From 4071fbe180422d15a53777dae517f249b0d221cd Mon Sep 17 00:00:00 2001 From: Yoni Bettan Date: Thu, 3 Feb 2022 10:37:58 -0600 Subject: [PATCH] Adding support for Openshift. Unlike k8s, Openshift is running containers in user mode, therefore, some adjustments were needed in order to make Signoz run on Openshift. Signed-off-by: Yoni Bettan --- .../alertmanager/templates/statefulset.yaml | 8 +++++-- charts/alertmanager/values.yaml | 24 ++++++++++--------- charts/clickhouse/Chart.yaml | 3 +++ .../templates/clickhouse-instance.yaml | 2 +- charts/clickhouse/values.yaml | 2 ++ .../templates/query-service/statefulset.yaml | 4 ++-- 6 files changed, 27 insertions(+), 16 deletions(-) diff --git a/charts/alertmanager/templates/statefulset.yaml b/charts/alertmanager/templates/statefulset.yaml index 95ed0ce7..5d82cef2 100644 --- a/charts/alertmanager/templates/statefulset.yaml +++ b/charts/alertmanager/templates/statefulset.yaml @@ -50,8 +50,10 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} + {{- if .Values.securityContext.pod.enabled }} securityContext: - {{- toYaml .Values.podSecurityContext | nindent 8 }} + {{- toYaml .Values.securityContext.pod.data | nindent 8 }} + {{- end}} containers: {{- if and (.Values.configmapReload.enabled) (.Values.config) }} - name: {{ .Chart.Name }}-{{ .Values.configmapReload.name }} @@ -67,8 +69,10 @@ spec: mountPath: /etc/alertmanager {{- end }} - name: {{ .Chart.Name }} + {{- if .Values.securityContext.container.enabled }} securityContext: - {{- toYaml .Values.securityContext | nindent 12 }} + {{- toYaml .Values.securityContext.container.data | nindent 12 }} + {{- end }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.image.pullPolicy }} env: diff --git a/charts/alertmanager/values.yaml b/charts/alertmanager/values.yaml index 244d37e4..fa424afc 100644 --- a/charts/alertmanager/values.yaml +++ b/charts/alertmanager/values.yaml @@ -25,8 +25,6 @@ serviceAccount: # If not set and create is true, a name is generated using the fullname template name: -podSecurityContext: - fsGroup: 65534 dnsConfig: {} # nameservers: # - 1.2.3.4 @@ -37,14 +35,18 @@ dnsConfig: {} # - name: ndots # value: "2" # - name: edns0 + securityContext: - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - runAsUser: 65534 - runAsNonRoot: true - runAsGroup: 65534 + pod: + enabled: false + data: + fsGroup: 65534 + container: + enable: false + data: + runAsUser: 65534 + runAsNonRoot: true + runAsGroup: 65534 additionalPeers: [] @@ -116,7 +118,7 @@ persistence: size: 100Mi config: - global: + global: resolve_timeout: 1m slack_api_url: 'https://hooks.slack.com/services/xxx' @@ -160,7 +162,7 @@ configmapReload: ## resources: {} -templates: +templates: title.tmpl: |- {{ define "slack.title" }} [{{ .Status | toUpper }}{{ if eq .Status "firing" }}:{{ .Alerts.Firing | len }}{{ end }}] {{ .CommonLabels.alertname }} for {{ .CommonLabels.job }} diff --git a/charts/clickhouse/Chart.yaml b/charts/clickhouse/Chart.yaml index da60125c..e2bf2c7e 100644 --- a/charts/clickhouse/Chart.yaml +++ b/charts/clickhouse/Chart.yaml @@ -9,3 +9,6 @@ dependencies: - name: zookeeper repository: "https://charts.bitnami.com/bitnami" version: 6.0.0 +maintainers: + - name: signoz + email: hello@signoz.io diff --git a/charts/clickhouse/templates/clickhouse-instance.yaml b/charts/clickhouse/templates/clickhouse-instance.yaml index 9617f124..864b0ca9 100644 --- a/charts/clickhouse/templates/clickhouse-instance.yaml +++ b/charts/clickhouse/templates/clickhouse-instance.yaml @@ -71,7 +71,7 @@ spec: image: yandex/clickhouse-server:21.7 volumeMounts: - name: default-volume-claim - mountPath: /var/lib/clickhouse + mountPath: /usr/lib/clickhouse - name: initdb mountPath: /docker-entrypoint-initdb.d volumes: diff --git a/charts/clickhouse/values.yaml b/charts/clickhouse/values.yaml index 98909f22..b0e0691f 100644 --- a/charts/clickhouse/values.yaml +++ b/charts/clickhouse/values.yaml @@ -2,6 +2,8 @@ zookeeper: autopurge: purgeInterval: 1 + securityContext: + enabled: false # cloud: diff --git a/charts/signoz/templates/query-service/statefulset.yaml b/charts/signoz/templates/query-service/statefulset.yaml index ba346a15..2878a482 100644 --- a/charts/signoz/templates/query-service/statefulset.yaml +++ b/charts/signoz/templates/query-service/statefulset.yaml @@ -65,9 +65,9 @@ spec: - name: prometheus mountPath: /root/config - name: signoz-db - mountPath: /var/lib/signoz/ + mountPath: /var/tmp/signoz - name: dashboards - mountPath: /root/config/dashboards + mountPath: /var/tmp/dashboards resources: {{- toYaml .Values.queryService.resources | nindent 12 }} {{- with .Values.queryService.nodeSelector }}