diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 4f74fe2c..01297e46 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -28,7 +28,7 @@ jobs: - "ingress" - "volume" - "pubsub" - - "postgres" + - "nats" k8s_version: - v1.25.0 - v1.27.0 diff --git a/charts/bindplane/Chart.yaml b/charts/bindplane/Chart.yaml index ab1f9b9c..339230e9 100644 --- a/charts/bindplane/Chart.yaml +++ b/charts/bindplane/Chart.yaml @@ -3,7 +3,7 @@ name: bindplane description: BindPlane OP is an observability pipeline. type: application # The chart's version -version: 1.11.9 +version: 1.12.0 # The BindPlane OP tagged release. If the user does not # set the `image.tag` values option, this version is used. appVersion: 1.63.1 diff --git a/charts/bindplane/README.md b/charts/bindplane/README.md index 2a1e2bb9..7ba930d4 100644 --- a/charts/bindplane/README.md +++ b/charts/bindplane/README.md @@ -1,6 +1,6 @@ # bindplane -![Version: 1.11.9](https://img.shields.io/badge/Version-1.11.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.63.1](https://img.shields.io/badge/AppVersion-1.63.1-informational?style=flat-square) +![Version: 1.12.0](https://img.shields.io/badge/Version-1.12.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.63.1](https://img.shields.io/badge/AppVersion-1.63.1-informational?style=flat-square) BindPlane OP is an observability pipeline. @@ -105,7 +105,7 @@ BindPlane OP is an observability pipeline. | extraVolumes | list | `[]` | Optional arbitrary volumes to add to the BindPlane pod(s). | | health.livenessProbe | object | `{"httpGet":{"path":"/health","port":"http"}}` | Full configuration for livenessProbe. Supports all options documented here: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/. | | health.readinessProbe | object | `{"httpGet":{"path":"/health","port":"http"}}` | Full configuration for readinessProbe. Supports all options documented here: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/. | -| health.startupProbe | object | `{"httpGet":{"path":"/health","port":"http"}}` | Full configuration for startupProbe. Supports all options documented here: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/. | +| health.startupProbe | object | `{"failureThreshold":20,"httpGet":{"path":"/health","port":"http"},"initialDelaySeconds":0,"periodSeconds":5,"successThreshold":1,"timeoutSeconds":1}` | Full configuration for startupProbe. Supports all options documented here: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/. | | image.name | string | `""` | Image name to be used. Defaults to `ghcr.io/observiq/bindplane-ee`. | | image.tag | string | `""` | Image tag to use. Defaults to the version defined in the Chart's release. | | ingress.annotations | object | `{}` | Custom annotations which will be added to the ingress object. Useful for specifying things such as `cert-manager.io/cluster-issuer`. | @@ -118,6 +118,10 @@ BindPlane OP is an observability pipeline. | jobs.resources.requests.cpu | string | `"1000m"` | CPU request. | | jobs.resources.requests.memory | string | `"1000Mi"` | Memory request. | | multiAccount | bool | `false` | Whether or not to enable multi account (tenant). | +| nats.resources | object | `{"limits":{"memory":"1000Mi"},"requests":{"cpu":"1000m","memory":"1000Mi"}}` | NATs server resources request block, when event bus type is `nats`. | +| nats.resources.limits.memory | string | `"1000Mi"` | Memory limit for the NATs server pods, when event bus type is `nats`. | +| nats.resources.requests.cpu | string | `"1000m"` | CPU request for the NATs server pods, when event bus type is `nats`. | +| nats.resources.requests.memory | string | `"1000Mi"` | Memory request for the NATs server pods, when event bus type is `nats`. | | podSecurityContext | object | `{"fsGroup":65534}` | The Pod spec's securityContext: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod. | | prometheus.auth.password | string | `""` | Prometheus basic authentication password. | | prometheus.auth.type | string | `"none"` | Prometheus authentication. Supported options include `none` and `basic`. | diff --git a/charts/bindplane/templates/bindplane-jobs.yaml b/charts/bindplane/templates/bindplane-jobs.yaml index 23a532dc..e8011d82 100644 --- a/charts/bindplane/templates/bindplane-jobs.yaml +++ b/charts/bindplane/templates/bindplane-jobs.yaml @@ -256,6 +256,18 @@ spec: {{- end }} {{- end }} {{- end }} + {{- if eq .Values.eventbus.type "nats" }} + - name: BINDPLANE_EVENT_BUS_TYPE + value: nats + - name: BINDPLANE_NATS_CLIENT_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: BINDPLANE_NATS_CLIENT_ENDPOINT + value: nats://{{ include "bindplane.fullname" . }}-nats-client-headless.{{ .Release.Namespace }}.svc.cluster.local:4222 + - name: BINDPLANE_NATS_CLIENT_SUBJECT + value: bindplane-event-bus + {{- end }} {{- if eq (include "bindplane.auth.type" .) "ldap" }} - name: BINDPLANE_AUTH_TYPE value: {{ .Values.auth.type }} diff --git a/charts/bindplane/templates/bindplane-nats.yaml b/charts/bindplane/templates/bindplane-nats.yaml new file mode 100644 index 00000000..6f9cac37 --- /dev/null +++ b/charts/bindplane/templates/bindplane-nats.yaml @@ -0,0 +1,371 @@ +{{- if eq .Values.eventbus.type "nats" }} +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ include "bindplane.fullname" . }}-nats + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: {{ include "bindplane.name" . }} + app.kubernetes.io/stack: bindplane + app.kubernetes.io/component: nats + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +spec: + replicas: 3 + serviceName: {{ include "bindplane.fullname" . }}-nats-cluster-headless + podManagementPolicy: Parallel + selector: + matchLabels: + app.kubernetes.io/name: {{ include "bindplane.name" . }} + app.kubernetes.io/stack: bindplane + app.kubernetes.io/component: nats + app.kubernetes.io/instance: {{ .Release.Name }} + template: + metadata: + labels: + app.kubernetes.io/name: {{ include "bindplane.name" . }} + app.kubernetes.io/stack: bindplane + app.kubernetes.io/component: nats + app.kubernetes.io/instance: {{ .Release.Name }} + {{- if len .Values.extraPodLabels }} + {{- toYaml .Values.extraPodLabels | nindent 8 }} + {{- end }} + spec: + serviceAccountName: {{ include "bindplane.fullname" . }} + {{- with .Values.podSecurityContext }} + securityContext: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + containers: + - name: server + image: {{ include "bindplane.image" . }}:{{ include "bindplane.tag" . }} + imagePullPolicy: IfNotPresent + ports: + - containerPort: 3001 + name: http + - containerPort: 4222 + name: nats-client + - containerPort: 6222 + name: nats-cluster + - containerPort: 8222 + name: nats-http + env: + - name: BINDPLANE_MODE + value: node + - name: BINDPLANE_ANALYTICS_DISABLED + value: "{{ .Values.config.analytics.disable }}" + - name: BINDPLANE_TRANSFORM_AGENT_ENABLE_REMOTE + value: "true" + - name: BINDPLANE_TRANSFORM_AGENT_REMOTE_AGENTS + value: "{{ include "bindplane.fullname" . }}-transform-agent:4568" + {{- if .Values.config.license }} + - name: BINDPLANE_LICENSE + value: {{ .Values.config.license }} + {{- else if .Values.config.licenseUseSecret }} + - name: BINDPLANE_LICENSE + valueFrom: + secretKeyRef: + name: {{ .Values.config.secret }} + key: license + optional: false + {{- end}} + - name: BINDPLANE_ACCEPT_EULA + value: "{{ .Values.config.accept_eula }}" + - name: BINDPLANE_REMOTE_URL + {{- if .Values.config.server_url }} + value: {{ .Values.config.server_url }} + {{- else }} + value: http://{{ include "bindplane.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local:3001 + {{- end }} + - name: BINDPLANE_USERNAME + {{- if .Values.config.username }} + value: {{ .Values.config.username }} + {{- else }} + valueFrom: + secretKeyRef: + name: {{ .Values.config.secret }} + key: username + optional: false + {{- end}} + - name: BINDPLANE_PASSWORD + {{- if .Values.config.password }} + value: {{ .Values.config.password }} + {{- else }} + valueFrom: + secretKeyRef: + name: {{ .Values.config.secret }} + key: password + optional: false + {{- end}} + {{- if .Values.config.secret_key }} + - name: BINDPLANE_SECRET_KEY + value: {{ .Values.config.secret_key }} + {{- end }} + - name: BINDPLANE_SESSION_SECRET + {{- if .Values.config.sessions_secret }} + value: {{ .Values.config.sessions_secret }} + {{- else }} + valueFrom: + secretKeyRef: + name: {{ .Values.config.secret }} + key: sessions_secret + optional: true + {{- end }} + {{- if .Values.trace.type }} + - name: BINDPLANE_TRACING_TYPE + value: {{ .Values.trace.type }} + - name: BINDPLANE_TRACING_OTLP_ENDPOINT + value: {{ .Values.trace.otlp.endpoint }} + - name: BINDPLANE_TRACING_OTLP_INSECURE + value: "{{ .Values.trace.otlp.insecure }}" + {{- end }} + - name: BINDPLANE_LOGGING_OUTPUT + value: stdout + - name: BINDPLANE_CONFIG_HOME + value: /data + - name: BINDPLANE_STORE_TYPE + value: bbolt + - name: BINDPLANE_EVENT_BUS_TYPE + value: nats + - name: BINDPLANE_NATS_SERVER_ENABLE + value: "true" + - name: BINDPLANE_NATS_SERVER_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: BINDPLANE_NATS_SERVER_CLIENT_HOST + value: "0.0.0.0" + - name: BINDPLANE_NATS_SERVER_CLIENT_PORT + value: "4222" + - name: BINDPLANE_NATS_SERVER_HTTP_HOST + value: "0.0.0.0" + - name: BINDPLANE_NATS_SERVER_HTTP_PORT + value: "8222" + - name: BINDPLANE_NATS_SERVER_CLUSTER_NAME + value: bindplane-{{ include "bindplane.fullname" . }} + - name: BINDPLANE_NATS_SERVER_CLUSTER_HOST + value: "0.0.0.0" + - name: BINDPLANE_NATS_SERVER_CLUSTER_PORT + value: "6222" + - name: BINDPLANE_NATS_SERVER_CLUSTER_ROUTES + value: nats://{{ include "bindplane.fullname" . }}-nats-0.{{ include "bindplane.fullname" . }}-nats-cluster-headless.{{ .Release.Namespace }}.svc.cluster.local:6222,nats://{{ include "bindplane.fullname" . }}-nats-1.{{ include "bindplane.fullname" . }}-nats-cluster-headless.{{ .Release.Namespace }}.svc.cluster.local:6222,nats://{{ include "bindplane.fullname" . }}-nats-2.{{ include "bindplane.fullname" . }}-nats-cluster-headless.{{ .Release.Namespace }}.svc.cluster.local:6222 + - name: BINDPLANE_NATS_CLIENT_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: BINDPLANE_NATS_CLIENT_ENDPOINT + value: nats://127.0.0.1:4222 + - name: BINDPLANE_NATS_CLIENT_SUBJECT + value: bindplane-event-bus + {{- if eq (include "bindplane.auth.type" .) "ldap" }} + - name: BINDPLANE_AUTH_TYPE + value: {{ .Values.auth.type }} + - name: BINDPLANE_LDAP_PROTOCOL + value: {{ .Values.auth.ldap.protocol }} + - name: BINDPLANE_LDAP_SERVER + value: {{ .Values.auth.ldap.server }} + - name: BINDPLANE_LDAP_PORT + {{- if eq .Values.auth.ldap.protocol "ldaps"}} + value: "{{ .Values.auth.ldap.port | default (printf "%s" "1636" ) }}" + {{- else }} + value: "{{ .Values.auth.ldap.port | default (printf "%s" "1389" ) }}" + {{- end }} + - name: BINDPLANE_LDAP_BASE_DN + value: {{ .Values.auth.ldap.baseDN }} + - name: BINDPLANE_LDAP_BIND_USER + value: {{ .Values.auth.ldap.bindUser }} + - name: BINDPLANE_LDAP_BIND_PASSWORD + value: {{ .Values.auth.ldap.bindPassword }} + - name: BINDPLANE_LDAP_SEARCH_FILTER + {{- if eq .Values.auth.type "active-directory"}} + value: {{ .Values.auth.ldap.searchFilter | default (printf "%s" "(|(sAMAccountName=%[1]v)(userPrincipalName=%[1]v))" ) }} + {{- else}} + value: {{ .Values.auth.ldap.searchFilter | default (printf "%s" "(uid=%s)" ) }} + {{- end }} + {{- if .Values.auth.ldap.tls.ca.secret }} + - name: BINDPLANE_LDAP_TLS_CA + value: /ldap-ca.crt + {{- end }} + {{- if .Values.auth.ldap.tls.insecure }} + - name: BINDPLANE_LDAP_TLS_SKIP_VERIFY + value: "true" + {{- end }} + {{- end }} + {{- if eq .Values.auth.type "google" }} + - name: BINDPLANE_AUTH_TYPE + value: google + - name: BINDPLANE_GOOGLE_AUTH_CLIENT_ID + value: {{ .Values.auth.google.clientid }} + {{- end }} + {{- if eq .Values.auth.type "auth0" }} + - name: BINDPLANE_AUTH_TYPE + value: auth0 + - name: BINDPLANE_AUTH0_CLIENT_ID + value: {{ .Values.dev.auth.auth0.clientid }} + - name: BINDPLANE_AUTH0_DOMAIN + value: {{ .Values.dev.auth.auth0.domain }} + - name: BINDPLANE_AUTH0_AUDIENCE + value: {{ .Values.dev.auth.auth0.audience }} + {{- end }} + {{- if eq .Values.multiAccount true }} + - name: BINDPLANE_ACCOUNTS_ENABLE + value: "true" + {{- end }} + {{- if and (eq .Values.email.type "sendgrid") (eq .Values.multiAccount true) (ne .Values.auth.type "system") }} + - name: BINDPLANE_EMAIL_TYPE + value: sendgrid + - name: BINDPLANE_SEND_GRID_API_TOKEN + value: {{ .Values.email.sendgrid.token }} + {{- end }} + - name: BINDPLANE_PORT + value: "3001" + - name: BINDPLANE_PROMETHEUS_ENABLE + value: "true" + - name: BINDPLANE_PROMETHEUS_ENABLE_REMOTE + value: "true" + - name: BINDPLANE_PROMETHEUS_HOST + {{- if .Values.prometheus.remote }} + value: {{ .Values.prometheus.host }} + {{- else }} + value: {{ include "bindplane.fullname" . }}-prometheus + {{- end }} + - name: BINDPLANE_PROMETHEUS_PORT + value: "{{ .Values.prometheus.port }}" + {{- if .Values.prometheus.queryPathPrefix }} + - name: BINDPLANE_PROMETHEUS_QUERY_PATH_PREFIX + value: {{ .Values.prometheus.queryPathPrefix }} + {{- end }} + {{- if and (.Values.prometheus.remoteWrite.host) (.Values.prometheus.remoteWrite.port) }} + - name: BINDPLANE_PROMETHEUS_REMOTE_WRITE_HOST + value: {{ .Values.prometheus.remoteWrite.host }} + - name: BINDPLANE_PROMETHEUS_REMOTE_WRITE_PORT + value: "{{ .Values.prometheus.remoteWrite.port }}" + {{- end }} + - name: BINDPLANE_PROMETHEUS_REMOTE_WRITE_ENDPOINT + value: {{ .Values.prometheus.remoteWrite.path }} + - name: BINDPLANE_PROMETHEUS_AUTH_TYPE + value: {{ .Values.prometheus.auth.type }} + {{- if eq .Values.prometheus.auth.type "basic" }} + - name: BINDPLANE_PROMETHEUS_AUTH_USERNAME + value: {{ .Values.prometheus.auth.username }} + - name: BINDPLANE_PROMETHEUS_AUTH_PASSWORD + value: {{ .Values.prometheus.auth.password }} + {{- end }} + {{- if .Values.prometheus.tls.enable }} + - name: BINDPLANE_PROMETHEUS_ENABLE_TLS + value: "true" + - name: BINDPLANE_PROMETHEUS_TLS_SKIP_VERIFY + value: "{{ .Values.prometheus.tls.insecure }}" + {{- if .Values.prometheus.tls.secret.caSubPath }} + - name: BINDPLANE_PROMETHEUS_TLS_CA + value: /prometheus-ca.crt + {{- end }} + {{- if .Values.prometheus.tls.secret.crtSubPath }} + - name: BINDPLANE_PROMETHEUS_TLS_CERT + value: /prometheus-client.crt + {{- end }} + {{- if .Values.prometheus.tls.secret.keySubPath }} + - name: BINDPLANE_PROMETHEUS_TLS_KEY + value: /prometheus-client.key + {{- end }} + {{- end }} + {{- if len .Values.extraEnv }} + {{- toYaml .Values.extraEnv | nindent 12 }} + {{- end }} + {{- with .Values.nats.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + startupProbe: + httpGet: + path: /healthz + port: nats-http + initialDelaySeconds: 0 + timeoutSeconds: 5 + periodSeconds: 1 + successThreshold: 1 + failureThreshold: 10 + readinessProbe: + httpGet: + path: /healthz?js-server-only=true + port: nats-http + initialDelaySeconds: 0 + timeoutSeconds: 5 + periodSeconds: 10 + successThreshold: 1 + failureThreshold: 3 + livenessProbe: + httpGet: + path: /healthz?js-enabled-only=true + port: nats-http + initialDelaySeconds: 0 + timeoutSeconds: 5 + periodSeconds: 30 + successThreshold: 1 + failureThreshold: 3 + {{- with .Values.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} + volumeMounts: + - mountPath: /data + name: data + {{- if eq (include "bindplane.auth.type" .) "ldap" }} + {{- if .Values.auth.ldap.tls.ca.secret }} + - mountPath: /ldap-ca.crt + name: {{ .Values.auth.ldap.tls.ca.secret }} + subPath: {{ .Values.auth.ldap.tls.ca.subPath }} + {{- end }} + {{- end }} + {{- if .Values.prometheus.tls.enable }} + {{- if .Values.prometheus.tls.secret.caSubPath }} + - mountPath: /prometheus-ca.crt + name: {{ .Values.prometheus.tls.secret.name }} + subPath: {{ .Values.prometheus.tls.secret.caSubPath }} + {{- end }} + {{- if .Values.prometheus.tls.secret.crtSubPath }} + - mountPath: /prometheus-client.crt + name: {{ .Values.prometheus.tls.secret.name }} + subPath: {{ .Values.prometheus.tls.secret.crtSubPath }} + {{- end }} + {{- if .Values.prometheus.tls.secret.keySubPath }} + - mountPath: /prometheus-client.key + name: {{ .Values.prometheus.tls.secret.name }} + subPath: {{ .Values.prometheus.tls.secret.keySubPath }} + {{- end }} + {{- end }} + {{- if len .Values.extraVolumeMounts }} + {{- toYaml .Values.extraVolumeMounts | nindent 12 }} + {{- end }} + lifecycle: + preStop: + exec: + command: ["sh", "-c", "sleep 5",] + terminationGracePeriodSeconds: 60 + volumes: + - name: data + emptyDir: {} + {{- if eq (include "bindplane.auth.type" .) "ldap" }} + {{- if .Values.auth.ldap.tls.ca.secret }} + - name: {{ .Values.auth.ldap.tls.ca.secret }} + secret: + defaultMode: 0400 + secretName: {{ .Values.auth.ldap.tls.ca.secret }} + {{- end }} + {{- end }} + {{- if .Values.prometheus.tls.enable }} + {{- if .Values.prometheus.tls.secret.name }} + - name: {{ .Values.prometheus.tls.secret.name }} + secret: + defaultMode: 0400 + secretName: {{ .Values.prometheus.tls.secret.name }} + {{- end }} + {{- end }} + {{- if len .Values.extraVolumes }} + {{- toYaml .Values.extraVolumes | nindent 8 }} + {{- end }} +{{- end }} diff --git a/charts/bindplane/templates/bindplane.yaml b/charts/bindplane/templates/bindplane.yaml index 7482053e..7031c52b 100644 --- a/charts/bindplane/templates/bindplane.yaml +++ b/charts/bindplane/templates/bindplane.yaml @@ -271,6 +271,18 @@ spec: {{- end }} {{- end }} {{- end }} + {{- if eq .Values.eventbus.type "nats" }} + - name: BINDPLANE_EVENT_BUS_TYPE + value: nats + - name: BINDPLANE_NATS_CLIENT_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: BINDPLANE_NATS_CLIENT_ENDPOINT + value: nats://{{ include "bindplane.fullname" . }}-nats-client-headless.{{ .Release.Namespace }}.svc.cluster.local:4222 + - name: BINDPLANE_NATS_CLIENT_SUBJECT + value: bindplane-event-bus + {{- end }} {{- if eq (include "bindplane.auth.type" .) "ldap" }} - name: BINDPLANE_AUTH_TYPE value: {{ .Values.auth.type }} diff --git a/charts/bindplane/templates/service.yaml b/charts/bindplane/templates/service.yaml index 9ec99080..69c903be 100644 --- a/charts/bindplane/templates/service.yaml +++ b/charts/bindplane/templates/service.yaml @@ -26,4 +26,65 @@ spec: app.kubernetes.io/instance: {{ .Release.Name }} sessionAffinity: None type: ClusterIP - +{{- if eq .Values.eventbus.type "nats" }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "bindplane.fullname" . }}-nats-cluster-headless + namespace: {{ .Release.Namespace }} + annotations: + {{- if .Values.service.annotations }} +{{ toYaml .Values.service.annotations | indent 4 }} + {{- end }} + labels: + app.kubernetes.io/name: {{ include "bindplane.name" . }} + app.kubernetes.io/stack: bindplane + app.kubernetes.io/component: nats + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +spec: + ports: + - port: 6222 + protocol: TCP + targetPort: nats-cluster + name: nats-cluster + selector: + app.kubernetes.io/name: {{ include "bindplane.name" . }} + app.kubernetes.io/stack: bindplane + app.kubernetes.io/component: nats + app.kubernetes.io/instance: {{ .Release.Name }} + type: ClusterIP + clusterIP: None + publishNotReadyAddresses: true +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "bindplane.fullname" . }}-nats-client-headless + namespace: {{ .Release.Namespace }} + annotations: + {{- if .Values.service.annotations }} +{{ toYaml .Values.service.annotations | indent 4 }} + {{- end }} + labels: + app.kubernetes.io/name: {{ include "bindplane.name" . }} + app.kubernetes.io/stack: bindplane + app.kubernetes.io/component: nats + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +spec: + ports: + - port: 4222 + protocol: TCP + targetPort: nats-client + name: nats-client + selector: + app.kubernetes.io/name: {{ include "bindplane.name" . }} + app.kubernetes.io/stack: bindplane + app.kubernetes.io/component: nats + app.kubernetes.io/instance: {{ .Release.Name }} + type: ClusterIP + clusterIP: None + publishNotReadyAddresses: false +{{- end }} diff --git a/charts/bindplane/values.yaml b/charts/bindplane/values.yaml index d7d1376c..22419299 100644 --- a/charts/bindplane/values.yaml +++ b/charts/bindplane/values.yaml @@ -118,7 +118,7 @@ prometheus: eventbus: - # The eventbus type to use when BindPlane is deployed with multiple pods (Deployment). Available options include `pubsub`. By default, this option is not required as BindPlane OP operates as a StatefulSet with one pod. + # The eventbus type to use when BindPlane is deployed with multiple pods (Deployment). Available options include `pubsub`, `kafka`, `nats`. By default, this option is not required as BindPlane OP operates as a StatefulSet with one pod. type: "" pubsub: @@ -327,6 +327,18 @@ resources: # Disable cpu limit by default, for burstable qos class # cpu: 1000m +nats: + # -- NATs server resources request block, when event bus type is `nats`. + resources: + requests: + # -- Memory request for the NATs server pods, when event bus type is `nats`. + memory: 1000Mi + # -- CPU request for the NATs server pods, when event bus type is `nats`. + cpu: 1000m + limits: + # -- Memory limit for the NATs server pods, when event bus type is `nats`. + memory: 1000Mi + # Configuration for the jobs pod jobs: resources: @@ -344,6 +356,11 @@ jobs: health: # -- Full configuration for startupProbe. Supports all options documented here: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/. startupProbe: + initialDelaySeconds: 0 + periodSeconds: 5 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 20 httpGet: path: /health port: http diff --git a/test/cases/nats/values.yaml b/test/cases/nats/values.yaml new file mode 100644 index 00000000..2b1b2347 --- /dev/null +++ b/test/cases/nats/values.yaml @@ -0,0 +1,53 @@ +service: + annotations: + a: b + +extraEnv: + - name: BINDPLANE_LOGGING_LEVEL + value: debug + +# Required options +config: + username: bpuser + password: bppass + sessions_secret: 4484766F-5016-4077-B8E0-0DE1D637854B + server_url: http://bindplane.local:80 + remote_url: ws://bindplane.local:80 + # The secret "bindplane" should exist and have the + # key license with a license key as the value. + # License is required in CI in order to use Postgres store. + licenseUseSecret: true + +ingress: + enable: true + host: bindplane.local + class: nginx + +backend: + type: postgres + postgres: + host: postgres.postgres.svc.cluster.local + database: bindplane + username: postgres + password: password + maxConnections: 20 + +eventbus: + type: nats + +replicas: 1 + +resources: + requests: + memory: 100Mi + cpu: 100m + limits: + memory: 100Mi + +nats: + resources: + requests: + memory: 100Mi + cpu: 100m + limits: + memory: 100Mi