diff --git a/Chart.yaml b/Chart.yaml index 6f5ce79..2432b4c 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -3,7 +3,7 @@ name: gatewayd description: Cloud-native database gateway and framework for building data-driven applications, Like API gateways, for databases. type: application version: 0.1.0 -appVersion: v0.8.3 +appVersion: v0.9.6 home: https://www.gatewayd.io icon: https://github.com/gatewayd-io/docs/blob/main/assets/gatewayd-logotype-light.png sources: diff --git a/README.md b/README.md index 1ca7d64..3c050c9 100644 --- a/README.md +++ b/README.md @@ -35,6 +35,7 @@ helm install gatewayd-release -f values.yaml ./ | `image.pullPolicy` | The image pull policy | `IfNotPresent` | | `resources` | Resource requests and limits for the container | `{}` | | `gatewaydPluginsConfig.enabled` | Determines whether the `gatewayd_plugins.yaml` ConfigMap is mounted to the container. If enabled, a volume and volumeMount are added to the deployment. | `false` | +| `gatewaydConfig.enabled` | Determines whether the `gatewayd.yaml` ConfigMap is mounted to the container. If enabled, a volume and volumeMount are added to the deployment. | `false` | | `nodeSelector` | Node selector for the pod | `{}` | | `affinity` | Affinity for the pod | `{}` | | `tolerations` | Tolerations for the pod | `[]` | @@ -76,13 +77,21 @@ helm install gatewayd-release -f values.yaml ./ | `serviceAccount.annotations` | Annotations to add to the ServiceAccount. | | | `serviceAccount.automount` | Determines whether the ServiceAccount token should be automatically mounted to the pods. This is set as the `automountServiceAccountToken` field in the ServiceAccount resource. | | +### Pod Disruption Budgets Configuration + +| Parameter | Description | Default Value | +|---------------------------------------------|-------------------------------------------------------------------------------------------------------|-----------------------------| +| `podDisruptionBudget.minAvailable` | Specifies the minimum number of pods from the set that must still be available after the eviction, even in the absence of the evicted pod. | `1` | +| `podDisruptionBudget.maxUnavailable` | Specifies the maximum number of pods from the set that can be unavailable after the eviction. It can be either an absolute number or a percentage. | | + ### ConfigMap Configuration | Parameter | Description | Default Value | |---------------------------------------------|-------------------------------------------------------------------------------------------------------|-----------------------------| | `gatewayd.fullname` | The full name of the deployment, used as the name of the ConfigMap. | | | `.Release.Name` | The release name, used as part of the ConfigMap name. | | -| `gatewaydPluginsConfig.content` | The content of the `gatewayd_plugins.yaml` file. This is set as the `gatewayd_plugins.yaml` data in the ConfigMap. | | +| `files/gatewayd_plugins.yaml` | The content of the `gatewayd_plugins.yaml` file. This is set as the `gatewayd_plugins.yaml` data in the ConfigMap. | | +| `files/gatewayd.yaml` | The content of the `gatewayd.yaml` file. This is set as the `gatewayd.yaml` data in the ConfigMap. | | ## Usage diff --git a/files/gatewayd.yaml b/files/gatewayd.yaml new file mode 100644 index 0000000..881b00b --- /dev/null +++ b/files/gatewayd.yaml @@ -0,0 +1,72 @@ +# GatewayD Global Configuration +loggers: + default: + output: ["console"] # "stdout", "stderr", "syslog", "rsyslog" and "file" + level: "debug" # panic, fatal, error, warn, info (default), debug, trace + noColor: False + timeFormat: "unix" # unixms, unixmicro and unixnano + consoleTimeFormat: "RFC3339" # Go time format string + # If the output contains "file", the following fields are used: + fileName: "gatewayd.log" + maxSize: 500 # MB + # If maxBackups and maxAge are both 0, no old log files will be deleted. + maxBackups: 5 + maxAge: 30 # days + compress: True + localTime: False + # Rsyslog config + rsyslogNetwork: "tcp" + rsyslogAddress: "localhost:514" + syslogPriority: "info" # emerg, alert, crit, err, warning, notice, debug + +metrics: + default: + enabled: True + address: 0.0.0.0:9090 + path: /metrics + readHeaderTimeout: 10s # duration, prevents Slowloris attacks + timeout: 10s # duration + certFile: "" # Certificate file in PEM format + keyFile: "" # Private key file in PEM format + +clients: + default: + network: tcp + address: psql-postgresql.default.svc.cluster.local:5432 + tcpKeepAlive: False + tcpKeepAlivePeriod: 30s # duration + receiveChunkSize: 8192 + receiveDeadline: 0s # duration, 0ms/0s means no deadline + receiveTimeout: 0s # duration, 0ms/0s means no timeout + sendDeadline: 0s # duration, 0ms/0s means no deadline + dialTimeout: 60s # duration + # Retry configuration + retries: 3 # 0 means no retry and fail immediately on the first attempt + backoff: 1s # duration + backoffMultiplier: 2.0 # 0 means no backoff + disableBackoffCaps: false + +pools: + default: + size: 10 + +proxies: + default: + healthCheckPeriod: 60s # duration + +servers: + default: + network: tcp + address: 0.0.0.0:15432 + enableTicker: False + tickInterval: 5s # duration + enableTLS: False + certFile: "" + keyFile: "" + handshakeTimeout: 5s # duration + +api: + enabled: True + httpAddress: 0.0.0.0:18080 + grpcNetwork: tcp + grpcAddress: 0.0.0.0:19090 diff --git a/files/gatewayd_plugins.yaml b/files/gatewayd_plugins.yaml new file mode 100644 index 0000000..3914af5 --- /dev/null +++ b/files/gatewayd_plugins.yaml @@ -0,0 +1,30 @@ +compatibilityPolicy: "strict" +enableMetricsMerger: True +metricsMergerPeriod: 5s +healthCheckPeriod: 5s +reloadOnCrash: True +timeout: 30s + +plugins: + - name: gatewayd-plugin-cache + enabled: True + url: github.com/gatewayd-io/gatewayd-plugin-cache@latest + localPath: /usr/bin/gatewayd-plugin-cache + args: ["--log-level", "info"] + env: + - MAGIC_COOKIE_KEY=GATEWAYD_PLUGIN + - MAGIC_COOKIE_VALUE=5712b87aa5d7e9f9e9ab643e6603181c5b796015cb1c09d6f5ada882bf2a1872 + - REDIS_URL=redis://redis-master.default.svc.cluster.local:6379/0 + - EXPIRY=1h + - DEFAULT_DB_NAME=postgres + - METRICS_ENABLED=True + - METRICS_UNIX_DOMAIN_SOCKET=/tmp/gatewayd-plugin-cache.sock + - METRICS_PATH=/metrics + - PERIODIC_INVALIDATOR_ENABLED=True + - PERIODIC_INVALIDATOR_INTERVAL=1m + - PERIODIC_INVALIDATOR_START_DELAY=1m + - API_ADDRESS=localhost:18080 + - EXIT_ON_STARTUP_ERROR=False + - SENTRY_DSN=https://70eb1abcd32e41acbdfc17bc3407a543@o4504550475038720.ingest.sentry.io/4505342961123328 + - CACHE_CHANNEL_BUFFER_SIZE=100 + checksum: b153242dfb81dcd63b4444118252be5917b8a1b0f0f775c474946224d2a297eb diff --git a/templates/deployment.yaml b/templates/deployment.yaml index 130b9f2..131a437 100644 --- a/templates/deployment.yaml +++ b/templates/deployment.yaml @@ -36,27 +36,52 @@ spec: {{- toYaml .Values.securityContext | nindent 12 }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.image.pullPolicy }} - command: ["gatewayd", "run"] + command: ["/bin/sh", "-c"] + args: + - | + cd /usr/bin + gatewayd plugin install --skip-path-slip-verification --output-dir /usr/bin --plugin-config /etc/gatewayd_plugins.yaml --cleanup=true --overwrite-config=false --update + gatewayd run --config /etc/gatewayd.yaml --plugin-config /etc/gatewayd_plugins.yaml ports: - name: http containerPort: {{ .Values.service.port }} protocol: TCP envFrom: - configMapRef: - name: {{ include "gatewayd.fullname" . }} + name: {{ include "gatewayd.fullname" . }} + readinessProbe: + httpGet: + path: /healthz + port: 18080 + initialDelaySeconds: 10 + timeoutSeconds: 5 resources: {{- toYaml .Values.resources | nindent 12 }} - {{- if .Values.gatewaydPluginsConfig.enabled }} + {{- if or (.Values.gatewaydPluginsConfig.enabled) (.Values.gatewaydConfig.enabled) }} volumeMounts: - - name: config-volume + {{- if .Values.gatewaydPluginsConfig.enabled }} + - name: plugin-config-volume mountPath: /etc/gatewayd_plugins.yaml subPath: gatewayd_plugins.yaml {{- end }} - {{- if .Values.gatewaydPluginsConfig.enabled }} + {{- if .Values.gatewaydConfig.enabled }} + - name: gatewayd-config-volume + mountPath: /etc/gatewayd.yaml + subPath: gatewayd.yaml + {{- end }} + {{- end }} + {{- if or (.Values.gatewaydPluginsConfig.enabled) (.Values.gatewaydConfig.enabled) }} volumes: - - name: config-volume + {{- if .Values.gatewaydPluginsConfig.enabled }} + - name: plugin-config-volume + configMap: + name: {{ .Release.Name }}-plugins-config + {{- end }} + {{- if .Values.gatewaydConfig.enabled }} + - name: gatewayd-config-volume configMap: - name: {{ .Release.Name }}-gatewayd-plugins-config + name: {{ .Release.Name }}-config + {{- end }} {{- end }} {{- with .Values.nodeSelector }} nodeSelector: @@ -69,4 +94,4 @@ spec: {{- with .Values.tolerations }} tolerations: {{- toYaml . | nindent 8 }} - {{- end }} \ No newline at end of file + {{- end }} diff --git a/templates/gatewayd_config.yaml b/templates/gatewayd_config.yaml new file mode 100644 index 0000000..d5ccd9f --- /dev/null +++ b/templates/gatewayd_config.yaml @@ -0,0 +1,9 @@ +{{- if .Values.gatewaydConfig.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-config +data: + gatewayd.yaml: |- +{{ .Files.Get "files/gatewayd.yaml" | indent 4 }} +{{- end }} diff --git a/templates/gatewayd_plugins_config.yaml b/templates/gatewayd_plugins_config.yaml index eb4d90f..ef2f657 100644 --- a/templates/gatewayd_plugins_config.yaml +++ b/templates/gatewayd_plugins_config.yaml @@ -2,8 +2,8 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ .Release.Name }}-gatewayd-plugins-config + name: {{ .Release.Name }}-plugins-config data: gatewayd_plugins.yaml: | - {{ .Values.gatewaydPluginsConfig.content | nindent 4 }} -{{- end }} \ No newline at end of file +{{ .Files.Get "files/gatewayd_plugins.yaml" | indent 4 }} +{{- end }} diff --git a/templates/pdb.yaml b/templates/pdb.yaml new file mode 100644 index 0000000..717cc76 --- /dev/null +++ b/templates/pdb.yaml @@ -0,0 +1,19 @@ +{{- if .Values.podDisruptionBudget }} +--- +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: {{ include "gatewayd.fullname" . }} + labels: + {{- include "gatewayd.labels" . | nindent 4 }} +spec: + {{- if .Values.podDisruptionBudget.minAvailable }} + minAvailable: {{ .Values.podDisruptionBudget.minAvailable }} + {{- end }} + {{- if .Values.podDisruptionBudget.maxUnavailable }} + maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }} + {{- end }} + selector: + matchLabels: + {{- include "gatewayd.selectorLabels" . | nindent 6 }} +{{- end }} diff --git a/values.yaml b/values.yaml index 35acb35..308b0a5 100644 --- a/values.yaml +++ b/values.yaml @@ -88,35 +88,15 @@ tolerations: [] affinity: {} +# Define a Pod Disruption Budget +# ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/ +# minAvailable and maxUnavailable cannot be both set +podDisruptionBudget: + minAvailable: 1 + # maxUnavailable: 1 + gatewaydPluginsConfig: enabled: false - content: | - compatibilityPolicy: "strict" - enableMetricsMerger: True - metricsMergerPeriod: 5s - healthCheckPeriod: 5s - reloadOnCrash: True - timeout: 30s - - plugins: - - name: gatewayd-plugin-cache - enabled: True - url: github.com/gatewayd-io/gatewayd-plugin-cache@latest - localPath: ../gatewayd-plugin-cache/gatewayd-plugin-cache - args: ["--log-level", "info"] - env: - - MAGIC_COOKIE_KEY=GATEWAYD_PLUGIN - - MAGIC_COOKIE_VALUE=5712b87aa5d7e9f9e9ab643e6603181c5b796015cb1c09d6f5ada882bf2a1872 - - REDIS_URL=redis://localhost:6379/0 - - EXPIRY=1h - - METRICS_ENABLED=True - - METRICS_UNIX_DOMAIN_SOCKET=/tmp/gatewayd-plugin-cache.sock - - METRICS_PATH=/metrics - - PERIODIC_INVALIDATOR_ENABLED=True - - PERIODIC_INVALIDATOR_INTERVAL=1m - - PERIODIC_INVALIDATOR_START_DELAY=1m - - API_ADDRESS=localhost:18080 - - EXIT_ON_STARTUP_ERROR=False - - SENTRY_DSN=https://70eb1abcd32e41acbdfc17bc3407a543@o4504550475038720.ingest.sentry.io/4505342961123328 - - CACHE_CHANNEL_BUFFER_SIZE=100 - checksum: 3988e10aefce2cd9b30888eddd2ec93a431c9018a695aea1cea0dac46ba91cae + +gatewaydConfig: + enabled: false