Skip to content

Commit

Permalink
Add topology spread constraints in dashboards (opensearch-project#505)
Browse files Browse the repository at this point in the history
  • Loading branch information
kinoute committed Dec 15, 2023
1 parent 5bb0531 commit 006969c
Show file tree
Hide file tree
Showing 3 changed files with 24 additions and 14 deletions.
12 changes: 7 additions & 5 deletions charts/opensearch-dashboards/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@

```shell
helm install my-release opensearch/opensearch-dashboards
```
```

The command deploys OpenSearch Dashboards with its associated components on the Kubernetes cluster in the default configuration.

Expand Down Expand Up @@ -56,7 +56,7 @@
| `nodeSelector` | Configurable [nodeSelector][] so that you can target specific nodes for your OpenSearch cluster | `{}` |
| `podAnnotations` | Configurable [annotations][] applied to all OpenSearch pods | `{}` |
| `podSecurityContext` | Allows you to set the [securityContext][] for the pod | see [values.yaml][] |
| `priorityClassName` | The name of the [PriorityClass][]. No default is supplied as the PriorityClass must be created first | `""` | |
| `priorityClassName` | The name of the [PriorityClass][]. No default is supplied as the PriorityClass must be created first | `""` |
| `rbac` | Configuration for creating a role, role binding and ServiceAccount as part of this Helm chart with `create: true`. Also can be used to reference an external ServiceAccount with `serviceAccountName: "externalServiceAccountName"` | see [values.yaml][] |
| `resources` | Allows you to set the [resources][] for the StatefulSet | see [values.yaml][] |
| `secretMounts` | Allows you easily mount a secret as a file inside the StatefulSet. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` |
Expand All @@ -75,11 +75,12 @@
| `service.ipFamilyPolicy` | This sets the preferred ip addresses in case of a dual-stack server, there are three options [PreferDualStack, SingleStack, RequireDualStack], [more information on dual stack](https://kubernetes.io/docs/concepts/services-networking/dual-stack/) | `""` |
| `service.ipFamilies` | Sets the preferred IP variants and in which order they are preferred, the first family you list is used for the legacy .spec.ClusterIP field, [more information on dual stack](https://kubernetes.io/docs/concepts/services-networking/dual-stack/) | `""` |
| `tolerations` | Configurable [tolerations][] | `[]` |
| `topologySpreadConstraints` | Configuration for pod [topologySpreadConstraints][] | `[]` |
| `updateStrategy` | The [updateStrategy][] for the StatefulSet. By default Kubernetes will wait for the cluster to be green after upgrading each pod. Setting this to `OnDelete` will allow you to manually delete each pod during upgrades | `RollingUpdate` |
| `extraObjects` | Array of extra K8s manifests to deploy | list `[]` |
| `autoscaling` | Prerequisite: Install/Configure metrics server, to install use `kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml`, See https://github.com/kubernetes-sigs/metrics-server. Configurable pod autoscaling stratergy to scale based on `targetCPUUtilizationPercentage`, configure `minReplicas` and `maxReplicas` for desired scaling | false |
| `livenessProbe` | Configuration fields for the liveness [probe][] | see [exampleLiveness][] in `values.yaml`
| `readinessProbe` | Configuration fields for the readiness [probe][] | see [exampleReadiness][] in `values.yaml`
| `livenessProbe` | Configuration fields for the liveness [probe][] | see [exampleLiveness][] in `values.yaml`|
| `readinessProbe` | Configuration fields for the readiness [probe][] | see [exampleReadiness][] in `values.yaml`|
| `startupProbe` | Configuration fields for the startup [probe][] | see [exampleStartup][] in `values.yaml` |
| `plugins.enabled` | Allow/disallow to add 3rd Party / Custom plugins not offered in the default OpenSearchDashboards image | false |
| `plugins.installList` | Array containing the Opensearch Dashboards plugins to be installed in container | [] |
Expand All @@ -91,4 +92,5 @@

[exampleStartup]: https://github.com/opensearch-project/helm-charts/blob/main/charts/opensearch-dashboards/values.yaml#17
[exampleLiveness]: https://github.com/opensearch-project/helm-charts/blob/main/charts/opensearch-dashboards/values.yaml#27
[exampleReadiness]: https://github.com/opensearch-project/helm-charts/blob/main/charts/opensearch-dashboards/values.yaml#37
[exampleReadiness]: https://github.com/opensearch-project/helm-charts/blob/main/charts/opensearch-dashboards/values.yaml#37
[topologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints
4 changes: 4 additions & 0 deletions charts/opensearch-dashboards/templates/deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,10 @@ spec:
{{- with .Values.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
{{- if .Values.topologySpreadConstraints }}
topologySpreadConstraints:
{- toYaml .Values.topologySpreadConstraints | nindent 8 }}
{{- end }}
{{- if .Values.imagePullSecrets }}
imagePullSecrets:
Expand Down
22 changes: 13 additions & 9 deletions charts/opensearch-dashboards/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -114,16 +114,16 @@ config: {}


# Dashboards TLS Config (Ensure the cert files are present before enabling SSL
# ssl:
# enabled: true
# key: /usr/share/opensearch-dashboards/certs/dashboards-key.pem
# certificate: /usr/share/opensearch-dashboards/certs/dashboards-crt.pem
# ssl:
# enabled: true
# key: /usr/share/opensearch-dashboards/certs/dashboards-key.pem
# certificate: /usr/share/opensearch-dashboards/certs/dashboards-crt.pem

# determines how dashboards will verify certificates (needs to be none for default opensearch certificates to work)
# opensearch:
# ssl:
# certificateAuthorities: /usr/share/opensearch-dashboards/certs/dashboards-root-ca.pem
# if utilizing custom CA certs for connection to opensearch, provide the CA here
# determines how dashboards will verify certificates (needs to be none for default opensearch certificates to work)
# opensearch:
# ssl:
# certificateAuthorities: /usr/share/opensearch-dashboards/certs/dashboards-root-ca.pem
# if utilizing custom CA certs for connection to opensearch, provide the CA here

opensearchDashboardsYml:
defaultMode:
Expand Down Expand Up @@ -210,6 +210,10 @@ tolerations: []

affinity: {}

# This is the pod topology spread constraints
# https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
topologySpreadConstraints: []

# -- Array of extra K8s manifests to deploy
extraObjects: []
# - apiVersion: secrets-store.csi.x-k8s.io/v1
Expand Down

0 comments on commit 006969c

Please sign in to comment.