PMM HA v3 #632
Draft
PMM HA v3 #632
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Changed HTTP and HTTPS ports across configurations, updated HAProxy health check to use GET requests, and adjusted backend addresses. Refined Postgres HBA rules, updated security contexts, and switched image repository and tag for testing.
* adding users and password
* PMM-13857 * Make sure the PMM pods are running on different nodes * Comment out several PMM configuration options * * bump version * * pmm chart version bump * * fixing comments * fixing duplicate services * * remove blank lines * * add dependeces * * using latest image * * change name to pmm-ha * * revert changes in pmm/value.yaml * * testing if secrets and configmap added to workflow * * working on workflow to test-run the chart * * update chart version * * only pmm-ha chart * * moving all pmm-ha related jobs into a separate workflow yaml * * changing affinity * Update pod affinity settings in pmm-ha chart to use preferred scheduling instead of required * Update pmm-ha chart values to use dynamic release name and namespace for service endpoints * Refactor HAProxy configuration in pmm-ha chart: move config to values.yaml and remove hardcoded global service endpoints * Add global service endpoint definitions to pmm-ha chart values.yaml for dynamic service discovery * Add VMAuth configuration to victoria-metrics-cluster in pmm-ha chart, including dynamic service endpoints for vminsert and vmselect * Update pmm-ha chart values to switch PMM server image repository and tag, enhance pre-delete hook with kubectl installation, and correct DNS domain configuration in victoria-metrics-cluster * Update pmm chart version to 1.4.13 * Update pmm-ha chart version to 1.3.23 * Remove unused service port configurations for ClickHouse and Zookeeper in pmm-ha chart values.yaml * Update pmm-ha chart values to change PMM server image repository and tag, enhance pre-delete hook for PostgreSQL resource cleanup, and correct DNS configurations for PostgreSQL connections. * Update PostgreSQL connection settings in pmm-ha chart to use new database service name and ensure consistent naming for pg-database.fullname in helpers template. --------- Co-authored-by: Nurlan Moldomurov <[email protected]>
- Introduced an init container in the HAProxy configuration to wait for PMM instances to be ready before starting. - Added a new ConfigMap to store the init script that performs health checks on PMM instances. - Updated values.yaml to include the init container and additional volume configurations for the script.
- Updated the ConfigMap name for the HAProxy init container script to `pmm-ha-haproxy-init-script`. - Moved the init container script directly into the ConfigMap, enhancing clarity and maintainability. - Removed the old init container script definition from the helpers template.
PMM-14301 - Add init container for PMM readiness check in HAProxy configuration
Removed contributor spron-in from Chart.yaml
- Updated values.yaml to use template functions for PMM active IP and node ID. - Introduced new helper functions to generate PMM HA peer lists dynamically based on replicas count. - Modified HAProxy init configuration to reference the new dynamic service name. - Enhanced statefulset.yaml to utilize the new helper functions for PMM configuration.
- Disabled the default HAProxy configmap creation in values.yaml to allow for custom configurations. - Introduced a new ConfigMap template for HAProxy configuration, enhancing flexibility and maintainability.
- Removed hardcoded global service endpoints from values.yaml. - Updated the HAProxy configuration to utilize template functions for server definitions based on replicas count.
- Commented out several PMM configuration options for ClickHouse and PostgreSQL to enhance security and flexibility. - Adjusted database connection strings to use placeholders for credentials, improving maintainability.
- Updated the health check logic to use HTTP and HTTPS connection status codes for better accuracy. - Improved logging to provide detailed status messages for both HTTP and HTTPS checks. - Ensured that the script returns appropriate success or failure codes based on the connection checks.
- Modified server definitions in the HAProxy ConfigMap to utilize the service name from values.yaml, enhancing flexibility for service discovery. - Ensured both HTTP and HTTPS server configurations reflect the updated service name template.
…nets PMM-14364 Fix Patroni's pg_hba subnets
Co-authored-by: Alex Demidoff <[email protected]>
… dependency - Remove Bitnami ClickHouse subchart from charts/clickhouse/ - Add Altinity ClickHouse operator as dependency in Chart.yaml - Create ClickHouseInstallation template for operator - Add ClickHouse init scripts ConfigMap - Configure ClickHouse cluster with 3 replicas and pod anti-affinity - Update values.yaml with operator configuration - Set ClickHouse version to 23.3.21 - Configure PMM environment variables for ClickHouse connection Note: Operator approach has checksum issues - may need alternative approach
- Introduced a new Chart.lock file to manage HAProxy dependencies - Updated Chart.yaml to reflect the new HAProxy repository URL. - Enhanced values.yaml with detailed HAProxy configuration options, including TLS settings, monitoring, and security features. - Removed obsolete HAProxy chart files and templates to streamline the configuration management. - Added a new ConfigMap for HAProxy initialization and TLS secret management.
- Updated the connection check script in haproxy-init-configmap.yaml to prioritize HTTPS over HTTP, improving security. - Simplified the connection check logic by removing redundant HTTP checks and directly handling HTTPS responses. - Adjusted the port used in the readiness check from 8080 to 8443 to align with the HTTPS configuration.
PMM-14341 - Enhance PMM readiness check in HAProxy init container script
- Use Altinity ClickHouse operator instead of local chart - Use local HAProxy chart instead of remote repository - Update HAProxy configuration to use dynamic replica configuration - Update Chart.lock with new dependencies and digest
- Changed HAProxy repository from local file path to remote URL: https://haproxytech.github.io/helm-charts/ - Updated Chart.lock with new digest and generation timestamp.
- Updated the GitHub Actions workflow to include the HAProxy Helm repository alongside the existing Altinity repository. - This change ensures that the necessary Helm charts are available for testing and deployment in the CI pipeline.
- Added a resolver configuration to the HAProxy configmap for improved DNS resolution. - Updated server definitions to utilize the new resolver settings for both HTTP and HTTPS servers. - Refactored the HAProxy initialization script to simplify the readiness check for PMM instances, including a more straightforward waiting mechanism and improved logging. - Removed unnecessary dependency installations and streamlined the script for better performance and clarity.
…iaMetrics - Changed the repository for the VictoriaMetrics cluster dependency in Chart.yaml and Chart.lock from a local file path to the official external repository URL. - Updated the Chart.lock file to reflect the new digest and generated timestamp. - Enhanced documentation in values.yaml regarding ClickHouse user management and added instructions for retrieving VictoriaMetrics credentials from Kubernetes secrets.
- Updated the GitHub Actions workflow to add the official VictoriaMetrics Helm repository alongside the Altinity repository, enhancing the chart-testing process by ensuring access to the latest charts for both dependencies.
- Added support for the new PMM HA chart by updating CODEOWNERS to include the new path and workflow. - Introduced pod annotations for HAProxy to manage rolling updates based on configuration changes. - Enabled HAProxy stats monitoring and updated the configuration to allow for dynamic port and URI settings. - Refactored TLS secret management to support existing secrets and added logic for certificate regeneration. - Removed unnecessary TLS secret creation steps from the CI workflow.
…t handling - Introduced a new configmap option in values.yaml to allow for better HAProxy configuration management. - Enhanced the TLS secret management logic to check for the presence of the 'pmm.pem' key in existing secrets, ensuring proper error handling if the key is missing.
- Added resource requests and limits for vmselect, vminsert, and vmauth components to optimize resource allocation. - Set replica counts for vmselect (2), vminsert (2), and vmstorage (3) to improve availability. - Configured persistent volume settings for vmstorage with a size of 50Gi and enabled persistence. - Updated retention period for vmstorage to 90 days for better data management.
- Introduced a new ci-values.yaml file for GitHub Actions testing with minimal resource requirements. - Configured resource requests and limits for PMM server, ClickHouse, PostgreSQL, and VictoriaMetrics components. - Set replica counts for various components to optimize performance within a Kind cluster.
PMM-14371 - Add HAProxy configuration and dependencies
- Updated the digest for the pg-operator dependency to reflect the latest version. - Adjusted the generated timestamp to the current date.
PMM-14395 - Update PMM HA chart to use external repository for Victor…
PMM-14402 Rename PMM_TEST variables
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.