diff --git a/charts/charon/templates/configmap.yaml b/charts/charon/templates/configmap.yaml index 158dccf..2d45f98 100644 --- a/charts/charon/templates/configmap.yaml +++ b/charts/charon/templates/configmap.yaml @@ -61,9 +61,6 @@ data: {{- if .Values.config.p2pRelays }} CHARON_P2P_RELAYS: {{ .Values.config.p2pRelays | quote }} {{- end }} - {{- if .Values.config.p2pTcpAddress }} - CHARON_P2P_TCP_ADDRESS: {{ .Values.config.p2pTcpAddress }}:{{ .Values.p2pPort }} - {{- end }} {{- if .Values.config.privateKeyFile }} CHARON_PRIVATE_KEY_FILE: {{ .Values.config.privateKeyFile | quote }} {{- end }} @@ -82,3 +79,22 @@ data: {{- if .Values.config.validatorApiAddress }} CHARON_VALIDATOR_API_ADDRESS: {{ .Values.config.validatorApiAddress }}:{{ .Values.httpPort }} {{- end }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "release.name" . }}-init + labels: + {{- include "charon.labels" . | nindent 4 }} +data: + init.sh: | + #!/bin/sh + echo "Namespace: ${POD_NAMESPACE} Pod: ${POD_NAME}"; + {{- if eq .Values.p2pPort.type "LoadBalancer" }} + until [ -n "$(kubectl -n ${POD_NAMESPACE} get svc/${POD_NAME} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')" ]; do echo "Waiting for load balancer to get an IP" && sleep 10; done; + export EXTERNAL_IP=$(kubectl -n ${POD_NAMESPACE} get svc/${POD_NAME} -o jsonpath='{.status.loadBalancer.ingress[0].ip}'); + {{- else if eq .Values.p2pPort.type "NodePort" }} + export EXTERNAL_IP=$(kubectl get nodes "${NODE_NAME}" -o jsonpath='{.status.addresses[?(@.type=="ExternalIP")].address}'); + {{- end }} + echo "EXTERNAL_IP=$EXTERNAL_IP" >> /env/init-nodeport; + cat /env/init-nodeport; diff --git a/charts/charon/templates/deployment.yaml b/charts/charon/templates/deployment.yaml index d4d1fd8..8760d3a 100644 --- a/charts/charon/templates/deployment.yaml +++ b/charts/charon/templates/deployment.yaml @@ -48,11 +48,57 @@ spec: {{- if .Values.initContainers }} {{- tpl (toYaml .Values.initContainers | nindent 8) $ }} {{- end }} + - name: init + image: "{{ .Values.initImage.repository }}:{{ .Values.initImage.tag }}" + imagePullPolicy: {{ .Values.initImage.pullPolicy }} + securityContext: + runAsNonRoot: false + runAsUser: 0 + env: + - name: POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + command: ['/bin/sh', '/scripts/init.sh'] + volumeMounts: + - name: env-nodeport + mountPath: /env + - name: scripts-init + mountPath: /scripts containers: - - args: - - run + - name: {{ .Chart.Name }} + image: {{ .Values.image.repository }}:{{ .Values.image.tag }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- with .Values.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} command: - - /usr/local/bin/charon + - /bin/sh + - -c + - | + {{- if ne .Values.p2pPort.type "ClusterIP" }} + . /env/init-nodeport + {{- end }} + exec charon run \ + {{- if eq .Values.p2pPort.type "ClusterIP" }} + --p2p-tcp-address={{ .Values.config.p2pTcpAddress }}:{{ .Values.p2pPort.port }} + {{- else }} + --p2p-tcp-address={{ .Values.config.p2pTcpAddress }}:{{ .Values.p2pPort.nodePort }} \ + --p2p-external-ip=$EXTERNAL_IP + {{- end }} env: - name: KUBERNETES_CLUSTER_DOMAIN value: {{ .Values.kubernetesClusterDomain }} @@ -62,24 +108,24 @@ spec: envFrom: - configMapRef: name: {{ include "release.name" . }} - image: {{ .Values.image.repository }}:{{ .Values.image.tag }} - name: {{ .Chart.Name }} - {{- with .Values.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- if .Values.livenessProbe.enabled }} livenessProbe: {{- toYaml .Values.livenessProbe | nindent 12 }} + {{- end }} + {{- if .Values.readinessProbe.enabled }} readinessProbe: {{- toYaml .Values.readinessProbe | nindent 12 }} + {{- end }} ports: - containerPort: {{ .Values.httpPort }} name: validator-api protocol: TCP - - containerPort: {{ .Values.p2pPort }} + - containerPort: {{ .Values.p2pPort.port }} name: p2p-tcp protocol: TCP + - containerPort: {{ .Values.p2pPort.port }} + name: p2p-udp + protocol: UDP - containerPort: {{ .Values.monitoringPort }} name: monitoring protocol: TCP @@ -91,6 +137,8 @@ spec: {{- toYaml . | nindent 12 }} {{- end }} volumeMounts: + - name: env-nodeport + mountPath: /env {{- if .Values.extraVolumeMounts -}} {{ toYaml .Values.extraVolumeMounts | nindent 12 }} {{- end }} @@ -105,6 +153,12 @@ spec: {{- if .Values.extraVolumes -}} {{ toYaml .Values.extraVolumes | nindent 8 }} {{- end }} + - name: env-nodeport + emptyDir: {} + - name: scripts-init + configMap: + name: {{ include "release.name" . }}-init + {{- if .Values.secrets.enabled }} - name: charon-enr-private-key projected: sources: @@ -115,4 +169,9 @@ spec: sources: - secret: name: {{ .Values.secrets.clusterlock }} - + {{- else }} + - name: cluster-lock + emptyDir: {} + - name: charon-enr-private-key + emptyDir: {} + {{- end }} diff --git a/charts/charon/templates/prometheus-configmap.yaml b/charts/charon/templates/prometheus-configmap.yaml index fb269d1..1992c0b 100644 --- a/charts/charon/templates/prometheus-configmap.yaml +++ b/charts/charon/templates/prometheus-configmap.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: prometheus + name: {{ include "release.name" . }}-prometheus data: prometheus.yaml: | global: diff --git a/charts/charon/templates/prometheus-deployment.yaml b/charts/charon/templates/prometheus-deployment.yaml index bf6fefe..51c32cd 100644 --- a/charts/charon/templates/prometheus-deployment.yaml +++ b/charts/charon/templates/prometheus-deployment.yaml @@ -3,17 +3,17 @@ apiVersion: apps/v1 kind: Deployment metadata: labels: - app: prometheus - name: prometheus + app: {{ include "release.name" . }}-prometheus + name: {{ include "release.name" . }}-prometheus spec: replicas: 1 selector: matchLabels: - app: prometheus + app: {{ include "release.name" . }}-prometheus template: metadata: labels: - app: prometheus + app: {{ include "release.name" . }}-prometheus spec: containers: - args: @@ -27,11 +27,15 @@ spec: - mountPath: /etc/prometheus/prometheus.yaml name: prometheus subPath: prometheus.yaml + {{- with .Values.centralMonitoring.resources }} + resources: + {{- toYaml . | nindent 10 }} + {{- end }} securityContext: runAsUser: 0 volumes: - configMap: defaultMode: 420 - name: prometheus + name: {{ include "release.name" . }}-prometheus name: prometheus -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/charon/templates/prometheus-service.yaml b/charts/charon/templates/prometheus-service.yaml index 7f26ed4..a9c9aee 100644 --- a/charts/charon/templates/prometheus-service.yaml +++ b/charts/charon/templates/prometheus-service.yaml @@ -2,14 +2,14 @@ apiVersion: v1 kind: Service metadata: - name: prometheus + name: {{ include "release.name" . }}-prometheus spec: ports: - port: 9090 protocol: TCP targetPort: 9090 selector: - app: prometheus + app: {{ include "release.name" . }}-prometheus sessionAffinity: None type: ClusterIP {{- end }} diff --git a/charts/charon/templates/service-p2p.yaml b/charts/charon/templates/service-p2p.yaml new file mode 100644 index 0000000..9bcd779 --- /dev/null +++ b/charts/charon/templates/service-p2p.yaml @@ -0,0 +1,39 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "release.name" . }}-p2p + labels: + {{- include "charon.labels" . | nindent 4 }} + type: p2p + {{- with .Values.p2pPort.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + type: {{ $.Values.p2pPort.type }} + externalTrafficPolicy: Local + ports: + {{- if eq .Values.p2pPort.type "NodePort" }} + - name: p2p-tcp + port: {{ .Values.p2pPort.port }} + protocol: TCP + targetPort: {{ .Values.p2pPort.nodePort }} + nodePort: {{ .Values.p2pPort.nodePort }} + - name: p2p-udp + port: {{ .Values.p2pPort.port }} + protocol: UDP + targetPort: {{ .Values.p2pPort.nodePort }} + nodePort: {{ .Values.p2pPort.nodePort }} + {{- else }} + - port: {{ .Values.p2pPort.port }} + targetPort: p2p-tcp + protocol: TCP + name: p2p-tcp + - port: {{ .Values.p2pPort.port}} + targetPort: p2p-udp + protocol: UDP + name: p2p-udp + {{- end }} + selector: + {{- include "charon.selectorLabels" . | nindent 4 }} \ No newline at end of file diff --git a/charts/charon/templates/service.yaml b/charts/charon/templates/service.yaml index b6ad6b5..b9ee758 100644 --- a/charts/charon/templates/service.yaml +++ b/charts/charon/templates/service.yaml @@ -11,10 +11,6 @@ spec: targetPort: validator-api protocol: TCP name: validator-api - - port: {{ .Values.p2pPort }} - targetPort: p2p-tcp - protocol: TCP - name: p2p-tcp - port: {{ .Values.monitoringPort }} targetPort: monitoring protocol: TCP diff --git a/charts/charon/values.yaml b/charts/charon/values.yaml index df29683..bd7e849 100644 --- a/charts/charon/values.yaml +++ b/charts/charon/values.yaml @@ -8,6 +8,11 @@ image: pullPolicy: IfNotPresent tag: v1.2.0 +initImage: + repository: "bitnami/kubectl" + tag: "1.30.3" + pullPolicy: IfNotPresent + # -- Credentials to fetch images from private registry ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ imagePullSecrets: [] @@ -133,12 +138,28 @@ podDisruptionBudget: # -- HTTP Port httpPort: 3600 -# -- Engine Port (Auth Port) -p2pPort: 3610 - # -- Monitoring Port monitoringPort: 3620 +## When p2pPort.type is NodePort, your P2P port will be exposed via service type NodePort. +## This will generate a service with a port binding via NodePort. +## This is useful if you want to expose and announce your node to the Internet. +## +p2pPort: + ## @param p2pPort.annotations + ## + annotations: {} + ## @param p2pPort.type + ## Options: NodePort, LoadBalancer, ClusterIP + type: NodePort + ## @param p2pNodePort.nodePort The port allocation will be set to this value + ## + nodePort: 32000 + ## @param p2pPort.port The default P2P port for charon service + ## + port: 3610 + + # -- Jaeger Port jaegerPort: 6831 @@ -199,9 +220,6 @@ config: # -- The DNS hostname advertised by libp2p. This may be used to advertise an external DNS. p2pExternalHostname: "" - # -- The IP address advertised by libp2p. This may be used to advertise an external IP. - p2pExternalIp: "" - # -- Comma-separated list of libp2p relay URLs or multiaddrs. (default [https://0.relay.obol.tech/enr]) p2pRelays: "https://0.relay.obol.tech/enr" @@ -228,6 +246,7 @@ config: # -- Kubernetes secrets names secrets: + enabled: true # -- validators keys validatorKeys: "validator-keys" # -- charon enr private key @@ -282,6 +301,7 @@ serviceMonitor: # -- Configure liveness probes livenessProbe: + enabled: true initialDelaySeconds: 60 periodSeconds: 120 httpGet: @@ -289,6 +309,7 @@ livenessProbe: port: monitoring # -- Configure readiness probes readinessProbe: + enabled: true initialDelaySeconds: 10 periodSeconds: 10 httpGet: @@ -303,4 +324,3 @@ centralMonitoring: promEndpoint: "https://vm.monitoring.gcp.obol.tech/write" # -- The authentication token to the central prometheus token: "" -