Skip to content

Update Helm release etcd to v12 #15

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Update Helm release etcd to v12 #15

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion class/defaults.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ parameters:
charts:
etcd:
source: https://charts.bitnami.com/bitnami
version: "9.1.0"
version: "12.0.0"

helm_release_name: ${_instance}
helm_values:
Expand Down
27 changes: 27 additions & 0 deletions tests/golden/defaults/etcd/etcd/10_chart/etcd/templates/networkpolicy.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
labels:
app.kubernetes.io/component: etcd
app.kubernetes.io/instance: etcd
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: etcd
app.kubernetes.io/version: 3.6.0
helm.sh/chart: etcd-12.0.0
name: etcd
namespace: syn-etcd
spec:
egress:
- {}
ingress:
- ports:
- port: 2379
- port: 2380
podSelector:
matchLabels:
app.kubernetes.io/component: etcd
app.kubernetes.io/instance: etcd
app.kubernetes.io/name: etcd
policyTypes:
- Ingress
- Egress
4 changes: 3 additions & 1 deletion tests/golden/defaults/etcd/etcd/10_chart/etcd/templates/pdb.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,12 @@ apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
labels:
app.kubernetes.io/component: etcd
app.kubernetes.io/instance: etcd
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: etcd
helm.sh/chart: etcd-9.1.0
app.kubernetes.io/version: 3.6.0
helm.sh/chart: etcd-12.0.0
name: etcd
namespace: syn-etcd
spec:
Expand Down
127 changes: 127 additions & 0 deletions tests/golden/defaults/etcd/etcd/10_chart/etcd/templates/preupgrade-hook-job.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,127 @@
apiVersion: batch/v1
kind: Job
metadata:
annotations:
helm.sh/hook: pre-upgrade
helm.sh/hook-delete-policy: before-hook-creation
labels:
app.kubernetes.io/component: etcd-pre-upgrade-job
app.kubernetes.io/instance: etcd
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: etcd
app.kubernetes.io/version: 3.6.0
helm.sh/chart: etcd-12.0.0
name: etcd-pre-upgrade
namespace: syn-etcd
spec:
template:
metadata:
annotations: null
labels:
app.kubernetes.io/component: etcd-pre-upgrade-job
app.kubernetes.io/instance: etcd
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: etcd
app.kubernetes.io/version: 3.6.0
helm.sh/chart: etcd-12.0.0
spec:
affinity:
nodeAffinity: null
podAffinity: null
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchLabels:
app.kubernetes.io/component: etcd-pre-upgrade-job
app.kubernetes.io/instance: etcd
app.kubernetes.io/name: etcd
topologyKey: kubernetes.io/hostname
weight: 1
automountServiceAccountToken: false
containers:
- args:
- /opt/bitnami/scripts/etcd/preupgrade.sh
command:
- /opt/bitnami/scripts/etcd/entrypoint.sh
env:
- name: BITNAMI_DEBUG
value: 'false'
- name: ETCD_ON_K8S
value: 'yes'
- name: ETCD_DATA_DIR
value: /bitnami/etcd/data
- name: ETCD_ROOT_PASSWORD_FILE
value: /opt/bitnami/etcd/secrets/password
- name: ETCD_INITIAL_CLUSTER
value: etcd-0=https://etcd-0.etcd-headless.syn-etcd.svc.cluster.local:2379
- name: ETCD_CERT_FILE
value: /opt/bitnami/etcd/certs/client/cert.pem
- name: ETCD_KEY_FILE
value: /opt/bitnami/etcd/certs/client/key.pem
- name: ETCD_EXTRA_AUTH_FLAGS
value: --insecure-skip-tls-verify
envFrom: null
image: docker.io/bitnami/etcd:3.5.21-debian-12-r6
imagePullPolicy: IfNotPresent
name: pre-upgrade-job
resources:
limits:
cpu: 375m
ephemeral-storage: 2Gi
memory: 384Mi
requests:
cpu: 250m
ephemeral-storage: 50Mi
memory: 256Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
add: []
drop:
- ALL
privileged: false
readOnlyRootFilesystem: true
runAsGroup: 1001
runAsNonRoot: true
runAsUser: 1001
seLinuxOptions: {}
seccompProfile:
type: RuntimeDefault
volumeMounts:
- mountPath: /opt/bitnami/etcd/conf/
name: empty-dir
subPath: app-conf-dir
- mountPath: /tmp
name: empty-dir
subPath: tmp-dir
- mountPath: /opt/bitnami/etcd/certs/token/
name: etcd-jwt-token
readOnly: true
- mountPath: /opt/bitnami/etcd/certs/client/
name: etcd-client-certs
readOnly: true
- mountPath: /opt/bitnami/etcd/secrets
name: etcd-secrets
restartPolicy: Never
securityContext:
fsGroup: 1001
fsGroupChangePolicy: Always
supplementalGroups: []
sysctls: []
volumes:
- emptyDir: {}
name: empty-dir
- name: etcd-jwt-token
secret:
defaultMode: 256
secretName: etcd-etcd-token-private-key
- name: etcd-client-certs
secret:
defaultMode: 256
secretName: etcd-etcd-client-auth
- name: etcd-secrets
projected:
sources:
- secret:
name: etcd-etcd-root-auth
12 changes: 12 additions & 0 deletions tests/golden/defaults/etcd/etcd/10_chart/etcd/templates/serviceaccount.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
apiVersion: v1
automountServiceAccountToken: false
kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/instance: etcd
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: etcd
app.kubernetes.io/version: 3.6.0
helm.sh/chart: etcd-12.0.0
name: etcd
namespace: syn-etcd
56 changes: 44 additions & 12 deletions tests/golden/defaults/etcd/etcd/10_chart/etcd/templates/statefulset.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,8 @@ metadata:
app.kubernetes.io/instance: etcd
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: etcd
helm.sh/chart: etcd-9.1.0
app.kubernetes.io/version: 3.6.0
helm.sh/chart: etcd-12.0.0
name: etcd
namespace: syn-etcd
spec:
Expand All @@ -26,7 +27,8 @@ spec:
app.kubernetes.io/instance: etcd
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: etcd
helm.sh/chart: etcd-9.1.0
app.kubernetes.io/version: 3.6.0
helm.sh/chart: etcd-12.0.0
spec:
affinity:
nodeAffinity: null
Expand All @@ -36,10 +38,12 @@ spec:
- podAffinityTerm:
labelSelector:
matchLabels:
app.kubernetes.io/component: etcd
app.kubernetes.io/instance: etcd
app.kubernetes.io/name: etcd
topologyKey: kubernetes.io/hostname
weight: 1
automountServiceAccountToken: false
containers:
- env:
- name: BITNAMI_DEBUG
Expand All @@ -54,8 +58,6 @@ spec:
fieldPath: metadata.name
- name: MY_STS_NAME
value: etcd
- name: ETCDCTL_API
value: '3'
- name: ETCD_ON_K8S
value: 'yes'
- name: ETCD_START_FROM_SNAPSHOT
Expand All @@ -70,11 +72,8 @@ spec:
value: info
- name: ALLOW_NONE_AUTHENTICATION
value: 'no'
- name: ETCD_ROOT_PASSWORD
valueFrom:
secretKeyRef:
key: password
name: etcd-etcd-root-auth
- name: ETCD_ROOT_PASSWORD_FILE
value: /opt/bitnami/etcd/secrets/password
- name: ETCD_AUTH_TOKEN
value: jwt,priv-key=/opt/bitnami/etcd/certs/token/jwt-token.pem,sign-method=RS256,ttl=10m
- name: ETCD_ADVERTISE_CLIENT_URLS
Expand Down Expand Up @@ -125,13 +124,34 @@ spec:
successThreshold: 1
timeoutSeconds: 5
resources:
limits: {}
requests: {}
limits:
cpu: 375m
ephemeral-storage: 2Gi
memory: 384Mi
requests:
cpu: 250m
ephemeral-storage: 50Mi
memory: 256Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: true
runAsGroup: 1001
runAsNonRoot: true
runAsUser: 1001
seLinuxOptions: {}
seccompProfile:
type: RuntimeDefault
volumeMounts:
- mountPath: /opt/bitnami/etcd/conf/
name: empty-dir
subPath: app-conf-dir
- mountPath: /tmp
name: empty-dir
subPath: tmp-dir
- mountPath: /bitnami/etcd
name: data
- mountPath: /opt/bitnami/etcd/certs/token/
Expand All @@ -143,10 +163,17 @@ spec:
- mountPath: /opt/bitnami/etcd/certs/peer/
name: etcd-peer-certs
readOnly: true
- mountPath: /opt/bitnami/etcd/secrets
name: etcd-secrets
securityContext:
fsGroup: 1001
serviceAccountName: default
fsGroupChangePolicy: Always
supplementalGroups: []
sysctls: []
serviceAccountName: etcd
volumes:
- emptyDir: {}
name: empty-dir
- name: etcd-jwt-token
secret:
defaultMode: 256
Expand All @@ -159,6 +186,11 @@ spec:
secret:
defaultMode: 256
secretName: etcd-etcd-peer-auth
- name: etcd-secrets
projected:
sources:
- secret:
name: etcd-etcd-root-auth
updateStrategy:
type: RollingUpdate
volumeClaimTemplates:
Expand Down
5 changes: 4 additions & 1 deletion tests/golden/defaults/etcd/etcd/10_chart/etcd/templates/svc-headless.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,12 @@ metadata:
annotations:
service.alpha.kubernetes.io/tolerate-unready-endpoints: 'true'
labels:
app.kubernetes.io/component: etcd
app.kubernetes.io/instance: etcd
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: etcd
helm.sh/chart: etcd-9.1.0
app.kubernetes.io/version: 3.6.0
helm.sh/chart: etcd-12.0.0
name: etcd-headless
namespace: syn-etcd
spec:
Expand All @@ -21,6 +23,7 @@ spec:
targetPort: peer
publishNotReadyAddresses: true
selector:
app.kubernetes.io/component: etcd
app.kubernetes.io/instance: etcd
app.kubernetes.io/name: etcd
type: ClusterIP
6 changes: 4 additions & 2 deletions tests/golden/defaults/etcd/etcd/10_chart/etcd/templates/svc.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,12 +1,13 @@
apiVersion: v1
kind: Service
metadata:
annotations: null
labels:
app.kubernetes.io/component: etcd
app.kubernetes.io/instance: etcd
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: etcd
helm.sh/chart: etcd-9.1.0
app.kubernetes.io/version: 3.6.0
helm.sh/chart: etcd-12.0.0
name: etcd
namespace: syn-etcd
spec:
Expand All @@ -20,6 +21,7 @@ spec:
port: 2380
targetPort: peer
selector:
app.kubernetes.io/component: etcd
app.kubernetes.io/instance: etcd
app.kubernetes.io/name: etcd
sessionAffinity: None
Expand Down