github.com/caos/orbos@v1.5.14-0.20221103111702-e6cd0cea7ad4/internal/operator/boom/application/applications/apigateway/helm/default.go (about) 1 package helm 2 3 import ( 4 "github.com/caos/orbos/pkg/kubernetes/k8s" 5 corev1 "k8s.io/api/core/v1" 6 "k8s.io/apimachinery/pkg/api/resource" 7 ) 8 9 func DefaultValues(imageTags map[string]string, image string) *Values { 10 adminAnnotations := map[string]string{"app.kubernetes.io/use": "admin-service"} 11 12 return &Values{ 13 Env: map[string]string{ 14 "POLL_EVERY_SECS": "0", 15 }, 16 NodeSelector: map[string]string{}, 17 FullnameOverride: "ambassador", 18 AdminService: &AdminService{ 19 Annotations: adminAnnotations, 20 Create: true, 21 Port: 8877, 22 Type: "ClusterIP", 23 }, 24 AuthService: &AuthService{ 25 Create: true, 26 }, 27 Autoscaling: &Autoscaling{ 28 Enabled: false, 29 }, 30 Crds: &Crds{ 31 Create: true, 32 Enabled: true, 33 Keep: true, 34 }, 35 CreateDevPortalMapping: false, 36 DaemonSet: false, 37 DeploymentStrategy: &DeploymentStrategy{ 38 Type: "RollingUpdate", 39 }, 40 DNSPolicy: "ClusterFirst", 41 HostNetwork: false, 42 Image: &Image{ 43 PullPolicy: "IfNotPresent", 44 Repository: image, 45 Tag: imageTags[image], 46 }, 47 LicenseKey: &LicenseKey{ 48 CreateSecret: true, 49 }, 50 LivenessProbe: &LivenessProbe{ 51 FailureThreshold: 3, 52 InitialDelaySeconds: 30, 53 PeriodSeconds: 3, 54 }, 55 PrometheusExporter: &PrometheusExporter{ 56 Enabled: false, 57 PullPolicy: "IfNotPresent", 58 Repository: "prom/statsd-exporter", 59 Tag: imageTags["prom/statsd-exporter"], 60 Resources: &k8s.Resources{ 61 Limits: corev1.ResourceList{ 62 corev1.ResourceCPU: resource.MustParse("50m"), 63 corev1.ResourceMemory: resource.MustParse("100Mi"), 64 }, 65 Requests: corev1.ResourceList{ 66 corev1.ResourceCPU: resource.MustParse("10m"), 67 corev1.ResourceMemory: resource.MustParse("20Mi"), 68 }, 69 }, 70 }, 71 RateLimit: &RateLimit{ 72 Create: true, 73 }, 74 Rbac: &Rbac{ 75 Create: true, 76 }, 77 ReadinessProbe: &ReadinessProbe{ 78 FailureThreshold: 3, 79 InitialDelaySeconds: 30, 80 PeriodSeconds: 3, 81 }, 82 83 Redis: &Redis{ 84 Create: true, 85 Resources: &k8s.Resources{ 86 Limits: corev1.ResourceList{ 87 corev1.ResourceCPU: resource.MustParse("200m"), 88 corev1.ResourceMemory: resource.MustParse("360Mi"), 89 }, 90 Requests: corev1.ResourceList{ 91 corev1.ResourceCPU: resource.MustParse("50m"), 92 corev1.ResourceMemory: resource.MustParse("180Mi"), 93 }, 94 }, 95 Annotations: &RedisAnnotations{ 96 Deployment: map[string]string{}, 97 Service: map[string]string{}, 98 }, 99 NodeSelector: map[string]string{}, 100 }, 101 ReplicaCount: 3, 102 Scope: &Scope{ 103 SingleNamespace: false, 104 }, 105 Security: &Security{ 106 PodSecurityContext: &PodSecurityContext{ 107 RunAsUser: 8888, 108 }, 109 ContainerSecurityContext: &ContainerSecurityContext{ 110 AllowPrivilegeEscalation: false, 111 }, 112 }, 113 Service: &Service{ 114 Type: "NodePort", 115 Ports: []*Port{{ 116 Name: "http", 117 Port: 80, 118 TargetPort: 8080, 119 NodePort: 30080, 120 }, { 121 Name: "https", 122 Port: 443, 123 TargetPort: 8443, 124 NodePort: 30443, 125 }, 126 }, 127 Annotations: &ModuleAnnotation{ 128 Module: &AmbassadorModuleAnnotation{ 129 ApiVersion: "ambassador/v2", 130 Kind: "Module", 131 Name: "ambassador", 132 Config: &AmbassadorModuleConfig{ 133 UseProxyProto: true, 134 EnableGRPCWeb: false, 135 Diagnostics: &AmbassadorDiagnosticst{ 136 Enabled: false, 137 }, 138 }, 139 }, 140 }, 141 }, 142 ServiceAccount: &ServiceAccount{ 143 Create: true, 144 }, 145 Resources: &k8s.Resources{ 146 Limits: corev1.ResourceList{ 147 corev1.ResourceCPU: resource.MustParse("500m"), 148 corev1.ResourceMemory: resource.MustParse("500Mi"), 149 }, 150 Requests: corev1.ResourceList{ 151 corev1.ResourceCPU: resource.MustParse("250m"), 152 corev1.ResourceMemory: resource.MustParse("250Mi"), 153 }, 154 }, 155 } 156 } 157 158 func defaultServiceAnnotations() map[string]string { 159 return map[string]string{ 160 "getambassador.io/config": `--- 161 apiVersion: ambassador/v1 162 kind: Module 163 name: tls 164 config: 165 server: 166 enabled: True 167 # secret: MY_TLS_SECRET_NAME 168 redirect_cleartext_from: 8080`, 169 } 170 } 171 172 func defaultExporterConfig() string { 173 return `--- 174 defaults: 175 timer_type: histogram 176 mappings: 177 ###### Envoy global 178 179 ### Downstream RQ 180 - match: envoy.http.*.downstream_rq_total 181 name: envoy_http_downstream_rq_total 182 labels: 183 cluster: "$1" 184 - match: envoy.http.*.rq_total 185 name: envoy_http_rq_total 186 labels: 187 cluster: "$1" 188 - match: envoy.http.*.downstream_cx_total 189 name: envoy_http_downstream_cx_total 190 labels: 191 cluster: "$1" 192 - match: envoy.http.*.downstream_cx_ssl_total 193 name: envoy_http_downstream_cx_ssl_total 194 labels: 195 cluster: "$1" 196 - match: envoy\.http\.(.*)\.downstream_rq_(.*) 197 match_type: regex 198 name: envoy_http_downstream_rq_xxx 199 labels: 200 cluster: "$1" 201 response_code_class: "$2" 202 - match: envoy.http.*.downstream_cx_active 203 name: envoy_http_downstream_cx_active 204 labels: 205 cluster: "$1" 206 - match: envoy.http.*.downstream_cx_ssl_active 207 name: envoy_http_downstream_cx_ssl_active 208 labels: 209 cluster: "$1" 210 - match: envoy.http.*.downstream_rq_active 211 name: envoy_http_downstream_rq_active 212 labels: 213 cluster: "$1" 214 - match: envoy.http.*.downstream_cx_length_ms 215 name: envoy_http_downstream_cx_length_ms 216 labels: 217 cluster: "$1" 218 - match: envoy.http.*.downstream_cx_rx_bytes_total 219 name: envoy_http_downstream_cx_rx_bytes_total 220 labels: 221 cluster: "$1" 222 - match: envoy.http.*.downstream_cx_tx_bytes_total 223 name: envoy_http_downstream_cx_tx_bytes_total 224 labels: 225 cluster: "$1" 226 227 ### Upstream CX 228 - match: envoy.cluster.*.upstream_cx_total 229 name: envoy_cluster_upstream_cx_total 230 labels: 231 cluster: "$1" 232 - match: envoy.cluster.*.upstream_cx_active 233 name: envoy_cluster_upstream_cx_active 234 labels: 235 cluster: "$1" 236 - match: envoy.cluster.*.upstream_connect_fail 237 name: envoy_cluster_upstream_connect_fail 238 labels: 239 cluster: "$1" 240 - match: envoy.cluster.*.upstream_cx_connect_timeout 241 name: envoy_cluster_upstream_cx_connect_timeout 242 labels: 243 cluster: "$1" 244 - match: envoy.cluster.*.upstream_cx_destroy_local_with_active_rq 245 name: envoy_cluster_upstream_cx_destroy_local_with_active_rq 246 labels: 247 cluster: "$1" 248 - match: envoy.cluster.*.upstream_cx_destroy_remote_active_rq 249 name: envoy_cluster_upstream_cx_destroy_remote_active_rq 250 labels: 251 cluster: "$1" 252 253 ### Upstream RQ 254 - match: envoy\.cluster\.(.*)\.upstream_rq_(.*) 255 match_type: regex 256 name: envoy_cluster_upstream_rq_xxx 257 labels: 258 cluster: "$1" 259 response_code_class: "$2" 260 - match: envoy.cluster.*.upstream_rq_completed 261 name: envoy_cluster_upstream_rq_completed 262 labels: 263 cluster: "$1" 264 response_code_class: "$2" 265 266 - match: envoy.cluster.*.upstream_rq_timeout 267 name: envoy_cluster_upstream_rq_timeout 268 labels: 269 cluster: "$1" 270 - match: envoy.cluster.*.upstream_rq_per_try_timeout 271 name: envoy_cluster_upstream_rq_per_try_timeout 272 labels: 273 cluster: "$1" 274 - match: envoy.cluster.*.upstream_rq_pending_overflow 275 name: envoy_cluster_upstream_rq_pending_overflow 276 labels: 277 cluster: "$1" 278 - match: envoy.cluster.*.upstream_rq_pending_failure_eject 279 name: envoy_cluster_upstream_rq_pending_failure_eject 280 labels: 281 cluster: "$1" 282 283 - match: envoy.cluster.*.upstream_rq_retry 284 name: envoy_cluster_upstream_rq_retry 285 labels: 286 cluster: "$1" 287 - match: envoy.cluster.*.upstream_rq_retry_success 288 name: envoy_cluster_upstream_rq_retry_success 289 labels: 290 cluster: "$1" 291 - match: envoy.cluster.*.upstream_rq_retry_overflow 292 name: envoy_cluster_upstream_rq_retry_overflow 293 labels: 294 cluster: "$1" 295 296 ### Outlier 297 - match: envoy.cluster.*.outlier_detection_ejections_active 298 name: envoy_cluster_outlier_detection_ejections_active 299 labels: 300 cluster: "$1" 301 - match: envoy.cluster.*.outlier_detection_ejections_enforced_total 302 name: envoy_cluster_outlier_detection_ejections_enforced_total 303 labels: 304 cluster: "$1" 305 - match: envoy.cluster.*.outlier_detection_ejections_overflow 306 name: envoy_cluster_outlier_detection_ejections_overflow 307 labels: 308 cluster: "$1" 309 310 ### Healtcheck 311 - match: envoy.cluster.*.health_check.attempt 312 name: envoy_cluster_health_check_attempt 313 labels: 314 cluster: "$1" 315 - match: envoy.cluster.*.health_check.success 316 name: envoy_cluster_health_check_success 317 labels: 318 cluster: "$1" 319 - match: envoy.cluster.*.health_check.failure 320 name: envoy_cluster_health_check_failure 321 labels: 322 cluster: "$1" 323 324 ### Envoy Service 325 - match: envoy.cluster.*.upstream_rq_pending_active 326 name: envoy_cluster_upstream_rq_pending_active 327 labels: 328 cluster: "$1" 329 - match: envoy.cluster.*.upstream_rq_active 330 name: envoy_cluster_upstream_rq_active 331 labels: 332 cluster: "$1" 333 - match: envoy\.cluster\.(.*)\.downstream_rq_(.*) 334 match_type: regex 335 name: envoy_cluster_downstream_rq_xxx 336 labels: 337 cluster: "$1" 338 response_code_class: "$2" 339 340 - match: envoy.http.*.downstream_cx_destroy_remote_active_rq 341 name: envoy_http_downstream_cx_destroy_remote_active_rq 342 labels: 343 cluster: "$1" 344 - match: envoy.cluster.*.upstream_rq_maintenance_mode 345 name: envoy_cluster_upstream_rq_maintenance_mode 346 labels: 347 cluster: "$1" 348 - match: envoy.cluster.*.upstream_rq_retry 349 name: envoy_cluster_upstream_rq_retry 350 labels: 351 cluster: "$1" 352 - match: envoy.cluster.*.upstream_rq_rx_reset 353 name: envoy_cluster_upstream_rq_rx_reset 354 labels: 355 cluster: "$1" 356 - match: envoy.cluster.*.upstream_rq_retry_success 357 name: envoy_cluster_upstream_rq_retry_success 358 labels: 359 cluster: "$1" 360 - match: envoy.cluster.*.upstream_rq_retry_overflow 361 name: envoy_cluster_upstream_rq_retry_overflow 362 labels: 363 cluster: "$1" 364 365 # Upstream Flow Control 366 - match: envoy.cluster.*.upstream_flow_control_paused_reading_total 367 name: envoy_cluster_upstream_flow_control_paused_reading_total 368 labels: 369 cluster: "$1" 370 - match: envoy.cluster.*.upstream_flow_control_resumed_reading_total 371 name: envoy_cluster_upstream_flow_control_resumed_reading_total 372 labels: 373 cluster: "$1" 374 - match: envoy.cluster.*.upstream_flow_control_backed_up_total 375 name: envoy_cluster_upstream_flow_control_backed_up_total 376 labels: 377 cluster: "$1" 378 - match: envoy.cluster.*.upstream_flow_control_drained_total 379 name: envoy_cluster_upstream_flow_control_drained_total 380 labels: 381 cluster: "$1" 382 383 ### Upstream time 384 - match: envoy.cluster.*.upstream_rq_time 385 name: envoy_cluster_upstream_rq_time 386 labels: 387 cluster: "$1" 388 - match: envoy.cluster.*.upstream_rq_time_count 389 name: envoy_cluster_upstream_rq_time_count 390 labels: 391 cluster: "$1" 392 - match: envoy.cluster.*.upstream_rq_time_sum 393 name: envoy_cluster_upstream_rq_time_sum 394 labels: 395 cluster: "$1" 396 - match: envoy.cluster.*.upstream_rq_time_bucket 397 name: envoy_cluster_upstream_rq_time_bucket 398 labels: 399 cluster: "$1" 400 401 ### Downstream time 402 - match: envoy.http.*.downstream_rq_time 403 name: envoy_http_downstream_rq_time 404 labels: 405 cluster: "$1" 406 - match: envoy.http.*.downstream_rq_time_count 407 name: envoy_http_downstream_rq_time_count 408 labels: 409 cluster: "$1" 410 - match: envoy.http.*.downstream_rq_time_sum 411 name: envoy_http_downstream_rq_time_sum 412 labels: 413 cluster: "$1" 414 - match: envoy.http.*.downstream_rq_time_bucket 415 name: envoy_http_downstream_rq_time 416 labels: 417 cluster: "$1" 418 419 ### BEGIN General 420 - match: envoy.cluster.*.membership_healthy 421 name: envoy_cluster_membership_healthy 422 labels: 423 cluster: "$1" 424 - match: envoy.cluster.*.membership_change 425 name: envoy_cluster_membership_change 426 labels: 427 cluster: "$1" 428 - match: envoy.cluster.*.membership_total 429 name: envoy_cluster_membership_total 430 labels: 431 cluster: "$1" ` 432 }