Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: parametrize probes #46

Merged
merged 2 commits into from
Nov 14, 2023
Merged

feat: parametrize probes #46

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
ed2427d
feat: parametrize probes
ialejandro Nov 14, 2023
21f55e1
typo
ialejandro Nov 14, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 1 addition & 2 deletions charts/opencti/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ maintainers:
url: https://ialejandro.rocks
sources:
- https://github.com/OpenCTI-Platform/opencti
version: 1.1.1
version: 1.1.2
appVersion: "5.11.13"
home: https://www.filigran.io/en/solutions/products/opencti/
keywords:
Expand All @@ -34,4 +34,3 @@ dependencies:
version: 18.2.*
repository: https://charts.bitnami.com/bitnami
condition: redis.enabled

7 changes: 6 additions & 1 deletion charts/opencti/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,8 @@ helm show values devops-ia/opencti
| image | object | `{"pullPolicy":"IfNotPresent","repository":"opencti/platform","tag":""}` | Image registry |
| imagePullSecrets | list | `[]` | Global Docker registry secret names as an array |
| ingress | object | `{"annotations":{},"className":"","enabled":false,"hosts":[{"host":"chart-example.local","paths":[{"path":"/","pathType":"ImplementationSpecific"}]}],"tls":[]}` | Ingress configuration to expose app |
| livenessProbe | object | `{"enabled":true,"failureThreshold":3,"initialDelaySeconds":180,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":5}` | Configure liveness checker ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-startup-probes |
| livenessProbeCustom | object | `{}` | Custom livenessProbe |
| minio | object | `{"auth":{"rootPassword":"ChangeMe","rootUser":"ChangeMe"},"enabled":true,"mode":"standalone","persistence":{"enabled":false}}` | MinIO subchart deployment ref: https://github.com/bitnami/charts/blob/main/bitnami/minio/values.yaml |
| minio.auth.rootPassword | string | `"ChangeMe"` | Password for Minio root user |
| minio.auth.rootUser | string | `"ChangeMe"` | Minio root username |
Expand All @@ -118,6 +120,8 @@ helm show values devops-ia/opencti
| rabbitmq.persistence | object | `{"enabled":false}` | Persistence parameters |
| rabbitmq.persistence.enabled | bool | `false` | Enable RabbitMQ data persistence using PVC |
| rabbitmq.replicaCount | int | `1` | Number of RabbitMQ replicas to deploy |
| readinessProbe | object | `{"enabled":true,"failureThreshold":3,"initialDelaySeconds":10,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":1}` | Configure readinessProbe checker ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-startup-probes |
| readinessProbeCustom | object | `{}` | Custom readinessProbe |
| readyChecker | object | `{"enabled":true,"retries":30,"services":[{"name":"elasticsearch","port":9200},{"name":"minio","port":9000},{"name":"rabbitmq","port":5672},{"name":"redis-master","port":6379}],"timeout":5}` | Enable or disable ready-checker |
| readyChecker.retries | int | `30` | Number of retries before giving up |
| readyChecker.services | list | `[{"name":"elasticsearch","port":9200},{"name":"minio","port":9000},{"name":"rabbitmq","port":5672},{"name":"redis-master","port":6379}]` | List services |
Expand All @@ -143,7 +147,8 @@ helm show values devops-ia/opencti
| service.targetPort | int | `4000` | Pod expose port |
| service.type | string | `"ClusterIP"` | Kubernetes Service type. Allowed values: NodePort, LoadBalancer or ClusterIP |
| serviceAccount | object | `{"annotations":{},"automountServiceAccountToken":false,"create":true,"name":""}` | Enable creation of ServiceAccount |
| testConnection | bool | `true` | Enable livenessProbe, readinessProbe and startupProbe |
| startupProbe | object | `{"enabled":true,"failureThreshold":30,"initialDelaySeconds":180,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":5}` | Configure startupProbe checker ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-startup-probes |
| startupProbeCustom | object | `{}` | Custom startupProbe |
| tolerations | list | `[]` | Tolerations for pod assignment |
| worker | object | `{"affinity":{},"autoscaling":{"enabled":false,"maxReplicas":100,"minReplicas":1,"targetCPUUtilizationPercentage":80},"enabled":true,"env":{"WORKER_LOG_LEVEL":"info"},"envFromSecrets":{},"image":{"pullPolicy":"IfNotPresent","repository":"opencti/worker","tag":""},"nodeSelector":{},"readyChecker":{"enabled":true,"retries":30,"timeout":5},"replicaCount":1,"resources":{},"tolerations":[]}` | OpenCTI worker deployment configuration |
| worker.affinity | object | `{}` | Affinity for pod assignment |
Expand Down
48 changes: 32 additions & 16 deletions charts/opencti/templates/server/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,34 +67,50 @@ spec:
containerPort: {{ $port.targetPort }}
protocol: TCP
{{- end }}
{{- if .Values.testConnection }}
{{- if .Values.livenessProbe.enabled }}
livenessProbe:
{{- if .Values.livenessProbeCustom }}
{{- toYaml .Values.livenessProbeCustom | nindent 12 }}
{{- else }}
httpGet:
path: {{ .Values.service.healthPath | default "/dashboard" }}
port: {{ .Values.service.targetPort | default .Values.service.port }}
failureThreshold: 3
initialDelaySeconds: 90
periodSeconds: 30
successThreshold: 1
timeoutSeconds: 5
failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
successThreshold: {{ .Values.livenessProbe.successThreshold }}
timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
{{- end }}
{{- end }}
{{- if .Values.readinessProbe.enabled }}
readinessProbe:
{{- if .Values.readinessProbeCustom }}
{{- toYaml .Values.readinessProbeCustom | nindent 12 }}
{{- else }}
httpGet:
path: {{ .Values.service.healthPath | default "/dashboard" }}
port: {{ .Values.service.targetPort | default .Values.service.port }}
failureThreshold: 3
initialDelaySeconds: 90
periodSeconds: 30
successThreshold: 1
timeoutSeconds: 5
failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
successThreshold: {{ .Values.readinessProbe.successThreshold }}
timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
{{- end }}
{{- end }}
{{- if .Values.startupProbe.enabled }}
startupProbe:
{{- if .Values.startupProbeCustom }}
{{- toYaml .Values.startupProbeCustom | nindent 12 }}
{{- else }}
httpGet:
path: {{ .Values.service.healthPath | default "/dashboard" }}
port: {{ .Values.service.targetPort | default .Values.service.port }}
failureThreshold: 3
initialDelaySeconds: 90
periodSeconds: 30
successThreshold: 1
timeoutSeconds: 5
failureThreshold: {{ .Values.startupProbe.failureThreshold }}
initialDelaySeconds: {{ .Values.startupProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.startupProbe.periodSeconds }}
successThreshold: {{ .Values.startupProbe.successThreshold }}
timeoutSeconds: {{ .Values.startupProbe.timeoutSeconds }}
{{- end }}
{{- end }}
env:
- name: NODE_OPTIONS
Expand Down
64 changes: 62 additions & 2 deletions charts/opencti/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -91,8 +91,68 @@ service:
# port: 9080
# targetPort: 9080

# -- Enable livenessProbe, readinessProbe and startupProbe
testConnection: true
# -- Configure liveness checker
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-startup-probes
livenessProbe:
enabled: true
failureThreshold: 3
initialDelaySeconds: 180
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5

# -- Custom livenessProbe
livenessProbeCustom: {}
# httpGet:
# path: /dashboard
# port: 4000
# failureThreshold: 3
# initialDelaySeconds: 200
# periodSeconds: 30
# successThreshold: 1
# timeoutSeconds: 5

# -- Configure readinessProbe checker
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-startup-probes
readinessProbe:
enabled: true
failureThreshold: 3
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1

# -- Custom readinessProbe
readinessProbeCustom: {}
# httpGet:
# path: /dashboard
# port: 4000
# failureThreshold: 3
# initialDelaySeconds: 200
# periodSeconds: 30
# successThreshold: 1
# timeoutSeconds: 5

# -- Configure startupProbe checker
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-startup-probes
startupProbe:
enabled: true
failureThreshold: 30
initialDelaySeconds: 180
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5

# -- Custom startupProbe
startupProbeCustom: {}
# httpGet:
# path: /dashboard
# port: 4000
# failureThreshold: 3
# initialDelaySeconds: 200
# periodSeconds: 30
# successThreshold: 1
# timeoutSeconds: 5

# -- Enable or disable ready-checker
readyChecker:
Expand Down