Skip to content

Commit

Permalink
Add composition for MariaDB service
Browse files Browse the repository at this point in the history
Signed-off-by: Nicolas Bigler <nicolas.bigler@vshn.ch>
  • Loading branch information
TheBigLee committed Nov 28, 2023
1 parent f0dfd92 commit 7f27a87
Show file tree
Hide file tree
Showing 55 changed files with 2,208 additions and 195 deletions.
1 change: 1 addition & 0 deletions component/class/appcat.yml
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,7 @@ parameters:
- ${_base_directory}/component/vshn_services.jsonnet
- ${_base_directory}/component/statefuleset-resize-controller.jsonnet
- ${_base_directory}/component/functions.jsonnet
- ${_base_directory}/component/vshn_appcat_services.jsonnet
input_type: jsonnet
output_path: appcat/

Expand Down
166 changes: 134 additions & 32 deletions component/class/defaults.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,9 @@ parameters:
redis:
source: https://charts.bitnami.com/bitnami
version: 17.7.1
mariadb:
source: https://charts.bitnami.com/bitnami
version: 10.1.3
minio:
source: https://charts.min.io
version: 5.0.13
Expand Down Expand Up @@ -39,7 +42,7 @@ parameters:
appcat:
registry: ghcr.io
repository: vshn/appcat
tag: v4.43.1
tag: feature/mariadb
apiserver:
registry: ghcr.io
repository: vshn/appcat-apiserver
Expand All @@ -64,7 +67,54 @@ parameters:
tenantID: ${cluster:tenant}
quotasEnabled: false
grpcEndpoint: host.docker.internal:9443

defaultRestoreRoleRules:
- apiGroups:
- vshn.appcat.vshn.io
resources:
- vshnredis
verbs:
- get
- apiGroups:
- 'k8up.io'
resources:
- snapshots
verbs:
- get
- apiGroups:
- ''
resources:
- secrets
verbs:
- get
- create
- delete
- apiGroups:
- apps
resources:
- statefulsets/scale
verbs:
- update
- patch
- apiGroups:
- apps
resources:
- statefulsets
verbs:
- get
- apiGroups:
- batch
resources:
- jobs
verbs:
- get
- apiGroups:
- ''
resources:
- events
verbs:
- get
- create
- patch
controller:
enabled: false
namespace: ${appcat:namespace}
Expand Down Expand Up @@ -101,6 +151,7 @@ parameters:
APPCAT_HANDLER_ENABLED: "true"
VSHN_POSTGRES_BACKUP_HANDLER_ENABLED: "false"
VSHN_REDIS_BACKUP_HANDLER_ENABLED: "false"
VSHN_MARIADB_BACKUP_HANDLER_ENABLED: "false"
extraArgs: []
extraEnv: {}
apiservice:
Expand All @@ -118,6 +169,15 @@ parameters:
slos:
enabled: true
alertsEnabled: true
uptimeDefaults:
objective: 99.9
alerting:
page_alert:
# This should reduce non actionable alerts because of single instance restarts.
# The page alert looks (ammong other things) at the burn rate over the last 5min.
# If the alert is pending for more than 5m this indicates a real problem.
for: 6m
ticket_alert: {}
namespace: appcat-slos
namespaceLabels: ${appcat:namespaceLabels}
namespaceAnnotations: ${appcat:namespaceAnnotations}
Expand Down Expand Up @@ -157,36 +217,14 @@ parameters:
ticket_labels:
severity: "warning"
vshn:
postgres:
uptime:
objective: 99.9
alerting:
page_alert:
# This should reduce non actionable alerts because of single instance restarts.
# The page alert looks (ammong other things) at the burn rate over the last 5min.
# If the alert is pending for more than 5m this indicates a real problem.
for: 6m
ticket_alert: {}
redis:
uptime:
objective: 99.9
alerting:
page_alert:
# This should reduce non actionable alerts because of single instance restarts.
# The page alert looks (ammong other things) at the burn rate over the last 5min.
# If the alert is pending for more than 5m this indicates a real problem.
for: 6m
ticket_alert: {}
minio:
uptime:
objective: 99.9
alerting:
page_alert:
# This should reduce non actionable alerts because of single instance restarts.
# The page alert looks (ammong other things) at the burn rate over the last 5min.
# If the alert is pending for more than 5m this indicates a real problem.
for: 6m
ticket_alert: {}
PostgreSQL:
uptime: ${appcat:slos:uptimeDefaults}
Redis:
uptime: ${appcat:slos:uptimeDefaults}
Minio:
uptime: ${appcat:slos:uptimeDefaults}
MariaDB:
uptime: ${appcat:slos:uptimeDefaults}

providers:
cloudscale:
Expand Down Expand Up @@ -455,6 +493,70 @@ parameters:
memory: "1Gi"
disk: 50Gi
instances: []
services:
mariadb:
serviceName: VSHNMariaDB
connectionSecretKeys:
- ca.crt
- MARIADB_HOST
- MARIADB_PORT
- MARIADB_USERNAME
- MARIADB_PASSWORD
- MARIADB_URL
mode: standalone
offered: true
enabled: false
restoreSA: mariadbrestoreserviceaccount
restoreRoleRules: ${appcat:defaultRestoreRoleRules}
hasSts: true
openshiftTemplate:
serviceName: mariadbbyvshn
description: 'The open source relational database management system (DBMS) that is a compatible drop-in replacement for the widely used MySQL database technology'
message: 'Your MariaDB by VSHN instance is being provisioned, please see \${SECRET_NAME} for access.'
url: https://vs.hn/vshn-mariadb
tags: 'database,sql,mariadb'
icon: 'icon-mariadb'
defaultVersion: '11.2'
enableNetworkPolicy: false
secretNamespace: ${appcat:services:vshn:secretNamespace}
helmChartVersion: ${appcat:charts:mariadb:version}
imageRegistry: ""
bucket_region: "lpg"
grpcEndpoint: ${appcat:grpcEndpoint}
proxyFunction: false
defaultPlan: standard-1
sla: 99.25
plans:
standard-512m:
size:
enabled: true
cpu: "125m"
memory: "512Mi"
disk: 16Gi
standard-1:
size:
enabled: true
cpu: "250m"
memory: "1Gi"
disk: 16Gi
standard-2:
size:
enabled: true
cpu: "500m"
memory: "2Gi"
disk: 16Gi
standard-4:
size:
enabled: true
cpu: "1"
memory: "4Gi"
disk: 16Gi
standard-8:
size:
enabled: true
cpu: "2"
memory: "8Gi"
disk: 16Gi

# Config for exoscale composites
exoscale:
Expand Down
29 changes: 29 additions & 0 deletions component/component/helm_monitoring.jsonnet
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
local kap = import 'lib/kapitan.libjsonnet';
local kube = import 'lib/kube.libjsonnet';

local inv = kap.inventory();
local params = inv.parameters.appcat;


local helmMonitoringClusterRole = kube.ClusterRole('allow-helm-monitoring-resources') {
rules: [
{
apiGroups: [ 'monitoring.coreos.com' ],
resources: [ 'servicemonitors' ],
verbs: [ '*' ],
},
],
};
local helmMonitoringServiceAccount = kube.ServiceAccount('provider-helm') + {
metadata+: {
namespace: 'syn-crossplane',
},
};
local helmMonitoringClusterRoleBinding = kube.ClusterRoleBinding('system:serviceaccount:syn-crossplane:provider-helm') + {
roleRef_: helmMonitoringClusterRole,
subjects_: [ helmMonitoringServiceAccount ],
};

if params.services.vshn.enabled then {
'20_rbac_vshn_metrics_servicemonitor': [ helmMonitoringClusterRole, helmMonitoringClusterRoleBinding ],
} else {}
14 changes: 9 additions & 5 deletions component/component/main.jsonnet
Original file line number Diff line number Diff line change
Expand Up @@ -167,10 +167,14 @@ local emailSecret = kube.Secret(params.services.vshn.emailAlerting.secretName) {
'10_appcat_maintenance_recording_rule': maintenanceRule,
[if params.services.vshn.enabled && params.services.vshn.emailAlerting.enabled then '10_mailgun_secret']: emailSecret,

} + if params.slos.enabled then {
[if params.services.vshn.enabled && params.services.vshn.postgres.enabled then 'sli_exporter/90_slo_vshn_postgresql']: slos.Get('vshn-postgresql'),
[if params.services.vshn.enabled && params.services.vshn.postgres.enabled then 'sli_exporter/90_slo_vshn_postgresql_ha']: slos.Get('vshn-postgresql-ha'),
[if params.services.vshn.enabled && params.services.vshn.redis.enabled then 'sli_exporter/90_slo_vshn_redis']: slos.Get('vshn-redis'),
[if params.services.vshn.enabled && params.services.vshn.redis.enabled then 'sli_exporter/90_slo_vshn_redis_ha']: slos.Get('vshn-redis-ha'),
} + if params.slos.enabled && params.services.vshn.enabled then {
[if params.services.vshn.postgres.enabled then 'sli_exporter/90_slo_vshn_postgresql']: slos.Get('vshn-postgresql'),
[if params.services.vshn.postgres.enabled then 'sli_exporter/90_slo_vshn_postgresql_ha']: slos.Get('vshn-postgresql-ha'),
[if params.services.vshn.redis.enabled then 'sli_exporter/90_slo_vshn_redis']: slos.Get('vshn-redis'),
[if params.services.vshn.redis.enabled then 'sli_exporter/90_slo_vshn_redis_ha']: slos.Get('vshn-redis-ha'),
[if params.services.vshn.minio.enabled then 'sli_exporter/90_slo_vshn_minio']: slos.Get('vshn-minio'),
[if params.services.vshn.minio.enabled then 'sli_exporter/90_slo_vshn_minio_ha']: slos.Get('vshn-minio-ha'),
[if params.services.vshn.services.mariadb.enabled then 'sli_exporter/90_slo_vshn_mariadb']: slos.Get('vshn-mariadb'),
[if params.services.vshn.services.mariadb.enabled then 'sli_exporter/90_slo_vshn_mariadb_ha']: slos.Get('vshn-mariadb-ha'),
}
else {}
5 changes: 5 additions & 0 deletions component/component/provider.jsonnet
Original file line number Diff line number Diff line change
Expand Up @@ -284,6 +284,11 @@ local runtimeConfigRef(name) = {
resources: [ 'jobs' ],
verbs: [ 'get', 'list', 'watch', 'create', 'delete' ],
},
{
apiGroups: [ 'monitoring.coreos.com' ],
resources: [ 'servicemonitors' ],
verbs: [ '*' ],
},
],
};
local rolebinding = kube.ClusterRoleBinding('crossplane:provider:provider-helm:system:custom') {
Expand Down
Loading

0 comments on commit 7f27a87

Please sign in to comment.