Cloned2Preserve
/
TrueChartsClone
mirror of https://github.com/truecharts/charts.git
1
0
Fork 0
Code

feat(zabbix-server): Init work for zabbix-server (#2474) 

* feat(zabbix): Init work for zabbix-server

* main service is the gui

* remove persistence for nwo

* enable debug

* try different db user/name

* try mariadb

* pgsql and only server, no front

* no front

* 2 services

* use lifecycle to prevent second contrainer from starting

* try tcp

* initcontainer for db mig and init

* whoops

* ident

* add websrvurl

* try alone

* try probes

* bettrer probe

* enable web container now

* add agent aswell

* whoops

* use default server Port

* use port

* remove agent, add snmptraps

* enable more options

* ui and values

* rootless

* more options

* needs root

* move to dev for now

* move back to incubator
This commit is contained in:
Stavros Kois 2022-04-19 10:23:43 +03:00 committed by GitHub
parent 213a7a86c1
commit 6065361500
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 778 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
charts/incubator/zabbix-server/Chart.yaml Normal file
View File

@ -0,0 +1,31 @@
apiVersion: v2
appVersion: "10.6.2"
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 9.2.7
- condition: postgresql.enabled
name: postgresql
repository: https://charts.truecharts.org/
version: 7.0.37
description: Zabbix is an enterprise-class open source distributed monitoring solution.
home: https://github.com/truecharts/apps/tree/master/charts/stable/zabbix-server
icon: https://truecharts.org/_static/img/appicons/zabbix-server.png
keywords:
- zabbix
- monitoring
kubeVersion: '>=1.16.0-0'
maintainers:
- email: info@truecharts.org
name: TrueCharts
url: https://truecharts.org
name: zabbix-server
sources:
- https://hub.docker.com/r/zabbix/zabbix-server-pgsql
- https://hub.docker.com/r/zabbix/zabbix-web-nginx-pgsql
version: 0.0.1
annotations:
truecharts.org/catagories: |
- utilities
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

512
charts/incubator/zabbix-server/questions.yaml Normal file
View File

@ -0,0 +1,512 @@
# Include{groups}
portals:
open:
protocols:
- "$kubernetes-resource_configmap_portal_protocol"
host:
- "$kubernetes-resource_configmap_portal_host"
ports:
- "$kubernetes-resource_configmap_portal_port"
questions:
- variable: portal
group: "Container Image"
label: "Configure Portal Button"
schema:
type: dict
hidden: true
attrs:
- variable: enabled
label: "Enable"
description: "enable the portal button"
schema:
hidden: true
editable: false
type: boolean
default: true
# Include{global}
- variable: controller
group: "Controller"
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: advanced
label: "Show Advanced Controller Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: type
description: "Please specify type of workload to deploy"
label: "(Advanced) Controller Type"
schema:
type: string
default: "deployment"
required: true
enum:
- value: "deployment"
description: "Deployment"
- value: "statefulset"
description: "Statefulset"
- value: "daemonset"
description: "Daemonset"
- variable: replicas
description: "Number of desired pod replicas"
label: "Desired Replicas"
schema:
type: int
default: 1
required: true
- variable: strategy
description: "Please specify type of workload to deploy"
label: "(Advanced) Update Strategy"
schema:
type: string
default: "Recreate"
required: true
enum:
- value: "Recreate"
description: "Recreate: Kill existing pods before creating new ones"
- value: "RollingUpdate"
description: "RollingUpdate: Create new pods and then kill old ones"
- value: "OnDelete"
description: "(Legacy) OnDelete: ignore .spec.template changes"
# Include{controllerExpert}
- variable: env
group: "Container Configuration"
label: "Image Environment"
schema:
additional_attrs: true
type: dict
attrs:
- variable: ZBX_LOADMODULE
label: "ZBX_LOADMODULE"
description: "The variable is list of comma separated loadable Zabbix modules. It works with volume /var/lib/zabbix/modules. The syntax of the variable is dummy1.so,dummy2.so."
schema:
type: string
default: ""
- variable: ZBX_TIMEOUT
label: "ZBX_TIMEOUT"
description: "The variable is used to specify timeout for processing checks. By default, value is 4."
schema:
type: int
default: 4
- variable: frontendConfig
group: "Container Configuration"
label: "Web Frontend Environment"
schema:
additional_attrs: true
type: dict
attrs:
- variable: ZBX_SERVER_NAME
label: "ZBX_SERVER_NAME"
description: "The variable is visible Zabbix installation name in right top corner of the web interface."
schema:
type: string
default: "Zabbix Instance"
- variable: ZBX_GUI_WARNING_MSG
label: "ZBX_GUI_WARNING_MSG"
description: "Zabbix instance is currently in maintenance."
schema:
type: string
default: "Zabbix Instance"
- variable: ZBX_DENY_GUI_ACCESS
label: "ZBX_DENY_GUI_ACCESS"
description: "Enable (true) maintenance mode for Zabbix web-interface."
schema:
type: boolean
default: false
- variable: ZBX_GUI_ACCESS_IP_RANGE
label: "ZBX_GUI_ACCESS_IP_RANGE"
description: "Array of IP addresses which are allowed for accessing to Zabbix web-interface during maintenance period."
schema:
type: string
default: ""
- variable: ZBX_MEMORYLIMIT
label: "ZBX_MEMORYLIMIT"
description: "The varable is PHP memory_limit option. By default, value is 128M."
schema:
type: string
default: "128M"
- variable: ZBX_POSTMAXSIZE
label: "ZBX_POSTMAXSIZE"
description: "The varable is PHP post_max_size option. By default, value is 16M."
schema:
type: string
default: "16M"
- variable: ZBX_UPLOADMAXFILESIZE
label: "ZBX_UPLOADMAXFILESIZE"
description: "The varable is PHP upload_max_filesize option. By default, value is 2M."
schema:
type: string
default: "2M"
- variable: ZBX_MAXEXECUTIONTIME
label: "ZBX_MAXEXECUTIONTIME"
description: "The varable is PHP max_execution_time option. By default, value is 300."
schema:
type: int
default: 300
- variable: ZBX_MAXINPUTTIME
label: "ZBX_MAXINPUTTIME"
description: "The varable is PHP max_input_time option. By default, value is 300."
schema:
type: int
default: 300
# Include{containerConfig}
- variable: service
group: "Networking and Services"
label: "Configure Service(s)"
schema:
additional_attrs: true
type: dict
attrs:
- variable: main
label: "Main Service"
description: "The Primary service on which the healthcheck runs, often the webUI"
schema:
additional_attrs: true
type: dict
attrs:
# Include{serviceSelector}
- variable: main
label: "Main Service Port Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: port
label: "Port"
description: "This port exposes the container port on the service"
schema:
type: int
default: 10211
required: true
- variable: advanced
label: "Show Advanced settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: protocol
label: "Port Type"
schema:
type: string
default: "HTTP"
enum:
- value: HTTP
description: "HTTP"
- value: "HTTPS"
description: "HTTPS"
- value: TCP
description: "TCP"
- value: "UDP"
description: "UDP"
- variable: nodePort
label: "Node Port (Optional)"
description: "This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer"
schema:
type: int
min: 9000
max: 65535
- variable: targetPort
label: "Target Port"
description: "The internal(!) port on the container the Application runs on"
schema:
type: int
default: 8080
- variable: server
label: "Server Service"
description: "The Server Service"
schema:
additional_attrs: true
type: dict
attrs:
# Include{serviceSelector}
- variable: server
label: "Server Service Port Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: port
label: "Port"
description: "This port exposes the container port on the service"
schema:
type: int
default: 10212
required: true
- variable: advanced
label: "Show Advanced settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: protocol
label: "Port Type"
schema:
type: string
default: "HTTP"
enum:
- value: HTTP
description: "HTTP"
- value: "HTTPS"
description: "HTTPS"
- value: TCP
description: "TCP"
- value: "UDP"
description: "UDP"
- variable: nodePort
label: "Node Port (Optional)"
description: "This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer"
schema:
type: int
min: 9000
max: 65535
- variable: targetPort
label: "Target Port"
description: "The internal(!) port on the container the Application runs on"
schema:
type: int
default: 10051
- variable: snmptraps
label: "SNMP Traps Service"
description: "SNMP Traps Service"
schema:
additional_attrs: true
type: dict
attrs:
# Include{serviceSelector}
- variable: snmptraps
label: "SNMP Traps Service Port Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: port
label: "Port"
description: "This port exposes the container port on the service"
schema:
type: int
default: 162
required: true
- variable: advanced
label: "Show Advanced settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: protocol
label: "Port Type"
schema:
type: string
default: "HTTP"
enum:
- value: HTTP
description: "HTTP"
- value: "HTTPS"
description: "HTTPS"
- value: TCP
description: "TCP"
- value: "UDP"
description: "UDP"
- variable: nodePort
label: "Node Port (Optional)"
description: "This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer"
schema:
type: int
min: 9000
max: 65535
- variable: targetPort
label: "Target Port"
description: "The internal(!) port on the container the Application runs on"
schema:
type: int
default: 1162
- variable: serviceexpert
group: "Networking and Services"
label: "Show Expert Config"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: hostNetwork
group: "Networking and Services"
label: "Host-Networking (Complicated)"
schema:
type: boolean
default: false
# Include{serviceExpert}
# Include{serviceList}
- variable: persistence
label: "Integrated Persistent Storage"
description: "Integrated Persistent Storage"
group: "Storage and Persistence"
schema:
additional_attrs: true
type: dict
attrs:
- variable: snmptraps
label: "App snmptraps Storage"
description: "Stores the Application snmptraps."
schema:
additional_attrs: true
type: dict
attrs:
- variable: type
label: "Type of Storage"
description: "Sets the persistence type, Anything other than PVC could break rollback!"
schema:
type: string
default: "simplePVC"
enum:
- value: "simplePVC"
description: "PVC (simple)"
- value: "simpleHP"
description: "HostPath (simple)"
- value: "emptyDir"
description: "emptyDir"
- value: "pvc"
description: "pvc"
- value: "hostPath"
description: "hostPath"
# Include{persistenceBasic}
- variable: hostPath
label: "hostPath"
description: "Path inside the container the storage is mounted"
schema:
show_if: [["type", "=", "hostPath"]]
type: hostpath
- variable: medium
label: "EmptyDir Medium"
schema:
show_if: [["type", "=", "emptyDir"]]
type: string
default: ""
enum:
- value: ""
description: "Default"
- value: "Memory"
description: "Memory"
# Include{persistenceAdvanced}
# Include{persistenceList}
- variable: ingress
label: ""
group: "Ingress"
schema:
additional_attrs: true
type: dict
attrs:
- variable: main
label: "Main Ingress"
schema:
additional_attrs: true
type: dict
attrs:
# Include{ingressDefault}
# Include{ingressTLS}
# Include{ingressTraefik}
# Include{ingressExpert}
- variable: server
label: "Server Ingress"
schema:
additional_attrs: true
type: dict
attrs:
# Include{ingressDefault}
# Include{ingressTLS}
# Include{ingressTraefik}
# Include{ingressExpert}
# Include{ingressList}
# Include{security}
- variable: advancedSecurity
label: "Show Advanced Security Settings"
group: "Security and Permissions"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: securityContext
label: "Security Context"
schema:
additional_attrs: true
type: dict
attrs:
- variable: privileged
label: "Privileged mode"
schema:
type: boolean
default: false
- variable: readOnlyRootFilesystem
label: "ReadOnly Root Filesystem"
schema:
type: boolean
default: false
- variable: allowPrivilegeEscalation
label: "Allow Privilege Escalation"
schema:
type: boolean
default: false
- variable: runAsNonRoot
label: "runAsNonRoot"
schema:
type: boolean
default: false
# Include{securityContextAdvanced}
- variable: podSecurityContext
group: "Security and Permissions"
label: "Pod Security Context"
schema:
additional_attrs: true
type: dict
attrs:
- variable: runAsUser
label: "runAsUser"
description: "The UserID of the user running the application"
schema:
type: int
default: 0
- variable: runAsGroup
label: "runAsGroup"
description: The groupID this App of the user running the application"
schema:
type: int
default: 0
- variable: fsGroup
label: "fsGroup"
description: "The group that should own ALL storage."
schema:
type: int
default: 568
# Include{podSecurityContextAdvanced}
# Include{resources}
# Include{advanced}
# Include{addons}

1
charts/incubator/zabbix-server/templates/common.yaml Normal file
View File

@ -0,0 +1 @@
{{ include "common.all" . }}

234
charts/incubator/zabbix-server/values.yaml Normal file
View File

@ -0,0 +1,234 @@
image:
repository: zabbix/zabbix-server-pgsql
tag: ubuntu-6.0.3@sha256:cef1152d9928a0d83223e42b264705b2d8079e49279a6c90f9f7758b3d0e3483
pullPolicy: IfNotPresent
frontImage:
repository: zabbix/zabbix-web-nginx-pgsql
tag: ubuntu-6.0.3@sha256:49b13531b28f31afba3c32a6ec162885790615244a7d4be82123582f6610da18
pullPolicy: IfNotPresent
snmptrapsImage:
repository: zabbix/zabbix-snmptraps
tag: ubuntu-6.0.3@sha256:200e93d13d17bad124a84d79b761641a3ea4b5ef2cc38a5bb379cd260e99cfb4
pullPolicy: IfNotPresent
tty: true
securityContext:
readOnlyRootFilesystem: false
runAsNonRoot: false
podSecurityContext:
runAsUser: 0
runAsGroup: 0
env:
DB_SERVER_PORT: 5432
POSTGRES_USER: "{{ .Values.postgresql.postgresqlUsername }}"
POSTGRES_DB: "{{ .Values.postgresql.postgresqlDatabase }}"
ZBX_WEBSERVICEURL: "http://localhost:8080/report"
ZBX_ENABLE_SNMP_TRAPS: true
# User Defined
ZBX_LOADMODULE: ""
ZBX_TIMEOUT: 4
envValueFrom:
POSTGRES_PASSWORD:
secretKeyRef:
name: dbcreds
key: postgresql-password
DB_SERVER_HOST:
secretKeyRef:
name: dbcreds
key: plainhost
service:
main:
ports:
main:
port: 10211
targetPort: 8080
server:
enabled: true
ports:
server:
enabled: true
port: 10212
targetPort: 10051
snmptraps:
enabled: true
ports:
snmptraps:
protocol: UDP
enabled: true
port: 162
targetPort: 1162
probes:
liveness:
custom: true
spec:
exec:
command:
- /bin/bash
- -ec
- "until zabbix_server -R ha_status; do sleep 2; done"
readiness:
custom: true
spec:
exec:
command:
- /bin/bash
- -ec
- "until zabbix_server -R ha_status; do sleep 2; done"
startup:
custom: true
spec:
exec:
command:
- /bin/bash
- -ec
- "until zabbix_server -R ha_status; do sleep 2; done"
frontendConfig:
ZBX_SERVER_NAME: "My Zabbix Instance"
ZBX_MAXEXECUTIONTIME: 300
ZBX_MEMORYLIMIT: "128M"
ZBX_POSTMAXSIZE: "16M"
ZBX_UPLOADMAXFILESIZE: "2M"
ZBX_MAXINPUTTIME: 300
ZBX_DENY_GUI_ACCESS: false
ZBX_GUI_ACCESS_IP_RANGE: ""
ZBX_GUI_WARNING_MSG: "My Zabbix instance is currently in maintenance"
additionalContainers:
# agent:
# name: agent
# image: "{{ .Values.agentImage.repository }}:{{ .Values.agentImage.tag }}"
# env:
# - name: ZBX_HOSTNAME
# value: "{{ .Release.Name }}-{{ randAlphaNum 5 }}"
# - name: ZBX_SERVER_HOST
# value: "localhost"
# - name: ZBX_SERVER_PORT
# value: "{{ .Values.service.server.ports.server.targetPort }}"
snmptraps:
name: snmptraps
image: "{{ .Values.snmptrapsImage.repository }}:{{ .Values.snmptrapsImage.tag }}"
volumeMounts:
- name: snmptraps
mountPath: "/var/lib/zabbix/snmptraps"
front:
name: front
image: "{{ .Values.frontImage.repository }}:{{ .Values.frontImage.tag }}"
ports:
- containerPort: 8080
name: main
livenessProbe:
httpGet:
path: "/"
port: 8080
readinessProbe:
httpGet:
path: "/"
port: 8080
startupProbe:
httpGet:
path: "/"
port: 8080
env:
- name: ZBX_SERVER_HOST
value: "localhost"
- name: ZBX_SERVER_PORT
value: "{{ .Values.service.server.ports.server.targetPort }}"
- name: POSTGRES_DB
value: "{{ .Values.postgresql.postgresqlDatabase }}"
- name: POSTGRES_USER
value: "{{ .Values.postgresql.postgresqlUsername }}"
- name: DB_SERVER_PORT
value: "{{ .Values.env.DB_SERVER_PORT }}"
- name: PHP_TZ
value: "{{ .Values.TZ }}"
# History storage HTTP[S] URL. This parameter is used for Elasticsearch setup.
# - name: ZBX_HISTORYSTORAGEURL
# value: "ELASTICSEARCHURL"
# Array of value types to be sent to the history storage. An example: ['uint', 'dbl']. This parameter is used for Elasticsearch setup.
# - name: ZBX_HISTORYSTORAGETYPES
# value: "['uint', 'dbl']"
- name: DB_SERVER_HOST
valueFrom:
secretKeyRef:
name: dbcreds
key: plainhost
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: dbcreds
key: postgresql-password
# User Defined
- name: ZBX_SERVER_NAME
value: "{{ .Values.frontendConfig.ZBX_SERVER_NAME }}"
- name: ZBX_MAXEXECUTIONTIME
value: "{{ .Values.frontendConfig.ZBX_MAXEXECUTIONTIME }}"
- name: ZBX_MEMORYLIMIT
value: "{{ .Values.frontendConfig.ZBX_MEMORYLIMIT }}"
- name: ZBX_POSTMAXSIZE
value: "{{ .Values.frontendConfig.ZBX_POSTMAXSIZE }}"
- name: ZBX_UPLOADMAXFILESIZE
value: "{{ .Values.frontendConfig.ZBX_UPLOADMAXFILESIZE }}"
- name: ZBX_MAXINPUTTIME
value: "{{ .Values.frontendConfig.ZBX_MAXINPUTTIME }}"
- name: ZBX_DENY_GUI_ACCESS
value: "{{ .Values.frontendConfig.ZBX_DENY_GUI_ACCESS }}"
- name: ZBX_GUI_ACCESS_IP_RANGE
value: "{{ .Values.frontendConfig.ZBX_GUI_ACCESS_IP_RANGE }}"
- name: ZBX_GUI_WARNING_MSG
value: "{{ .Values.frontendConfig.ZBX_GUI_WARNING_MSG }}"
persistence:
# Shared
snmptraps:
enabled: true
mountPath: "/var/lib/zabbix/snmptraps"
# Server
# alertscripts:
# enabled: true
# mountPath: "/usr/lib/zabbix/alertscripts"
# externalscripts:
# enabled: true
# mountPath: "/usr/lib/zabbix/externalscripts"
# modules:
# enabled: true
# mountPath: "/var/lib/zabbix/modules"
# enc:
# enabled: true
# mountPath: "/var/lib/zabbix/enc"
# ssh_keys:
# enabled: true
# mountPath: "/var/lib/zabbix/ssh_keys"
# sslcerts:
# enabled: true
# mountPath: "/var/lib/zabbix/ssl/certs"
# sslkeys:
# enabled: true
# mountPath: "/var/lib/zabbix/ssl/keys"
# sslca:
# enabled: true
# mountPath: "/var/lib/zabbix/ssl/ssl_ca"
# mibs:
# enabled: true
# mountPath: "/var/lib/zabbix/mibs"
# export:
# enabled: true
# mountPath: "/var/lib/zabbix/export"
# SNMP-Traps
# snmp-mibs:
# enabled: true
# mountPath: "/var/lib/zabbix/mibs"
postgresql:
enabled: true
existingSecret: "dbcreds"
postgresqlUsername: zabbix
postgresqlDatabase: zabbix