Skip to content

Commit

Permalink
Merge pull request #209 from Luzilla/helm-chart
Browse files Browse the repository at this point in the history
Update(helm): provide a chart for dnsbl-exporter
  • Loading branch information
till authored Apr 1, 2024
2 parents cd3c9fe + bdcf110 commit c85f804
Show file tree
Hide file tree
Showing 15 changed files with 521 additions and 1 deletion.
19 changes: 19 additions & 0 deletions .github/workflows/chart.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
name: chart

on:
pull_request:

jobs:
helm:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: yokawasa/action-setup-kube-tools@v0.10.0
with:
setup-tools: |
helm
- run: helm lint --strict --quiet ./chart
- name: default install with unbound
run: helm template --debug ./chart
- name: install without unbound
run: helm template --debug --set unbound.enabled=false --set config.resolver=system ./chart
15 changes: 14 additions & 1 deletion Makefile
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
release_name:=dnsbl-exporter-dev
namespace:=test

.PHONY: build
build:
goreleaser build --snapshot --single-target --clean
Expand All @@ -22,7 +25,17 @@ snapshot:

.PHONY: test
test:
act "pull_request" -j test
act "pull_request"

.PHOMY: test-deploy-helm
test-deploy-helm:
helm upgrade --install --namespace $(namespace) \
-f ./chart/values.yaml -f ./chart/values.dev.yml -f ./chart/values.domain-based.yaml \
$(release_name) ./chart

.PHONY: test-undeploy-helm
test-undeploy-helm:
helm uninstall -n $(namespace) $(release_name)

.PHONY: build-unbound
build-unbound:
Expand Down
16 changes: 16 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,22 @@ ADD my-target.ini /etc/dnsbl-exporter/target.ini
ADD my-rbls.ini /etc/dnsbl-exporter/rbls.ini
```

#### Helm

Additional, a helm chart is provided to run the exporter on Kubernetes.

To get started quickly, an unbound container is installed into the pod alongside the exporter. You may turn this off with `unbound.enabled=false`.

To customize the chart, copy [`chart/values.yaml`](chart/values.yaml) to `values.local.yaml` and edit the file; for example, to turn off the included unbound and to supply your own resolver.

The following command creates a `dnsbl-exporter` release which is installed into a namespace called `my-namespace`:

```sh
helm upgrade --install --namespace my-namespace \
-f ./chart/values.yaml \
-f ./values.local.yaml \
dnsbl-exporter ./chart
```

#### Querying

Expand Down
23 changes: 23 additions & 0 deletions chart/.helmignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
17 changes: 17 additions & 0 deletions chart/Chart.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
apiVersion: v2
name: dnsbl-exporter
description: A Helm chart to run dnsbl-exporter on Kubernetes
type: application
version: 0.1.0
appVersion: "v0.7.0-rc2"
keywords:
- prometheus
- exporter
- dnsbl
- dns
- mail
- smtp
- monitoring
maintainers:
- name: Till Klampaeckel
url: https://github.com/till
29 changes: 29 additions & 0 deletions chart/templates/NOTES.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
1. Get the application URL by running these commands:

{{- if contains "NodePort" .Values.service.type }}
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "dnsbl-exporter.fullname" . }})
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
{{- else if contains "LoadBalancer" .Values.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "dnsbl-exporter.fullname" . }}'
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "dnsbl-exporter.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
echo http://$SERVICE_IP:{{ .Values.service.port }}
{{- else if contains "ClusterIP" .Values.service.type }}
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "dnsbl-exporter.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
{{- if .Values.unbound.enabled }}
export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[1].ports[0].containerPort}")
{{- else }}
export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
{{- end }}
echo "Visit http://127.0.0.1:8080 to use your application"
kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 9211:$CONTAINER_PORT
{{- end }}

{{- if .Values.unbound.enabled }}
2. Unbound is running in a container inside the pod, to see logs:
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "dnsbl-exporter.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
kubectl --namespace {{ .Release.Namespace }} logs -c unbound $POD_NAME
{{- else}}
2. Unbound is not enabled, please ensure your resolver is working.
{{- end}}
62 changes: 62 additions & 0 deletions chart/templates/_helpers.tpl
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "dnsbl-exporter.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}

{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "dnsbl-exporter.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}

{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "dnsbl-exporter.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}

{{/*
Common labels
*/}}
{{- define "dnsbl-exporter.labels" -}}
helm.sh/chart: {{ include "dnsbl-exporter.chart" . }}
{{ include "dnsbl-exporter.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}

{{/*
Selector labels
*/}}
{{- define "dnsbl-exporter.selectorLabels" -}}
app.kubernetes.io/name: {{ include "dnsbl-exporter.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}

{{/*
Create the name of the service account to use
*/}}
{{- define "dnsbl-exporter.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "dnsbl-exporter.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}
17 changes: 17 additions & 0 deletions chart/templates/configmap.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "dnsbl-exporter.fullname" . }}
labels:
{{- include "dnsbl-exporter.labels" . | nindent 4 }}
data:
targets.ini: |-
[targets]
{{- range $value := .Values.config.targets }}
server={{ $value }}
{{- end }}
rbls.ini: |-
[rbl]
{{- range $value := .Values.config.rbls }}
server={{ $value }}
{{- end }}
131 changes: 131 additions & 0 deletions chart/templates/deployment.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,131 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "dnsbl-exporter.fullname" . }}
labels:
{{- include "dnsbl-exporter.labels" . | nindent 4 }}
spec:
{{- if not .Values.autoscaling.enabled }}
replicas: {{ .Values.replicaCount }}
{{- end }}
selector:
matchLabels:
{{- include "dnsbl-exporter.selectorLabels" . | nindent 6 }}
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "dnsbl-exporter.labels" . | nindent 8 }}
{{- with .Values.podLabels }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
automountServiceAccountToken: false
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
{{- if .Values.unbound.enabled }}
- name: unbound
securityContext:
{{- toYaml .Values.unbound.securityContext | nindent 12 }}
image: "{{ .Values.unbound.image.repository }}:{{ .Values.unbound.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.unbound.image.pullPolicy }}
ports:
- containerPort: {{ .Values.unbound.config.port }}
protocol: UDP
livenessProbe:
exec:
command:
- "unbound-host"
- "-4"
- "-C"
- "/etc/unbound/unbound.conf"
- "{{ .Values.unbound.config.check_target }}"
initialDelaySeconds: 10
timeoutSeconds: 2
readinessProbe:
exec:
command:
- "unbound-host"
- "-4"
- "-C"
- "/etc/unbound/unbound.conf"
- "{{ .Values.unbound.config.check_target }}"
initialDelaySeconds: 10
timeoutSeconds: 2
resources:
requests:
cpu: "0.1"
memory: "32Mi"
limits:
cpu: "0.2"
memory: "200Mi"
{{- end }}
- name: {{ .Chart.Name }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
ports:
- name: http-9211
containerPort: 9211
protocol: TCP
livenessProbe:
{{- toYaml .Values.livenessProbe | nindent 12 }}
readinessProbe:
{{- toYaml .Values.readinessProbe | nindent 12 }}
resources:
{{- toYaml .Values.resources | nindent 12 }}
volumeMounts:
- name: dnsbl-config
mountPath: /etc/dnsbl-exporter
{{- with .Values.volumeMounts }}
{{- toYaml . | nindent 12 }}
{{- end }}
env:
- name: DNSBL_EXP_RBLS
value: /etc/dnsbl-exporter/rbls.ini
- name: DNSBL_EXP_TARGETS
value: /etc/dnsbl-exporter/targets.ini
- name: DNSBL_EXP_LISTEN
value: 0.0.0.0:9211
- name: DNSBL_EXP_RESOLVER
{{- if .Values.unbound.enabled }}
value: 127.0.0.1:{{ .Values.unbound.config.port }}
{{- else }}
value: {{ .Values.config.resolver }}
{{- end }}
args:
- "--log.format={{ .Values.config.log.format }}"
{{- if .Values.config.log.debug }}
- "--log.debug"
{{- end }}
{{- if .Values.config.domain_based }}
- "--config.domain-based"
{{- end }}
volumes:
- name: dnsbl-config
configMap:
name: {{ include "dnsbl-exporter.fullname" . }}
{{- with .Values.volumes }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
32 changes: 32 additions & 0 deletions chart/templates/hpa.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
{{- if .Values.autoscaling.enabled }}
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: {{ include "dnsbl-exporter.fullname" . }}
labels:
{{- include "dnsbl-exporter.labels" . | nindent 4 }}
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: {{ include "dnsbl-exporter.fullname" . }}
minReplicas: {{ .Values.autoscaling.minReplicas }}
maxReplicas: {{ .Values.autoscaling.maxReplicas }}
metrics:
{{- if .Values.autoscaling.targetCPUUtilizationPercentage }}
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
{{- end }}
{{- if .Values.autoscaling.targetMemoryUtilizationPercentage }}
- type: Resource
resource:
name: memory
target:
type: Utilization
averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}
{{- end }}
{{- end }}
Loading

0 comments on commit c85f804

Please sign in to comment.