diff --git a/charts/redirect/Chart.lock b/charts/redirect/Chart.lock index e841c37..fe79ab2 100644 --- a/charts/redirect/Chart.lock +++ b/charts/redirect/Chart.lock @@ -1,6 +1,9 @@ dependencies: +- name: cron-jobs + repository: https://helm.wyrihaximus.net/ + version: 0.1.2 - name: horizontal-pod-autoscalers repository: https://helm.wyrihaximus.net/ version: 0.2.0 -digest: sha256:c24acf3aaf1d76d5b431e2d608ee5162acf6e5bb0ad764b2a3cf81e37bb499bf -generated: "2020-10-21T20:35:46.408821942+02:00" +digest: sha256:da3cabd092499f75f425706a7faae76bdefe5a54d805628ea48a3b769e8cbf2b +generated: "2020-10-23T17:11:42.5637418+02:00" diff --git a/charts/redirect/Chart.yaml b/charts/redirect/Chart.yaml index 28adb7e..c5f5210 100644 --- a/charts/redirect/Chart.yaml +++ b/charts/redirect/Chart.yaml @@ -4,13 +4,16 @@ description: Redirect home: https://github.com/wyrihaximusnet/docker-redirect icon: https://helm.wyrihaximus.net/images/charts/redirect.png type: application -version: 0.7.0 +version: 0.8.0 kubeVersion: ^1.18 appVersion: random maintainers: - name: WyriHaximus email: helm@wyrihaximus.net dependencies: + - name: cron-jobs + version: ^0.1 + repository: https://helm.wyrihaximus.net/ - name: horizontal-pod-autoscalers version: ^0.2 repository: https://helm.wyrihaximus.net/ diff --git a/charts/redirect/README.md b/charts/redirect/README.md index 5a6e5eb..6dd1fbd 100644 --- a/charts/redirect/README.md +++ b/charts/redirect/README.md @@ -39,6 +39,10 @@ redirect: # Enable horizontal pod autoscaler hpa: enable: true + +# Cron job that replaces the oldest pod weekly +cron: + replaceOldestPodWeekly: false ``` Keep in mind that the configuration options are executed in the following order: @@ -55,4 +59,5 @@ Keep in mind that the configuration options are executed in the following order: * Prometheus export annotations are added for metric scraping. * The default tag is random to randomly cycle through the different implementations, here is the [why](https://github.com/WyriHaximusNet/docker-redirect#why). * Comes with a pod +* Replace oldest pod every week to hook into the weekly random image retagging diff --git a/charts/redirect/ci/single-replica-values.yaml b/charts/redirect/ci/single-replica-values.yaml index 72c89d6..026b9d0 100644 --- a/charts/redirect/ci/single-replica-values.yaml +++ b/charts/redirect/ci/single-replica-values.yaml @@ -1,4 +1,7 @@ replicas: 1 +cron: + replaceOldestPodWeekly: false + hpa: enable: true diff --git a/charts/redirect/templates/cronjob-role-binding.yaml b/charts/redirect/templates/cronjob-role-binding.yaml new file mode 100644 index 0000000..0a2b07f --- /dev/null +++ b/charts/redirect/templates/cronjob-role-binding.yaml @@ -0,0 +1,20 @@ +{{- if .Values.cron.replaceOldestPodWeekly -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include ".helm.fullname" . }}-recycle-cronjob + namespace: {{ .Release.Namespace }} + labels: + app: {{ include ".helm.fullname" . }} + appRevision: {{ template ".helm.nameRevision" . }} + release: {{ include ".helm.fullname" . }} + releaseRevision: {{ .Release.Revision | quote }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include ".helm.fullname" . }}-recycle-cronjob +subjects: + - kind: ServiceAccount + name: {{ include ".helm.fullname" . }}-recycle-cronjob + namespace: {{ .Release.Namespace }} +{{ end }} diff --git a/charts/redirect/templates/cronjob-role.yaml b/charts/redirect/templates/cronjob-role.yaml new file mode 100644 index 0000000..5749377 --- /dev/null +++ b/charts/redirect/templates/cronjob-role.yaml @@ -0,0 +1,16 @@ +{{- if .Values.cron.replaceOldestPodWeekly -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include ".helm.fullname" . }}-recycle-cronjob + namespace: {{ .Release.Namespace }} + labels: + app: {{ include ".helm.fullname" . }} + appRevision: {{ template ".helm.nameRevision" . }} + release: {{ include ".helm.fullname" . }} + releaseRevision: {{ .Release.Revision | quote }} +rules: +- apiGroups: [""] + resources: ["pods"] + verbs: ["list", "delete"] +{{ end }} diff --git a/charts/redirect/templates/cronjob-service-account.yaml b/charts/redirect/templates/cronjob-service-account.yaml new file mode 100644 index 0000000..9e2ea12 --- /dev/null +++ b/charts/redirect/templates/cronjob-service-account.yaml @@ -0,0 +1,13 @@ +{{- if .Values.cron.replaceOldestPodWeekly -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include ".helm.fullname" . }}-recycle-cronjob + namespace: {{ .Release.Namespace }} + labels: + app: {{ include ".helm.fullname" . }} + appRevision: {{ template ".helm.nameRevision" . }} + release: {{ include ".helm.fullname" . }} + releaseRevision: {{ .Release.Revision | quote }} + {{- include ".helm.labels" . | nindent 4 }} +{{ end }} diff --git a/charts/redirect/templates/cronjob.yaml b/charts/redirect/templates/cronjob.yaml new file mode 100644 index 0000000..bae504f --- /dev/null +++ b/charts/redirect/templates/cronjob.yaml @@ -0,0 +1,3 @@ +{{- if .Values.cron.replaceOldestPodWeekly -}} +{{- include "cron-jobs.cronjob" (fromYaml (.Files.Get "values/cronjob.yaml" | replace "[[fullname]]" (include ".helm.fullname" .) | replace "[[app]]" (include ".helm.name" .) | replace "[[release]]" .Release.Name | replace "[[namespace]]" .Release.Namespace)) -}} +{{ end }} diff --git a/charts/redirect/values.yaml b/charts/redirect/values.yaml index f7951c9..771526f 100644 --- a/charts/redirect/values.yaml +++ b/charts/redirect/values.yaml @@ -20,6 +20,9 @@ grafana: replicas: 2 +cron: + replaceOldestPodWeekly: false + hpa: enable: false maxReplicas: 1024 diff --git a/charts/redirect/values/cronjob.yaml b/charts/redirect/values/cronjob.yaml new file mode 100644 index 0000000..8944dde --- /dev/null +++ b/charts/redirect/values/cronjob.yaml @@ -0,0 +1,19 @@ +name: replace-oldest-pod-in-deployment +schedule: "0 0 * * 1" +container: + command: + - /bin/sh + args: + - -c + - kubectl delete pod $(kubectl get pods --selector=app=[[app]] --selector=release=[[release]] -n [[namespace]] --sort-by=.status.startTime --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}' | head -n 1) -n [[namespace]] +image: + repository: bitnami/kubectl + tag: 1.19 + pullPolicy: IfNotPresent +spec: + serviceAccountName: [[fullname]]-recycle-cronjob +labels: + cronjob: + purpose: housekeeping + jobTemplate: + purpose: housekeeping