diff --git a/helm-chart/helm3/6.5.0/skywalking/.helmignore b/helm-chart/helm3/6.5.0/skywalking/.helmignore new file mode 100644 index 0000000000000000000000000000000000000000..7c04072e13557f944268ed08248208660e90e5d0 --- /dev/null +++ b/helm-chart/helm3/6.5.0/skywalking/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +OWNERS diff --git a/helm-chart/helm3/6.5.0/skywalking/Chart.yaml b/helm-chart/helm3/6.5.0/skywalking/Chart.yaml new file mode 100644 index 0000000000000000000000000000000000000000..68adea04e7655aa8e7cf43678c466d7cca9d99b6 --- /dev/null +++ b/helm-chart/helm3/6.5.0/skywalking/Chart.yaml @@ -0,0 +1,20 @@ +apiVersion: v2 +name: skywalking +home: https://skywalking.apache.org +version: 1.0.0 +appVersion: 6.5.0 +description: Apache SkyWalking APM System +icon: https://raw.githubusercontent.com/apache/skywalking-kubernetes/master/logo/sw-logo-for-chart.jpg +sources: +- https://github.com/apache/skywalking-kubernetes +maintainers: +- name: hanahmily + email: hanahmily@gmail.com +- name: innerpeacez + email: innerpeace.zhai@gmail.com + +dependencies: + - name: elasticsearch + version: ~1.32.0 + repository: https://kubernetes-charts.storage.googleapis.com/ + condition: elasticsearch.enabled \ No newline at end of file diff --git a/helm-chart/helm3/6.5.0/skywalking/OWNERS b/helm-chart/helm3/6.5.0/skywalking/OWNERS new file mode 100644 index 0000000000000000000000000000000000000000..980b53aa447dcf6827498dd1f69896c4fd5e03c9 --- /dev/null +++ b/helm-chart/helm3/6.5.0/skywalking/OWNERS @@ -0,0 +1,8 @@ +approvers: +- hanahmily +- wu-sheng +- innerpeacez +reviewers: +- hanahmily +- wu-sheng +- innerpeacez \ No newline at end of file diff --git a/helm-chart/helm3/6.5.0/skywalking/README.md b/helm-chart/helm3/6.5.0/skywalking/README.md new file mode 100644 index 0000000000000000000000000000000000000000..d37afd0984216987cbfa51dc321e55fd68c81e23 --- /dev/null +++ b/helm-chart/helm3/6.5.0/skywalking/README.md @@ -0,0 +1,214 @@ +# Apache Skywalking Helm Chart + +[Apache SkyWalking](https://skywalking.apache.org/) is application performance monitor tool for distributed systems, especially designed for microservices, cloud native and container-based (Docker, K8s, Mesos) architectures. + +## Introduction + +This chart bootstraps a [Apache SkyWalking](https://skywalking.apache.org/) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. + +## Prerequisites + + - Kubernetes 1.9.6+ + - PV dynamic provisioning support on the underlying infrastructure (StorageClass) + - Helm 3 + +## Installing the Chart + +To install the chart with the release name `my-release`: + +```shell +$ helm install my-release skywalking -n +``` + +The command deploys Apache Skywalking on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation. + +> **Tip**: List all releases using `helm list` + +## Uninstalling the Chart + +To uninstall/delete the `my-release` deployment: + +```shell +$ helm uninstall my-release -n +``` + +The command removes all the Kubernetes components associated with the chart and deletes the release. + +## Configuration + +The following table lists the configurable parameters of the Skywalking chart and their default values. + +| Parameter | Description | Default | +|---------------------------------------|--------------------------------------------------------------------|-------------------------------------| +| `nameOverride` | Override name | `nil` | +| `serviceAccounts.oap` | Name of the OAP service account to use or create | `nil` | +| `oap.name` | OAP deployment name | `oap` | +| `oap.image.repository` | OAP container image name | `apache/skywalking-oap-server` | +| `oap.image.tag` | OAP container image tag | `6.1.0` | +| `oap.image.pullPolicy` | OAP container image pull policy | `IfNotPresent` | +| `oap.ports.grpc` | OAP grpc port for tracing or metric | `11800` | +| `oap.ports.rest` | OAP http port for Web UI | `12800` | +| `oap.replicas` | OAP k8s deployment replicas | `2` | +| `oap.service.type` | OAP svc type | `ClusterIP` | +| `oap.javaOpts` | Parameters to be added to `JAVA_OPTS`environment variable for OAP | `-Xms2g -Xmx2g` | +| `oap.antiAffinity` | OAP anti-affinity policy | `soft` | +| `oap.nodeAffinity` | OAP node affinity policy | `{}` | +| `oap.nodeSelector` | OAP labels for master pod assignment | `{}` | +| `oap.tolerations` | OAP tolerations | `[]` | +| `oap.resources` | OAP node resources requests & limits | `{} - cpu limit must be an integer` | +| `oap.envoy.als.enabled` | Open envoy als | `false` | +| `oap.env` | OAP environment variables | `[]` | +| `ui.name` | Web UI deployment name | `ui` | +| `ui.replicas` | Web UI k8s deployment replicas | `1` | +| `ui.image.repository` | Web UI container image name | `apache/skywalking-ui` | +| `ui.image.tag` | Web UI container image tag | `6.1.0` | +| `ui.image.pullPolicy` | Web UI container image pull policy | `IfNotPresent` | +| `ui.ingress.enabled` | Create Ingress for Web UI | `false` | +| `ui.ingress.annotations` | Associate annotations to the Ingress | `{}` | +| `ui.ingress.path` | Associate path with the Ingress | `/` | +| `ui.ingress.hosts` | Associate hosts with the Ingress | `[]` | +| `ui.ingress.tls` | Associate TLS with the Ingress | `[]` | +| `ui.service.type` | Web UI svc type | `ClusterIP` | +| `ui.service.externalPort` | external port for the service | `80` | +| `ui.service.internalPort` | internal port for the service | `8080` | +| `ui.service.externalIPs` | external IP addresses | `nil` | +| `ui.service.loadBalancerIP` | Load Balancer IP address | `nil` | +| `ui.service.annotations` | Kubernetes service annotations | `{}` | +| `ui.service.loadBalancerSourceRanges` | Limit load balancer source IPs to list of CIDRs (where available)) | `[]` | +| `elasticsearch.enabled` | Spin up a new elasticsearch cluster for SkyWalking | `true` | +| `elasticsearch.client.name` | `client` | Client component name | +| `elasticsearch.client.replicas` | `2` | Client node replicas (deployment) | +| `elasticsearch.client.resources` | `{} - cpu limit must be an integer` | Client node resources requests & limits | +| `elasticsearch.client.priorityClassName` | `nil` | Client priorityClass | +| `elasticsearch.client.heapSize` | `512m` | Client node heap size | +| `elasticsearch.client.podAnnotations` | `{}` | Client Deployment annotations | +| `elasticsearch.client.nodeSelector` | `{}` | Node labels for client pod assignment | +| `elasticsearch.client.tolerations` | `[]` | Client tolerations | +| `elasticsearch.client.serviceAnnotations` | `{}` | Client Service annotations | +| `elasticsearch.client.serviceType` | `ClusterIP` | Client service type | +| `elasticsearch.client.httpNodePort` | `nil` | Client service HTTP NodePort port number. Has no effect if client.serviceType is not `NodePort`. | +| `elasticsearch.client.loadBalancerIP` | `{}` | Client loadBalancerIP | +| `elasticsearch.client.loadBalancerSourceRanges` | `{}` | Client loadBalancerSourceRanges | +| `elasticsearch.client.antiAffinity` | `soft` | Client anti-affinity policy | +| `elasticsearch.client.nodeAffinity` | `{}` | Client node affinity policy | +| `elasticsearch.client.initResources` | `{}` | Client initContainer resources requests & limits | +| `elasticsearch.client.additionalJavaOpts` | `""` | Parameters to be added to `ES_JAVA_OPTS` environment variable for client | +| `elasticsearch.client.ingress.enabled` | `false` | Enable Client Ingress | +| `elasticsearch.client.ingress.user` | `nil` | If this & password are set, enable basic-auth on ingress | +| `elasticsearch.client.ingress.password` | `nil` | If this & user are set, enable basic-auth on ingress | +| `elasticsearch.client.ingress.annotations` | `{}` | Client Ingress annotations | +| `elasticsearch.client.ingress.hosts` | `[]` | Client Ingress Hostnames | +| `elasticsearch.client.ingress.tls` | `[]` | Client Ingress TLS configuration | +| `elasticsearch.client.exposeTransportPort` | `false` | Expose transport port 9300 on client service (ClusterIP) | +| `elasticsearch.master.initResources` | `{}` | Master initContainer resources requests & limits | +| `elasticsearch.master.additionalJavaOpts` | `""` | Parameters to be added to `ES_JAVA_OPTS` environment variable for master | +| `elasticsearch.master.exposeHttp` | `false` | Expose http port 9200 on master Pods for monitoring, etc | +| `elasticsearch.master.name` | `master` | Master component name | +| `elasticsearch.master.replicas` | `2` | Master node replicas (deployment) | +| `elasticsearch.master.resources` | `{} - cpu limit must be an integer` | Master node resources requests & limits | +| `elasticsearch.master.priorityClassName` | `nil` | Master priorityClass | +| `elasticsearch.master.podAnnotations` | `{}` | Master Deployment annotations | +| `elasticsearch.master.nodeSelector` | `{}` | Node labels for master pod assignment | +| `elasticsearch.master.tolerations` | `[]` | Master tolerations | +| `elasticsearch.master.heapSize` | `512m` | Master node heap size | +| `elasticsearch.master.name` | `master` | Master component name | +| `elasticsearch.master.persistence.enabled` | `false` | Master persistent enabled/disabled | +| `elasticsearch.master.persistence.name` | `data` | Master statefulset PVC template name | +| `elasticsearch.master.persistence.size` | `4Gi` | Master persistent volume size | +| `elasticsearch.master.persistence.storageClass` | `nil` | Master persistent volume Class | +| `elasticsearch.master.persistence.accessMode` | `ReadWriteOnce` | Master persistent Access Mode | +| `elasticsearch.master.readinessProbe` | see `values.yaml` for defaults | Master container readiness probes | +| `elasticsearch.master.antiAffinity` | `soft` | Master anti-affinity policy | +| `elasticsearch.master.nodeAffinity` | `{}` | Master node affinity policy | +| `elasticsearch.master.podManagementPolicy` | `OrderedReady` | Master pod creation strategy | +| `elasticsearch.master.updateStrategy` | `{type: "onDelete"}` | Master node update strategy policy | +| `elasticsearch.data.initResources` | `{}` | Data initContainer resources requests & limits | +| `elasticsearch.data.additionalJavaOpts` | `""` | Parameters to be added to `ES_JAVA_OPTS` environment variable for data | +| `elasticsearch.data.exposeHttp` | `false` | Expose http port 9200 on data Pods for monitoring, etc | +| `elasticsearch.data.replicas` | `2` | Data node replicas (statefulset) | +| `elasticsearch.data.resources` | `{} - cpu limit must be an integer` | Data node resources requests & limits | +| `elasticsearch.data.priorityClassName` | `nil` | Data priorityClass | +| `elasticsearch.data.heapSize` | `1536m` | Data node heap size | +| `elasticsearch.data.hooks.drain.enabled` | `true` | Data nodes: Enable drain pre-stop and post-start hook | +| `elasticsearch.data.persistence.enabled` | `false` | Data persistent enabled/disabled | +| `elasticsearch.data.persistence.name` | `data` | Data statefulset PVC template name | +| `elasticsearch.data.persistence.size` | `30Gi` | Data persistent volume size | +| `elasticsearch.data.persistence.storageClass` | `nil` | Data persistent volume Class | +| `elasticsearch.data.persistence.accessMode` | `ReadWriteOnce` | Data persistent Access Mode | +| `elasticsearch.data.readinessProbe` | see `values.yaml` for defaults | Readiness probes for data-containers | +| `elasticsearch.data.podAnnotations` | `{}` | Data StatefulSet annotations | +| `elasticsearch.data.nodeSelector` | `{}` | Node labels for data pod assignment | +| `elasticsearch.data.tolerations` | `[]` | Data tolerations | +| `elasticsearch.data.terminationGracePeriodSeconds` | `3600` | Data termination grace period (seconds) | +| `elasticsearch.data.antiAffinity` | `soft` | Data anti-affinity policy | +| `elasticsearch.data.nodeAffinity` | `{}` | Data node affinity policy | +| `elasticsearch.data.podManagementPolicy` | `OrderedReady` | Data pod creation strategy | +| `elasticsearch.data.updateStrategy` | `{type: "onDelete"}` | Data node update strategy policy | + + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, + +```console +$ helm install myrelease skywalking --set nameOverride=newSkywalking +``` + +Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, + +```console +$ helm install my-release skywalking -f values.yaml +``` + +> **Tip**: You can use the default [values.yaml](values.yaml) + +### RBAC Configuration +Roles and RoleBindings resources will be created automatically for `OAP` . + +> **Tip**: You can refer to the default `oap-role.yaml` file in [templates](templates/) to customize your own. + +### Ingress TLS +If your cluster allows automatic create/retrieve of TLS certificates (e.g. [kube-lego](https://github.com/jetstack/kube-lego)), please refer to the documentation for that mechanism. + +To manually configure TLS, first create/retrieve a key & certificate pair for the address(skywalking ui) you wish to protect. Then create a TLS secret in the namespace: + +```console +kubectl create secret tls skywalking-tls --cert=path/to/tls.cert --key=path/to/tls.key +``` + +Include the secret's name, along with the desired hostnames, in the skywalking-ui Ingress TLS section of your custom `values.yaml` file: + +```yaml +ui: + ingress: + ## If true, Skywalking ui server Ingress will be created + ## + enabled: true + + ## Skywalking ui server Ingress hostnames + ## Must be provided if Ingress is enabled + ## + hosts: + - skywalking.domain.com + + ## Skywalking ui server Ingress TLS configuration + ## Secrets must be manually created in the namespace + ## + tls: + - secretName: skywalking-tls + hosts: + - skywalking.domain.com +``` +### Envoy ALS + +Envoy ALS(access log service) provides fully logs about RPC routed, including HTTP and TCP. + +If you want to open envoy ALS, you can do this by modifying values.yaml. + +```yaml +oap: + envoy: + als: + enabled: true +``` + +When envoy als ,will give ServiceAccount clusterrole permission. +More envoy als ,please refer to https://github.com/apache/skywalking/blob/master/docs/en/setup/envoy/als_setting.md#observe-service-mesh-through-als \ No newline at end of file diff --git a/helm-chart/helm3/6.5.0/skywalking/templates/NOTES.txt b/helm-chart/helm3/6.5.0/skywalking/templates/NOTES.txt new file mode 100644 index 0000000000000000000000000000000000000000..65edc2e0fe761e899ba2abe2975234c4e3e19d7d --- /dev/null +++ b/helm-chart/helm3/6.5.0/skywalking/templates/NOTES.txt @@ -0,0 +1,25 @@ +Thank you for installing {{ .Chart.Name }}. + +Your release is named {{ .Release.Name }}. + +Learn more, please visit https://skywalking.apache.org/ + +Get the UI URL by running these commands: +{{- if .Values.ui.ingress.enabled }} +{{- range .Values.ui.ingress.hosts }} + http{{ if $.Values.ui.ingress.tls }}s{{ end }}://{{ . }}{{ $.Values.ui.ingress.path }} +{{- end }} +{{- else if contains "NodePort" .Values.ui.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "skywalking.ui.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.ui.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "skywalking.ui.fullname" . }} -n {{ .Release.Namespace }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "skywalking.ui.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.ui.service.externalPort }} +{{- else if contains "ClusterIP" .Values.ui.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "skywalking.name" . }},release={{ .Release.Name }},component={{ .Values.ui.name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.ui.service.internalPort }} +{{- end }} \ No newline at end of file diff --git a/helm-chart/helm3/6.5.0/skywalking/templates/_helpers.tpl b/helm-chart/helm3/6.5.0/skywalking/templates/_helpers.tpl new file mode 100644 index 0000000000000000000000000000000000000000..49657beab9bbd3b44eb685b218c533c531024afe --- /dev/null +++ b/helm-chart/helm3/6.5.0/skywalking/templates/_helpers.tpl @@ -0,0 +1,61 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "skywalking.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "skywalking.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create a default fully qualified oap name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "skywalking.oap.fullname" -}} +{{ template "skywalking.fullname" . }}-{{ .Values.oap.name }} +{{- end -}} + +{{/* +Create a default fully qualified ui name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "skywalking.ui.fullname" -}} +{{ template "skywalking.fullname" . }}-{{ .Values.ui.name }} +{{- end -}} + +{{/* +Create the name of the service account to use for the oap cluster +*/}} +{{- define "skywalking.serviceAccountName.oap" -}} +{{ default (include "skywalking.oap.fullname" .) .Values.serviceAccounts.oap }} +{{- end -}} + +{{- define "call-nested" }} +{{- $dot := index . 0 }} +{{- $subchart := index . 1 }} +{{- $template := index . 2 }} +{{- include $template (dict "Chart" (dict "Name" $subchart) "Values" (index $dot.Values $subchart) "Release" $dot.Release "Capabilities" $dot.Capabilities) }} +{{- end }} + +{{- define "skywalking.containers.wait-for-es" -}} +- name: wait-for-elasticsearch + image: busybox:1.30 + imagePullPolicy: IfNotPresent + command: ['sh', '-c', 'for i in $(seq 1 60); do nc -z -w3 {{ include "call-nested" (list . "elasticsearch" "elasticsearch.client.fullname") }} 9200 && exit 0 || sleep 5; done; exit 1'] +{{- end -}} diff --git a/helm-chart/helm3/6.5.0/skywalking/templates/es-init.job.yaml b/helm-chart/helm3/6.5.0/skywalking/templates/es-init.job.yaml new file mode 100644 index 0000000000000000000000000000000000000000..983a0027cdc48ad097821ba941b4777b7cd09d77 --- /dev/null +++ b/helm-chart/helm3/6.5.0/skywalking/templates/es-init.job.yaml @@ -0,0 +1,38 @@ +# https://docs.sentry.io/server/installation/docker/#running-migrations +apiVersion: batch/v1 +kind: Job +metadata: + name: "{{ .Release.Name }}-es-init" + labels: + app: {{ template "skywalking.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version }} + component: "{{ template "skywalking.fullname" . }}-job" + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +spec: + template: + metadata: + name: "{{ .Release.Name }}-es-init" + labels: + app: {{ template "skywalking.name" . }} + component: "{{ template "skywalking.fullname" . }}-job" + release: {{ .Release.Name }} + spec: + restartPolicy: Never + initContainers: + {{- include "skywalking.containers.wait-for-es" . | nindent 6 }} + containers: + - name: {{ .Values.oap.name }} + image: "{{ .Values.oap.image.repository }}:{{ .Values.oap.image.tag }}" + imagePullPolicy: {{ .Values.oap.image.pullPolicy }} +{{- if .Values.oap.resources }} + resources: +{{ toYaml .Values.oap.resources | indent 10 }} +{{- end }} + env: + - name: JAVA_OPTS + value: "{{ .Values.oap.javaOpts }} -Dmode=init" + - name: SW_STORAGE + value: elasticsearch + - name: SW_STORAGE_ES_CLUSTER_NODES + value: "{{ include "call-nested" (list . "elasticsearch" "elasticsearch.client.fullname") }}:9200" diff --git a/helm-chart/helm3/6.5.0/skywalking/templates/oap-clusterrole.yaml b/helm-chart/helm3/6.5.0/skywalking/templates/oap-clusterrole.yaml new file mode 100644 index 0000000000000000000000000000000000000000..cf78e7ea0a50e425b3fcaac792a174d26f63ee8f --- /dev/null +++ b/helm-chart/helm3/6.5.0/skywalking/templates/oap-clusterrole.yaml @@ -0,0 +1,18 @@ +{{- if .Values.oap.envoy.als.enabled }} +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ template "skywalking.fullname" . }} + labels: + app: {{ template "skywalking.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +rules: +- apiGroups: [""] + resources: ["pods"] + verbs: ["get", "watch", "list"] +- apiGroups: ["extensions"] + resources: ["deployments", "replicasets"] + verbs: ["get", "watch", "list"] +{{- end }} \ No newline at end of file diff --git a/helm-chart/helm3/6.5.0/skywalking/templates/oap-clusterrolebinding.yaml b/helm-chart/helm3/6.5.0/skywalking/templates/oap-clusterrolebinding.yaml new file mode 100644 index 0000000000000000000000000000000000000000..eeeb15f5f6d4adbafc9bf069ac71c74a7c739d9f --- /dev/null +++ b/helm-chart/helm3/6.5.0/skywalking/templates/oap-clusterrolebinding.yaml @@ -0,0 +1,19 @@ +{{- if .Values.oap.envoy.als.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "skywalking.fullname" . }} + labels: + app: {{ template "skywalking.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "skywalking.fullname" . }} +subjects: +- kind: ServiceAccount + name: {{ template "skywalking.serviceAccountName.oap" . }} + namespace: {{ .Release.Namespace }} +{{- end }} \ No newline at end of file diff --git a/helm-chart/helm3/6.5.0/skywalking/templates/oap-deployment.yaml b/helm-chart/helm3/6.5.0/skywalking/templates/oap-deployment.yaml new file mode 100644 index 0000000000000000000000000000000000000000..eebecfb1f3d4166404dad1ddaae71add319333e9 --- /dev/null +++ b/helm-chart/helm3/6.5.0/skywalking/templates/oap-deployment.yaml @@ -0,0 +1,103 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: {{ template "skywalking.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version }} + component: "{{ .Values.oap.name }}" + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + name: {{ template "skywalking.oap.fullname" . }} +spec: + replicas: {{ .Values.oap.replicas }} + selector: + matchLabels: + app: {{ template "skywalking.name" . }} + component: "{{ .Values.oap.name }}" + release: {{ .Release.Name }} + template: + metadata: + labels: + app: {{ template "skywalking.name" . }} + component: "{{ .Values.oap.name }}" + release: {{ .Release.Name }} + {{- if .Values.oap.podAnnotations }} + annotations: +{{ toYaml .Values.oap.podAnnotations | indent 8 }} + {{- end }} + spec: + serviceAccountName: {{ template "skywalking.serviceAccountName.oap" . }} + affinity: + {{- if eq .Values.oap.antiAffinity "hard" }} + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - topologyKey: "kubernetes.io/hostname" + labelSelector: + matchLabels: + app: "{{ template "skywalking.name" . }}" + release: "{{ .Release.Name }}" + component: "{{ .Values.oap.name }}" + {{- else if eq .Values.oap.antiAffinity "soft" }} + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 1 + podAffinityTerm: + topologyKey: kubernetes.io/hostname + labelSelector: + matchLabels: + app: "{{ template "skywalking.name" . }}" + release: "{{ .Release.Name }}" + component: "{{ .Values.oap.name }}" + {{- end }} + {{- with .Values.oap.nodeAffinity }} + nodeAffinity: +{{ toYaml . | indent 10 }} + {{- end }} +{{- if .Values.oap.nodeSelector }} + nodeSelector: +{{ toYaml .Values.oap.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.oap.tolerations }} + tolerations: +{{ toYaml .Values.oap.tolerations | indent 8 }} +{{- end }} + initContainers: + {{- include "skywalking.containers.wait-for-es" . | nindent 6 }} + containers: + - name: {{ .Values.oap.name }} + image: "{{ .Values.oap.image.repository }}:{{ .Values.oap.image.tag }}" + imagePullPolicy: {{ .Values.oap.image.pullPolicy }} + ports: + - containerPort: 11800 + name: grpc + - containerPort: 12800 + name: rest +{{- if .Values.oap.resources }} + resources: +{{ toYaml .Values.oap.resources | indent 10 }} +{{- end }} + env: + - name: JAVA_OPTS + value: "{{ .Values.oap.javaOpts }} -Dmode=no-init" + - name: SW_CLUSTER + value: kubernetes + - name: SW_CLUSTER_K8S_NAMESPACE + value: "{{ .Release.Namespace }}" + - name: SW_CLUSTER_K8S_LABEL + value: "app={{ template "skywalking.name" . }},release={{ .Release.Name }},component={{ .Values.oap.name }}" + - name: SKYWALKING_COLLECTOR_UID + valueFrom: + fieldRef: + fieldPath: metadata.uid + - name: SW_STORAGE + value: elasticsearch + {{- if .Values.oap.envoy.als.enabled }} + - name: SW_ENVOY_ALS_ENABLED + value: {{ .Values.oap.envoy.als.enabled | quote}} + {{- end }} + - name: SW_STORAGE_ES_CLUSTER_NODES + value: "{{ include "call-nested" (list . "elasticsearch" "elasticsearch.client.fullname") }}:9200" + {{- range $key, $value := .Values.oap.env }} + - name: {{ $key }} + value: {{ $value | quote }} + {{- end }} diff --git a/helm-chart/helm3/6.5.0/skywalking/templates/oap-role.yaml b/helm-chart/helm3/6.5.0/skywalking/templates/oap-role.yaml new file mode 100644 index 0000000000000000000000000000000000000000..bbf21ce627421f502f955c453706f65beecd37a4 --- /dev/null +++ b/helm-chart/helm3/6.5.0/skywalking/templates/oap-role.yaml @@ -0,0 +1,15 @@ +{{- if not .Values.oap.envoy.als.enabled }} +kind: Role +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ template "skywalking.fullname" . }} + labels: + app: {{ template "skywalking.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +rules: + - apiGroups: [""] + resources: ["pods"] + verbs: ["get", "watch", "list"] +{{- end }} \ No newline at end of file diff --git a/helm-chart/helm3/6.5.0/skywalking/templates/oap-rolebinding.yaml b/helm-chart/helm3/6.5.0/skywalking/templates/oap-rolebinding.yaml new file mode 100644 index 0000000000000000000000000000000000000000..1eae86a422132c0c19dc826dc60d769c670a0e6a --- /dev/null +++ b/helm-chart/helm3/6.5.0/skywalking/templates/oap-rolebinding.yaml @@ -0,0 +1,19 @@ +{{- if not .Values.oap.envoy.als.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ template "skywalking.fullname" . }} + labels: + app: {{ template "skywalking.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ template "skywalking.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ template "skywalking.serviceAccountName.oap" . }} + namespace: {{ .Release.Namespace }} +{{- end }} \ No newline at end of file diff --git a/helm-chart/helm3/6.5.0/skywalking/templates/oap-serviceaccount.yaml b/helm-chart/helm3/6.5.0/skywalking/templates/oap-serviceaccount.yaml new file mode 100644 index 0000000000000000000000000000000000000000..702a50fe9b47892a39d8d8332406a218033297bd --- /dev/null +++ b/helm-chart/helm3/6.5.0/skywalking/templates/oap-serviceaccount.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app: {{ template "skywalking.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version }} + component: "{{ .Values.oap.name }}" + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + name: {{ template "skywalking.serviceAccountName.oap" . }} diff --git a/helm-chart/helm3/6.5.0/skywalking/templates/oap-svc.yaml b/helm-chart/helm3/6.5.0/skywalking/templates/oap-svc.yaml new file mode 100644 index 0000000000000000000000000000000000000000..f7a7d6e4037df23c7090140ac07f111aacd640cd --- /dev/null +++ b/helm-chart/helm3/6.5.0/skywalking/templates/oap-svc.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "skywalking.oap.fullname" . }} + labels: + app: {{ template "skywalking.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version }} + component: "{{ .Values.oap.name }}" + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +spec: + type: {{ .Values.oap.service.type }} + ports: + - port: {{ .Values.oap.ports.rest }} + name: rest + - port: {{ .Values.oap.ports.grpc }} + name: grpc + selector: + app: {{ template "skywalking.name" . }} + component: "{{ .Values.oap.name }}" + release: {{ .Release.Name }} diff --git a/helm-chart/helm3/6.5.0/skywalking/templates/ui-deployment.yaml b/helm-chart/helm3/6.5.0/skywalking/templates/ui-deployment.yaml new file mode 100644 index 0000000000000000000000000000000000000000..a8a6ee8101d3458e9328c4eb239daf59b2388074 --- /dev/null +++ b/helm-chart/helm3/6.5.0/skywalking/templates/ui-deployment.yaml @@ -0,0 +1,42 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "skywalking.ui.fullname" . }} + labels: + app: {{ template "skywalking.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version }} + component: "{{ .Values.ui.name }}" + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +spec: + replicas: {{ .Values.ui.replicas }} + selector: + matchLabels: + app: {{ template "skywalking.name" . }} + component: "{{ .Values.ui.name }}" + release: {{ .Release.Name }} + template: + metadata: + labels: + app: {{ template "skywalking.name" . }} + component: "{{ .Values.ui.name }}" + release: {{ .Release.Name }} + {{- if .Values.ui.podAnnotations }} + annotations: +{{ toYaml .Values.ui.podAnnotations | indent 8 }} + {{- end }} + spec: + containers: + - name: {{ .Values.ui.name }} + image: {{ .Values.ui.image.repository }}:{{ .Values.ui.image.tag }} + imagePullPolicy: {{ .Values.ui.image.pullPolicy }} + ports: + - containerPort: {{ .Values.ui.service.internalPort }} + name: page +{{- if .Values.ui.resources }} + resources: +{{ toYaml .Values.ui.resources | indent 10 }} +{{- end }} + env: + - name: SW_OAP_ADDRESS + value: {{ template "skywalking.oap.fullname" . }}:{{ .Values.oap.ports.rest }} diff --git a/helm-chart/helm3/6.5.0/skywalking/templates/ui-ingress.yaml b/helm-chart/helm3/6.5.0/skywalking/templates/ui-ingress.yaml new file mode 100644 index 0000000000000000000000000000000000000000..406a48b76d5ea15da36ddbb8b8ce0835f6c34c28 --- /dev/null +++ b/helm-chart/helm3/6.5.0/skywalking/templates/ui-ingress.yaml @@ -0,0 +1,34 @@ +{{- if .Values.ui.ingress.enabled -}} +{{- $serviceName := include "skywalking.ui.fullname" . -}} +{{- $servicePort := .Values.ui.service.externalPort -}} +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + labels: + app: {{ template "skywalking.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version }} + component: "{{ .Values.ui.name }}" + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + name: {{ template "skywalking.ui.fullname" . }} + annotations: + {{- range $key, $value := .Values.ui.ingress.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +spec: + rules: + {{- range .Values.ui.ingress.hosts }} + {{- $url := splitList "/" . }} + - host: {{ first $url }} + http: + paths: + - path: /{{ rest $url | join "/" }} + backend: + serviceName: {{ $serviceName }} + servicePort: {{ $servicePort }} + {{- end -}} + {{- if .Values.ui.ingress.tls }} + tls: +{{ toYaml .Values.ui.ingress.tls | indent 4 }} + {{- end -}} +{{- end -}} diff --git a/helm-chart/helm3/6.5.0/skywalking/templates/ui-svc.yaml b/helm-chart/helm3/6.5.0/skywalking/templates/ui-svc.yaml new file mode 100644 index 0000000000000000000000000000000000000000..fb727aacd14625f0f41d407f1f6fc3962122b189 --- /dev/null +++ b/helm-chart/helm3/6.5.0/skywalking/templates/ui-svc.yaml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app: {{ template "skywalking.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version }} + component: "{{ .Values.ui.name }}" + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + name: {{ template "skywalking.ui.fullname" . }} + {{- with .Values.ui.service.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +spec: + {{- if .Values.ui.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: + {{- range $cidr := .Values.ui.service.loadBalancerSourceRanges }} + - {{ $cidr }} + {{- end }} + {{- end }} + type: {{ .Values.ui.service.type }} + {{- if and (eq .Values.ui.service.type "ClusterIP") .Values.ui.service.clusterIP }} + clusterIP: {{ .Values.ui.service.clusterIP }} + {{- end }} + ports: + - port: {{ .Values.ui.service.externalPort }} + targetPort: {{ .Values.ui.service.internalPort }} + protocol: TCP +{{ if (and (eq .Values.ui.service.type "NodePort") (not (empty .Values.ui.service.nodePort))) }} + nodePort: {{ .Values.ui.service.nodePort }} +{{ end }} +{{- if .Values.ui.service.portName }} + name: {{ .Values.ui.service.portName }} +{{- end }} +{{- if .Values.ui.service.externalIPs }} + externalIPs: +{{ toYaml .Values.ui.service.externalIPs | indent 4 }} +{{- end }} + selector: + app: {{ template "skywalking.name" . }} + component: "{{ .Values.ui.name }}" + release: {{ .Release.Name }} +{{- if .Values.ui.service.loadBalancerIP }} + loadBalancerIP: {{ .Values.ui.service.loadBalancerIP }} +{{- end }} diff --git a/helm-chart/helm3/6.5.0/skywalking/values.yaml b/helm-chart/helm3/6.5.0/skywalking/values.yaml new file mode 100644 index 0000000000000000000000000000000000000000..439b70420b840ab3fdf0e46d57a89b63abddf7da --- /dev/null +++ b/helm-chart/helm3/6.5.0/skywalking/values.yaml @@ -0,0 +1,251 @@ +# Default values for skywalking. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +serviceAccounts: + oap: + +oap: + name: skywalking-oap + image: + repository: apache/skywalking-oap-server + tag: 6.5.0 + pullPolicy: IfNotPresent + ports: + grpc: 11800 + rest: 12800 + replicas: 2 + service: + type: ClusterIP + javaOpts: -Xmx2g -Xms2g + antiAffinity: "soft" + nodeAffinity: {} + nodeSelector: {} + tolerations: [] + resources: {} + # limits: + # cpu: 8 + # memory: 8Gi + # requests: + # cpu: 8 + # memory: 4Gi + # podAnnotations: + # example: oap-foo + envoy: + als: + enabled: false + # more envoy ALS ,please refer to https://github.com/apache/skywalking/blob/master/docs/en/setup/envoy/als_setting.md#observe-service-mesh-through-als + env: + # more env, please refer to https://hub.docker.com/r/apache/skywalking-oap-server + # or https://github.com/apache/skywalking-docker/blob/master/6/6.4/oap/README.md#sw_telemetry +ui: + name: skywalking-ui + replicas: 1 + image: + repository: apache/skywalking-ui + tag: 6.5.0 + pullPolicy: IfNotPresent + # podAnnotations: + # example: oap-foo + ingress: + enabled: false + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + path: / + hosts: [] + # - skywalking.local + tls: [] + # - secretName: skywalking-tls + # hosts: + # - skywalking.local + service: + type: ClusterIP + # clusterIP: None + externalPort: 80 + internalPort: 8080 + ## External IP addresses of service + ## Default: nil + ## + # externalIPs: + # - 192.168.0.1 + # + ## LoadBalancer IP if service.type is LoadBalancer + ## Default: nil + ## + # loadBalancerIP: 10.2.2.2 + # Annotation example: setup ssl with aws cert when service.type is LoadBalancer + # service.beta.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:acm:us-east-1:EXAMPLE_CERT + annotations: {} + ## Limit load balancer source ips to list of CIDRs (where available) + # loadBalancerSourceRanges: [] + +elasticsearch: + enabled: true + # If elasticsearch,enabled=true values for elasticsearch. + + ## Define serviceAccount names for components. Defaults to component's fully qualified name. + serviceAccounts: + client: + create: true + name: + master: + create: true + name: + data: + create: true + name: + + client: + name: client + replicas: 2 + serviceType: ClusterIP + ## If coupled with serviceType = "NodePort", this will set a specific nodePort to the client HTTP port + # httpNodePort: 30920 + loadBalancerIP: {} + loadBalancerSourceRanges: {} + ## (dict) If specified, apply these annotations to the client service + # serviceAnnotations: + # example: client-svc-foo + heapSize: "512m" + # additionalJavaOpts: "-XX:MaxRAM=512m" + antiAffinity: "soft" + nodeAffinity: {} + nodeSelector: {} + tolerations: [] + initResources: {} + # limits: + # cpu: "25m" + # # memory: "128Mi" + # requests: + # cpu: "25m" + # memory: "128Mi" + resources: + limits: + cpu: "1" + # memory: "1024Mi" + requests: + cpu: "25m" + memory: "512Mi" + priorityClassName: "" + ## (dict) If specified, apply these annotations to each client Pod + # podAnnotations: + # example: client-foo + podDisruptionBudget: + enabled: false + minAvailable: 1 + # maxUnavailable: 1 + ingress: + enabled: false + # user: NAME + # password: PASSWORD + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + path: / + hosts: + - chart-example.local + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + + master: + name: master + exposeHttp: false + replicas: 3 + heapSize: "512m" + # additionalJavaOpts: "-XX:MaxRAM=512m" + persistence: + enabled: false + accessMode: ReadWriteOnce + name: data + size: "4Gi" + # storageClass: "ssd" + readinessProbe: + httpGet: + path: /_cluster/health?local=true + port: 9200 + initialDelaySeconds: 5 + antiAffinity: "soft" + nodeAffinity: {} + nodeSelector: {} + tolerations: [] + initResources: {} + # limits: + # cpu: "25m" + # # memory: "128Mi" + # requests: + # cpu: "25m" + # memory: "128Mi" + resources: + limits: + cpu: "1" + # memory: "1024Mi" + requests: + cpu: "25m" + memory: "512Mi" + priorityClassName: "" + ## (dict) If specified, apply these annotations to each master Pod + # podAnnotations: + # example: master-foo + podManagementPolicy: OrderedReady + podDisruptionBudget: + enabled: false + minAvailable: 2 # Same as `cluster.env.MINIMUM_MASTER_NODES` + # maxUnavailable: 1 + updateStrategy: + type: OnDelete + + data: + name: data + exposeHttp: false + replicas: 2 + heapSize: "1536m" + # additionalJavaOpts: "-XX:MaxRAM=1536m" + persistence: + enabled: false + accessMode: ReadWriteOnce + name: data + size: "30Gi" + # storageClass: "ssd" + readinessProbe: + httpGet: + path: /_cluster/health?local=true + port: 9200 + initialDelaySeconds: 5 + terminationGracePeriodSeconds: 3600 + antiAffinity: "soft" + nodeAffinity: {} + nodeSelector: {} + tolerations: [] + initResources: {} + # limits: + # cpu: "25m" + # # memory: "128Mi" + # requests: + # cpu: "25m" + # memory: "128Mi" + resources: + limits: + cpu: "1" + # memory: "2048Mi" + requests: + cpu: "25m" + memory: "1536Mi" + priorityClassName: "" + ## (dict) If specified, apply these annotations to each data Pod + # podAnnotations: + # example: data-foo + podDisruptionBudget: + enabled: false + # minAvailable: 1 + maxUnavailable: 1 + podManagementPolicy: OrderedReady + updateStrategy: + type: OnDelete + hooks: # post-start and pre-stop hooks + drain: # drain the node before stopping it and re-integrate it into the cluster after start + enabled: true + +nameOverride: ""