From 5188d4442b61aa69d241566f17da66fde04f6ca0 Mon Sep 17 00:00:00 2001 From: Stan Hu Date: Sat, 11 May 2019 16:30:26 -0500 Subject: [PATCH 1/6] Add chart for gitlab-monitor --- .../unreleased/sh-add-gitlab-monitor.yml | 5 + .../gitlab/charts/gitlab-monitor/Chart.yaml | 17 +++ .../gitlab-monitor/templates/configmap.yaml | 61 ++++++++ .../gitlab-monitor/templates/deployment.yaml | 140 ++++++++++++++++++ .../charts/gitlab-monitor/templates/hpa.yaml | 21 +++ .../charts/gitlab-monitor/templates/pdb.yaml | 15 ++ .../gitlab-monitor/templates/service.yaml | 21 +++ .../gitlab/charts/gitlab-monitor/values.yaml | 52 +++++++ charts/gitlab/values.yaml | 4 + doc/charts/gitlab/gitlab-monitor/index.md | 91 ++++++++++++ templates/_helpers.tpl | 2 +- 11 files changed, 428 insertions(+), 1 deletion(-) create mode 100644 changelogs/unreleased/sh-add-gitlab-monitor.yml create mode 100644 charts/gitlab/charts/gitlab-monitor/Chart.yaml create mode 100644 charts/gitlab/charts/gitlab-monitor/templates/configmap.yaml create mode 100644 charts/gitlab/charts/gitlab-monitor/templates/deployment.yaml create mode 100644 charts/gitlab/charts/gitlab-monitor/templates/hpa.yaml create mode 100644 charts/gitlab/charts/gitlab-monitor/templates/pdb.yaml create mode 100644 charts/gitlab/charts/gitlab-monitor/templates/service.yaml create mode 100644 charts/gitlab/charts/gitlab-monitor/values.yaml create mode 100644 doc/charts/gitlab/gitlab-monitor/index.md diff --git a/changelogs/unreleased/sh-add-gitlab-monitor.yml b/changelogs/unreleased/sh-add-gitlab-monitor.yml new file mode 100644 index 0000000000..e935f4a0d2 --- /dev/null +++ b/changelogs/unreleased/sh-add-gitlab-monitor.yml @@ -0,0 +1,5 @@ +--- +title: Add support for gitlab-monitor +merge_request: 787 +author: +type: added diff --git a/charts/gitlab/charts/gitlab-monitor/Chart.yaml b/charts/gitlab/charts/gitlab-monitor/Chart.yaml new file mode 100644 index 0000000000..3d56a42179 --- /dev/null +++ b/charts/gitlab/charts/gitlab-monitor/Chart.yaml @@ -0,0 +1,17 @@ +--- +apiVersion: v1 +name: gitlab-monitor +version: 1.8.4 +appVersion: master +description: Exporter for GitLab Prometheus metrics (e.g. CI, pull mirrors) +keywords: +- gitlab +- gitlab-monitor +home: https://about.gitlab.com/ +icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg +sources: +- https://gitlab.com/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-monitor +- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-monitor +maintainers: +- name: GitLab Inc. + email: support@gitlab.com diff --git a/charts/gitlab/charts/gitlab-monitor/templates/configmap.yaml b/charts/gitlab/charts/gitlab-monitor/templates/configmap.yaml new file mode 100644 index 0000000000..dedad925c6 --- /dev/null +++ b/charts/gitlab/charts/gitlab-monitor/templates/configmap.yaml @@ -0,0 +1,61 @@ +{{- if .Values.enabled -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "fullname" . }} + namespace: {{ $.Release.Namespace }} + labels: +{{ include "gitlab.standardLabels" . | indent 4 }} +data: + gitlab-monitor.yml.erb: | + server: + listen_address: 0.0.0.0 + listen_port: 9168 + + probes: + db_common: &db_common + methods: + - probe_db + opts: + connection_string: dbname={{ template "gitlab.psql.database" . }} user={{ template "gitlab.psql.username" . }} host={{ template "gitlab.psql.host" . }} port={{ template "gitlab.psql.port" . }} password=<%= File.read("/etc/gitlab/postgres/psql-password") %> + database: + multiple: true + ci_builds: + class_name: Database::CiBuildsProber + <<: *db_common + tuple_stats: + class_name: Database::TuplesProber + <<: *db_common + rows_count: + class_name: Database::RowCountProber + <<: *db_common + + sidekiq: &sidekiq + methods: + - probe_queues + - probe_jobs + - probe_workers + - probe_retries + - probe_dead + opts: + redis_url: {{ template "gitlab.redis.url" . }} + redis_enable_client: false + + metrics: + multiple: true + sidekiq: + <<: *sidekiq + ci_builds: + class_name: Database::CiBuildsProber + <<: *db_common + tuple_stats: + class_name: Database::TuplesProber + <<: *db_common + rows_count: + class_name: Database::RowCountProber + <<: *db_common + + configure: | + {{- include "gitlab.scripts.configure.secrets" (dict "required" "postgres" "optional" "redis") | nindent 4 }} +# Leave this here - This line denotes end of block to the parser. +{{- end }} diff --git a/charts/gitlab/charts/gitlab-monitor/templates/deployment.yaml b/charts/gitlab/charts/gitlab-monitor/templates/deployment.yaml new file mode 100644 index 0000000000..d279d67fbd --- /dev/null +++ b/charts/gitlab/charts/gitlab-monitor/templates/deployment.yaml @@ -0,0 +1,140 @@ +{{- if .Values.enabled }} +{{- $metricsEnabled := .Values.metrics.enabled -}} +{{- $metricsAnnotations := .Values.metrics.annotations -}} + +apiVersion: apps/v1beta2 +kind: Deployment +metadata: + name: {{ template "fullname" . }} + namespace: {{ $.Release.Namespace }} + labels: +{{ include "gitlab.standardLabels" . | indent 4 }} +spec: + replicas: 1 + selector: + matchLabels: + app: {{ template "name" . }} + release: {{ .Release.Name }} + template: + metadata: + labels: + app: {{ template "name" . }} + release: {{ .Release.Name }} + annotations: + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} +{{- if $metricsEnabled }} +{{ toYaml $metricsAnnotations | indent 8 }} +{{- end }} + spec: + securityContext: + runAsUser: 1000 + fsGroup: 1000 + {{- if eq (default .Values.global.antiAffinity .antiAffinity) "hard" }} + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - topologyKey: "kubernetes.io/hostname" + labelSelector: + matchLabels: + app: {{ template "name" . }} + release: {{ .Release.Name }} + {{- else if eq (default .Values.global.antiAffinity .antiAffinity) "soft" }} + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 1 + podAffinityTerm: + topologyKey: kubernetes.io/hostname + labelSelector: + matchLabels: + app: {{ template "name" . }} + release: {{ .Release.Name }} + {{- end }} + initContainers: +{{ include "gitlab.extraInitContainers" . | indent 8 }} +{{ include "gitlab.certificates.initContainer" . | indent 8 }} + - name: configure + command: ['sh', '/config/configure'] + image: {{ .Values.init.image }}:{{ .Values.init.tag }} + volumeMounts: +{{ include "gitlab.extraVolumeMounts" . | indent 10 }} +{{ include "gitlab.psql.ssl.volumeMount" . | indent 10 }} + - name: gitlab-monitor-config + mountPath: /config + readOnly: true + - name: init-gitlab-monitor-secrets + mountPath: /init-config + readOnly: true + - name: gitlab-monitor-secrets + mountPath: /init-secrets + readOnly: false + resources: +{{ toYaml .Values.init.resources | indent 12 }} +{{- include "pullsecrets" .Values.image | indent 6}} + containers: +{{ include "gitlab.extraContainers" . | indent 8 }} + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + {{ template "gitlab.imagePullPolicy" . }} + env: + - name: CONFIG_TEMPLATE_DIRECTORY + value: '/var/opt/gitlab-monitor/templates' + - name: CONFIG_DIRECTORY + value: '/etc/gitlab-monitor' + volumeMounts: + - name: gitlab-monitor-config + mountPath: /var/opt/gitlab-monitor/templates/gitlab-monitor.yml.erb + subPath: gitlab-monitor.yml.erb + - name: gitlab-monitor-secrets + mountPath: '/etc/gitlab' + readOnly: true +{{ include "gitlab.extraVolumeMounts" . | indent 12 }} +{{ include "gitlab.certificates.volumeMount" . | indent 12 }} + livenessProbe: + exec: + command: + - pgrep + - -f + - gitlab-mon + readinessProbe: + exec: + command: + - pgrep + - -f + - gitlab-mon + lifecycle: + preStop: + exec: + command: ["/bin/bash", "-c", "pkill -f 'gitlab-mon'"] + resources: +{{ toYaml .Values.resources | indent 12 }} + volumes: +{{ include "gitlab.extraVolumes" . | indent 6 }} + - name: gitlab-monitor-config + configMap: + name: {{ template "fullname" . }} + - name: init-gitlab-monitor-secrets + projected: + defaultMode: 0400 + sources: + - secret: + name: {{ template "gitlab.psql.password.secret" . }} + items: + - key: {{ template "gitlab.psql.password.key" . }} + path: postgres/psql-password + {{- if .Values.global.redis.password.enabled }} + - secret: + name: {{ template "gitlab.redis.password.secret" . }} + items: + - key: {{ template "gitlab.redis.password.key" . }} + path: redis/password + {{- end }} + - name: gitlab-monitor-secrets + emptyDir: + medium: "Memory" +{{ include "gitlab.certificates.volumes" . | indent 6 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end }} +{{- end }} diff --git a/charts/gitlab/charts/gitlab-monitor/templates/hpa.yaml b/charts/gitlab/charts/gitlab-monitor/templates/hpa.yaml new file mode 100644 index 0000000000..e13b1f821b --- /dev/null +++ b/charts/gitlab/charts/gitlab-monitor/templates/hpa.yaml @@ -0,0 +1,21 @@ +{{- if .Values.enabled -}} +apiVersion: autoscaling/v2beta1 +kind: HorizontalPodAutoscaler +metadata: + name: {{ template "fullname" . }} + namespace: {{ $.Release.Namespace }} + labels: +{{ include "gitlab.standardLabels" . | indent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1beta2 + kind: Deployment + name: {{ template "fullname" . }} + minReplicas: {{ .Values.minReplicas }} + maxReplicas: {{ .Values.maxReplicas }} + metrics: + - type: Resource + resource: + name: cpu + targetAverageValue: {{ .Values.hpa.targetAverageValue }} +{{- end -}} diff --git a/charts/gitlab/charts/gitlab-monitor/templates/pdb.yaml b/charts/gitlab/charts/gitlab-monitor/templates/pdb.yaml new file mode 100644 index 0000000000..acac844f0f --- /dev/null +++ b/charts/gitlab/charts/gitlab-monitor/templates/pdb.yaml @@ -0,0 +1,15 @@ +{{- if .Values.enabled -}} +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: {{ template "fullname" . }} + namespace: {{ $.Release.Namespace }} + labels: +{{ include "gitlab.standardLabels" . | indent 4 }} +spec: + maxUnavailable: {{ .Values.maxUnavailable }} + selector: + matchLabels: + app: {{ template "name" . }} + release: {{ .Release.Name }} +{{- end -}} diff --git a/charts/gitlab/charts/gitlab-monitor/templates/service.yaml b/charts/gitlab/charts/gitlab-monitor/templates/service.yaml new file mode 100644 index 0000000000..41d547a322 --- /dev/null +++ b/charts/gitlab/charts/gitlab-monitor/templates/service.yaml @@ -0,0 +1,21 @@ +{{- if .Values.enabled -}} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "fullname" . }} + namespace: {{ $.Release.Namespace }} + labels: +{{ include "gitlab.standardLabels" . | indent 4 }} + annotations: +{{ include "gitlab.serviceAnnotations" . | indent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + protocol: TCP + name: gitlab-monitor + selector: + app: {{ template "name" . }} + release: {{ .Release.Name }} +{{- end }} diff --git a/charts/gitlab/charts/gitlab-monitor/values.yaml b/charts/gitlab/charts/gitlab-monitor/values.yaml new file mode 100644 index 0000000000..da6fb7e587 --- /dev/null +++ b/charts/gitlab/charts/gitlab-monitor/values.yaml @@ -0,0 +1,52 @@ +# Default values for gitlab-monitor. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +image: + repository: registry.gitlab.com/gitlab-org/build/cng/gitlab-monitor + pullSecrets: [] + pullPolicy: IfNotPresent + tag: latest + +service: + name: gitlab-monitor + type: ClusterIP + externalPort: 9168 + internalPort: 9168 + +metrics: + enabled: true + port: 9168 + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "9168" + prometheus.io/path: "/metrics" + +enabled: true + +init: + image: busybox + tag: latest + resources: + requests: + cpu: 50m + +global: + # imagePullPolicy: IfNotPresent + redis: + password: {} + +redis: + password: {} + +resources: + # limits: + # cpu: 1 + # memory: 2G + requests: + cpu: 50m + memory: 150M +maxUnavailable: 1 +minReplicas: 1 +maxReplicas: 2 +hpa: + targetAverageValue: 100m diff --git a/charts/gitlab/values.yaml b/charts/gitlab/values.yaml index 72d12591f2..6c0f6a4665 100644 --- a/charts/gitlab/values.yaml +++ b/charts/gitlab/values.yaml @@ -15,6 +15,8 @@ global: repository: registry.gitlab.com/gitlab-org/build/cng/gitlab-sidekiq-ee task-runner: repository: registry.gitlab.com/gitlab-org/build/cng/gitlab-task-runner-ee + gitlab-monitor: + repository: registry.gitlab.com/gitlab-org/build/cng/gitlab-monitor unicorn: repository: registry.gitlab.com/gitlab-org/build/cng/gitlab-unicorn-ee workhorse: @@ -28,6 +30,8 @@ global: repository: registry.gitlab.com/gitlab-org/build/cng/gitlab-sidekiq-ce task-runner: repository: registry.gitlab.com/gitlab-org/build/cng/gitlab-task-runner-ce + gitlab-monitor: + repository: registry.gitlab.com/gitlab-org/build/cng/gitlab-monitor unicorn: repository: registry.gitlab.com/gitlab-org/build/cng/gitlab-unicorn-ce workhorse: diff --git a/doc/charts/gitlab/gitlab-monitor/index.md b/doc/charts/gitlab/gitlab-monitor/index.md new file mode 100644 index 0000000000..80084a2f4a --- /dev/null +++ b/doc/charts/gitlab/gitlab-monitor/index.md @@ -0,0 +1,91 @@ +# Using the GitLab-Monitor Chart + +The `gitlab-monitor` sub-chart provides Prometheus metrics for GitLab +application-specific data. It talks to PostgreSQL directly to perform +queries to retrieve data for CI builds, pull mirrors, etc. In addition, +it uses the Sidekiq API, which talks to Redis to gather different +metrics around the state of the Sidekiq queues (e.g. number of jobs). + +## Requirements + +This chart depends on Redis and PostgreSQL services, either as part of +the complete GitLab chart or provided as external services reachable +from the Kubernetes cluster on which this chart is deployed. + +## Configuration + +The `gitlab-monitor` chart is configured as follows: [Global +Settings](#global-settings) and [Chart Settings](#chart-settings). + +## Installation command line options + +The table below contains all the possible chart configurations that can be supplied +to the `helm install` command using the `--set` flags. + +| Parameter | Default | Description | +| -------------------------------- | --------------------- | ---------------------------------------------- | +| `annotations` | | Pod annotations | +| `enabled` | `true` | gitlab-monitor enabled flag | +| `extraContainers` | | List of extra containers to include | +| `extraInitContainers` | | List of extra init containers to include | +| `extraVolumeMounts` | | List of extra volumes mountes to do | +| `extraVolumes` | | List of extra volumes to create | +| `hpa.targetAverageValue` | `100m` | Set the autoscaling target value | +| `image.pullPolicy` | `IfNotPresent` | GitLab image pull policy | +| `image.pullSecrets` | | Secrets for the image repository | +| `image.repository` | `registry.gitlab.com/gitlab-org/build/cng/gitlab-monitor` | Unicorn image repository | +| `image.tag` | | Unicorn image tag | +| `init.image` | `busybox` | initContainer image | +| `init.tag` | `latest` | initContainer image tag | +| `metrics.enabled` | `true` | Toggle Prometheus metrics exporter | +| `resources.requests.cpu` | `50m` | gitlab-monitor minimum cpu | +| `resources.requests.memory` | `150M` | gitlab-monitor minimum memory | +| `service.externalPort` | `8080` | gitlab-monitor exposed port | +| `service.internalPort` | `8080` | gitlab-monitor internal port | +| `service.name` | `unicorn` | gitlab-monitor service name | +| `service.type` | `ClusterIP` | gitlab-monitor service type | + +## Chart configuration examples + +### image.pullSecrets + +`pullSecrets` allows you to authenticate to a private registry to pull images for a pod. + +Additional details about private registries and their authentication methods can be +found in [the Kubernetes documentation](https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod). + +Below is an example use of `pullSecrets`: + +```YAML +image: + repository: my.unicorn.repository + pullPolicy: Always + pullSecrets: + - name: my-secret-name + - name: my-secondary-secret-name +``` + +### annotations + +`annotations` allows you to add annotations to the unicorn pods. For example: + +```YAML +annotations: + kubernetes.io/example-annotation: annotation-value +``` + +## Global Settings + +We share some common global settings among our charts. See the [Globals Documentation](../../globals.md) +for common configuration options, such as GitLab and Registry hostnames. + +## Chart Settings + +The following values are used to configure the gitlab-monitor Pods. + +### metrics.enabled + +By default, each pod exposes a metrics endpoint at `/metrics`. When +metrics are enabled, annotations are added to each pod allowing a +Prometheus server to discover and scrape the exposed metrics. + diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl index 5bb1bd6b0d..c4094d7e66 100644 --- a/templates/_helpers.tpl +++ b/templates/_helpers.tpl @@ -144,7 +144,7 @@ Alias of gitlab.psql.host Return the db database name */}} {{- define "gitlab.psql.database" -}} -{{- coalesce .Values.global.psql.database "gitlabhq_production" | quote -}} +{{- coalesce .Values.global.psql.database "gitlabhq_production" -}} {{- end -}} {{/* -- GitLab From 8a19513c46a293878b5714cf7cfb46916bbc8205 Mon Sep 17 00:00:00 2001 From: Stan Hu Date: Mon, 13 May 2019 10:42:51 -0500 Subject: [PATCH 2/6] Use gitlab-monitor branch tag --- charts/gitlab/charts/gitlab-monitor/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/gitlab/charts/gitlab-monitor/values.yaml b/charts/gitlab/charts/gitlab-monitor/values.yaml index da6fb7e587..f68f041a3e 100644 --- a/charts/gitlab/charts/gitlab-monitor/values.yaml +++ b/charts/gitlab/charts/gitlab-monitor/values.yaml @@ -4,8 +4,8 @@ image: repository: registry.gitlab.com/gitlab-org/build/cng/gitlab-monitor pullSecrets: [] - pullPolicy: IfNotPresent - tag: latest + pullPolicy: Always + tag: "sh-add-gitlab-monitor" service: name: gitlab-monitor -- GitLab From 0462916a71a2a0b230d222b9b1e8790fbb6d8255 Mon Sep 17 00:00:00 2001 From: Stan Hu Date: Mon, 13 May 2019 10:50:48 -0500 Subject: [PATCH 3/6] Add Grafana support --- requirements.yaml | 4 ++++ values.yaml | 30 ++++++++++++++++++++++++++++++ 2 files changed, 34 insertions(+) diff --git a/requirements.yaml b/requirements.yaml index 1fb2fbbd34..ce90f391fc 100644 --- a/requirements.yaml +++ b/requirements.yaml @@ -16,3 +16,7 @@ dependencies: version: 0.4.1 repository: https://charts.gitlab.io/ condition: gitlab-runner.install +- name: grafana + version: 3.3.7 + repository: https://kubernetes-charts.storage.googleapis.com/ + condition: grafana.install diff --git a/values.yaml b/values.yaml index 0411c099a6..0f5d5b7851 100644 --- a/values.yaml +++ b/values.yaml @@ -439,6 +439,36 @@ gitlab-runner: s3CachePath: gitlab-runner s3CacheInsecure: false +grafana: + install: true + adminUser: admin + adminPassword: admin + datasources: + datasources.yaml: + apiVersion: 1 + datasources: + - name: GitLab Omnibus + type: prometheus + url: http://{{ $.Release.Namespace }}-gitlab-prometheus-server + access: proxy + isDefault: true + dashboardProviders: + dashboardproviders.yaml: + apiVersion: 1 + providers: + - name: 'default' + orgId: 1 + folder: '' + type: file + disableDeletion: false + editable: true + options: + path: /var/lib/grafana/dashboards/default + dashboards: + default: + overview: + url: https://gitlab.com/gitlab-org/grafana-dashboards/raw/sh-add-kubernetes-dashboard/k8s/overview.json + ## Settings for individual sub-charts under GitLab ## Note: Many of these settings are configurable via globals # gitlab: -- GitLab From 7ac403920f29d3c7e55ee4902a6a07eb4f00eb55 Mon Sep 17 00:00:00 2001 From: Stan Hu Date: Mon, 13 May 2019 11:08:11 -0500 Subject: [PATCH 4/6] Hard-code gitlabVersion to 11.11.0-rc2 EE master may be broken due to a secrets issue. --- values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/values.yaml b/values.yaml index 0f5d5b7851..6e82f8eb9e 100644 --- a/values.yaml +++ b/values.yaml @@ -26,6 +26,7 @@ global: ## doc/charts/globals.md#gitlab-version # gitlabVersion: master + gitlabVersion: v11-11-0-rc2-ee ## doc/charts/globals.md#application-resource application: -- GitLab From 2e6c5ad07622c4a825bc35d5decd261ed151127d Mon Sep 17 00:00:00 2001 From: Joshua Lambert Date: Sun, 12 May 2019 18:14:56 -0500 Subject: [PATCH 5/6] Add initial jaeger templates --- .../charts/gitaly/templates/statefulset.yml | 6 +++ .../gitlab-shell/templates/deployment.yaml | 6 +++ .../charts/sidekiq/templates/deployment.yaml | 6 +++ .../charts/unicorn/templates/configmap.yml | 35 ++++++++++++++-- .../charts/unicorn/templates/deployment.yaml | 12 ++++++ charts/gitlab/values.yaml | 2 +- charts/jaeger/.helmignore | 21 ++++++++++ charts/jaeger/Chart.yaml | 15 +++++++ charts/jaeger/templates/_helpers.tpl | 25 +++++++++++ charts/jaeger/templates/jaeger-cr.yml | 12 ++++++ charts/jaeger/templates/jaeger-ingress.yml | 41 +++++++++++++++++++ charts/jaeger/values.yaml | 40 ++++++++++++++++++ .../nginx/templates/clusterrolebinding.yaml | 2 +- values.yaml | 5 +++ 14 files changed, 222 insertions(+), 6 deletions(-) create mode 100644 charts/jaeger/.helmignore create mode 100644 charts/jaeger/Chart.yaml create mode 100644 charts/jaeger/templates/_helpers.tpl create mode 100644 charts/jaeger/templates/jaeger-cr.yml create mode 100644 charts/jaeger/templates/jaeger-ingress.yml create mode 100644 charts/jaeger/values.yaml diff --git a/charts/gitlab/charts/gitaly/templates/statefulset.yml b/charts/gitlab/charts/gitaly/templates/statefulset.yml index d398816793..515330bad5 100644 --- a/charts/gitlab/charts/gitaly/templates/statefulset.yml +++ b/charts/gitlab/charts/gitaly/templates/statefulset.yml @@ -95,6 +95,12 @@ spec: valueFrom: fieldRef: fieldPath: metadata.name +{{- if .Values.global.tracing.enabled }} + - name: GITLAB_TRACING + value: opentracing://jaeger?http_endpoint=http%3A%2F%2F{{.Values.global.tracing.serviceName}}-collector%3A14268%2Fapi%2Ftraces&sampler=const&sampler_param=1 + - name: GITLAB_TRACING_URL + value: 'http://{{.Values.global.tracing.serviceName}}-query:16686/search?service={{ "{{" }} service {{ "}}" }}&tags=%7B"correlation_id"%3A"{{ "{{" }} correlation_id {{ "}}" }}"%7D"' +{{- end }} volumeMounts: {{ include "gitlab.extraVolumeMounts" . | indent 12 }} {{ include "gitlab.certificates.volumeMount" . | indent 12 }} diff --git a/charts/gitlab/charts/gitlab-shell/templates/deployment.yaml b/charts/gitlab/charts/gitlab-shell/templates/deployment.yaml index 4a8c783596..bed8cb5d00 100644 --- a/charts/gitlab/charts/gitlab-shell/templates/deployment.yaml +++ b/charts/gitlab/charts/gitlab-shell/templates/deployment.yaml @@ -84,6 +84,12 @@ spec: value: '/srv/gitlab-shell' - name: KEYS_DIRECTORY value: '/etc/gitlab-secrets/ssh' +{{- if .Values.global.tracing.enabled }} + - name: GITLAB_TRACING + value: opentracing://jaeger?http_endpoint=http%3A%2F%2F{{.Values.global.tracing.serviceName}}-collector%3A14268%2Fapi%2Ftraces&sampler=const&sampler_param=1 + - name: GITLAB_TRACING_URL + value: 'http://{{.Values.global.tracing.serviceName}}-query:16686/search?service={{ "{{" }} service {{ "}}" }}&tags=%7B"correlation_id"%3A"{{ "{{" }} correlation_id {{ "}}" }}"%7D"' +{{- end }} volumeMounts: - name: shell-config mountPath: '/etc/gitlab-shell' diff --git a/charts/gitlab/charts/sidekiq/templates/deployment.yaml b/charts/gitlab/charts/sidekiq/templates/deployment.yaml index 717dc39d67..779e94b346 100644 --- a/charts/gitlab/charts/sidekiq/templates/deployment.yaml +++ b/charts/gitlab/charts/sidekiq/templates/deployment.yaml @@ -167,6 +167,12 @@ spec: value: {{ int $.Values.memoryKiller.graceTime | quote }} - name: SIDEKIQ_MEMORY_KILLER_SHUTDOWN_WAIT value: {{ int $.Values.memoryKiller.shutdownWait | quote }} +{{- if $.Values.global.tracing.enabled }} + - name: GITLAB_TRACING + value: opentracing://jaeger?http_endpoint=http%3A%2F%2F{{$.Values.global.tracing.serviceName}}-collector%3A14268%2Fapi%2Ftraces&sampler=const&sampler_param=1 + - name: GITLAB_TRACING_URL + value: 'http://{{$.Values.global.tracing.serviceName}}-query:16686/search?service={{ "{{" }} service {{ "}}" }}&tags=%7B"correlation_id"%3A"{{ "{{" }} correlation_id {{ "}}" }}"%7D"' +{{- end }} {{- if $metricsEnabled }} ports: - containerPort: {{ $metricsPort }} diff --git a/charts/gitlab/charts/unicorn/templates/configmap.yml b/charts/gitlab/charts/unicorn/templates/configmap.yml index 90201a9565..145a426007 100644 --- a/charts/gitlab/charts/unicorn/templates/configmap.yml +++ b/charts/gitlab/charts/unicorn/templates/configmap.yml @@ -39,7 +39,26 @@ data: pid "/home/git/unicorn.pid" preload_app true + require_relative "/srv/gitlab/lib/gitlab/cluster/lifecycle_events" + + before_exec do |server| + # Signal application hooks that we're about to restart + Gitlab::Cluster::LifecycleEvents.do_master_restart + end + before_fork do |server, worker| + # Signal application hooks that we're about to fork + Gitlab::Cluster::LifecycleEvents.do_before_fork + + # The following is only recommended for memory/DB-constrained + # installations. It is not needed if your system can house + # twice as many worker_processes as you have configured. + # + # This allows a new master process to incrementally + # phase out the old master process with SIGTTOU to avoid a + # thundering herd (especially in the "preload_app false" case) + # when doing a transparent upgrade. The last worker spawned + # will then kill off the old master process with a SIGQUIT. old_pid = "#{server.config[:pid]}.oldbin" if old_pid != server.pid begin @@ -48,13 +67,21 @@ data: rescue Errno::ENOENT, Errno::ESRCH end end - - ActiveRecord::Base.connection.disconnect! if defined?(ActiveRecord::Base) + # + # Throttle the master from forking too quickly by sleeping. Due + # to the implementation of standard Unix signal handlers, this + # helps (but does not completely) prevent identical, repeated signals + # from being lost when the receiving process is busy. + # sleep 1 end after_fork do |server, worker| - ActiveRecord::Base.establish_connection if defined?(ActiveRecord::Base) - defined?(::Prometheus::Client.reinitialize_on_pid_change) && Prometheus::Client.reinitialize_on_pid_change + # Signal application hooks of worker start + Gitlab::Cluster::LifecycleEvents.do_worker_start + + # per-process listener ports for debugging/admin/migrations + # addr = "127.0.0.1:#{9293 + worker.nr}" + # server.listen(addr, :tries => -1, :delay => 5, :tcp_nopush => true) end ENV['GITLAB_UNICORN_MEMORY_MIN'] = ({{ int .Values.memory.min }} * 1 << 20).to_s diff --git a/charts/gitlab/charts/unicorn/templates/deployment.yaml b/charts/gitlab/charts/unicorn/templates/deployment.yaml index f24d853f23..39b5536fb5 100644 --- a/charts/gitlab/charts/unicorn/templates/deployment.yaml +++ b/charts/gitlab/charts/unicorn/templates/deployment.yaml @@ -131,6 +131,12 @@ spec: {{- if .Values.workhorse.sentryDSN }} - name: GITLAB_WORKHORSE_SENTRY_DSN value: {{ .Values.workhorse.sentryDSN }} +{{- end }} +{{- if .Values.global.tracing.enabled }} + - name: GITLAB_TRACING + value: opentracing://jaeger?http_endpoint=http%3A%2F%2F{{.Values.global.tracing.serviceName}}-collector%3A14268%2Fapi%2Ftraces&sampler=const&sampler_param=1 + - name: GITLAB_TRACING_URL + value: 'http://{{.Values.global.tracing.serviceName}}-query:16686/search?service={{ "{{" }} service {{ "}}" }}&tags=%7B"correlation_id"%3A"{{ "{{" }} correlation_id {{ "}}" }}"%7D"' {{- end }} volumeMounts: {{- if .Values.metrics.enabled }} @@ -189,6 +195,12 @@ spec: value: '/var/opt/gitlab/templates' - name: CONFIG_DIRECTORY value: '/srv/gitlab/config' +{{- if .Values.global.tracing.enabled }} + - name: GITLAB_TRACING + value: opentracing://jaeger?http_endpoint=http%3A%2F%2F{{.Values.global.tracing.serviceName}}-collector%3A14268%2Fapi%2Ftraces&sampler=const&sampler_param=1 + - name: GITLAB_TRACING_URL + value: 'http://{{.Values.global.tracing.serviceName}}-query:16686/search?service={{ "{{" }} service {{ "}}" }}&tags=%7B"correlation_id"%3A"{{ "{{" }} correlation_id {{ "}}" }}"%7D"' +{{- end }} volumeMounts: - name: workhorse-config mountPath: '/var/opt/gitlab/templates' diff --git a/charts/gitlab/values.yaml b/charts/gitlab/values.yaml index 6c0f6a4665..691b80538e 100644 --- a/charts/gitlab/values.yaml +++ b/charts/gitlab/values.yaml @@ -38,4 +38,4 @@ global: repository: registry.gitlab.com/gitlab-org/build/cng/gitlab-workhorse-ce gitlab-runner: - enabled: false + enabled: false \ No newline at end of file diff --git a/charts/jaeger/.helmignore b/charts/jaeger/.helmignore new file mode 100644 index 0000000000..c13e3c8fbb --- /dev/null +++ b/charts/jaeger/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj \ No newline at end of file diff --git a/charts/jaeger/Chart.yaml b/charts/jaeger/Chart.yaml new file mode 100644 index 0000000000..1bfb0d4c15 --- /dev/null +++ b/charts/jaeger/Chart.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +name: jaeger +version: 0.1.0 +appVersion: master +description: Deployment of a Jaeger resource to be used with the Jaeger operator + features. +keywords: +- gitlab +home: https://about.gitlab.com/ +icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg +sources: +- https://gitlab.com/charts/gitlab +maintainers: +- name: GitLab Inc. + email: support@gitlab.com diff --git a/charts/jaeger/templates/_helpers.tpl b/charts/jaeger/templates/_helpers.tpl new file mode 100644 index 0000000000..1793eae8f8 --- /dev/null +++ b/charts/jaeger/templates/_helpers.tpl @@ -0,0 +1,25 @@ +{{- define "jaeger.hostname" -}} +{{- coalesce .Values.global.hosts.jaeger.name (include "gitlab.assembleHost" (dict "name" "jaeger" "context" . )) -}} +{{- end -}} + +{{/* +Returns the secret name for the Secret containing the TLS certificate and key. +Uses `ingress.tls.secretName` first and falls back to `global.ingress.tls.secretName` +if there is a shared tls secret for all ingresses. +*/}} +{{- define "jaeger.tlsSecret" -}} +{{- $defaultName := (dict "secretName" "") -}} +{{- if .Values.global.ingress.configureCertmanager -}} +{{- $_ := set $defaultName "secretName" (printf "%s-jaeger-tls" .Release.Name) -}} +{{- else -}} +{{- $_ := set $defaultName "secretName" (include "gitlab.wildcard-self-signed-cert-name" .) -}} +{{- end -}} +{{- pluck "secretName" .Values.ingress.tls .Values.global.ingress.tls $defaultName | first -}} +{{- end -}} + +{{/* +Returns the nginx ingress class +*/}} +{{- define "jaeger.ingressclass" -}} +{{- pluck "class" .Values.global.ingress (dict "class" (printf "%s-nginx" .Release.Name)) | first -}} +{{- end -}} \ No newline at end of file diff --git a/charts/jaeger/templates/jaeger-cr.yml b/charts/jaeger/templates/jaeger-cr.yml new file mode 100644 index 0000000000..ef80c04d01 --- /dev/null +++ b/charts/jaeger/templates/jaeger-cr.yml @@ -0,0 +1,12 @@ +{{- if and .Values.global.tracing.enabled .Values.global.tracing.install -}} +apiVersion: jaegertracing.io/v1 +kind: Jaeger +metadata: + name: {{ .Values.global.tracing.serviceName }} + namespace: {{ $.Release.Namespace }} + labels: +{{ include "gitlab.standardLabels" . | indent 4 }} +## spec: +## ingress: +## enabled: false +{{- end }} \ No newline at end of file diff --git a/charts/jaeger/templates/jaeger-ingress.yml b/charts/jaeger/templates/jaeger-ingress.yml new file mode 100644 index 0000000000..f060c86805 --- /dev/null +++ b/charts/jaeger/templates/jaeger-ingress.yml @@ -0,0 +1,41 @@ +{{- if and .Values.global.tracing.enabled .Values.global.tracing.install -}} +{{- if eq (include "gitlab.ingress.enabled" $) "true" -}} +{{- $hostname := include "jaeger.hostname" . -}} +{{- $tlsSecret := include "jaeger.tlsSecret" . -}} +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ template "fullname" . }} + namespace: {{ $.Release.Namespace }} + labels: +{{ include "gitlab.standardLabels" . | indent 4 }} + annotations: + kubernetes.io/ingress.class: "{{ template "jaeger.ingressclass" . }}" + kubernetes.io/ingress.provider: nginx + nginx.ingress.kubernetes.io/proxy-body-size: {{ .Values.ingress.proxyBodySize | quote }} + nginx.ingress.kubernetes.io/proxy-read-timeout: {{ .Values.ingress.proxyReadTimeout | quote }} + nginx.ingress.kubernetes.io/proxy-request-buffering: {{ .Values.ingress.proxyBuffering | quote }} + nginx.ingress.kubernetes.io/proxy-buffering: {{ .Values.ingress.proxyBuffering | quote }} + {{ include "gitlab.certmanager_annotations" . }} + {{- range $key, $value := merge .Values.ingress.annotations .Values.global.ingress.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +spec: + rules: + - host: {{ $hostname }} + http: + paths: + - path: / + backend: + serviceName: {{ .Values.global.tracing.serviceName }}-query + servicePort: 16686 + {{- if (and $tlsSecret (eq (include "gitlab.ingress.tls.enabled" $) "true" )) }} + tls: + - hosts: + - {{ $hostname }} + secretName: {{ $tlsSecret }} + {{- else }} + tls: [] + {{- end }} +{{- end -}} +{{- end -}} diff --git a/charts/jaeger/values.yaml b/charts/jaeger/values.yaml new file mode 100644 index 0000000000..337d175fb0 --- /dev/null +++ b/charts/jaeger/values.yaml @@ -0,0 +1,40 @@ +enabled: true + +ingress: + enabled: true + proxyReadTimeout: 900 + proxyBodySize: "0" + proxyBuffering: "off" + tls: {} + # secretName: + # enabled: true + annotations: {} + +global: + ingress: + enabled: true + annotations: {} + tls: {} + # secretName: + # enabled: true + hosts: + domain: example.com + hostSuffix: + https: true + tls: {} + # secretName: + gitlab: {} + #name: gitlab.example.com + #https: false + registry: {} + #name: registry.example.com + #https: false + minio: {} + #name: minio.example.com + #https: false + jaeger: {} + #name: jaeger.example.com + #https: false + tracing: + enabled: true + serviceName: gitlab-jaeger \ No newline at end of file diff --git a/charts/nginx/templates/clusterrolebinding.yaml b/charts/nginx/templates/clusterrolebinding.yaml index 20432ed00f..797d68e08e 100644 --- a/charts/nginx/templates/clusterrolebinding.yaml +++ b/charts/nginx/templates/clusterrolebinding.yaml @@ -1,4 +1,4 @@ -{{- if .Values.enabled -}} +{{- if and .Values.global.tracing.enabled .Values.global.tracing.install -}} {{- if and .Values.rbac.create (not .Values.controller.scope.enabled) -}} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding diff --git a/values.yaml b/values.yaml index 6e82f8eb9e..267177f378 100644 --- a/values.yaml +++ b/values.yaml @@ -299,6 +299,11 @@ global: customCAs: [] # - secret: custom-CA # - secret: more-custom-CAs + + tracing: + enabled: true + install: true + serviceName: jaeger-gitlab ## End of global ## Settings to for the Let's Encrypt ACME Issuer -- GitLab From d6e28bd26232c6886a89f7fad8396d71c434fd44 Mon Sep 17 00:00:00 2001 From: Joshua Lambert Date: Mon, 13 May 2019 11:51:28 -0500 Subject: [PATCH 6/6] Update Grafana datasource name --- values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/values.yaml b/values.yaml index 267177f378..2c909d4f91 100644 --- a/values.yaml +++ b/values.yaml @@ -455,7 +455,7 @@ grafana: datasources: - name: GitLab Omnibus type: prometheus - url: http://{{ $.Release.Namespace }}-gitlab-prometheus-server + url: http://{{ $.Release.Name }}-prometheus-server access: proxy isDefault: true dashboardProviders: -- GitLab