core/oc-k8s
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Running all stack

Browse Source
This commit is contained in:
mr
2026-01-06 08:23:16 +01:00
parent 5a0651106d
commit 3d416169e3
56 changed files with 1974 additions and 435 deletions
Download Patch File Download Diff File Expand all files Collapse all files

75
opencloud/charts/mongodb/templates/replicaset/statefulset.yaml
View File

@@ -97,7 +97,7 @@ spec:
{{- if and .Values.externalAccess.enabled .Values.externalAccess.autoDiscovery.enabled (eq .Values.externalAccess.service.type "LoadBalancer") }}
{{- include "mongodb.initContainers.autoDiscovery" . | nindent 8 }}
{{- end }}
{{- if and .Values.externalAccess.enabled ( or .Values.externalAccess.service.publicNames .Values.externalAccess.service.domain ) }}
{{- if and .Values.externalAccess.enabled .Values.externalAccess.service.publicNames }}
{{- include "mongodb.initContainers.dnsCheck" . | nindent 8 }}
{{- end }}
{{- include "mongodb.initContainer.prepareLogDir" . | nindent 8 }}
@@ -118,6 +118,10 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.name
{{- if include "common.fips.enabled" . }}
- name: OPENSSL_FIPS
value: {{ include "common.fips.config" (dict "tech" "openssl" "fips" .Values.tls.fips "global" .Values.global) | quote }}
{{- end }}
volumeMounts:
{{- if (include "mongodb.autoGenerateCerts" .) }}
- name: certs-volume
@@ -200,6 +204,10 @@ spec:
value: {{ include "mongodb.initialPrimaryHost" . | quote }}
- name: MONGODB_REPLICA_SET_NAME
value: {{ .Values.replicaSetName | quote }}
{{- if include "common.fips.enabled" . }}
- name: OPENSSL_FIPS
value: {{ include "common.fips.config" (dict "tech" "openssl" "fips" .Values.fips "global" .Values.global) | quote }}
{{- end }}
{{- if and .Values.replicaSetHostnames (not .Values.externalAccess.enabled) }}
- name: MONGODB_ADVERTISED_HOSTNAME
value: "$(MY_POD_NAME).{{ include "mongodb.service.nameOverride" . }}.$(MY_POD_NAMESPACE).svc.{{ .Values.clusterDomain }}"
@@ -216,14 +224,25 @@ spec:
{{- end }}
{{- if .Values.auth.enabled }}
{{- if and (not (empty $customUsers)) (not (empty $customDatabases)) }}
{{- if .Values.usePasswordFiles }}
- name: MONGODB_EXTRA_PASSWORDS_FILE
value: "/opt/bitnami/mongodb/secrets/mongodb-passwords"
{{- else }}
- name: MONGODB_EXTRA_PASSWORDS
valueFrom:
secretKeyRef:
name: {{ include "mongodb.secretName" . }}
key: mongodb-passwords
{{- end }}
{{- end }}
- name: MONGODB_ROOT_USER
value: {{ .Values.auth.rootUser | quote }}
{{- if .Values.usePasswordFiles }}
- name: MONGODB_ROOT_PASSWORD_FILE
value: "/opt/bitnami/mongodb/secrets/mongodb-root-password"
- name: MONGODB_REPLICA_SET_KEY_FILE
value: "/opt/bitnami/mongodb/secrets/mongodb-replica-set-key"
{{- else }}
- name: MONGODB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
@@ -235,10 +254,15 @@ spec:
name: {{ include "mongodb.secretName" . }}
key: mongodb-replica-set-key
{{- end }}
{{- end }}
{{- if and .Values.metrics.enabled (not (empty .Values.metrics.username)) }}
- name: MONGODB_METRICS_USERNAME
value: {{ .Values.metrics.username | quote }}
{{- if .Values.auth.enabled }}
{{- if .Values.usePasswordFiles }}
- name: MONGODB_METRICS_PASSWORD_FILE
value: "/opt/bitnami/mongodb/secrets/mongodb-metrics-password"
{{- else }}
- name: MONGODB_METRICS_PASSWORD
valueFrom:
secretKeyRef:
@@ -246,6 +270,7 @@ spec:
key: mongodb-metrics-password
{{- end }}
{{- end }}
{{- end }}
- name: ALLOW_EMPTY_PASSWORD
value: {{ ternary "no" "yes" .Values.auth.enabled | quote }}
- name: MONGODB_SYSTEM_LOG_VERBOSITY
@@ -341,6 +366,10 @@ spec:
- name: empty-dir
mountPath: /.mongodb
subPath: mongosh-home
{{- if and .Values.usePasswordFiles .Values.auth.enabled }}
- name: mongodb-secrets
mountPath: /opt/bitnami/mongodb/secrets
{{- end }}
- name: {{ .Values.persistence.name | default "datadir" }}
mountPath: {{ .Values.persistence.mountPath }}
subPath: {{ .Values.persistence.subPath }}
@@ -397,6 +426,13 @@ spec:
{{- else }}
args:
- |
{{- if and .Values.usePasswordFiles .Values.auth.enabled }}
{{- if .Values.metrics.username }}
export MONGODB_METRICS_PASSWORD="$(< $MONGODB_METRICS_PASSWORD_FILE)"
{{- else }}
export MONGODB_ROOT_PASSWORD="$(< $MONGODB_ROOT_PASSWORD_FILE)"
{{- end }}
{{- end }}
/bin/mongodb_exporter {{ include "mongodb.exporterArgs" $ }} --mongodb.direct-connect --mongodb.global-conn-pool --web.listen-address ":{{ .Values.metrics.containerPort }}" --mongodb.uri "{{ include "mongodb.mongodb_exporter.uri" . }}" {{ .Values.metrics.extraFlags }}
{{- end }}
env:
@@ -404,14 +440,23 @@ spec:
{{- if not .Values.metrics.username }}
- name: MONGODB_ROOT_USER
value: {{ .Values.auth.rootUser | quote }}
{{- if .Values.usePasswordFiles }}
- name: MONGODB_ROOT_PASSWORD_FILE
value: "/opt/bitnami/mongodb/secrets/mongodb-root-password"
{{- else }}
- name: MONGODB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "mongodb.secretName" . }}
key: mongodb-root-password
{{- end }}
{{- else }}
- name: MONGODB_METRICS_USERNAME
value: {{ .Values.metrics.username | quote }}
{{- if .Values.usePasswordFiles }}
- name: MONGODB_METRICS_PASSWORD_FILE
value: "/opt/bitnami/mongodb/secrets/mongodb-metrics-password"
{{- else }}
- name: MONGODB_METRICS_PASSWORD
valueFrom:
secretKeyRef:
@@ -419,10 +464,21 @@ spec:
key: mongodb-metrics-password
{{- end }}
{{- end }}
{{- end }}
{{- if include "common.fips.enabled" . }}
- name: OPENSSL_FIPS
value: {{ include "common.fips.config" (dict "tech" "openssl" "fips" .Values.metrics.fips "global" .Values.global) | quote }}
- name: GODEBUG
value: {{ include "common.fips.config" (dict "tech" "golang" "fips" .Values.metrics.fips "global" .Values.global) | quote }}
{{- end }}
volumeMounts:
- name: empty-dir
mountPath: /tmp
subPath: tmp-dir
{{- if and .Values.usePasswordFiles .Values.auth.enabled }}
- name: mongodb-secrets
mountPath: /opt/bitnami/mongodb/secrets
{{- end }}
{{- if .Values.tls.enabled }}
- name: certs
mountPath: /certs
@@ -472,7 +528,12 @@ spec:
- name: common-scripts
configMap:
name: {{ printf "%s-common-scripts" (include "mongodb.fullname" .) }}
defaultMode: 0o550
defaultMode: 0550
{{- if and .Values.usePasswordFiles .Values.auth.enabled }}
- name: mongodb-secrets
secret:
secretName: {{ include "mongodb.secretName" . }}
{{- end }}
{{- if or .Values.initdbScriptsConfigMap .Values.initdbScripts }}
- name: custom-init-scripts
configMap:
@@ -490,7 +551,7 @@ spec:
- name: scripts
configMap:
name: {{ printf "%s-scripts" (include "mongodb.fullname" .) }}
defaultMode: 0o755
defaultMode: 0755
{{- if .Values.extraVolumes }}
{{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }}
{{- end }}
@@ -504,10 +565,10 @@ spec:
items:
- key: mongodb-ca-cert
path: mongodb-ca-cert
mode: 0o600
mode: 0600
- key: mongodb-ca-key
path: mongodb-ca-key
mode: 0o600
mode: 0600
{{- else }}
{{- range $index, $secret := .Values.tls.replicaset.existingSecrets }}
- name: mongodb-certs-{{ $index }}
@@ -532,9 +593,7 @@ spec:
whenScaled: {{ .Values.persistentVolumeClaimRetentionPolicy.whenScaled }}
{{- end }}
volumeClaimTemplates:
- apiVersion: v1
kind: PersistentVolumeClaim
metadata:
- metadata:
name: datadir
{{- if .Values.persistence.annotations }}
annotations: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.annotations "context" $) | nindent 10 }}