Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

NMS-15822: Add support for etc configmaps that get copied to the overlay #39

Merged
merged 2 commits into from
Nov 17, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion horizon/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 1.1.2
version: 1.1.3

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
Expand Down
66 changes: 66 additions & 0 deletions horizon/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,71 @@ helm install monms opennms/horizon --set domain=domain1.com --create-namespace
| ----------- | ----------- | ----------- |
| 1.x | Horizon 32.x | Meridian 2023.x |

## Overlay ConfigMaps

The chart supports specifying a list of ConfigMaps with `core.overlayConfigMaps` that will be copied to the OpenNMS container overlay directory in the init container. This can be used to provide configuration files for OpenNMS. There are two ways to provide content in each ConfigMap:

### Plain files

Provide one or more plain files (text and/or binary) in the ConfigMap and specify the directory where these files we be copied.

Here is a configuration example:

```
core:
overlayConfigMaps:
- name: "my-etc-files"
path: "etc"
```

Here is an example of how to create the ConfigMap:

```
instance=<helm release name> # make sure to set to your Helm release name
configmap=my-etc-files

mkdir etc
date > etc/testing-configmap

kubectl create configmap -n $instance $configmap --from-file=etc
```

### ZIP files

Provide one or more ZIP files in the ConfigMap, and each will be extracted in alphabetical order at the root of the overlay directory.

Here is a configuration example:

```
core:
overlayConfigMaps:
- name: "my-zip-files"
unzip: true
```

Here is an example of how to create the ConfigMap:

```
instance=<helm release name> # make sure to set to your Helm release name
configmap=my-zip-files

mkdir -p zip/etc
dd if=/dev/zero bs=1k count=5000 of=zip/etc/lots-of-zeros # make a 5 MB test file
( cd zip && zip -r -o ../lots-of-zeros.zip . )

kubectl create configmap -n $instance $configmap --from-file=lots-of-zeros.zip
```

### Overlay ConfigMap Notes

1. This mechanism can only be used to *add* files. When `etc` files are copied into the `onms-etc-pvc` PVC, removing a file from the ConfigMap will not cause the file in the PVC to be *deleted*. In this case, you will need to delete the file manually **after** updating the ConfigMap to remove the file. You can do this with `kubectl exec -n $instance onms-core-0 -- rm etc/testing-configmap`.
2. ConfigMaps cannot contain recursive directory structures--only files. If you need to put files into multiple directories, each directory will need to be its own ConfigMap. `kubectl create configmap` will silently ignore sub-directories.
3. ConfigMaps can't be larger than 1 MB (see the note [here](https://kubernetes.io/docs/concepts/configuration/configmap/#motivation). If you have more content, it will need to be split across multiple ConfigMaps or compressed into ZIP files.
4. Use `kubectl delete configmap -n $instance $configmap` to delete an existing ConfigMap before updating.
5. After updating a ConfigMap, you will need to restart the pod, for example: `kubectl rollout restart -n $instance statefulset/onms-core`
6. You can use `kubectl get configmap -n $instance $configmap -o yaml` to view the ConfigMap that is created.
7. Due to file ownership, some files/directories might not be updatable in the container at runtime. A workaround is to build a modified container that updates permissions with `chmod -R g=u ...` on the affected files/directories. See the OpenNMS [core Dockerfile](https://github.com/OpenNMS/opennms/blob/develop/opennms-container/core/Dockerfile) for which directories have been updated to allow writes out-of-the-box.

## Values

| Key | Type | Default | Description |
Expand Down Expand Up @@ -64,6 +129,7 @@ helm install monms opennms/horizon --set domain=domain1.com --create-namespace
| core.image.repository | string | `"opennms/horizon"` | |
| core.image.tag | string | `""` | |
| core.inspector.enabled | bool | `false` | |
| core.overlayConfigMaps | list | `[]` | |
| core.postConfigJob.ttlSecondsAfterFinished | int | `300` | |
| core.resources.limits.cpu | string | `"2"` | |
| core.resources.limits.memory | string | `"8Gi"` | |
Expand Down
65 changes: 65 additions & 0 deletions horizon/README.md.gotmpl
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,71 @@ helm install monms opennms/horizon --set domain=domain1.com --create-namespace
| ----------- | ----------- | ----------- |
| 1.x | Horizon 32.x | Meridian 2023.x |

## Overlay ConfigMaps

The chart supports specifying a list of ConfigMaps with `core.overlayConfigMaps` that will be copied to the OpenNMS container overlay directory in the init container. This can be used to provide configuration files for OpenNMS. There are two ways to provide content in each ConfigMap:

### Plain files

Provide one or more plain files (text and/or binary) in the ConfigMap and specify the directory where these files we be copied.

Here is a configuration example:

```
core:
overlayConfigMaps:
- name: "my-etc-files"
path: "etc"
```

Here is an example of how to create the ConfigMap:


```
instance=<helm release name> # make sure to set to your Helm release name
configmap=my-etc-files

mkdir etc
date > etc/testing-configmap

kubectl create configmap -n $instance $configmap --from-file=etc
```

### ZIP files

Provide one or more ZIP files in the ConfigMap, and each will be extracted in alphabetical order at the root of the overlay directory.

Here is a configuration example:

```
core:
overlayConfigMaps:
- name: "my-zip-files"
unzip: true
```

Here is an example of how to create the ConfigMap:

```
instance=<helm release name> # make sure to set to your Helm release name
configmap=my-zip-files

mkdir -p zip/etc
dd if=/dev/zero bs=1k count=5000 of=zip/etc/lots-of-zeros # make a 5 MB test file
( cd zip && zip -r -o ../lots-of-zeros.zip . )

kubectl create configmap -n $instance $configmap --from-file=lots-of-zeros.zip
```

### Overlay ConfigMap Notes

1. This mechanism can only be used to *add* files. When `etc` files are copied into the `onms-etc-pvc` PVC, removing a file from the ConfigMap will not cause the file in the PVC to be *deleted*. In this case, you will need to delete the file manually **after** updating the ConfigMap to remove the file. You can do this with `kubectl exec -n $instance onms-core-0 -- rm etc/testing-configmap`.
2. ConfigMaps cannot contain recursive directory structures--only files. If you need to put files into multiple directories, each directory will need to be its own ConfigMap. `kubectl create configmap` will silently ignore sub-directories.
3. ConfigMaps can't be larger than 1 MB (see the note [here](https://kubernetes.io/docs/concepts/configuration/configmap/#motivation). If you have more content, it will need to be split across multiple ConfigMaps or compressed into ZIP files.
4. Use `kubectl delete configmap -n $instance $configmap` to delete an existing ConfigMap before updating.
5. After updating a ConfigMap, you will need to restart the pod, for example: `kubectl rollout restart -n $instance statefulset/onms-core`
6. You can use `kubectl get configmap -n $instance $configmap -o yaml` to view the ConfigMap that is created.
7. Due to file ownership, some files/directories might not be updatable in the container at runtime. A workaround is to build a modified container that updates permissions with `chmod -R g=u ...` on the affected files/directories. See the OpenNMS [core Dockerfile](https://github.com/OpenNMS/opennms/blob/develop/opennms-container/core/Dockerfile) for which directories have been updated to allow writes out-of-the-box.

{{ template "chart.valuesSection" . }}

Expand Down
20 changes: 20 additions & 0 deletions horizon/scripts/onms-core-init.sh
Original file line number Diff line number Diff line change
Expand Up @@ -141,6 +141,8 @@ DEPLOY_DIR="/opennms-deploy" # Mounted Externally

CONFIG_DIR_OVERLAY=${OVERLAY_DIR}/etc

OVERLAY_CONFIG_MAPS="/opennms-overlay-configmaps" # Mounted externally

KARAF_FILES=( \
"config.properties" \
"startup.properties" \
Expand Down Expand Up @@ -619,3 +621,21 @@ else
echo "We are unable to update Admin password. Exiting."
exit 1
fi

if [ -d ${OVERLAY_CONFIG_MAPS} ]; then
echo "Processing overlay config maps ..."
# We need to make sure the directories are numerically sorted to match the configured configmap order.
for dir in $(ls -1d ${OVERLAY_CONFIG_MAPS}/* | sort -t/ -k3 -n); do
if [[ $(basename $dir) =~ .*-unzip ]]; then
for zip in $(ls -1 ${dir}/*.zip | sort); do
echo " Extracting files from $zip to ${OVERLAY_DIR}/ ..."
unzip -o -d ${OVERLAY_DIR} ${zip} | sed 's/^/ /'
done
else
# When we first copy off of the configmap volume, we copy symlinks as files and ignore Kubernetes configmap volume ".." files.
# See: https://github.com/spring-projects/spring-boot/issues/23232
echo " Copying files from $dir to ${OVERLAY_DIR}/ ..."
rsync -arO -L --exclude='..*' --no-perms --no-owner --no-group --out-format="%n %C" $dir/ ${OVERLAY_DIR}/ | sed 's/^/ /'
fi
done
fi
19 changes: 19 additions & 0 deletions horizon/templates/opennms-core.statefulset.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -121,6 +121,20 @@ spec:
mountPath: /opt/opennms-overlay # Required by the script - OVERLAY_DIR
- name: scripts
mountPath: /scripts # Required by the script
{{- range $k, $r := .Values.core.overlayConfigMaps }}
- name: overlay-configmap-{{ $k }}
{{- if $r.unzip }}
{{- if $r.path }}
{{- printf "path not allowed when unzip is true for core.overlayConfigMaps with name '%s'" $r.name | fail }}
{{- end }}
mountPath: /opennms-overlay-configmaps/{{ $k }}-unzip
{{- else }}
{{- if empty $r.path }}
{{- printf "path required for core.overlayConfigMaps with name '%s'" $r.name | fail }}
{{- end }}
mountPath: /opennms-overlay-configmaps/{{ $k }}/{{ $r.path }}
{{- end }}
{{- end }}
nodeSelector:
{{- toYaml .Values.core.configuration.nodeSelector | nindent 8 }}
affinity:
Expand Down Expand Up @@ -290,3 +304,8 @@ spec:
claimName: onms-mibs-pvc
readOnly: false
{{- end }}
{{- range $k, $r := .Values.core.overlayConfigMaps }}
- name: overlay-configmap-{{ $k }}
configMap:
name: {{ $r.name | quote }}
{{- end }}
1 change: 1 addition & 0 deletions horizon/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -108,6 +108,7 @@ ingress:
core:
inspector:
enabled: false
overlayConfigMaps: []
terminationGracePeriodSeconds: 120
image:
repository: opennms/horizon
Expand Down