diff --git a/.github/actions/prepare-k8s/action.yaml b/.github/actions/prepare-k8s/action.yaml new file mode 100644 index 00000000..4c80097c --- /dev/null +++ b/.github/actions/prepare-k8s/action.yaml @@ -0,0 +1,51 @@ +name: Prepare K8s for Helm tests +runs: + using: "composite" + steps: + - name: Set up Helm + uses: azure/setup-helm@v4 + with: + version: v3.14.4 + + # Python is required because `ct lint` runs Yamale (https://github.com/23andMe/Yamale) and + # yamllint (https://github.com/adrienverge/yamllint) which require Python + - name: Set up Python + uses: actions/setup-python@v2 + with: + python-version: 3.7 + + - name: Set up chart-testing + uses: helm/chart-testing-action@v2.6.1 + with: + version: v3.10.1 + + - name: Create kind cluster + uses: helm/kind-action@v1.9.0 + + - name: Install kubectl + uses: azure/setup-kubectl@v4.0.0 + with: + version: 'v1.28.8' + id: install + + - name: Set up cert-manager + shell: bash + run: | + kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/kind/deploy.yaml --namespace ingress-nginx + kubectl label node --all ingress-ready=true + kubectl describe pod --selector=app.kubernetes.io/component=controller -n ingress-nginx + kubectl wait --namespace ingress-nginx --for=condition=ready pod --selector=app.kubernetes.io/component=controller --timeout=5m + kubectl apply --validate=false -f https://github.com/jetstack/cert-manager/releases/download/v1.6.1/cert-manager.yaml + + - name: Set up cmctl + shell: bash + run: | + curl -sSL -o cmctl.tar.gz https://github.com/cert-manager/cert-manager/releases/download/v1.6.1/cmctl-linux-amd64.tar.gz + tar xzf cmctl.tar.gz + sudo mv cmctl /usr/local/bin + cmctl version + + - name: Check if cert-manager is up + shell: bash + run: | + cmctl check api --wait=5m diff --git a/.github/workflows/lint-test.yaml b/.github/workflows/lint-test.yaml index 5b00b5be..1e26bc0f 100644 --- a/.github/workflows/lint-test.yaml +++ b/.github/workflows/lint-test.yaml @@ -3,11 +3,10 @@ name: Lint and Test Charts on: pull_request jobs: - lint-test: + lint: runs-on: ubuntu-latest steps: - - name: Checkout - uses: actions/checkout@v2 + - uses: actions/checkout@v2 with: fetch-depth: 0 @@ -39,34 +38,53 @@ jobs: - name: Run chart-testing (lint) run: ct lint --config ct.yaml - - name: Create kind cluster - uses: helm/kind-action@v1.9.0 - if: steps.list-changed.outputs.changed == 'true' - - - name: Install kubectl - uses: azure/setup-kubectl@v4.0.0 + test-with-cassandra: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 with: - version: 'v1.28.8' - id: install + fetch-depth: 0 - - name: Set up cert-manager - run: | - kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/kind/deploy.yaml --namespace ingress-nginx - kubectl label node --all ingress-ready=true - kubectl describe pod --selector=app.kubernetes.io/component=controller -n ingress-nginx - kubectl wait --namespace ingress-nginx --for=condition=ready pod --selector=app.kubernetes.io/component=controller --timeout=5m - kubectl apply --validate=false -f https://github.com/jetstack/cert-manager/releases/download/v1.6.1/cert-manager.yaml + - uses: ./.github/actions/prepare-k8s - - name: Set up cmctl - run: | - curl -sSL -o cmctl.tar.gz https://github.com/cert-manager/cert-manager/releases/download/v1.6.1/cmctl-linux-amd64.tar.gz - tar xzf cmctl.tar.gz - sudo mv cmctl /usr/local/bin - cmctl version + - name: Run cassandra-chart-testing (install) + run: ct install --config ct.yaml + test-with-allInOne: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + with: + fetch-depth: 0 + + - uses: ./.github/actions/prepare-k8s - - name: Check if cert-manager is up + - name: Run allInOne-chart-testing (install) run: | - cmctl check api --wait=5m + ct install --config ct.yaml --helm-extra-set-args " + --set provisionDataStore.cassandra=false + --set storage.type=memory + --set allInOne.enabled=true + --set agent.enabled=false + --set collector.enabled=false + --set query.enabled=false" + + test-with-elasticsearch: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + with: + fetch-depth: 0 - - name: Run chart-testing (install) - run: ct install --config ct.yaml + - uses: ./.github/actions/prepare-k8s + + - name: Run elasticsearch-chart-testing (install) + run: | + ct install --config ct.yaml --helm-extra-set-args " + --set provisionDataStore.cassandra=false + --set provisionDataStore.elasticsearch=true + --set storage.type=elasticsearch + --set elasticsearch.master.masterOnly=false + --set elasticsearch.master.replicaCount=1 + --set elasticsearch.data.replicaCount=0 + --set elasticsearch.coordinating.replicaCount=0 + --set elasticsearch.ingest.replicaCount=0" diff --git a/README.md b/README.md index 929eaadc..26be2249 100644 --- a/README.md +++ b/README.md @@ -18,6 +18,10 @@ $ helm repo add jaegertracing https://jaegertracing.github.io/helm-charts You can then run `helm search repo jaegertracing` to see the charts. +See additional documentation: + * [Jaeger chart](./charts/jaeger) + * [Jaeger Operator chart](./charts/jaeger-operator) + ## Contributing We'd love to have you contribute! Please refer to our [contribution guidelines](CONTRIBUTING.md) for details. diff --git a/charts/jaeger-operator/COMPATIBILITY.md b/charts/jaeger-operator/COMPATIBILITY.md index 95218d8a..0e9bcedd 100644 --- a/charts/jaeger-operator/COMPATIBILITY.md +++ b/charts/jaeger-operator/COMPATIBILITY.md @@ -2,6 +2,8 @@ The following table shows the compatibility of `Jaeger Operator helm chart` with | Chart version | Jaeger Operator | Kubernetes | Strimzi Operator | Cert-Manager | |---------------------------|-----------------|-----------------|--------------------|--------------| +| 2.57.0 | v1.61.x | v1.19 to v1.29 | v0.32 | v1.6.1+ | +| 2.54.0 | v1.57.x | v1.19 to v1.29 | v0.32 | v1.6.1+ | | 2.50.0 | v1.52.x | v1.19 to v1.28 | v0.32 | v1.6.1+ | | 2.49.0 | v1.49.x | v1.19 to v1.28 | v0.32 | v1.6.1+ | | 2.47.0 | v1.47.x | v1.19 to v1.26 | v0.23 | v1.6.1+ | diff --git a/charts/jaeger-operator/Chart.yaml b/charts/jaeger-operator/Chart.yaml index 97e82942..215b889c 100644 --- a/charts/jaeger-operator/Chart.yaml +++ b/charts/jaeger-operator/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 description: jaeger-operator Helm chart for Kubernetes name: jaeger-operator -version: 2.53.0 -appVersion: 1.52.0 +version: 2.57.0 +appVersion: 1.61.0 home: https://www.jaegertracing.io/ icon: https://www.jaegertracing.io/img/jaeger-icon-reverse-color.svg sources: diff --git a/charts/jaeger-operator/README.md b/charts/jaeger-operator/README.md index 86af5381..b6883412 100644 --- a/charts/jaeger-operator/README.md +++ b/charts/jaeger-operator/README.md @@ -59,7 +59,7 @@ The following table lists the configurable parameters of the jaeger-operator cha | `serviceExtraLabels` | Additional labels to jaeger-operator service | `{}` | | `extraLabels` | Additional labels to jaeger-operator deployment | `{}` | | `image.repository` | Controller container image repository | `jaegertracing/jaeger-operator` | -| `image.tag` | Controller container image tag | `1.52.0` | +| `image.tag` | Controller container image tag | `1.61.0` | | `image.pullPolicy` | Controller container image pull policy | `IfNotPresent` | | `jaeger.create` | Jaeger instance will be created | `false` | | `jaeger.spec` | Jaeger instance specification | `{}` | diff --git a/charts/jaeger-operator/templates/role.yaml b/charts/jaeger-operator/templates/role.yaml index ccc308d9..9125ffd5 100644 --- a/charts/jaeger-operator/templates/role.yaml +++ b/charts/jaeger-operator/templates/role.yaml @@ -233,6 +233,13 @@ rules: - patch - update - watch +- apiGroups: + - networking.k8s.io + resources: + - ingressclasses + verbs: + - list + - watch - apiGroups: - rbac.authorization.k8s.io resources: diff --git a/charts/jaeger-operator/values.yaml b/charts/jaeger-operator/values.yaml index 9c70a163..ce72640a 100644 --- a/charts/jaeger-operator/values.yaml +++ b/charts/jaeger-operator/values.yaml @@ -4,7 +4,7 @@ image: repository: jaegertracing/jaeger-operator - tag: 1.52.0 + tag: 1.61.0 pullPolicy: IfNotPresent imagePullSecrets: [] diff --git a/charts/jaeger/Chart.yaml b/charts/jaeger/Chart.yaml index 1710e6ac..be86e1c2 100644 --- a/charts/jaeger/Chart.yaml +++ b/charts/jaeger/Chart.yaml @@ -3,7 +3,7 @@ appVersion: 1.53.0 description: A Jaeger Helm chart for Kubernetes name: jaeger type: application -version: 3.0.4 +version: 3.3.2 # CronJobs require v1.21 kubeVersion: ">= 1.21-0" keywords: @@ -12,7 +12,7 @@ keywords: - tracing - instrumentation home: https://jaegertracing.io -icon: https://camo.githubusercontent.com/afa87494e0753b4b1f5719a2f35aa5263859dffb/687474703a2f2f6a61656765722e72656164746865646f63732e696f2f656e2f6c61746573742f696d616765732f6a61656765722d766563746f722e737667 +icon: https://www.jaegertracing.io/img/jaeger-icon-reverse-color.svg sources: - https://hub.docker.com/u/jaegertracing/ maintainers: diff --git a/charts/jaeger/README.md b/charts/jaeger/README.md index 3fc9e7ec..b31f84fb 100644 --- a/charts/jaeger/README.md +++ b/charts/jaeger/README.md @@ -302,7 +302,7 @@ provisionDataStore: allInOne: enabled: true storage: - type: none + type: memory agent: enabled: false collector: @@ -399,7 +399,7 @@ extraObjects: - apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: {{ .Release.Name }}-someRoleBinding + name: "{{ .Release.Name }}-someRoleBinding" roleRef: apiGroup: rbac.authorization.k8s.io kind: Role diff --git a/charts/jaeger/templates/_helpers.tpl b/charts/jaeger/templates/_helpers.tpl index 7cf5e82b..f6f6b13f 100644 --- a/charts/jaeger/templates/_helpers.tpl +++ b/charts/jaeger/templates/_helpers.tpl @@ -268,7 +268,11 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this */}} {{- define "elasticsearch.client.url" -}} {{- $port := .Values.storage.elasticsearch.port | toString -}} -{{- printf "%s://%s:%s" .Values.storage.elasticsearch.scheme .Values.storage.elasticsearch.host $port }} +{{- $host := .Values.storage.elasticsearch.host }} +{{- if .Values.provisionDataStore.elasticsearch }} +{{- $host = printf "%s-elasticsearch" .Release.Name }} +{{- end }} +{{- printf "%s://%s:%s" .Values.storage.elasticsearch.scheme $host $port }} {{- end -}} {{- define "jaeger.hotrod.tracing.host" -}} @@ -408,16 +412,6 @@ memory related environment variables {{- end }} {{- end -}} -{{/* -allInOne currently only supports memory/badger storage type. -*/}} -{{- define "allInOne.storage.type" -}} -{{ $type := .Values.storage.type }} -{{- if or (eq $type "memory") (eq $type "badger") -}} -{{ .Values.storage.type }} -{{- end -}} -{{- end -}} - {{/* Cassandra, Elasticsearch, or grpc-plugin, badger, memory related environment variables depending on which is used @@ -565,7 +559,7 @@ If not tag is provided, it defaults to .Chart.AppVersion. */}} {{- define "renderImage" -}} {{- $image := merge .imageRoot (dict "tag" .context.Chart.AppVersion) -}} -{{- include "common.images.image" (dict "imageRoot" $image "global" .context.Values.Global) -}} +{{- include "common.images.image" (dict "imageRoot" $image "global" .context.Values.global) -}} {{- end -}} {{/* diff --git a/charts/jaeger/templates/allinone-deploy.yaml b/charts/jaeger/templates/allinone-deploy.yaml index 87788207..aae25811 100644 --- a/charts/jaeger/templates/allinone-deploy.yaml +++ b/charts/jaeger/templates/allinone-deploy.yaml @@ -30,14 +30,14 @@ spec: prometheus.io/port: "14269" prometheus.io/scrape: "true" spec: - {{- include "allInOne.imagePullSecrets" . | nindent 6 }} + {{- include "allInOne.imagePullSecrets" . | nindent 6 }} containers: - env: {{- if .Values.allInOne.extraEnv }} {{- toYaml .Values.allInOne.extraEnv | nindent 12 }} {{- end }} - name: SPAN_STORAGE_TYPE - value: {{ include "allInOne.storage.type" . | required "Invalid storage type provided. Use either badger or memory for allInOne" }} + value: {{ .Values.storage.type }} {{- include "storage.env" . | nindent 12 }} - name: COLLECTOR_ZIPKIN_HOST_PORT value: :9411 @@ -52,6 +52,8 @@ spec: {{- with .Values.allInOne.envFrom }} envFrom: {{- toYaml . | nindent 12 }} {{- end }} + securityContext: + {{- toYaml .Values.allInOne.securityContext | nindent 12 }} image: {{ include "allInOne.image" . }} imagePullPolicy: {{ .Values.allInOne.image.pullPolicy }} name: jaeger @@ -118,9 +120,7 @@ spec: readOnly: {{ .readOnly }} {{- end }} securityContext: - runAsUser: 10001 - runAsGroup: 10001 - fsGroup: 10001 + {{- toYaml .Values.allInOne.podSecurityContext | nindent 8 }} serviceAccountName: {{ template "jaeger.fullname" . }} volumes: {{- if not .Values.storage.badger.ephemeral }} @@ -138,8 +138,20 @@ spec: secret: secretName: {{ .secretName }} {{- end }} + {{- with .Values.allInOne.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.allInOne.topologySpreadConstraints }} + topologySpreadConstraints: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.allInOne.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.allInOne.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} {{- end -}} diff --git a/charts/jaeger/templates/allinone-sa.yaml b/charts/jaeger/templates/allinone-sa.yaml index 6e2a536a..a0fbb5a0 100644 --- a/charts/jaeger/templates/allinone-sa.yaml +++ b/charts/jaeger/templates/allinone-sa.yaml @@ -10,4 +10,5 @@ metadata: annotations: {{- toYaml . | nindent 4 }} {{- end }} +automountServiceAccountToken: {{ .Values.allInOne.serviceAccount.automountServiceAccountToken }} {{- end -}} diff --git a/charts/jaeger/templates/cassandra-schema-job.yaml b/charts/jaeger/templates/cassandra-schema-job.yaml index f5ee5a45..b6aec4e9 100644 --- a/charts/jaeger/templates/cassandra-schema-job.yaml +++ b/charts/jaeger/templates/cassandra-schema-job.yaml @@ -96,6 +96,10 @@ spec: secret: secretName: {{ .Values.storage.cassandra.tls.secretName }} {{- end }} + {{- with .Values.schema.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} {{- end -}} {{- end -}} {{- end -}} diff --git a/charts/jaeger/templates/collector-deploy.yaml b/charts/jaeger/templates/collector-deploy.yaml index dfdd1dc7..4a351479 100644 --- a/charts/jaeger/templates/collector-deploy.yaml +++ b/charts/jaeger/templates/collector-deploy.yaml @@ -32,6 +32,20 @@ spec: {{- toYaml .Values.collector.podLabels | nindent 8 }} {{- end }} spec: + {{- if .Values.provisionDataStore.elasticsearch }} + initContainers: + - name: elasticsearch-checker + image: curlimages/curl + command: + - sh + - "-c" + - | + url="{{ include "elasticsearch.client.url" . }}" + until [ "$(curl -s -o /dev/null -w '%{http_code}' "$url/_cluster/health")" = "200" ]; do + echo "Waiting for Elasticsearch at $url" + sleep 5 + done + {{- end}} {{- with .Values.collector.priorityClassName }} priorityClassName: {{ . }} {{- end }} diff --git a/charts/jaeger/templates/collector-ing.yaml b/charts/jaeger/templates/collector-ing.yaml index e9c726a0..61d9ca11 100644 --- a/charts/jaeger/templates/collector-ing.yaml +++ b/charts/jaeger/templates/collector-ing.yaml @@ -22,7 +22,7 @@ spec: {{- end }} rules: {{- range .Values.collector.ingress.hosts }} - - host: {{ include "jaeger.collector.ingressHost" . }} + - host: {{ include "jaeger.collector.ingressHost" . | quote }} http: paths: - path: {{ $basePath }} diff --git a/charts/jaeger/templates/collector-svc.yaml b/charts/jaeger/templates/collector-svc.yaml index 81ee16a5..efa820d1 100644 --- a/charts/jaeger/templates/collector-svc.yaml +++ b/charts/jaeger/templates/collector-svc.yaml @@ -60,9 +60,9 @@ spec: protocol: TCP targetPort: {{ .Values.collector.service.otlp.http.name }} {{- end }} - - name: admin + - name: {{ .Values.collector.service.admin.name }} port: 14269 - targetPort: admin + targetPort: {{ .Values.collector.service.admin.targetPort }} selector: {{- include "jaeger.selectorLabels" . | nindent 4 }} app.kubernetes.io/component: collector @@ -70,5 +70,8 @@ spec: clusterIP: {{ .Values.collector.service.clusterIP }} {{- end }} type: {{ .Values.collector.service.type }} + {{- if and (eq .Values.collector.service.type "LoadBalancer") .Values.collector.service.loadBalancerIP }} + loadBalancerIP: {{ .Values.collector.service.loadBalancerIP }} + {{- end -}} {{- template "loadBalancerSourceRanges" .Values.collector }} {{- end -}} diff --git a/charts/jaeger/templates/es-index-cleaner-cronjob.yaml b/charts/jaeger/templates/es-index-cleaner-cronjob.yaml index cf3f58aa..e7155aca 100644 --- a/charts/jaeger/templates/es-index-cleaner-cronjob.yaml +++ b/charts/jaeger/templates/es-index-cleaner-cronjob.yaml @@ -38,7 +38,7 @@ spec: {{- end }} spec: serviceAccountName: {{ template "jaeger.esIndexCleaner.serviceAccountName" . }} - {{- include "esIndexCleaner.imagePullSecrets" . | nindent 12 }} + {{- include "esIndexCleaner.imagePullSecrets" . | nindent 10 }} securityContext: {{- toYaml .Values.esIndexCleaner.podSecurityContext | nindent 12 }} containers: diff --git a/charts/jaeger/templates/es-lookback-cronjob.yaml b/charts/jaeger/templates/es-lookback-cronjob.yaml index c5f70dc2..d5e4716c 100644 --- a/charts/jaeger/templates/es-lookback-cronjob.yaml +++ b/charts/jaeger/templates/es-lookback-cronjob.yaml @@ -38,7 +38,7 @@ spec: {{- end }} spec: serviceAccountName: {{ template "jaeger.esLookback.serviceAccountName" . }} - {{- include "esLookback.imagePullSecrets" . | nindent 12 }} + {{- include "esLookback.imagePullSecrets" . | nindent 10 }} securityContext: {{- toYaml .Values.esLookback.podSecurityContext | nindent 12 }} restartPolicy: OnFailure diff --git a/charts/jaeger/templates/hotrod-ing.yaml b/charts/jaeger/templates/hotrod-ing.yaml index a5fa0721..abfaffbe 100644 --- a/charts/jaeger/templates/hotrod-ing.yaml +++ b/charts/jaeger/templates/hotrod-ing.yaml @@ -20,7 +20,7 @@ spec: {{- end }} rules: {{- range $host := .Values.hotrod.ingress.hosts }} - - host: {{ $host }} + - host: {{ $host | quote}} http: paths: - path: / diff --git a/charts/jaeger/templates/query-deploy.yaml b/charts/jaeger/templates/query-deploy.yaml index 7aef1c62..c3cfd7e1 100644 --- a/charts/jaeger/templates/query-deploy.yaml +++ b/charts/jaeger/templates/query-deploy.yaml @@ -44,10 +44,25 @@ spec: {{- toYaml .Values.query.podSecurityContext | nindent 8 }} serviceAccountName: {{ template "jaeger.query.serviceAccountName" . }} {{- include "query.imagePullSecrets" . | nindent 6 }} - {{- if .Values.query.initContainers }} + {{- if or .Values.query.initContainers .Values.provisionDataStore.elasticsearch }} initContainers: - {{- toYaml .Values.query.initContainers | nindent 8 }} - {{- end}} + {{- if .Values.query.initContainers }} + {{- toYaml .Values.query.initContainers | nindent 8 }} + {{- end }} + {{- if .Values.provisionDataStore.elasticsearch }} + - name: elasticsearch-checker + image: curlimages/curl + command: + - sh + - "-c" + - | + url="{{ include "elasticsearch.client.url" . }}" + until [ "$(curl -s -o /dev/null -w '%{http_code}' "$url/_cluster/health")" = "200" ]; do + echo "waiting for Elasticsearch at $url" + sleep 5 + done + {{- end }} + {{- end }} containers: - name: {{ template "jaeger.query.name" . }} securityContext: @@ -136,6 +151,8 @@ spec: port: admin {{- if .Values.query.oAuthSidecar.enabled }} - name: {{ template "jaeger.agent.name" . }}-oauth2-sidecar + securityContext: + {{- toYaml .Values.query.securityContext | nindent 10 }} image: {{ include "oAuthSidecar.image" . }} imagePullPolicy: {{ .Values.query.oAuthSidecar.image.pullPolicy }} args: diff --git a/charts/jaeger/templates/query-ing.yaml b/charts/jaeger/templates/query-ing.yaml index 7b8a5f2f..c86fd5c8 100644 --- a/charts/jaeger/templates/query-ing.yaml +++ b/charts/jaeger/templates/query-ing.yaml @@ -22,7 +22,7 @@ spec: {{- end }} rules: {{- range $host := .Values.query.ingress.hosts }} - - host: {{ $host }} + - host: {{ $host | quote }} http: paths: - path: {{ $basePath }} diff --git a/charts/jaeger/templates/query-svc.yaml b/charts/jaeger/templates/query-svc.yaml index 35c120a7..37f7d160 100644 --- a/charts/jaeger/templates/query-svc.yaml +++ b/charts/jaeger/templates/query-svc.yaml @@ -23,10 +23,10 @@ spec: port: 16685 protocol: TCP targetPort: grpc - - name: admin + - name: {{ .Values.query.service.admin.name }} port: 16687 protocol: TCP - targetPort: admin + targetPort: {{ .Values.query.service.admin.targetPort }} selector: {{- include "jaeger.selectorLabels" . | nindent 4 }} app.kubernetes.io/component: query diff --git a/charts/jaeger/templates/spark-cronjob.yaml b/charts/jaeger/templates/spark-cronjob.yaml index c1f60eeb..f58efa8f 100644 --- a/charts/jaeger/templates/spark-cronjob.yaml +++ b/charts/jaeger/templates/spark-cronjob.yaml @@ -38,6 +38,8 @@ spec: spec: serviceAccountName: {{ template "jaeger.spark.serviceAccountName" . }} {{- include "spark.imagePullSecrets" . | nindent 10 }} + securityContext: + {{- toYaml .Values.spark.podSecurityContext | nindent 12 }} containers: - name: {{ include "jaeger.fullname" . }}-spark image: {{ include "spark.image" . }} @@ -76,6 +78,8 @@ spec: subPath: {{ .subPath }} readOnly: {{ .readOnly }} {{- end }} + securityContext: + {{- toYaml .Values.spark.securityContext | nindent 14 }} restartPolicy: OnFailure volumes: {{- range .Values.spark.extraConfigmapMounts }} diff --git a/charts/jaeger/values.yaml b/charts/jaeger/values.yaml index 778ba1dd..f598ffc5 100644 --- a/charts/jaeger/values.yaml +++ b/charts/jaeger/values.yaml @@ -49,6 +49,7 @@ allInOne: # } serviceAccount: annotations: {} + automountServiceAccountToken: true service: headless: true collector: @@ -86,6 +87,17 @@ allInOne: # cpu: 256m # memory: 128Mi nodeSelector: {} +<<<<<<< HEAD + tolerations: [] +======= +>>>>>>> 1dca639 ([jaeger] add new options, improvements into allInOne (#586)) + affinity: {} + topologySpreadContraints: [] + podSecurityContext: + runAsUser: 10001 + runAsGroup: 10001 + fsGroup: 10001 + securityContext: {} storage: # allowed values (cassandra, elasticsearch, grpc-plugin, badger, memory) @@ -223,6 +235,7 @@ kafka: # use by Jaeger schema: annotations: {} + tolerations: [] image: registry: "" repository: jaegertracing/jaeger-cassandra-schema @@ -501,6 +514,9 @@ collector: # name: otlp-http # port: 4318 # nodePort: + admin: + name: admin + targetPort: admin ingress: enabled: false # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName @@ -684,6 +700,9 @@ query: # targetPort: 8080 # Specify a specific node port when type is NodePort # nodePort: 32500 + admin: + name: admin + targetPort: admin ingress: enabled: false # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName @@ -775,6 +794,8 @@ query: spark: enabled: false + securityContext: {} + podSecurityContext: {} annotations: {} image: registry: ""