From a021f29976efb9e97707f7a1cc4d47523a99772f Mon Sep 17 00:00:00 2001 From: sinadarbouy Date: Wed, 19 Jun 2024 23:19:49 +0200 Subject: [PATCH] added gatewaydConfig file set example of gatewayd_plugins added gatewaydConfig to ReadMe set default gatewaydConfig to false Move the content configuration from values into files update deployment - add install plugin options - fix volumeMounts when both of gatewaydConfig and gatewaydPluginsConfig enabled --- README.md | 4 +- files/gatewayd.yaml | 72 ++++++++++++++++++++++++++ files/gatewayd_plugins.yaml | 30 +++++++++++ templates/deployment.yaml | 31 ++++++++--- templates/gatewayd_config.yaml | 9 ++++ templates/gatewayd_plugins_config.yaml | 6 +-- values.yaml | 36 ++----------- 7 files changed, 147 insertions(+), 41 deletions(-) create mode 100644 files/gatewayd.yaml create mode 100644 files/gatewayd_plugins.yaml create mode 100644 templates/gatewayd_config.yaml diff --git a/README.md b/README.md index 434b1c0..3c050c9 100644 --- a/README.md +++ b/README.md @@ -35,6 +35,7 @@ helm install gatewayd-release -f values.yaml ./ | `image.pullPolicy` | The image pull policy | `IfNotPresent` | | `resources` | Resource requests and limits for the container | `{}` | | `gatewaydPluginsConfig.enabled` | Determines whether the `gatewayd_plugins.yaml` ConfigMap is mounted to the container. If enabled, a volume and volumeMount are added to the deployment. | `false` | +| `gatewaydConfig.enabled` | Determines whether the `gatewayd.yaml` ConfigMap is mounted to the container. If enabled, a volume and volumeMount are added to the deployment. | `false` | | `nodeSelector` | Node selector for the pod | `{}` | | `affinity` | Affinity for the pod | `{}` | | `tolerations` | Tolerations for the pod | `[]` | @@ -89,7 +90,8 @@ helm install gatewayd-release -f values.yaml ./ |---------------------------------------------|-------------------------------------------------------------------------------------------------------|-----------------------------| | `gatewayd.fullname` | The full name of the deployment, used as the name of the ConfigMap. | | | `.Release.Name` | The release name, used as part of the ConfigMap name. | | -| `gatewaydPluginsConfig.content` | The content of the `gatewayd_plugins.yaml` file. This is set as the `gatewayd_plugins.yaml` data in the ConfigMap. | | +| `files/gatewayd_plugins.yaml` | The content of the `gatewayd_plugins.yaml` file. This is set as the `gatewayd_plugins.yaml` data in the ConfigMap. | | +| `files/gatewayd.yaml` | The content of the `gatewayd.yaml` file. This is set as the `gatewayd.yaml` data in the ConfigMap. | | ## Usage diff --git a/files/gatewayd.yaml b/files/gatewayd.yaml new file mode 100644 index 0000000..881b00b --- /dev/null +++ b/files/gatewayd.yaml @@ -0,0 +1,72 @@ +# GatewayD Global Configuration +loggers: + default: + output: ["console"] # "stdout", "stderr", "syslog", "rsyslog" and "file" + level: "debug" # panic, fatal, error, warn, info (default), debug, trace + noColor: False + timeFormat: "unix" # unixms, unixmicro and unixnano + consoleTimeFormat: "RFC3339" # Go time format string + # If the output contains "file", the following fields are used: + fileName: "gatewayd.log" + maxSize: 500 # MB + # If maxBackups and maxAge are both 0, no old log files will be deleted. + maxBackups: 5 + maxAge: 30 # days + compress: True + localTime: False + # Rsyslog config + rsyslogNetwork: "tcp" + rsyslogAddress: "localhost:514" + syslogPriority: "info" # emerg, alert, crit, err, warning, notice, debug + +metrics: + default: + enabled: True + address: 0.0.0.0:9090 + path: /metrics + readHeaderTimeout: 10s # duration, prevents Slowloris attacks + timeout: 10s # duration + certFile: "" # Certificate file in PEM format + keyFile: "" # Private key file in PEM format + +clients: + default: + network: tcp + address: psql-postgresql.default.svc.cluster.local:5432 + tcpKeepAlive: False + tcpKeepAlivePeriod: 30s # duration + receiveChunkSize: 8192 + receiveDeadline: 0s # duration, 0ms/0s means no deadline + receiveTimeout: 0s # duration, 0ms/0s means no timeout + sendDeadline: 0s # duration, 0ms/0s means no deadline + dialTimeout: 60s # duration + # Retry configuration + retries: 3 # 0 means no retry and fail immediately on the first attempt + backoff: 1s # duration + backoffMultiplier: 2.0 # 0 means no backoff + disableBackoffCaps: false + +pools: + default: + size: 10 + +proxies: + default: + healthCheckPeriod: 60s # duration + +servers: + default: + network: tcp + address: 0.0.0.0:15432 + enableTicker: False + tickInterval: 5s # duration + enableTLS: False + certFile: "" + keyFile: "" + handshakeTimeout: 5s # duration + +api: + enabled: True + httpAddress: 0.0.0.0:18080 + grpcNetwork: tcp + grpcAddress: 0.0.0.0:19090 diff --git a/files/gatewayd_plugins.yaml b/files/gatewayd_plugins.yaml new file mode 100644 index 0000000..3914af5 --- /dev/null +++ b/files/gatewayd_plugins.yaml @@ -0,0 +1,30 @@ +compatibilityPolicy: "strict" +enableMetricsMerger: True +metricsMergerPeriod: 5s +healthCheckPeriod: 5s +reloadOnCrash: True +timeout: 30s + +plugins: + - name: gatewayd-plugin-cache + enabled: True + url: github.com/gatewayd-io/gatewayd-plugin-cache@latest + localPath: /usr/bin/gatewayd-plugin-cache + args: ["--log-level", "info"] + env: + - MAGIC_COOKIE_KEY=GATEWAYD_PLUGIN + - MAGIC_COOKIE_VALUE=5712b87aa5d7e9f9e9ab643e6603181c5b796015cb1c09d6f5ada882bf2a1872 + - REDIS_URL=redis://redis-master.default.svc.cluster.local:6379/0 + - EXPIRY=1h + - DEFAULT_DB_NAME=postgres + - METRICS_ENABLED=True + - METRICS_UNIX_DOMAIN_SOCKET=/tmp/gatewayd-plugin-cache.sock + - METRICS_PATH=/metrics + - PERIODIC_INVALIDATOR_ENABLED=True + - PERIODIC_INVALIDATOR_INTERVAL=1m + - PERIODIC_INVALIDATOR_START_DELAY=1m + - API_ADDRESS=localhost:18080 + - EXIT_ON_STARTUP_ERROR=False + - SENTRY_DSN=https://70eb1abcd32e41acbdfc17bc3407a543@o4504550475038720.ingest.sentry.io/4505342961123328 + - CACHE_CHANNEL_BUFFER_SIZE=100 + checksum: b153242dfb81dcd63b4444118252be5917b8a1b0f0f775c474946224d2a297eb diff --git a/templates/deployment.yaml b/templates/deployment.yaml index bd4d7c8..131a437 100644 --- a/templates/deployment.yaml +++ b/templates/deployment.yaml @@ -36,7 +36,12 @@ spec: {{- toYaml .Values.securityContext | nindent 12 }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.image.pullPolicy }} - command: ["gatewayd", "run"] + command: ["/bin/sh", "-c"] + args: + - | + cd /usr/bin + gatewayd plugin install --skip-path-slip-verification --output-dir /usr/bin --plugin-config /etc/gatewayd_plugins.yaml --cleanup=true --overwrite-config=false --update + gatewayd run --config /etc/gatewayd.yaml --plugin-config /etc/gatewayd_plugins.yaml ports: - name: http containerPort: {{ .Values.service.port }} @@ -52,17 +57,31 @@ spec: timeoutSeconds: 5 resources: {{- toYaml .Values.resources | nindent 12 }} - {{- if .Values.gatewaydPluginsConfig.enabled }} + {{- if or (.Values.gatewaydPluginsConfig.enabled) (.Values.gatewaydConfig.enabled) }} volumeMounts: - - name: config-volume + {{- if .Values.gatewaydPluginsConfig.enabled }} + - name: plugin-config-volume mountPath: /etc/gatewayd_plugins.yaml subPath: gatewayd_plugins.yaml {{- end }} - {{- if .Values.gatewaydPluginsConfig.enabled }} + {{- if .Values.gatewaydConfig.enabled }} + - name: gatewayd-config-volume + mountPath: /etc/gatewayd.yaml + subPath: gatewayd.yaml + {{- end }} + {{- end }} + {{- if or (.Values.gatewaydPluginsConfig.enabled) (.Values.gatewaydConfig.enabled) }} volumes: - - name: config-volume + {{- if .Values.gatewaydPluginsConfig.enabled }} + - name: plugin-config-volume + configMap: + name: {{ .Release.Name }}-plugins-config + {{- end }} + {{- if .Values.gatewaydConfig.enabled }} + - name: gatewayd-config-volume configMap: - name: {{ .Release.Name }}-gatewayd-plugins-config + name: {{ .Release.Name }}-config + {{- end }} {{- end }} {{- with .Values.nodeSelector }} nodeSelector: diff --git a/templates/gatewayd_config.yaml b/templates/gatewayd_config.yaml new file mode 100644 index 0000000..d5ccd9f --- /dev/null +++ b/templates/gatewayd_config.yaml @@ -0,0 +1,9 @@ +{{- if .Values.gatewaydConfig.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-config +data: + gatewayd.yaml: |- +{{ .Files.Get "files/gatewayd.yaml" | indent 4 }} +{{- end }} diff --git a/templates/gatewayd_plugins_config.yaml b/templates/gatewayd_plugins_config.yaml index eb4d90f..ef2f657 100644 --- a/templates/gatewayd_plugins_config.yaml +++ b/templates/gatewayd_plugins_config.yaml @@ -2,8 +2,8 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ .Release.Name }}-gatewayd-plugins-config + name: {{ .Release.Name }}-plugins-config data: gatewayd_plugins.yaml: | - {{ .Values.gatewaydPluginsConfig.content | nindent 4 }} -{{- end }} \ No newline at end of file +{{ .Files.Get "files/gatewayd_plugins.yaml" | indent 4 }} +{{- end }} diff --git a/values.yaml b/values.yaml index 037ad48..308b0a5 100644 --- a/values.yaml +++ b/values.yaml @@ -90,39 +90,13 @@ affinity: {} # Define a Pod Disruption Budget # ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/ +# minAvailable and maxUnavailable cannot be both set podDisruptionBudget: - # minAvailable: 1 + minAvailable: 1 # maxUnavailable: 1 gatewaydPluginsConfig: enabled: false - content: | - compatibilityPolicy: "strict" - enableMetricsMerger: True - metricsMergerPeriod: 5s - healthCheckPeriod: 5s - reloadOnCrash: True - timeout: 30s - - plugins: - - name: gatewayd-plugin-cache - enabled: True - url: github.com/gatewayd-io/gatewayd-plugin-cache@latest - localPath: ../gatewayd-plugin-cache/gatewayd-plugin-cache - args: ["--log-level", "info"] - env: - - MAGIC_COOKIE_KEY=GATEWAYD_PLUGIN - - MAGIC_COOKIE_VALUE=5712b87aa5d7e9f9e9ab643e6603181c5b796015cb1c09d6f5ada882bf2a1872 - - REDIS_URL=redis://localhost:6379/0 - - EXPIRY=1h - - METRICS_ENABLED=True - - METRICS_UNIX_DOMAIN_SOCKET=/tmp/gatewayd-plugin-cache.sock - - METRICS_PATH=/metrics - - PERIODIC_INVALIDATOR_ENABLED=True - - PERIODIC_INVALIDATOR_INTERVAL=1m - - PERIODIC_INVALIDATOR_START_DELAY=1m - - API_ADDRESS=localhost:18080 - - EXIT_ON_STARTUP_ERROR=False - - SENTRY_DSN=https://70eb1abcd32e41acbdfc17bc3407a543@o4504550475038720.ingest.sentry.io/4505342961123328 - - CACHE_CHANNEL_BUFFER_SIZE=100 - checksum: 3988e10aefce2cd9b30888eddd2ec93a431c9018a695aea1cea0dac46ba91cae + +gatewaydConfig: + enabled: false