diff --git a/bitnami/cassandra/Chart.yaml b/bitnami/cassandra/Chart.yaml index 91100e27ac42b9..ddba57fae01366 100644 --- a/bitnami/cassandra/Chart.yaml +++ b/bitnami/cassandra/Chart.yaml @@ -23,4 +23,4 @@ name: cassandra sources: - https://github.com/bitnami/bitnami-docker-cassandra - http://cassandra.apache.org -version: 7.1.4 +version: 7.1.5 diff --git a/bitnami/cassandra/README.md b/bitnami/cassandra/README.md index 8083ed27f663ac..2005bf5183bd22 100644 --- a/bitnami/cassandra/README.md +++ b/bitnami/cassandra/README.md @@ -225,47 +225,6 @@ It is strongly recommended to use immutable tags in a production environment. Th Bitnami will release a new chart updating its containers if a new version of the main container, significant changes, or critical vulnerabilities exist. -### Production configuration - -This chart includes a `values-production.yaml` file where you can find some parameters oriented to production configuration in comparison to the regular `values.yaml`. You can use this file instead of the default one. - -- Number of Cassandra and seed nodes: - -```diff -- replicaCount: 1 -- cluster.seedCount: 1 -+ replicaCount: 3 -+ cluster.seedCount: 2 -``` - -- Minimum number of instances that must be available in the cluster: - -```diff -- cluster.minimumAvailable: 1 -+ cluster.minimumAvailable: 2 -``` - -- Force the user to provide a non-empty password for `dbUser.user`: - -```diff -- dbUser.forcePassword: false -+ dbUser.forcePassword: true -``` - -- Enable NetworkPolicy: - -```diff -- networkPolicy.enabled: false -+ networkPolicy.enabled: true -``` - -- Start a side-car prometheus exporter: - -```diff -- metrics.enabled: false -+ metrics.enabled: true -``` - ### Enable TLS for Cassandra You can enable TLS between client and server and between nodes. In order to do so, you need to set the following values: diff --git a/bitnami/cassandra/values-production.yaml b/bitnami/cassandra/values-production.yaml deleted file mode 100644 index 2ffcc06b319d42..00000000000000 --- a/bitnami/cassandra/values-production.yaml +++ /dev/null @@ -1,504 +0,0 @@ -## Global Docker image parameters -## Please, note that this will override the image parameters, including dependencies, configured to use the global value -## Current available global Docker image parameters: imageRegistry and imagePullSecrets -## -# global: -# imageRegistry: myRegistryName -# imagePullSecrets: -# - myRegistryKeySecretName -# storageClass: myStorageClass - -## Bitnami Cassandra image version -## ref: https://hub.docker.com/r/bitnami/cassandra/tags/ -## -image: - registry: docker.io - repository: bitnami/cassandra - ## Bitnami Cassandra image tag - ## ref: https://github.com/bitnami/bitnami-docker-cassandra#supported-tags-and-respective-dockerfile-links - ## - tag: 3.11.9-debian-10-r52 - ## Specify a imagePullPolicy - ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' - ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images - ## - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## - # pullSecrets: - # - myRegistryKeySecretName - ## Set to true if you would like to see extra information on logs - ## It turns BASH debugging in minideb-extras-base - ## - debug: false - -## String to partially override cassandra.fullname template (will maintain the release name) -## -# nameOverride: - -## String to fully override cassandra.fullname template -## -# fullnameOverride: - -## Kubernetes Cluster Domain -## -clusterDomain: cluster.local - -## Common annotations to add to all Cassandra resources (sub-charts are not considered). Evaluated as a template -## -commonAnnotations: {} - -## Common labels to add to all Cassandra resources (sub-charts are not considered). Evaluated as a template -## -commonLabels: {} - -## Service parameters -## -service: - ## Service type - ## - type: ClusterIP - ## CQL port - ## - port: 9042 - ## Thrift Client API port - ## - thriftPort: 9160 - ## Metrics port - ## - metricsPort: 8080 - ## Specify the nodePort(s) value(s) for the LoadBalancer and NodePort service types. - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport - ## - nodePorts: - cql: "" - thrift: "" - metrics: "" - ## Set the LoadBalancer service type to internal only. - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer - ## - # loadBalancerIP: - ## Provide any additional annotations which may be required. This can be used to - ## set the LoadBalancer service type to internal only. - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer - ## - annotations: {} - -## Enable persistence using Persistent Volume Claims -## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ -## -persistence: - ## If true, use a Persistent Volume Claim, If false, use emptyDir - ## - enabled: true - ## Persistent Volume Storage Class - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - # storageClass: "-" - ## Persistent Volume Claim annotations - ## - annotations: - ## Persistent Volume Access Mode - ## - accessModes: - - ReadWriteOnce - ## Persistent Volume size - ## - size: 8Gi - ## The path the volume will be mounted at - ## - mountPath: /bitnami/cassandra - -## Init containers parameters: -## volumePermissions: Change the owner and group of the persistent volume mountpoint to runAsUser:fsGroup values from the securityContext section. -## -volumePermissions: - enabled: false - image: - registry: docker.io - repository: bitnami/minideb - tag: buster - pullPolicy: Always - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## - # pullSecrets: - # - myRegistryKeySecretName - ## Init container' resource requests and limits - ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ - ## - resources: - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - limits: {} - # cpu: 100m - # memory: 128Mi - requests: {} - # cpu: 100m - # memory: 128Mi - ## Init container Security Context - ## Note: the chown of the data folder is done to securityContext.runAsUser - ## and not the below volumePermissions.securityContext.runAsUser - ## When runAsUser is set to special value "auto", init container will try to chwon the - ## data folder to autodetermined user&group, using commands: `id -u`:`id -G | cut -d" " -f2` - ## "auto" is especially useful for OpenShift which has scc with dynamic userids (and 0 is not allowed). - ## You may want to use this volumePermissions.securityContext.runAsUser="auto" in combination with - ## pod securityContext.enabled=false and shmVolume.chmod.enabled=false - ## - securityContext: - runAsUser: 0 - -## Secret with keystore, keystore password, truststore, truststore password -## -# tlsEncryptionSecretName: - -## ConfigMap with custom cassandra configuration files. This overrides any other Cassandra configuration set in the chart -## -# existingConfiguration: - -## Cluster parameters -## -cluster: - name: cassandra - seedCount: 2 - numTokens: 256 - datacenter: dc1 - rack: rack1 - enableRPC: true - endpointSnitch: SimpleSnitch - ## Encryption values. NOTE: They require tlsEncryptionSecretName - ## - internodeEncryption: none - clientEncryption: false - -## JVM Settings -## -jvm: - ## Extra JVM options - ## - extraOpts: - - ## Memory settings: These are calculated automatically unless specified otherwise - ## To run on environments with little resources (<= 8GB), tune your heap settings: - ## maxHeapSize: - ## - calculate 1/2 ram and cap to 1024MB - ## - calculate 1/4 ram and cap to 8192MB - ## - pick the max - ## newHeapSize: - ## A good guideline is 100 MB per CPU core. - ## - min(100 * num_cores, 1/4 * heap size) - ## ref: https://docs.datastax.com/en/archived/cassandra/2.0/cassandra/operations/ops_tune_jvm_c.html - ## - # maxHeapSize: 4G - # newHeapSize: 800M - -## Database credentials -## -dbUser: - user: cassandra - forcePassword: true - # password: - - ## Use an existing secrets which already stores your password data. - ## for backwards compatibility, existingSecret can be a simple string, - ## referencing the secret by name. - # existingSecret: - # ## Name of the existing secret - # ## - # name: mySecret - # ## Key mapping where is the value which the deployment is expecting and - # ## is the name of the key in the existing secret. - # ## - # keyMapping: - # cassandra-password: myCassandraPasswordKey - -## ConfigMap with cql scripts. Useful for creating a keyspace -## and pre-populating data -## -# initDBConfigMap: - -## Secret with cql script (with sensitive data). Useful for creating a keyspace -## and pre-populating data -## -# initDBSecret: - -## Command and args for running the container (set to default if not set). Use array form -## -command: [] -args: [] - -## An array to add extra env vars -## For example: -## -extraEnvVars: [] -# - name: FOO -# value: BAR - -## ConfigMap with extra environment variables -## -extraEnvVarsCM: - -## Secret with extra environment variables -## -extraEnvVarsSecret: - -## Extra volumes to add to the deployment -## -extraVolumes: [] - -## Extra volume mounts to add to the container -## -extraVolumeMounts: [] - -## Extra init containers to add to the deployment -## -initContainers: [] - -## Extra sidecar containers to add to the deployment -## -sidecars: [] - -## Number of Cassandra replicas to deploy. -## -replicaCount: 3 - -## updateStrategy for Cassandra statefulset -## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies -## -updateStrategy: RollingUpdate - -## Partition update strategy -## https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#partitions -## -# rollingUpdatePartition: - -## StatefulSet pod management policy -## -podManagementPolicy: OrderedReady - -## Cassandra pods' priority. -## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ -## -# priorityClassName: "" - -## Additional pod annotations -## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ -## -podAnnotations: {} - -## Additional pod labels -## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ -## -podLabels: {} - -## Pod affinity preset -## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity -## Allowed values: soft, hard -## -podAffinityPreset: "" - -## Pod anti-affinity preset -## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity -## Allowed values: soft, hard -## -podAntiAffinityPreset: soft - -## Node affinity preset -## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity -## Allowed values: soft, hard -## -nodeAffinityPreset: - ## Node affinity type - ## Allowed values: soft, hard - ## - type: "" - ## Node label key to match - ## E.g. - ## key: "kubernetes.io/e2e-az-name" - ## - key: "" - ## Node label values to match - ## E.g. - ## values: - ## - e2e-az1 - ## - e2e-az2 - ## - values: [] - -## Affinity for pod assignment -## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity -## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set -## -affinity: {} - -## Node labels for pod assignment -## Ref: https://kubernetes.io/docs/user-guide/node-selection/ -## -nodeSelector: {} - -## Tolerations for pod assignment -## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -## -tolerations: [] - -## Pod topology spread constraints -## https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ -## The value is evaluated as a template -## -topologySpreadConstraints: [] - -## Pod security context -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod -## -podSecurityContext: - enabled: true - fsGroup: 1001 - -## Cassandra container security context -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container -## -containerSecurityContext: - enabled: true - runAsUser: 1001 - -## Cassandra pods' resource requests and limits -## ref: http://kubernetes.io/docs/user-guide/compute-resources/ -## Minimum memory for development is 4GB and 2 CPU cores -## Minimum memory for production is 8GB and 4 CPU cores -## ref: http://docs.datastax.com/en/archived/cassandra/2.0/cassandra/architecture/architecturePlanningHardware_c.html -## -resources: - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - limits: {} - # cpu: 2 - # memory: 4Gi - requests: {} - # cpu: 2 - # memory: 4Gi - -## Cassandra container's liveness and readiness probes -## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes -## -livenessProbe: - enabled: true - initialDelaySeconds: 60 - periodSeconds: 30 - timeoutSeconds: 5 - successThreshold: 1 - failureThreshold: 5 -readinessProbe: - enabled: true - initialDelaySeconds: 60 - periodSeconds: 10 - timeoutSeconds: 5 - successThreshold: 1 - failureThreshold: 5 - -## Custom Liveness probe -## -customLivenessProbe: {} - -## Custom Rediness probe -## -customReadinessProbe: {} - -## Network policies -## Ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/ -## -networkPolicy: - ## Specifies whether a NetworkPolicy should be created - ## - enabled: true - - ## The Policy model to apply. When set to false, only pods with the correct - ## client label will have network access to the port Redis(TM) is listening - ## on. When true, Redis(TM) will accept connections from any source - ## (with the correct destination port). - ## - # allowExternal: true - -## Cassandra Pod Disruption Budget configuration -## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ -## -pdb: - create: false - ## Min number of pods that must still be available after the eviction - ## - minAvailable: 1 - ## Max number of pods that can be unavailable after the eviction - ## - # maxUnavailable: 1 - -## Cassandra Prometheus exporter configuration -## ref: https://hub.docker.com/r/bitnami/cassandra-exporter/tags/ -## -metrics: - enabled: true - image: - registry: docker.io - pullPolicy: IfNotPresent - repository: bitnami/cassandra-exporter - tag: 2.3.4-debian-10-r287 - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## - # pullSecrets: - # - myRegistryKeySecretName - ## Cassandra Prometheus exporter resource requests and limits - ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ - ## - resources: - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - limits: {} - # cpu: 100m - # memory: 128Mi - requests: {} - # cpu: 100m - # memory: 128Mi - ## Metrics exporter pod Annotation and Labels - ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ - ## - podAnnotations: - prometheus.io/scrape: "true" - prometheus.io/port: "8080" - - ## Prometheus Operator ServiceMonitor configuration - ## - serviceMonitor: - enabled: false - ## Namespace in which Prometheus is running - ## - # namespace: monitoring - ## Interval at which metrics should be scraped. - ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint - ## - # interval: 10s - ## Timeout after which the scrape is ended - ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint - ## - # scrapeTimeout: 10s - ## ServiceMonitor selector labels - ## ref: https://github.com/bitnami/charts/tree/master/bitnami/prometheus-operator#prometheus-configuration - ## - # selector: - # prometheus: my-prometheus - -## Array with extra yaml to deploy with the chart. Evaluated as a template -## -extraDeploy: []