diff --git a/charts/memgraph-high-availability/Chart.yaml b/charts/memgraph-high-availability/Chart.yaml index 0782d1c..0abcf90 100644 --- a/charts/memgraph-high-availability/Chart.yaml +++ b/charts/memgraph-high-availability/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: memgraph-high-availability description: A Helm chart for Kubernetes with Memgraph High availabiliy capabilites -version: 0.1.5 +version: 0.1.6 appVersion: "2.22.0" type: application @@ -23,7 +23,6 @@ sources: - "https://github.com/memgraph/memgraph" - "https://github.com/memgraph/helm-charts" - maintainers: - name: Memgraph email: tech@memgraph.com diff --git a/charts/memgraph-high-availability/README.md b/charts/memgraph-high-availability/README.md index ed99eef..f9fb969 100644 --- a/charts/memgraph-high-availability/README.md +++ b/charts/memgraph-high-availability/README.md @@ -25,43 +25,47 @@ helm install memgraph/memgraph-high-availability -f values.yaml The following table lists the configurable parameters of the Memgraph chart and their default values. -| Parameter | Description | Default | -| -------------------------------------------------- | --------------------------------------------------------------------------------------------------------- | -------------------------- | -| `memgraph.image.repository` | Memgraph Docker image repository | `memgraph/memgraph` | -| `memgraph.image.tag` | Specific tag for the Memgraph Docker image. Overrides the image tag whose default is chart version. | `2.22.0` | -| `memgraph.image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `memgraph.env.MEMGRAPH_ENTERPRISE_LICENSE` | Memgraph enterprise license | `` | -| `memgraph.env.MEMGRAPH_ORGANIZATION_NAME` | Organization name | `` | -| `memgraph.probes.startup.failureThreshold` | Startup probe failure threshold | `30` | -| `memgraph.probes.startup.periodSeconds` | Startup probe period in seconds | `10` | -| `memgraph.probes.readiness.initialDelaySeconds` | Readiness probe initial delay in seconds | `5` | -| `memgraph.probes.readiness.periodSeconds` | Readiness probe period in seconds | `5` | -| `memgraph.probes.liveness.initialDelaySeconds` | Liveness probe initial delay in seconds | `30` | -| `memgraph.probes.liveness.periodSeconds` | Liveness probe period in seconds | `10` | -| `memgraph.data.volumeClaim.storagePVC` | Enable storage PVC | `true` | -| `memgraph.data.volumeClaim.storagePVCSize` | Size of the storage PVC | `1Gi` | -| `memgraph.data.volumeClaim.logPVC` | Enable log PVC | `false` | -| `memgraph.data.volumeClaim.logPVCSize` | Size of the log PVC | `256Mi` | -| `memgraph.coordinators.volumeClaim.storagePVC` | Enable storage PVC for coordinators | `true` | -| `memgraph.coordinators.volumeClaim.storagePVCSize` | Size of the storage PVC for coordinators | `1Gi` | -| `memgraph.coordinators.volumeClaim.logPVC` | Enable log PVC for coordinators | `false` | -| `memgraph.coordinators.volumeClaim.logPVCSize` | Size of the log PVC for coordinators | `256Mi` | -| `memgraph.externalAccess.coordinator.serviceType` | IngressNginx, NodePort, CommonLoadBalancer or LoadBalancer. Use LoadBalancer for Cloud production deployment and NodePort for local testing. 'CommonLoadBalancer' will open one load balancer for all coordinators while 'LoadBalancer' will open one load balancer for each coordinators. IngressNginx will create ingress controller that will allow TCP connections towards coordinator services. | `NodePort` | -| `memgraph.externalAccess.dataInstance.serviceType` | IngressNginx, NodePort or LoadBalancer. Use LoadBalancer for Cloud production deployment and NodePort for local testing. IngressNginx will create ingress controller that will allow TCP connections towards data instances' services. | `NodePort` | -| `memgraph.ports.boltPort` | Bolt port used on coordinator and data instances. | `7687` | -| `memgraph.ports.managementPort` | Management port used on coordinator and data instances. | `10000` | -| `memgraph.ports.replicationPort` | Replication port used on data instances. | `20000` | -| `memgraph.ports.coordinatorPort` | Coordinator port used on coordinators. | `12000` | -| `memgraph.affinity.unique` | Schedule pods on different nodes in the cluster | `false` | -| `memgraph.affinity.parity` | Schedule pods on the same node with maximum one coordinator and one data node | `false` | -| `memgraph.affinity.nodeSelection` | Schedule pods on nodes with specific labels | `false` | -| `memgraph.affinity.roleLabelKey` | Label key for node selection | `role` | -| `memgraph.affinity.dataNodeLabelValue` | Label value for data nodes | `data-node` | -| `memgraph.affinity.coordinatorNodeLabelValue` | Label value for coordinator nodes | `coordinator-node` | -| `data` | Configuration for data instances | See `data` section | -| `coordinators` | Configuration for coordinator instances | See `coordinators` section | -| `sysctlInitContainer.enabled` | Enable the init container to set sysctl parameters | `true` | -| `sysctlInitContainer.maxMapCount` | Value for `vm.max_map_count` to be set by the init container | `262144` | +| Parameter | Description | Default | +| -------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `memgraph.image.repository` | Memgraph Docker image repository | `memgraph/memgraph` | +| `memgraph.image.tag` | Specific tag for the Memgraph Docker image. Overrides the image tag whose default is chart version. | `2.22.0` | +| `memgraph.image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `memgraph.env.MEMGRAPH_ENTERPRISE_LICENSE` | Memgraph enterprise license | `` | +| `memgraph.env.MEMGRAPH_ORGANIZATION_NAME` | Organization name | `` | +| `memgraph.probes.startup.failureThreshold` | Startup probe failure threshold | `30` | +| `memgraph.probes.startup.periodSeconds` | Startup probe period in seconds | `10` | +| `memgraph.probes.readiness.initialDelaySeconds` | Readiness probe initial delay in seconds | `5` | +| `memgraph.probes.readiness.periodSeconds` | Readiness probe period in seconds | `5` | +| `memgraph.probes.liveness.initialDelaySeconds` | Liveness probe initial delay in seconds | `30` | +| `memgraph.probes.liveness.periodSeconds` | Liveness probe period in seconds | `10` | +| `memgraph.data.volumeClaim.storagePVC` | Enable storage PVC | `true` | +| `memgraph.data.volumeClaim.storagePVCSize` | Size of the storage PVC | `1Gi` | +| `memgraph.data.volumeClaim.logPVC` | Enable log PVC | `false` | +| `memgraph.data.volumeClaim.logPVCSize` | Size of the log PVC | `256Mi` | +| `memgraph.coordinators.volumeClaim.storagePVC` | Enable storage PVC for coordinators | `true` | +| `memgraph.coordinators.volumeClaim.storagePVCSize` | Size of the storage PVC for coordinators | `1Gi` | +| `memgraph.coordinators.volumeClaim.logPVC` | Enable log PVC for coordinators | `false` | +| `memgraph.coordinators.volumeClaim.logPVCSize` | Size of the log PVC for coordinators | `256Mi` | +| `memgraph.externalAccess.coordinator.serviceType` | IngressNginx, NodePort, CommonLoadBalancer or LoadBalancer. Use LoadBalancer for Cloud production deployment and NodePort for local testing. 'CommonLoadBalancer' will open one load balancer for all coordinators while 'LoadBalancer' will open one load balancer for each coordinators. IngressNginx will create ingress controller that will allow TCP connections towards coordinator services. | `NodePort` | +| `memgraph.externalAccess.dataInstance.serviceType` | IngressNginx, NodePort or LoadBalancer. Use LoadBalancer for Cloud production deployment and NodePort for local testing. IngressNginx will create ingress controller that will allow TCP connections towards data instances' services. | `NodePort` | +| `memgraph.ports.boltPort` | Bolt port used on coordinator and data instances. | `7687` | +| `memgraph.ports.managementPort` | Management port used on coordinator and data instances. | `10000` | +| `memgraph.ports.replicationPort` | Replication port used on data instances. | `20000` | +| `memgraph.ports.coordinatorPort` | Coordinator port used on coordinators. | `12000` | +| `memgraph.affinity.unique` | Schedule pods on different nodes in the cluster | `false` | +| `memgraph.affinity.parity` | Schedule pods on the same node with maximum one coordinator and one data node | `false` | +| `memgraph.affinity.nodeSelection` | Schedule pods on nodes with specific labels | `false` | +| `memgraph.affinity.roleLabelKey` | Label key for node selection | `role` | +| `memgraph.affinity.dataNodeLabelValue` | Label value for data nodes | `data-node` | +| `memgraph.affinity.coordinatorNodeLabelValue` | Label value for coordinator nodes | `coordinator-node` | +| `data` | Configuration for data instances | See `data` section | +| `coordinators` | Configuration for coordinator instances | See `coordinators` section | +| `sysctlInitContainer.enabled` | Enable the init container to set sysctl parameters | `true` | +| `sysctlInitContainer.maxMapCount` | Value for `vm.max_map_count` to be set by the init container | `262144` | +| `secrets.enabled` | Enable the use of Kubernetes secrets for Memgraph credentials | `false` | +| `secrets.name` | The name of the Kubernetes secret containing Memgraph credentials | `memgraph-secrets` | +| `secrets.userKey` | The key in the Kubernetes secret for the Memgraph user, the value is passed to the `MEMGRAPH_USER` env | `USER` | +| `secrets.passwordKey` | The key in the Kubernetes secret for the Memgraph password, the value is passed to the `MEMGRAPH_PASSWORD` | `PASSWORD` | For the `data` and `coordinators` sections, each item in the list has the following parameters: diff --git a/charts/memgraph-high-availability/templates/coordinators.yaml b/charts/memgraph-high-availability/templates/coordinators.yaml index 26d7151..852add3 100644 --- a/charts/memgraph-high-availability/templates/coordinators.yaml +++ b/charts/memgraph-high-availability/templates/coordinators.yaml @@ -117,10 +117,22 @@ spec: - "{{ $arg }}" {{- end }} env: - - name: MEMGRAPH_ENTERPRISE_LICENSE - value: "{{ $.Values.memgraph.env.MEMGRAPH_ENTERPRISE_LICENSE }}" - - name: MEMGRAPH_ORGANIZATION_NAME - value: "{{ $.Values.memgraph.env.MEMGRAPH_ORGANIZATION_NAME }}" + {{- if $.Values.secrets.enabled }} + - name: MEMGRAPH_USER + valueFrom: + secretKeyRef: + name: {{ $.Values.secrets.name }} + key: {{ $.Values.secrets.userKey }} + - name: MEMGRAPH_PASSWORD + valueFrom: + secretKeyRef: + name: {{ $.Values.secrets.name }} + key: {{ $.Values.secrets.passwordKey }} + {{- end }} + - name: MEMGRAPH_ENTERPRISE_LICENSE + value: "{{ $.Values.memgraph.env.MEMGRAPH_ENTERPRISE_LICENSE }}" + - name: MEMGRAPH_ORGANIZATION_NAME + value: "{{ $.Values.memgraph.env.MEMGRAPH_ORGANIZATION_NAME }}" volumeMounts: {{- if $.Values.memgraph.coordinators.volumeClaim.storagePVC }} - name: memgraph-coordinator-{{ $coordinator.id }}-lib-storage diff --git a/charts/memgraph-high-availability/templates/data.yaml b/charts/memgraph-high-availability/templates/data.yaml index 678e3db..54f971c 100644 --- a/charts/memgraph-high-availability/templates/data.yaml +++ b/charts/memgraph-high-availability/templates/data.yaml @@ -127,10 +127,22 @@ spec: - "{{ $arg }}" {{- end }} env: - - name: MEMGRAPH_ENTERPRISE_LICENSE - value: "{{ $.Values.memgraph.env.MEMGRAPH_ENTERPRISE_LICENSE }}" - - name: MEMGRAPH_ORGANIZATION_NAME - value: "{{ $.Values.memgraph.env.MEMGRAPH_ORGANIZATION_NAME }}" + {{- if $.Values.secrets.enabled }} + - name: MEMGRAPH_USER + valueFrom: + secretKeyRef: + name: {{ $.Values.secrets.name }} + key: {{ $.Values.secrets.userKey }} + - name: MEMGRAPH_PASSWORD + valueFrom: + secretKeyRef: + name: {{ $.Values.secrets.name }} + key: {{ $.Values.secrets.passwordKey }} + {{- end }} + - name: MEMGRAPH_ENTERPRISE_LICENSE + value: "{{ $.Values.memgraph.env.MEMGRAPH_ENTERPRISE_LICENSE }}" + - name: MEMGRAPH_ORGANIZATION_NAME + value: "{{ $.Values.memgraph.env.MEMGRAPH_ORGANIZATION_NAME }}" volumeMounts: {{- if $.Values.memgraph.data.volumeClaim.storagePVC }} - name: memgraph-data-{{ $data.id }}-lib-storage diff --git a/charts/memgraph-high-availability/values.yaml b/charts/memgraph-high-availability/values.yaml index 044c46f..b1e216d 100644 --- a/charts/memgraph-high-availability/values.yaml +++ b/charts/memgraph-high-availability/values.yaml @@ -62,6 +62,12 @@ sysctlInitContainer: enabled: true maxMapCount: 262144 +secrets: + enabled: false + name: memgraph-secrets + userKey: USER + passwordKey: PASSWORD + data: - id: "0" args: