opensearch-project · Sebor · Oct 28, 2021 · Nov 1, 2021 · Nov 1, 2021 · Nov 2, 2021
@@ -13,6 +13,17 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Fixed
 ### Security
 ---
+
+## [1.3.0]
+### Added
+### Changed
+- Rework deprecated node roles definition. Now in `values.yaml` roles are described as a list and there are no any deprecation warnings in logs.
+### Deprecated
+### Removed
+### Fixed
+### Security
+---
+
 ## [1.2.4]
 ### Added
 ### Changed

@@ -15,7 +15,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 1.2.4
+version: 1.3.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

@@ -79,7 +79,7 @@ helm uninstall my-release
 | `rbac`                             | Configuration for creating a role, role binding and ServiceAccount as part of this Helm chart with `create: true`. Also can be used to reference an external ServiceAccount with `serviceAccountName: "externalServiceAccountName"`                       | see [values.yaml][]                             |
 | `replicas`                         | Kubernetes replica count for the StatefulSet (i.e. how many pods)                                                                                                                                                                                         | `3`                                             |
 | `resources`                        | Allows you to set the [resources][] for the StatefulSet                                                                                                                                                                                                   | see [values.yaml][]                             |
-| `roles`                            | A hash map with the specific [roles][] for the `nodeGroup`                                                                                                                                                                                                | see [values.yaml][]                             |
+| `roles`                            | A list of the specific node [roles][] for the `nodeGroup`                                                                                                                                                                                                | see [values.yaml][]                             |
 | `schedulerName`                    | Name of the [alternate scheduler][]                                                                                                                                                                                                                       | `""`                                            |
 | `secretMounts`                     | Allows you easily mount a secret as a file inside the StatefulSet. Useful for mounting certificates and other secrets. See [values.yaml][] for an example                                                                                                 | `[]`                                            |
 | `securityConfig`                   | Configure the opensearch security plugin. There are multiple ways to inject configuration into the chart, see [values.yaml](https://github.com/opensearch-project/helm-charts/blob/main/charts/opensearch/values.yaml) details.                           | By default an insecure demonstration configuration is set. This **must** be changed before going to production. |

@@ -9,10 +9,10 @@ masterService: "opensearch-cluster-master"
 # OpenSearch roles that will be applied to this nodeGroup
 # These will be set as environment variables. E.g. node.master=true
 roles:
-  master: "true"
-  ingest: "true"
-  data: "true"
-  remote_cluster_client: "true"
+  - master
+  - ingest
+  - data
+  - remote_cluster_client
 
 replicas: 1
 minimumMasterNodes: 1
@@ -114,7 +114,8 @@ image: "opensearchproject/opensearch"
 imageTag: ""
 imagePullPolicy: "IfNotPresent"
 
-podAnnotations: {}
+podAnnotations:
+  {}
   # iam.amazonaws.com/role: es-cluster
 
 # additionals labels
@@ -127,15 +128,17 @@ resources:
     cpu: "1000m"
     memory: "100Mi"
 
-initResources: {}
+initResources:
+  {}
   # limits:
   #   cpu: "25m"
   #   # memory: "128Mi"
   # requests:
   #   cpu: "25m"
   #   memory: "128Mi"
 
-sidecarResources: {}
+sidecarResources:
+  {}
   # limits:
   #   cpu: "25m"
   #   # memory: "128Mi"
@@ -187,21 +190,25 @@ persistence:
   size: 8Gi
   annotations: {}
 
-extraVolumes: []
+extraVolumes:
+  []
   # - name: extras
   #   emptyDir: {}
 
-extraVolumeMounts: []
+extraVolumeMounts:
+  []
   # - name: extras
   #   mountPath: /usr/share/extras
   #   readOnly: true
 
-extraContainers: []
+extraContainers:
+  []
   # - name: do-something
   #   image: busybox
   #   command: ['do', 'something']
 
-extraInitContainers: []
+extraInitContainers:
+  []
   # - name: do-somethings
   #   image: busybox
   #   command: ['do', 'something']
@@ -288,7 +295,8 @@ securityConfig:
     #   created externally and mount it.
     # * It is an error to define both data and securityConfigSecret.
     securityConfigSecret: ""
-    data: {}
+    data:
+      {}
       # config.yml: |-
       # internal_users.yml: |-
       # roles.yml: |-
@@ -321,7 +329,8 @@ tolerations: []
 # Only enable this if you have security enabled on your cluster
 ingress:
   enabled: false
-  annotations: {}
+  annotations:
+    {}
     # kubernetes.io/ingress.class: nginx
     # kubernetes.io/tls-acme: "true"
   path: /
@@ -337,7 +346,8 @@ fullnameOverride: ""
 
 masterTerminationFix: false
 
-lifecycle: {}
+lifecycle:
+  {}
   # preStop:
   #   exec:
   #     command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"]

@@ -9,10 +9,10 @@ masterService: "opensearch-cluster-master"
 # OpenSearch roles that will be applied to this nodeGroup
 # These will be set as environment variables. E.g. node.master=true
 roles:
-  master: "true"
-  ingest: "true"
-  data: "true"
-  remote_cluster_client: "true"
+  - master
+  - ingest
+  - data
+  - remote_cluster_client
 
 replicas: 1
 minimumMasterNodes: 1
@@ -114,7 +114,8 @@ image: "opensearchproject/opensearch"
 imageTag: ""
 imagePullPolicy: "IfNotPresent"
 
-podAnnotations: {}
+podAnnotations:
+  {}
   # iam.amazonaws.com/role: es-cluster
 
 # additionals labels
@@ -127,15 +128,17 @@ resources:
     cpu: "1000m"
     memory: "100Mi"
 
-initResources: {}
+initResources:
+  {}
   # limits:
   #   cpu: "25m"
   #   # memory: "128Mi"
   # requests:
   #   cpu: "25m"
   #   memory: "128Mi"
 
-sidecarResources: {}
+sidecarResources:
+  {}
   # limits:
   #   cpu: "25m"
   #   # memory: "128Mi"
@@ -187,21 +190,25 @@ persistence:
   size: 8Gi
   annotations: {}
 
-extraVolumes: []
+extraVolumes:
+  []
   # - name: extras
   #   emptyDir: {}
 
-extraVolumeMounts: []
+extraVolumeMounts:
+  []
   # - name: extras
   #   mountPath: /usr/share/extras
   #   readOnly: true
 
-extraContainers: []
+extraContainers:
+  []
   # - name: do-something
   #   image: busybox
   #   command: ['do', 'something']
 
-extraInitContainers: []
+extraInitContainers:
+  []
   # - name: do-somethings
   #   image: busybox
   #   command: ['do', 'something']
@@ -288,7 +295,8 @@ securityConfig:
     #   created externally and mount it.
     # * It is an error to define both data and securityConfigSecret.
     securityConfigSecret: ""
-    data: {}
+    data:
+      {}
       # config.yml: |-
       # internal_users.yml: |-
       # roles.yml: |-
@@ -321,7 +329,8 @@ tolerations: []
 # Only enable this if you have security enabled on your cluster
 ingress:
   enabled: false
-  annotations: {}
+  annotations:
+    {}
     # kubernetes.io/ingress.class: nginx
     # kubernetes.io/tls-acme: "true"
   path: /
@@ -337,7 +346,8 @@ fullnameOverride: ""
 
 masterTerminationFix: false
 
-lifecycle: {}
+lifecycle:
+  {}
   # preStop:
   #   exec:
   #     command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"]

@@ -102,3 +102,9 @@ app.kubernetes.io/instance: {{ .Release.Name }}
   {{- .Values.global.dockerRegistry | trimSuffix "/" | printf "%s/" -}}
 {{- end -}}
 {{- end -}}
+
+{{- define "opensearch.roles" -}}
+{{- range $.Values.roles -}}
+{{ . }},
+{{- end -}}
+{{- end -}}
@@ -303,7 +303,7 @@ spec:
           valueFrom:
             fieldRef:
               fieldPath: metadata.name
-        {{- if eq .Values.roles.master "true" }}
+        {{- if has "master" .Values.roles }}
         - name: cluster.initial_master_nodes
           value: "{{ template "opensearch.endpoints" . }}"
         {{- end }}
@@ -315,10 +315,8 @@ spec:
           value: "{{ .Values.networkHost }}"
         - name: OPENSEARCH_JAVA_OPTS
           value: "{{ .Values.opensearchJavaOpts }}"
-        {{- range $role, $enabled := .Values.roles }}
-        - name: node.{{ $role }}
-          value: "{{ $enabled }}"
-        {{- end }}
+        - name: node.roles
+          value: "{{ template "opensearch.roles" . }}"
 {{- if .Values.extraEnvs }}
 {{ toYaml .Values.extraEnvs | indent 8 }}
 {{- end }}

@@ -9,10 +9,10 @@ masterService: "opensearch-cluster-master"
 # OpenSearch roles that will be applied to this nodeGroup
 # These will be set as environment variables. E.g. node.master=true
 roles:
-  master: "true"
-  ingest: "true"
-  data: "true"
-  remote_cluster_client: "true"
+  - master
+  - ingest
+  - data
+  - remote_cluster_client
 
 replicas: 3
 minimumMasterNodes: 1
@@ -114,7 +114,8 @@ image: "opensearchproject/opensearch"
 imageTag: ""
 imagePullPolicy: "IfNotPresent"
 
-podAnnotations: {}
+podAnnotations:
+  {}
   # iam.amazonaws.com/role: es-cluster
 
 # additionals labels
@@ -127,15 +128,17 @@ resources:
     cpu: "1000m"
     memory: "100Mi"
 
-initResources: {}
+initResources:
+  {}
   # limits:
   #   cpu: "25m"
   #   # memory: "128Mi"
   # requests:
   #   cpu: "25m"
   #   memory: "128Mi"
 
-sidecarResources: {}
+sidecarResources:
+  {}
   # limits:
   #   cpu: "25m"
   #   # memory: "128Mi"
@@ -189,21 +192,25 @@ persistence:
   size: 8Gi
   annotations: {}
 
-extraVolumes: []
+extraVolumes:
+  []
   # - name: extras
   #   emptyDir: {}
 
-extraVolumeMounts: []
+extraVolumeMounts:
+  []
   # - name: extras
   #   mountPath: /usr/share/extras
   #   readOnly: true
 
-extraContainers: []
+extraContainers:
+  []
   # - name: do-something
   #   image: busybox
   #   command: ['do', 'something']
 
-extraInitContainers: []
+extraInitContainers:
+  []
   # - name: do-somethings
   #   image: busybox
   #   command: ['do', 'something']
@@ -290,7 +297,8 @@ securityConfig:
     #   created externally and mount it.
     # * It is an error to define both data and securityConfigSecret.
     securityConfigSecret: ""
-    data: {}
+    data:
+      {}
       # config.yml: |-
       # internal_users.yml: |-
       # roles.yml: |-
@@ -323,7 +331,8 @@ tolerations: []
 # Only enable this if you have security enabled on your cluster
 ingress:
   enabled: false
-  annotations: {}
+  annotations:
+    {}
     # kubernetes.io/ingress.class: nginx
     # kubernetes.io/tls-acme: "true"
   path: /
@@ -339,7 +348,8 @@ fullnameOverride: ""
 
 masterTerminationFix: false
 
-lifecycle: {}
+lifecycle:
+  {}
   # preStop:
   #   exec:
   #     command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"]