash.selfManagedSecrets -}} +{{- if not .Values.postgresql.enabled -}} - name: REDASH_DATABASE_URL - {{ if .Values.externalPostgreSQLSecret -}} + {{- if .Values.externalPostgreSQLSecret }} valueFrom: - secretKeyRef: - {{- .Values.externalPostgreSQLSecret | toYaml | nindent 6 }} - {{ else -}} + secretKeyRef: {{ .Values.externalPostgreSQLSecret | toYaml | nindent 6 }} + {{- else }} value: {{ default "" .Values.externalPostgreSQL | quote }} {{- end }} {{- else -}} - name: REDASH_DATABASE_USER - value: "{{ .Values.postgresql.auth.username }}" + value: {{ .Values.postgresql.auth.username | quote }} - name: REDASH_DATABASE_PASSWORD valueFrom: secretKeyRef: @@ -96,16 +95,15 @@ Shared environment block used across each component. - name: REDASH_DATABASE_HOSTNAME value: {{ include "redash.postgresql.fullname" . }} - name: REDASH_DATABASE_PORT - value: "{{ .Values.postgresql.primary.service.ports.postgresql }}" + value: {{ .Values.postgresql.primary.service.ports.postgresql | quote }} - name: REDASH_DATABASE_NAME - value: "{{ .Values.postgresql.auth.database }}" -{{- end }} + value: {{ .Values.postgresql.auth.database | quote }} +{{- end -}} {{- if not .Values.redis.enabled }} - name: REDASH_REDIS_URL {{- if .Values.externalRedisSecret }} valueFrom: - secretKeyRef: - {{- .Values.externalRedisSecret | toYaml | nindent 6 }} + secretKeyRef: {{ .Values.externalRedisSecret | toYaml | nindent 6 }} {{- else }} value: {{ default "" .Values.externalRedis | quote }} {{- end }} @@ -122,15 +120,15 @@ Shared environment block used across each component. - name: REDASH_REDIS_HOSTNAME value: {{ include "redash.redis.fullname" . }} - name: REDASH_REDIS_PORT - value: "{{ .Values.redis.master.service.ports.redis }}" + value: {{ .Values.redis.master.service.ports.redis | quote }} - name: REDASH_REDIS_NAME - value: "{{ .Values.redis.database }}" -{{- end }} -{{- end }} -{{- range $key, $value := .Values.env }} -- name: "{{ $key }}" - value: "{{ $value }}" -{{- end }} + value: {{ .Values.redis.database | quote }} +{{ end -}} +{{- end -}} +{{ range $key, $value := .Values.env -}} +- name: {{ $key | quote }} + value: {{ $value | quote }} +{{ end -}} ## Start primary Redash configuration {{- if not .Values.redash.selfManagedSecrets }} {{- if or .Values.redash.secretKey .Values.redash.existingSecret }} @@ -515,8 +513,8 @@ helm.sh/chart: {{ include "redash.chart" . }} {{- if .workerName }} app.kubernetes.io/component: {{ .workerName }}worker {{- end }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- if or .Chart.AppVersion .Values.image.tag }} +app.kubernetes.io/version: {{ .Values.image.tag | default .Chart.AppVersion | quote }} {{- end }} app.kubernetes.io/managed-by: {{ .Release.Service }} {{- end -}} diff --git a/charts/redash/templates/hook-migrations-job.yaml b/charts/redash/templates/hook-migrations-job.yaml index 8b396ab..94e53a4 100644 --- a/charts/redash/templates/hook-migrations-job.yaml +++ b/charts/redash/templates/hook-migrations-job.yaml @@ -34,11 +34,8 @@ spec: args: - create_db env: - {{- include "redash.env" . | nindent 10 }} - {{- range $key, $value := .Values.migrations.env }} - - name: "{{ $key }}" - value: "{{ $value }}" - {{- end }} + {{- $envCtx := mergeOverwrite (deepCopy .) (dict "Values" (dict "env" .Values.migrations.env)) -}} + {{- include "redash.env" $envCtx | nindent 10 }} {{- if (include "redash.envFrom" .) }} envFrom: {{- include "redash.envFrom" . | nindent 10 }} @@ -46,10 +43,12 @@ spec: {{- with .Values.migrations.resources }} resources: {{ toYaml . | nindent 10 }} {{- end }} - {{- with .Values.migrations.volumeMounts }} + {{- $volumeMounts := concat .Values.volumeMounts .Values.migrations.volumeMounts }} + {{- with $volumeMounts }} volumeMounts: {{ toYaml . | nindent 10 }} {{- end }} - {{- with .Values.migrations.volumes }} + {{- $volumes := concat .Values.volumes .Values.migrations.volumes -}} + {{- with $volumes }} volumes: {{ toYaml . | nindent 8 }} {{- end }} {{- with .Values.migrations.nodeSelector }} diff --git a/charts/redash/templates/scheduler-deployment.yaml b/charts/redash/templates/scheduler-deployment.yaml index 1d99b4a..416a4de 100644 --- a/charts/redash/templates/scheduler-deployment.yaml +++ b/charts/redash/templates/scheduler-deployment.yaml @@ -38,24 +38,26 @@ spec: securityContext: {{ toYaml .Values.scheduler.securityContext | nindent 12 }} image: {{ .Values.image.registry }}/{{ .Values.image.repo }}:{{ .Values.image.tag | default .Chart.AppVersion }} imagePullPolicy: {{ .Values.image.pullPolicy }} - {{- with .Values.scheduler.volumeMounts }} + {{- $volumeMounts := concat .Values.volumeMounts .Values.scheduler.volumeMounts }} + {{- with $volumeMounts }} volumeMounts: {{ toYaml . | nindent 12 }} {{- end }} args: - scheduler env: - {{- include "redash.env" . | nindent 12 }} - {{- range $key, $value := .Values.scheduler.env }} - - name: "{{ $key }}" - value: "{{ $value }}" - {{- end }} + {{- $envCtx := mergeOverwrite (deepCopy .) (dict "Values" (dict "env" .Values.scheduler.env)) -}} + {{- include "redash.env" $envCtx | nindent 12 }} {{- with (include "redash.envFrom" .) }} envFrom: {{ . | nindent 12 }} {{- end }} {{- with .Values.scheduler.resources }} resources: {{ toYaml . | nindent 12 }} {{- end }} - {{- with .Values.scheduler.volumes }} + {{- with .Values.scheduler.livenessProbe }} + livenessProbe: {{ toYaml . | nindent 12 }} + {{- end }} + {{- $volumes := concat .Values.volumes .Values.scheduler.volumes }} + {{- with $volumes }} volumes: {{ toYaml . | nindent 8 }} {{- end }} {{- with .Values.scheduler.nodeSelector }} diff --git a/charts/redash/templates/secrets.yaml b/charts/redash/templates/secrets.yaml index 34e053a..b1da206 100644 --- a/charts/redash/templates/secrets.yaml +++ b/charts/redash/templates/secrets.yaml @@ -8,11 +8,11 @@ metadata: type: Opaque data: ## Start primary Redash configuration - {{ $null := required "A value for one of the following variables is required: redash.secretKey (secure random value), redash.existingSecret (secret name)" (or .Values.redash.secretKey .Values.redash.existingSecret) }} + {{- $null := required "A value for one of the following variables is required: redash.secretKey (secure random value), redash.existingSecret (secret name)" (or .Values.redash.secretKey .Values.redash.existingSecret) }} secretKey: {{ default "" .Values.redash.secretKey | b64enc | quote }} googleClientSecret: {{ default "" .Values.redash.googleClientSecret | b64enc | quote }} ldapBindDnPassword: {{ default "" .Values.redash.ldapBindDnPassword | b64enc | quote }} - {{ $null := required "A value for one of the following variables is required: redash.cookieSecret (secure random value), redash.existingSecret (secret name)" (or .Values.redash.cookieSecret .Values.redash.existingSecret) }} + {{- $null := required "A value for one of the following variables is required: redash.cookieSecret (secure random value), redash.existingSecret (secret name)" (or .Values.redash.cookieSecret .Values.redash.existingSecret) }} cookieSecret: {{ default "" .Values.redash.cookieSecret | b64enc | quote }} mailPassword: {{ default "" .Values.redash.mailPassword | b64enc | quote }} ## End primary Redash configuration diff --git a/charts/redash/templates/server-deployment.yaml b/charts/redash/templates/server-deployment.yaml index 2fd6901..1674bcf 100644 --- a/charts/redash/templates/server-deployment.yaml +++ b/charts/redash/templates/server-deployment.yaml @@ -36,45 +36,32 @@ spec: securityContext: {{ toYaml .Values.server.securityContext | nindent 12 }} image: {{ .Values.image.registry }}/{{ .Values.image.repo }}:{{ .Values.image.tag | default .Chart.AppVersion }} imagePullPolicy: {{ .Values.image.pullPolicy }} - {{- with .Values.server.volumeMounts }} + {{- $volumeMounts := concat .Values.volumeMounts .Values.server.volumeMounts }} + {{- with $volumeMounts }} volumeMounts: {{ toYaml . | nindent 12 }} {{- end }} args: - server env: - {{- include "redash.env" . | nindent 12 }} - {{- range $key, $value := .Values.server.env }} - - name: "{{ $key }}" - value: "{{ $value }}" - {{- end }} - {{ with (include "redash.envFrom" .) -}} + {{- $envCtx := mergeOverwrite (deepCopy .) (dict "Values" (dict "env" .Values.server.env)) -}} + {{- include "redash.env" $envCtx | nindent 12 }} + {{- with (include "redash.envFrom" .) }} envFrom: {{ . | nindent 12 }} {{- end }} ports: - containerPort: {{ .Values.server.httpPort }} - livenessProbe: - httpGet: - path: /ping - port: {{ .Values.server.httpPort }} - # Redash can take a while to come up initially, so we delay checks. - initialDelaySeconds: 90 - timeoutSeconds: 1 - periodSeconds: 10 - successThreshold: 1 - failureThreshold: 10 - readinessProbe: - httpGet: - path: /ping - port: {{ .Values.server.httpPort }} - initialDelaySeconds: 10 - timeoutSeconds: 1 - periodSeconds: 10 - successThreshold: 1 - failureThreshold: 3 + {{- $defaultProbe := dict "httpGet" (dict "path" "/ping" "port" .Values.server.httpPort) -}} + {{- with .Values.server.livenessProbe }} + livenessProbe: {{ deepCopy . | mergeOverwrite $defaultProbe | toYaml | nindent 12 }} + {{- end }} + {{- with .Values.server.readinessProbe }} + readinessProbe: {{ deepCopy . | mergeOverwrite $defaultProbe | toYaml | nindent 12 }} + {{- end }} {{- with .Values.server.resources }} resources: {{ toYaml .Values.server.resources | nindent 12 }} {{- end }} - {{- with .Values.server.volumes }} + {{- $volumes := concat .Values.volumes .Values.server.volumes -}} + {{- with $volumes }} volumes: {{ toYaml . | nindent 8 }} {{- end }} {{- with .Values.server.nodeSelector }} diff --git a/charts/redash/templates/worker-deployment.yaml b/charts/redash/templates/worker-deployment.yaml index 5055f31..f78cd31 100644 --- a/charts/redash/templates/worker-deployment.yaml +++ b/charts/redash/templates/worker-deployment.yaml @@ -1,6 +1,6 @@ {{ range $workerName, $config := .Values.workers -}} -{{- $workerConfig := merge (deepCopy $.Values.worker) $config }} -{{- $context := deepCopy $ | merge (dict "workerName" $workerName)}} +{{- $workerConfig := mergeOverwrite (deepCopy $.Values.worker) $config }} +{{- $context := mergeOverwrite (deepCopy $) (dict "workerName" $workerName)}} --- apiVersion: apps/v1 kind: Deployment @@ -36,23 +36,24 @@ spec: imagePullPolicy: {{ $.Values.image.pullPolicy }} args: - worker - {{ with $workerConfig.volumeMounts -}} + {{- $volumeMounts := concat $.Values.volumeMounts $workerConfig.volumeMounts }} + {{- with $volumeMounts }} volumeMounts: {{ toYaml . | nindent 12 }} {{- end -}} - livenessProbe: {{ toYaml $workerConfig.livenessProbe | nindent 12 }} - env: - {{- include "redash.env" $ | nindent 12 }} - {{- range $key, $value := $workerConfig.env }} - - name: "{{ $key }}" - value: "{{ $value }}" + {{- with $workerConfig.livenessProbe }} + livenessProbe: {{ toYaml . | nindent 12 }} {{- end }} + env: + {{- $envCtx := mergeOverwrite (deepCopy $) (dict "Values" (dict "env" $workerConfig.env)) -}} + {{- include "redash.env" $envCtx | nindent 12 }} {{- with (include "redash.envFrom" $) }} envFrom: {{ . | nindent 12 }} {{- end }} {{- with $workerConfig.resources }} resources: {{ toYaml . | nindent 12 }} {{- end }} - {{- with $workerConfig.volumes }} + {{- $volumes := concat $.Values.volumes $workerConfig.volumes -}} + {{- with $volumes }} volumes: {{ toYaml . | nindent 8 }} {{- end }} {{- with $workerConfig.nodeSelector }} diff --git a/charts/redash/values.yaml b/charts/redash/values.yaml index 3522d27..567a1ab 100644 --- a/charts/redash/values.yaml +++ b/charts/redash/values.yaml @@ -20,6 +20,12 @@ env: PYTHONUNBUFFERED: 0 REDASH_PRODUCTION: "true" +# volumes -- Redash global volumes configuration - applied to all containers +volumes: [] + +# volumeMounts -- Redash global volume mounts configuration - applied to all containers +volumeMounts: [] + ## Service account and security context configuration serviceAccount: # serviceAccount.create -- Specifies whether a service account should be created @@ -298,6 +304,23 @@ server: # cpu: 100m # memory: 500Mi + # server.livenessProbe -- Server liveness probe configuration + livenessProbe: + # Redash can take a while to come up initially, so we delay checks. + initialDelaySeconds: 90 + timeoutSeconds: 1 + periodSeconds: 10 + successThreshold: 1 + failureThreshold: 10 + + # server.readinessProbe -- Server readiness probe configuration + readinessProbe: + initialDelaySeconds: 10 + timeoutSeconds: 1 + periodSeconds: 10 + successThreshold: 1 + failureThreshold: 3 + # server.podSecurityContext -- Security contexts for server pod assignment [ref](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) podSecurityContext: {} securityContext: {} @@ -363,17 +386,17 @@ workers: adhoc: # workers.adhoc.env -- Redash ad-hoc worker specific environment variables. env: - QUEUES: "queries" + QUEUES: queries WORKERS_COUNT: 2 scheduled: # workers.scheduled.env -- Redash scheduled worker specific environment variables. env: - QUEUES: "scheduled_queries,schemas" + QUEUES: scheduled_queries,schemas WORKERS_COUNT: 1 generic: # workers.generic.env -- Redash generic worker specific environment variables. env: - QUEUES: "periodic,emails,default" + QUEUES: periodic,emails,default WORKERS_COUNT: 1 ## Common worker configuration, which can be overidden for each worker at workers. @@ -416,7 +439,7 @@ worker: volumeMounts: [] # worker.livenessProbe -- Default worker's liveness probe to ensure workers are running fine - livenessProbe: + livenessProbe: {} # exec: # command: # - /bin/sh @@ -443,6 +466,16 @@ scheduler: podSecurityContext: {} securityContext: {} + # scheduler.livenessProbe -- Liveness probe for scheduler to ensure workers are running fine + livenessProbe: {} + # exec: + # command: + # - /bin/sh + # - -c + # - /app/bin/docker-entrypoint workers_healthcheck + # initialDelaySeconds: 60 + # periodSeconds: 100 + # scheduler.nodeSelector -- Node labels for scheduler pod assignment [ref](https://kubernetes.io/docs/user-guide/node-selection/) nodeSelector: {} @@ -466,6 +499,12 @@ scheduler: ## Configuration for migrations hook migrations: + # migrations.volumes -- volumes that will be mounted to migrations pods only + volumes: [] + + # migrations.volumeMounts -- volume mounts for migrations pods + volumeMounts: [] + # migrations.ttlSecondsAfterFinished -- ttl for install job [ref](https://kubernetes.io/docs/concepts/workloads/controllers/ttlafterfinished/) ttlSecondsAfterFinished: 600 # migrations.resources -- Scheduled worker resource requests and limits [ref](http://kubernetes.io/docs/user-guide/compute-resources/)