diff --git a/charts/cryostat/README.md b/charts/cryostat/README.md index 7b362b88..8c805aaa 100644 --- a/charts/cryostat/README.md +++ b/charts/cryostat/README.md @@ -72,19 +72,25 @@ A Helm chart for deploying [Cryostat](https://cryostat.io/) on Kubernetes and Op ### Other Parameters -| Name | Description | Value | -| ---------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- | -| `minimal` | Specify whether to deploy a Cryostat instance with no Grafana Dashboard or JFR Data Source | `false` | -| `imagePullSecrets` | Image pull secrets to be used for the Cryostat deployment | `[]` | -| `nameOverride` | Overrides the name of this Chart | `""` | -| `fullnameOverride` | Overrides the fully qualified application name of `[release name]-[chart name]` | `""` | -| `rbac.create` | Specifies whether RBAC resources should be created | `true` | -| `serviceAccount.create` | Specifies whether a service account should be created | `true` | -| `serviceAccount.annotations` | Annotations to add to the service account | `{}` | -| `serviceAccount.name` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | `""` | -| `podAnnotations` | Annotations to be applied to the Cryostat Pod | `{}` | -| `podSecurityContext` | Security Context for the Cryostat Pod. Defaults to meet "restricted" [Pod Security Standard](https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted). See: [PodSecurityContext](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#security-context) | `{}` | -| `nodeSelector` | Node Selector for the Cryostat Pod. See: [NodeSelector](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#scheduling) | `{}` | -| `tolerations` | Tolerations for the Cryostat Pod. See: [Tolerations](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#scheduling) | `[]` | -| `affinity` | Affinity for the Cryostat Pod. See: [Affinity](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#scheduling) | `{}` | +| Name | Description | Value | +| ---------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------- | +| `minimal` | Specify whether to deploy a Cryostat instance with no Grafana Dashboard or JFR Data Source | `false` | +| `imagePullSecrets` | Image pull secrets to be used for the Cryostat deployment | `[]` | +| `nameOverride` | Overrides the name of this Chart | `""` | +| `fullnameOverride` | Overrides the fully qualified application name of `[release name]-[chart name]` | `""` | +| `rbac.create` | Specifies whether RBAC resources should be created | `true` | +| `serviceAccount.create` | Specifies whether a service account should be created | `true` | +| `serviceAccount.annotations` | Annotations to add to the service account | `{}` | +| `serviceAccount.name` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | `""` | +| `podAnnotations` | Annotations to be applied to the Cryostat Pod | `{}` | +| `podSecurityContext` | Security Context for the Cryostat Pod. Defaults to meet "restricted" [Pod Security Standard](https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted). See: [PodSecurityContext](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#security-context) | `{}` | +| `nodeSelector` | Node Selector for the Cryostat Pod. See: [NodeSelector](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#scheduling) | `{}` | +| `tolerations` | Tolerations for the Cryostat Pod. See: [Tolerations](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#scheduling) | `[]` | +| `affinity` | Affinity for the Cryostat Pod. See: [Affinity](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#scheduling) | `{}` | +| `pvc.enabled` | Specify whether to use persistentVolumeClaim or EmptyDir storage | `false` | +| `pvc.annotations` | Annotations to add to the persistentVolumeClaim | `{}` | +| `pvc.storage` | Storage size to request for the persistentVolumeClaim | `500Mi` | +| `pvc.accessModes` | Access mode for the persistentVolumeClaim. See: [Access Modes](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims) | `["ReadWriteOnce"]` | +| `pvc.selector` | Selector for the persistentVolumeClaim. See: [Selector](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims) | `{}` | +| `pvc.storageClassName` | The name of the StorageClass for the persistentVolumeClaim. See: [Class](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims) | `undefined` | diff --git a/charts/cryostat/templates/deployment.yaml b/charts/cryostat/templates/deployment.yaml index fa764efb..40ec2640 100644 --- a/charts/cryostat/templates/deployment.yaml +++ b/charts/cryostat/templates/deployment.yaml @@ -5,6 +5,9 @@ metadata: labels: {{- include "cryostat.labels" . | nindent 4 }} spec: + replicas: 1 + strategy: + type: Recreate selector: matchLabels: {{- include "cryostat.selectorLabels" . | nindent 6 }} @@ -71,6 +74,20 @@ spec: - name: CRYOSTAT_SSL_PROXIED value: "true" {{- end }} + {{- if ((.Values.pvc).enabled) }} + - name: CRYOSTAT_JDBC_URL + value: jdbc:h2:file:/opt/cryostat.d/conf.d/h2;INIT=create domain if not exists jsonb as varchar + - name: CRYOSTAT_HBM2DDL + value: update + - name: CRYOSTAT_JDBC_DRIVER + value: org.h2.Driver + - name: CRYOSTAT_HIBERNATE_DIALECT + value: org.hibernate.dialect.H2Dialect + - name: CRYOSTAT_JDBC_USERNAME + value: {{ include "cryostat.fullname" . }} + - name: CRYOSTAT_JDBC_PASSWORD + value: {{ include "cryostat.fullname" . }} + {{- end }} - name: CRYOSTAT_JMX_CREDENTIALS_DB_PASSWORD valueFrom: secretKeyRef: @@ -164,5 +181,12 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} volumes: + {{- if ((.Values.pvc).enabled) }} + - name: {{ .Chart.Name }} + persistentVolumeClaim: + claimName: {{ .Release.Name }} + {{- end }} + {{- if not ((.Values.pvc).enabled) }} - name: {{ .Chart.Name }} emptyDir: {} + {{- end }} diff --git a/charts/cryostat/templates/pvc.yaml b/charts/cryostat/templates/pvc.yaml new file mode 100644 index 00000000..9e453623 --- /dev/null +++ b/charts/cryostat/templates/pvc.yaml @@ -0,0 +1,27 @@ +{{- if ((.Values.pvc).enabled) }} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ include "cryostat.fullname" . }} + {{- $labels := include "cryostat.labels" $ | nindent 4 }} + labels: {{ $labels }} + {{- with .Values.pvc.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- with .Values.pvc.accessModes }} + accessModes: + {{- toYaml . | nindent 4 }} + {{- end }} + resources: + requests: + storage: {{ .Values.pvc.storage }} + {{- if kindIs "string" .Values.pvc.storageClassName }} + storageClassName: {{ .Values.pvc.storageClassName | quote }} + {{- end }} + {{- with .Values.pvc.selector }} + selector: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/cryostat/values.schema.json b/charts/cryostat/values.schema.json index f0104513..427256aa 100644 --- a/charts/cryostat/values.schema.json +++ b/charts/cryostat/values.schema.json @@ -490,6 +490,31 @@ "description": "Tolerations for the Cryostat Pod. See: [Tolerations](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#scheduling)", "default": [], "items": {} + }, + "pvc": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Specify whether to use persistentVolumeClaim or EmptyDir storage", + "default": false + }, + "storage": { + "type": "string", + "description": "Storage size to request for the persistentVolumeClaim", + "default": "500Mi" + }, + "accessModes": { + "type": "array", + "description": "Access mode for the persistentVolumeClaim. See: [Access Modes](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims)", + "default": [ + "ReadWriteOnce" + ], + "items": { + "type": "string" + } + } + } } } } \ No newline at end of file diff --git a/charts/cryostat/values.yaml b/charts/cryostat/values.yaml index 38dbb0eb..b33b3f92 100644 --- a/charts/cryostat/values.yaml +++ b/charts/cryostat/values.yaml @@ -188,3 +188,18 @@ tolerations: [] ## @param affinity [object] Affinity for the Cryostat Pod. See: [Affinity](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#scheduling) affinity: {} + +pvc: + ## @param pvc.enabled Specify whether to use persistentVolumeClaim or EmptyDir storage + enabled: false + ## @param pvc.annotations [object] Annotations to add to the persistentVolumeClaim + annotations: {} + ## @param pvc.storage Storage size to request for the persistentVolumeClaim + storage: 500Mi + ## @param pvc.accessModes Access mode for the persistentVolumeClaim. See: [Access Modes](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims) + accessModes: + - ReadWriteOnce + ## @param pvc.selector [object] Selector for the persistentVolumeClaim. See: [Selector](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims) + selector: {} + ## @param pvc.storageClassName [string, nullable] The name of the StorageClass for the persistentVolumeClaim. See: [Class](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims) + # storageClassName: