diff --git a/script/helm/garage/Chart.yaml b/script/helm/garage/Chart.yaml index b981fc61..fca569cc 100644 --- a/script/helm/garage/Chart.yaml +++ b/script/helm/garage/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.5.1 +version: 0.6.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/script/helm/garage/README.md b/script/helm/garage/README.md new file mode 100644 index 00000000..1921509a --- /dev/null +++ b/script/helm/garage/README.md @@ -0,0 +1,86 @@ +# garage + +![Version: 0.6.0](https://img.shields.io/badge/Version-0.6.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v1.0.1](https://img.shields.io/badge/AppVersion-v1.0.1-informational?style=flat-square) + +S3-compatible object store for small self-hosted geo-distributed deployments + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| deployment.kind | string | `"StatefulSet"` | Switchable to DaemonSet | +| deployment.podManagementPolicy | string | `"OrderedReady"` | If using statefulset, allow Parallel or OrderedReady (default) | +| deployment.replicaCount | int | `3` | Number of StatefulSet replicas/garage nodes to start | +| environment | object | `{}` | | +| extraVolumeMounts | object | `{}` | | +| extraVolumes | object | `{}` | | +| fullnameOverride | string | `""` | | +| garage.blockSize | string | `"1048576"` | Defaults is 1MB An increase can result in better performance in certain scenarios https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/#block-size | +| garage.bootstrapPeers | list | `[]` | This is not required if you use the integrated kubernetes discovery | +| garage.compressionLevel | string | `"1"` | zstd compression level of stored blocks https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/#compression-level | +| garage.dbEngine | string | `"lmdb"` | Can be changed for better performance on certain systems https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/#db-engine-since-v0-8-0 | +| garage.existingConfigMap | string | `""` | if not empty string, allow using an existing ConfigMap for the garage.toml if set, ignores garage.toml | +| garage.garageTomlString | string | `""` | String Template for the garage configuration if set, ignores above values Values can be templated ref: https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/ | +| garage.kubernetesSkipCrd | bool | `false` | | +| garage.replicationMode | string | `"3"` | Default to 3 replicas, see the replication_mode section at https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/#replication-mode | +| garage.rpcBindAddr | string | `"[::]:3901"` | | +| garage.rpcSecret | string | `""` | If not given, a random secret will be generated and stored in a Secret object | +| garage.s3.api.region | string | `"garage"` | | +| garage.s3.api.rootDomain | string | `".s3.garage.tld"` | | +| garage.s3.web.index | string | `"index.html"` | | +| garage.s3.web.rootDomain | string | `".web.garage.tld"` | | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.repository | string | `"dxflrs/amd64_garage"` | | +| image.tag | string | `""` | please prefer using the chart version and not this tag | +| imagePullSecrets | list | `[]` | | +| ingress.s3.api.annotations | object | `{}` | Rely either on the className or the annotation below but not both replace "nginx" by an Ingress controller you can find examples here https://kubernetes.io/docs/concepts/services-networking/ingress-controllers className: "nginx" | +| ingress.s3.api.enabled | bool | `false` | | +| ingress.s3.api.hosts[0] | object | `{"host":"s3.garage.tld","paths":[{"path":"/","pathType":"Prefix"}]}` | garage S3 API endpoint | +| ingress.s3.api.hosts[1] | object | `{"host":"*.s3.garage.tld","paths":[{"path":"/","pathType":"Prefix"}]}` | garage S3 API endpoint, DNS style bucket access | +| ingress.s3.api.labels | object | `{}` | | +| ingress.s3.api.tls | list | `[]` | | +| ingress.s3.web.annotations | object | `{}` | Rely either on the className or the annotation below but not both replace "nginx" by an Ingress controller you can find examples here https://kubernetes.io/docs/concepts/services-networking/ingress-controllers className: "nginx" | +| ingress.s3.web.enabled | bool | `false` | | +| ingress.s3.web.hosts[0] | object | `{"host":"*.web.garage.tld","paths":[{"path":"/","pathType":"Prefix"}]}` | wildcard website access with bucket name prefix | +| ingress.s3.web.hosts[1] | object | `{"host":"mywebpage.example.com","paths":[{"path":"/","pathType":"Prefix"}]}` | specific bucket access with FQDN bucket | +| ingress.s3.web.labels | object | `{}` | | +| ingress.s3.web.tls | list | `[]` | | +| initImage.pullPolicy | string | `"IfNotPresent"` | | +| initImage.repository | string | `"busybox"` | | +| initImage.tag | string | `"stable"` | | +| monitoring.metrics.enabled | bool | `false` | If true, a service for monitoring is created with a prometheus.io/scrape annotation | +| monitoring.metrics.serviceMonitor.enabled | bool | `false` | If true, a ServiceMonitor CRD is created for a prometheus operator https://github.com/coreos/prometheus-operator | +| monitoring.metrics.serviceMonitor.interval | string | `"15s"` | | +| monitoring.metrics.serviceMonitor.labels | object | `{}` | | +| monitoring.metrics.serviceMonitor.path | string | `"/metrics"` | | +| monitoring.metrics.serviceMonitor.relabelings | list | `[]` | | +| monitoring.metrics.serviceMonitor.scheme | string | `"http"` | | +| monitoring.metrics.serviceMonitor.scrapeTimeout | string | `"10s"` | | +| monitoring.metrics.serviceMonitor.tlsConfig | object | `{}` | | +| monitoring.tracing.sink | string | `""` | | +| nameOverride | string | `""` | | +| nodeSelector | object | `{}` | | +| persistence.data.hostPath | string | `"/var/lib/garage/data"` | | +| persistence.data.size | string | `"100Mi"` | | +| persistence.enabled | bool | `true` | | +| persistence.meta.hostPath | string | `"/var/lib/garage/meta"` | | +| persistence.meta.size | string | `"100Mi"` | | +| podAnnotations | object | `{}` | | +| podSecurityContext.fsGroup | int | `1000` | | +| podSecurityContext.runAsGroup | int | `1000` | | +| podSecurityContext.runAsNonRoot | bool | `true` | | +| podSecurityContext.runAsUser | int | `1000` | | +| resources | object | `{}` | | +| securityContext.capabilities | object | `{"drop":["ALL"]}` | The default security context is heavily restricted feel free to tune it to your requirements | +| securityContext.readOnlyRootFilesystem | bool | `true` | | +| service.s3.api.port | int | `3900` | | +| service.s3.web.port | int | `3902` | | +| service.type | string | `"ClusterIP"` | You can rely on any service to expose your cluster - ClusterIP (+ Ingress) - NodePort (+ Ingress) - LoadBalancer | +| serviceAccount.annotations | object | `{}` | Annotations to add to the service account | +| serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | +| tolerations | list | `[]` | | + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/script/helm/garage/templates/configmap.yaml b/script/helm/garage/templates/configmap.yaml index 5cc7a45e..81ca205e 100644 --- a/script/helm/garage/templates/configmap.yaml +++ b/script/helm/garage/templates/configmap.yaml @@ -1,7 +1,49 @@ +{{- if not .Values.garage.existingConfigMap }} apiVersion: v1 kind: ConfigMap metadata: name: {{ include "garage.fullname" . }}-config data: garage.toml: |- - {{- tpl (index (index .Values.garage) "garage.toml") $ | nindent 4 }} + {{- if .Values.garage.garageTomlString }} + {{- tpl (index (index .Values.garage) "garageTomlString") $ | nindent 4 }} + {{- else }} + metadata_dir = "/mnt/meta" + data_dir = "/mnt/data" + + db_engine = "{{ .Values.garage.dbEngine }}" + + block_size = {{ .Values.garage.blockSize }} + + replication_mode = "{{ .Values.garage.replicationMode }}" + + compression_level = {{ .Values.garage.compressionLevel }} + + rpc_bind_addr = "{{ .Values.garage.rpcBindAddr }}" + # rpc_secret will be populated by the init container from a k8s secret object + rpc_secret = "__RPC_SECRET_REPLACE__" + + bootstrap_peers = {{ .Values.garage.bootstrapPeers }} + + [kubernetes_discovery] + namespace = "{{ .Release.Namespace }}" + service_name = "{{ include "garage.fullname" . }}" + skip_crd = {{ .Values.garage.kubernetesSkipCrd }} + + [s3_api] + s3_region = "{{ .Values.garage.s3.api.region }}" + api_bind_addr = "[::]:3900" + root_domain = "{{ .Values.garage.s3.api.rootDomain }}" + + [s3_web] + bind_addr = "[::]:3902" + root_domain = "{{ .Values.garage.s3.web.rootDomain }}" + index = "{{ .Values.garage.s3.web.index }}" + + [admin] + api_bind_addr = "[::]:3903" + {{- if .Values.monitoring.tracing.sink }} + trace_sink = "{{ .Values.monitoring.tracing.sink }}" + {{- end }} + {{- end }} +{{- end }} diff --git a/script/helm/garage/values.yaml b/script/helm/garage/values.yaml index 013aa022..c128df55 100644 --- a/script/helm/garage/values.yaml +++ b/script/helm/garage/values.yaml @@ -4,27 +4,27 @@ # Garage configuration. These values go to garage.toml garage: - # Can be changed for better performance on certain systems + # -- Can be changed for better performance on certain systems # https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/#db-engine-since-v0-8-0 dbEngine: "lmdb" - # Defaults is 1MB + # -- Defaults is 1MB # An increase can result in better performance in certain scenarios # https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/#block-size blockSize: "1048576" - # Default to 3 replicas, see the replication_mode section at + # -- Default to 3 replicas, see the replication_mode section at # https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/#replication-mode replicationMode: "3" - # zstd compression level of stored blocks + # -- zstd compression level of stored blocks # https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/#compression-level compressionLevel: "1" rpcBindAddr: "[::]:3901" - # If not given, a random secret will be generated and stored in a Secret object + # -- If not given, a random secret will be generated and stored in a Secret object rpcSecret: "" - # This is not required if you use the integrated kubernetes discovery + # -- This is not required if you use the integrated kubernetes discovery bootstrapPeers: [] kubernetesSkipCrd: false s3: @@ -34,47 +34,16 @@ garage: web: rootDomain: ".web.garage.tld" index: "index.html" - # Template for the garage configuration + + # -- if not empty string, allow using an existing ConfigMap for the garage.toml + # if set, ignores garage.toml + existingConfigMap: "" + + # -- String Template for the garage configuration + # if set, ignores above values # Values can be templated # ref: https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/ - garage.toml: |- - metadata_dir = "/mnt/meta" - data_dir = "/mnt/data" - - db_engine = "{{ .Values.garage.dbEngine }}" - - block_size = {{ .Values.garage.blockSize }} - - replication_mode = "{{ .Values.garage.replicationMode }}" - - compression_level = {{ .Values.garage.compressionLevel }} - - rpc_bind_addr = "{{ .Values.garage.rpcBindAddr }}" - # rpc_secret will be populated by the init container from a k8s secret object - rpc_secret = "__RPC_SECRET_REPLACE__" - - bootstrap_peers = {{ .Values.garage.bootstrapPeers }} - - [kubernetes_discovery] - namespace = "{{ .Release.Namespace }}" - service_name = "{{ include "garage.fullname" . }}" - skip_crd = {{ .Values.garage.kubernetesSkipCrd }} - - [s3_api] - s3_region = "{{ .Values.garage.s3.api.region }}" - api_bind_addr = "[::]:3900" - root_domain = "{{ .Values.garage.s3.api.rootDomain }}" - - [s3_web] - bind_addr = "[::]:3902" - root_domain = "{{ .Values.garage.s3.web.rootDomain }}" - index = "{{ .Values.garage.s3.web.index }}" - - [admin] - api_bind_addr = "[::]:3903" - {{- if .Values.monitoring.tracing.sink }} - trace_sink = "{{ .Values.monitoring.tracing.sink }}" - {{- end }} + garageTomlString: "" # Data persistence persistence: @@ -92,16 +61,16 @@ persistence: # Deployment configuration deployment: - # Switchable to DaemonSet + # -- Switchable to DaemonSet kind: StatefulSet - # Number of StatefulSet replicas/garage nodes to start + # -- Number of StatefulSet replicas/garage nodes to start replicaCount: 3 - # If using statefulset, allow Parallel or OrderedReady (default) + # -- If using statefulset, allow Parallel or OrderedReady (default) podManagementPolicy: OrderedReady image: repository: dxflrs/amd64_garage - # please prefer using the chart version and not this tag + # -- please prefer using the chart version and not this tag tag: "" pullPolicy: IfNotPresent @@ -115,11 +84,11 @@ nameOverride: "" fullnameOverride: "" serviceAccount: - # Specifies whether a service account should be created + # -- Specifies whether a service account should be created create: true - # Annotations to add to the service account + # -- Annotations to add to the service account annotations: {} - # The name of the service account to use. + # -- The name of the service account to use. # If not set and create is true, a name is generated using the fullname template name: "" @@ -132,7 +101,7 @@ podSecurityContext: runAsNonRoot: true securityContext: - # The default security context is heavily restricted + # -- The default security context is heavily restricted # feel free to tune it to your requirements capabilities: drop: @@ -140,7 +109,7 @@ securityContext: readOnlyRootFilesystem: true service: - # You can rely on any service to expose your cluster + # -- You can rely on any service to expose your cluster # - ClusterIP (+ Ingress) # - NodePort (+ Ingress) # - LoadBalancer @@ -156,7 +125,7 @@ ingress: s3: api: enabled: false - # Rely either on the className or the annotation below but not both + # -- Rely either on the className or the annotation below but not both # replace "nginx" by an Ingress controller # you can find examples here https://kubernetes.io/docs/concepts/services-networking/ingress-controllers # className: "nginx" @@ -165,11 +134,13 @@ ingress: # kubernetes.io/tls-acme: "true" labels: {} hosts: - - host: "s3.garage.tld" # garage S3 API endpoint + # -- garage S3 API endpoint + - host: "s3.garage.tld" paths: - path: / pathType: Prefix - - host: "*.s3.garage.tld" # garage S3 API endpoint, DNS style bucket access + # -- garage S3 API endpoint, DNS style bucket access + - host: "*.s3.garage.tld" paths: - path: / pathType: Prefix @@ -179,7 +150,7 @@ ingress: # - kubernetes.docker.internal web: enabled: false - # Rely either on the className or the annotation below but not both + # -- Rely either on the className or the annotation below but not both # replace "nginx" by an Ingress controller # you can find examples here https://kubernetes.io/docs/concepts/services-networking/ingress-controllers # className: "nginx" @@ -188,11 +159,13 @@ ingress: # kubernetes.io/tls-acme: "true" labels: {} hosts: - - host: "*.web.garage.tld" # wildcard website access with bucket name prefix + # -- wildcard website access with bucket name prefix + - host: "*.web.garage.tld" paths: - path: / pathType: Prefix - - host: "mywebpage.example.com" # specific bucket access with FQDN bucket + # -- specific bucket access with FQDN bucket + - host: "mywebpage.example.com" paths: - path: / pathType: Prefix @@ -224,10 +197,10 @@ extraVolumeMounts: {} monitoring: metrics: - # If true, a service for monitoring is created with a prometheus.io/scrape annotation + # -- If true, a service for monitoring is created with a prometheus.io/scrape annotation enabled: false serviceMonitor: - # If true, a ServiceMonitor CRD is created for a prometheus operator + # -- If true, a ServiceMonitor CRD is created for a prometheus operator # https://github.com/coreos/prometheus-operator enabled: false path: /metrics