-
Notifications
You must be signed in to change notification settings - Fork 12
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: add support for embedded etcd (#213)
* feat: add support for embedded etcd Signed-off-by: Vishal Choudhary <[email protected]> --------- Signed-off-by: Vishal Choudhary <[email protected]>
- Loading branch information
1 parent
c0d75ef
commit 5579039
Showing
19 changed files
with
802 additions
and
57 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,170 @@ | ||
{{- if .Values.config.etcd.enabled }} | ||
--- | ||
apiVersion: v1 | ||
kind: Service | ||
metadata: | ||
name: etcd | ||
namespace: {{ $.Release.Namespace }} | ||
labels: | ||
app: etcd-reports-server | ||
{{- include "reports-server.labels" . | nindent 4 }} | ||
spec: | ||
type: ClusterIP | ||
clusterIP: None | ||
selector: | ||
app: etcd-reports-server | ||
publishNotReadyAddresses: true | ||
ports: | ||
- name: etcd-client | ||
port: 2379 | ||
- name: etcd-server | ||
port: 2380 | ||
- name: etcd-metrics | ||
port: 8080 | ||
--- | ||
apiVersion: apps/v1 | ||
kind: StatefulSet | ||
metadata: | ||
namespace: {{ include "reports-server.fullname" . }} | ||
name: etcd | ||
labels: | ||
app: etcd-reports-server | ||
{{- include "reports-server.labels" . | nindent 4 }} | ||
spec: | ||
serviceName: etcd | ||
replicas: 3 | ||
podManagementPolicy: Parallel | ||
updateStrategy: | ||
type: RollingUpdate | ||
selector: | ||
matchLabels: | ||
app: etcd-reports-server | ||
template: | ||
metadata: | ||
labels: | ||
app: etcd-reports-server | ||
annotations: | ||
serviceName: etcd | ||
spec: | ||
affinity: | ||
podAntiAffinity: | ||
preferredDuringSchedulingIgnoredDuringExecution: | ||
- weight: 1 | ||
podAffinityTerm: | ||
labelSelector: | ||
matchExpressions: | ||
- key: app | ||
operator: In | ||
values: | ||
- etcd-reports-server | ||
topologyKey: "kubernetes.io/hostname" | ||
containers: | ||
- name: etcd | ||
image: quay.io/coreos/etcd:v3.5.15 | ||
imagePullPolicy: IfNotPresent | ||
ports: | ||
- name: etcd-client | ||
containerPort: 2379 | ||
- name: etcd-server | ||
containerPort: 2380 | ||
- name: etcd-metrics | ||
containerPort: 8080 | ||
readinessProbe: | ||
httpGet: | ||
path: /readyz | ||
port: 8080 | ||
initialDelaySeconds: 10 | ||
periodSeconds: 5 | ||
timeoutSeconds: 5 | ||
successThreshold: 1 | ||
failureThreshold: 30 | ||
livenessProbe: | ||
httpGet: | ||
path: /livez | ||
port: 8080 | ||
initialDelaySeconds: 15 | ||
periodSeconds: 10 | ||
timeoutSeconds: 5 | ||
failureThreshold: 3 | ||
env: | ||
- name: K8S_NAMESPACE | ||
valueFrom: | ||
fieldRef: | ||
fieldPath: metadata.namespace | ||
- name: HOSTNAME | ||
valueFrom: | ||
fieldRef: | ||
fieldPath: metadata.name | ||
- name: SERVICE_NAME | ||
valueFrom: | ||
fieldRef: | ||
fieldPath: metadata.annotations['serviceName'] | ||
- name: ETCDCTL_ENDPOINTS | ||
value: $(HOSTNAME).$(SERVICE_NAME):2379 | ||
## TLS client configuration for etcdctl in the container. | ||
## These files paths are part of the "etcd-client-certs" volume mount. | ||
# - name: ETCDCTL_KEY | ||
# value: /etc/etcd/certs/client/tls.key | ||
# - name: ETCDCTL_CERT | ||
# value: /etc/etcd/certs/client/tls.crt | ||
# - name: ETCDCTL_CACERT | ||
# value: /etc/etcd/certs/client/ca.crt | ||
## | ||
## Use this URI_SCHEME value for non-TLS clusters. | ||
- name: URI_SCHEME | ||
value: "http" | ||
## TLS: Use this URI_SCHEME for TLS clusters. | ||
# - name: URI_SCHEME | ||
# value: "https" | ||
command: | ||
- /usr/local/bin/etcd | ||
args: | ||
- --name=$(HOSTNAME) | ||
- --data-dir=/data | ||
- --wal-dir=/data/wal | ||
- --listen-peer-urls=$(URI_SCHEME)://0.0.0.0:2380 | ||
- --listen-client-urls=$(URI_SCHEME)://0.0.0.0:2379 | ||
- --advertise-client-urls=$(URI_SCHEME)://$(HOSTNAME).$(SERVICE_NAME):2379 | ||
- --initial-cluster-state=new | ||
- --initial-cluster-token=etcd-$(K8S_NAMESPACE) | ||
- --initial-cluster=etcd-0=$(URI_SCHEME)://etcd-0.$(SERVICE_NAME):2380,etcd-1=$(URI_SCHEME)://etcd-1.$(SERVICE_NAME):2380,etcd-2=$(URI_SCHEME)://etcd-2.$(SERVICE_NAME):2380 | ||
- --initial-advertise-peer-urls=$(URI_SCHEME)://$(HOSTNAME).$(SERVICE_NAME):2380 | ||
- --listen-metrics-urls=http://0.0.0.0:8080 | ||
# - --auto-compaction-mode=periodic | ||
# - --auto-compaction-retention=10m | ||
# - --client-cert-auth | ||
# - --trusted-ca-file=$(ETCDCTL_CACERT) | ||
# - --cert-file=$(ETCDCTL_CERT) | ||
# - --key-file=$(ETCDCTL_KEY) | ||
# - --peer-client-cert-auth | ||
# - --peer-trusted-ca-file=/etc/etcd/certs/server/ca.crt | ||
# - --peer-cert-file=/etc/etcd/certs/server/tls.crt | ||
# - --peer-key-file=/etc/etcd/certs/server/tls.key | ||
volumeMounts: | ||
- name: etcd-data | ||
mountPath: /data | ||
# - name: etcd-client-tls | ||
# mountPath: "/etc/etcd/certs/client" | ||
# readOnly: true | ||
# - name: etcd-server-tls | ||
# mountPath: "/etc/etcd/certs/server" | ||
# readOnly: true | ||
volumes: | ||
# - name: etcd-client-tls | ||
# secret: | ||
# secretName: etcd-client-tls | ||
# optional: false | ||
# - name: etcd-server-tls | ||
# secret: | ||
# secretName: etcd-server-tls | ||
# optional: false | ||
volumeClaimTemplates: | ||
- metadata: | ||
name: etcd-data | ||
spec: | ||
accessModes: ["ReadWriteOnce"] | ||
resources: | ||
requests: | ||
storage: 1Gi | ||
{{- end }} | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.