feat(helm): update yugabyte ( 2024.1.3 β 2024.2.0 ) #643
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=60&v=4){kind=small}
--- kubernetes/apps/yugabyte/db/app Kustomization: flux-system/yugabyte-db HelmRelease: yugabyte/yugabyte-db
+++ kubernetes/apps/yugabyte/db/app Kustomization: flux-system/yugabyte-db HelmRelease: yugabyte/yugabyte-db
@@ -13,13 +13,13 @@
spec:
chart: yugabyte
sourceRef:
kind: HelmRepository
name: yugabytedb
namespace: flux-system
- version: 2024.1.3
+ version: 2024.2.0
driftDetection:
mode: enabled
install:
remediation:
retries: 3
interval: 30m |
--- HelmRelease: yugabyte/yugabyte-db Service: yugabyte/yb-master-ui
+++ HelmRelease: yugabyte/yugabyte-db Service: yugabyte/yb-master-ui
@@ -1,20 +1,23 @@
---
apiVersion: v1
kind: Service
metadata:
name: yb-master-ui
+ namespace: yugabyte
labels:
+ scope: AZ
+ serviceName: yb-master-ui
+ service-type: endpoint
app: yb-master
+ component: yugabytedb
heritage: Helm
release: yugabyte-db
- component: yugabytedb
- service-type: endpoint
spec:
+ type: LoadBalancer
ports:
- name: http-ui
port: 7000
selector:
app: yb-master
- type: LoadBalancer
externalTrafficPolicy: Cluster
--- HelmRelease: yugabyte/yugabyte-db Service: yugabyte/yugabyted-ui-service
+++ HelmRelease: yugabyte/yugabyte-db Service: yugabyte/yugabyted-ui-service
@@ -1,21 +1,24 @@
---
apiVersion: v1
kind: Service
metadata:
name: yugabyted-ui-service
+ namespace: yugabyte
labels:
+ scope: AZ
+ serviceName: yugabyted-ui-service
+ service-type: endpoint
app: yb-master
+ component: yugabytedb
heritage: Helm
release: yugabyte-db
- component: yugabytedb
- service-type: endpoint
spec:
+ type: LoadBalancer
ports:
- name: yugabyted-ui
port: 15433
selector:
yugabytedUi: 'true'
- type: LoadBalancer
externalTrafficPolicy: Cluster
sessionAffinity: ClientIP
--- HelmRelease: yugabyte/yugabyte-db Service: yugabyte/yb-tserver-service
+++ HelmRelease: yugabyte/yugabyte-db Service: yugabyte/yb-tserver-service
@@ -1,24 +1,27 @@
---
apiVersion: v1
kind: Service
metadata:
name: yb-tserver-service
+ namespace: yugabyte
labels:
+ scope: AZ
+ serviceName: yb-tserver-service
+ service-type: endpoint
app: yb-tserver
+ component: yugabytedb
heritage: Helm
release: yugabyte-db
- component: yugabytedb
- service-type: endpoint
spec:
+ type: LoadBalancer
ports:
- name: tcp-yedis-port
port: 6379
- name: tcp-yql-port
port: 9042
- name: tcp-ysql-port
port: 5433
selector:
app: yb-tserver
- type: LoadBalancer
externalTrafficPolicy: Cluster
--- HelmRelease: yugabyte/yugabyte-db StatefulSet: yugabyte/yb-master
+++ HelmRelease: yugabyte/yugabyte-db StatefulSet: yugabyte/yb-master
@@ -35,12 +35,13 @@
selector:
matchLabels:
app: yb-master
template:
metadata:
annotations:
+ checksum/gflags: b302599a2ce9957bf285d4731699c6310f4fa902292c85e5e6afdf2fc420bbfc
checksum/rootCA: 90ace38c3efb4bf1768630295603f06eb0c140b0384c0860e28e0ad1d4dd6a44
labels:
app: yb-master
heritage: Helm
release: yugabyte-db
component: yugabytedb
@@ -48,13 +49,13 @@
spec:
terminationGracePeriodSeconds: 300
affinity:
podAntiAffinity: {}
containers:
- name: yb-master
- image: yugabytedb/yugabyte:2024.1.3.1-b8
+ image: yugabytedb/yugabyte:2024.2.0.0-b145
imagePullPolicy: IfNotPresent
lifecycle:
postStart:
exec:
command:
- bash
@@ -119,20 +120,20 @@
echo "disk check at: $(date)" \
| tee "/mnt/disk0/disk.check" \
&& sync "/mnt/disk0/disk.check" && \
if [ -f /home/yugabyte/tools/k8s_preflight.py ]; then
PYTHONUNBUFFERED="true" /home/yugabyte/tools/k8s_preflight.py \
dnscheck \
- --addr="$(HOSTNAME).yb-masters.$(NAMESPACE).svc.cluster.local" \
+ --addr="${HOSTNAME}.yb-masters.${NAMESPACE}.svc.cluster.local" \
--port="7100"
fi && \
if [ -f /home/yugabyte/tools/k8s_preflight.py ]; then
PYTHONUNBUFFERED="true" /home/yugabyte/tools/k8s_preflight.py \
dnscheck \
- --addr="$(HOSTNAME).yb-masters.$(NAMESPACE).svc.cluster.local:7100" \
+ --addr="${HOSTNAME}.yb-masters.${NAMESPACE}.svc.cluster.local:7100" \
--port="7100"
fi && \
if [ -f /home/yugabyte/tools/k8s_preflight.py ]; then
PYTHONUNBUFFERED="true" /home/yugabyte/tools/k8s_preflight.py \
dnscheck \
@@ -153,59 +154,44 @@
echo "Fresh install of /opt/certs/yugabyte/ca.crt"
cp /home/yugabyte/cert-manager/ca.crt /opt/certs/yugabyte/ca.crt;
fi && \
cmp -s /home/yugabyte/cert-manager/ca.crt /opt/certs/yugabyte/ca.crt;sameRootCA=$? && \
if [[ $sameRootCA -eq 0 ]]; then
echo "Refreshing tls certs at /opt/certs/yugabyte/";
- cp /home/yugabyte/cert-manager/tls.crt /opt/certs/yugabyte/node.$(HOSTNAME).yb-masters.$(NAMESPACE).svc.cluster.local.crt;
- cp /home/yugabyte/cert-manager/tls.key /opt/certs/yugabyte/node.$(HOSTNAME).yb-masters.$(NAMESPACE).svc.cluster.local.key;
+ cp /home/yugabyte/cert-manager/tls.crt /opt/certs/yugabyte/node.${HOSTNAME}.yb-masters.${NAMESPACE}.svc.cluster.local.crt;
+ cp /home/yugabyte/cert-manager/tls.key /opt/certs/yugabyte/node.${HOSTNAME}.yb-masters.${NAMESPACE}.svc.cluster.local.key;
chmod 600 /opt/certs/yugabyte/*
else
echo "WARNING: Not refreshing certificates as the root ca.crt has changed"
fi && \
+ mkdir -p /tmp/yugabyte/master/conf && \
+ envsubst < /opt/master/conf/server.conf.template > /tmp/yugabyte/master/conf/server.conf && \
exec ${k8s_parent} /home/yugabyte/bin/yb-master \
- --max_log_size="256" \
- --undefok="enable_ysql" \
- --fs_data_dirs=/mnt/disk0 \
- --master_addresses=yb-master-0.yb-masters.$(NAMESPACE).svc.cluster.local:7100 \
- --replication_factor=1 \
- --enable_ysql=true \
- --metric_node_name=$(HOSTNAME) \
- --memory_limit_hard_bytes=1824522240 \
- --stderrthreshold=0 \
- --num_cpus=2 \
- --undefok=num_cpus,enable_ysql \
- --default_memory_limit_to_ram_ratio="0.85" \
- --certs_dir=/opt/certs/yugabyte \
- --use_node_to_node_encryption=true \
- --allow_insecure_connections=false \
- --rpc_bind_addresses=$(HOSTNAME).yb-masters.$(NAMESPACE).svc.cluster.local \
- --server_broadcast_addresses=$(HOSTNAME).yb-masters.$(NAMESPACE).svc.cluster.local:7100 \
- --webserver_interface=0.0.0.0 \
- --master_enable_metrics_snapshotter=true \
- --metrics_snapshotter_tserver_metrics_whitelist=handler_latency_yb_tserver_TabletServerService_Read_count,handler_latency_yb_tserver_TabletServerService_Write_count,handler_latency_yb_tserver_TabletServerService_Read_sum,handler_latency_yb_tserver_TabletServerService_Write_sum,disk_usage,cpu_usage,node_up
+ --flagfile /tmp/yugabyte/master/conf/server.conf
ports:
- containerPort: 7000
name: http-ui
- containerPort: 7100
name: tcp-rpc-port
- containerPort: 15433
name: yugabyted-ui
volumeMounts:
+ - name: master-gflags
+ mountPath: /opt/master/conf
- name: debug-hooks-volume
mountPath: /opt/debug_hooks_config
- name: datadir0
mountPath: /mnt/disk0
- name: yb-master-yugabyte-tls-cert
mountPath: /home/yugabyte/cert-manager
readOnly: true
- name: yugabyte-tls-client-cert
mountPath: /root/.yugabytedb/
readOnly: true
- name: yb-cleanup
- image: yugabytedb/yugabyte:2024.1.3.1-b8
+ image: yugabytedb/yugabyte:2024.2.0.0-b145
imagePullPolicy: IfNotPresent
env:
- name: USER
value: yugabyte
command:
- /sbin/tini
@@ -224,13 +210,13 @@
mountPath: /home/yugabyte/
subPath: yb-data
- name: datadir0
mountPath: /var/yugabyte/cores
subPath: cores
- name: yugabyted-ui
- image: yugabytedb/yugabyte:2024.1.3.1-b8
+ image: yugabytedb/yugabyte:2024.2.0.0-b145
imagePullPolicy: IfNotPresent
env:
- name: HOSTNAME
valueFrom:
fieldRef:
fieldPath: metadata.name
@@ -244,13 +230,13 @@
args:
- /bin/bash
- -c
- |
while true; do
/home/yugabyte/bin/yugabyted-ui \
- -database_host=$(HOSTNAME).yb-masters.$(NAMESPACE).svc.cluster.local \
+ -database_host=${HOSTNAME}.yb-masters.${NAMESPACE}.svc.cluster.local \
-bind_address=0.0.0.0 \
-ysql_port=5433 \
-ycql_port=9042 \
-master_ui_port=7000 \
-tserver_ui_port=9000 \
-secure=true \
@@ -264,12 +250,16 @@
done \
volumes:
- name: debug-hooks-volume
configMap:
name: yugabyte-db-master-hooks
defaultMode: 493
+ - name: master-gflags
+ secret:
+ secretName: yugabyte-db-master-gflags
+ defaultMode: 493
- name: yb-master-yugabyte-tls-cert
projected:
sources:
- secret:
name: yb-master-yugabyte-tls-cert
- name: yugabyte-tls-client-cert
--- HelmRelease: yugabyte/yugabyte-db StatefulSet: yugabyte/yb-tserver
+++ HelmRelease: yugabyte/yugabyte-db StatefulSet: yugabyte/yb-tserver
@@ -35,12 +35,13 @@
selector:
matchLabels:
app: yb-tserver
template:
metadata:
annotations:
+ checksum/gflags: 6f1ec09c27abd1d54e959df2c2f2b4b9e71aeac3219bbc7f6b654dcce8536185
checksum/rootCA: 90ace38c3efb4bf1768630295603f06eb0c140b0384c0860e28e0ad1d4dd6a44
labels:
app: yb-tserver
heritage: Helm
release: yugabyte-db
component: yugabytedb
@@ -48,13 +49,13 @@
spec:
terminationGracePeriodSeconds: 300
affinity:
podAntiAffinity: {}
containers:
- name: yb-tserver
- image: yugabytedb/yugabyte:2024.1.3.1-b8
+ image: yugabytedb/yugabyte:2024.2.0.0-b145
imagePullPolicy: IfNotPresent
lifecycle:
postStart:
exec:
command:
- bash
@@ -121,20 +122,20 @@
echo "disk check at: $(date)" \
| tee "/mnt/disk0/disk.check" \
&& sync "/mnt/disk0/disk.check" && \
if [ -f /home/yugabyte/tools/k8s_preflight.py ]; then
PYTHONUNBUFFERED="true" /home/yugabyte/tools/k8s_preflight.py \
dnscheck \
- --addr="$(HOSTNAME).yb-tservers.$(NAMESPACE).svc.cluster.local" \
+ --addr="${HOSTNAME}.yb-tservers.${NAMESPACE}.svc.cluster.local" \
--port="9100"
fi && \
if [ -f /home/yugabyte/tools/k8s_preflight.py ]; then
PYTHONUNBUFFERED="true" /home/yugabyte/tools/k8s_preflight.py \
dnscheck \
- --addr="$(HOSTNAME).yb-tservers.$(NAMESPACE).svc.cluster.local:9100" \
+ --addr="${HOSTNAME}.yb-tservers.${NAMESPACE}.svc.cluster.local:9100" \
--port="9100"
fi && \
if [ -f /home/yugabyte/tools/k8s_preflight.py ]; then
PYTHONUNBUFFERED="true" /home/yugabyte/tools/k8s_preflight.py \
dnscheck \
@@ -155,57 +156,36 @@
echo "Fresh install of /opt/certs/yugabyte/ca.crt"
cp /home/yugabyte/cert-manager/ca.crt /opt/certs/yugabyte/ca.crt;
fi && \
cmp -s /home/yugabyte/cert-manager/ca.crt /opt/certs/yugabyte/ca.crt;sameRootCA=$? && \
if [[ $sameRootCA -eq 0 ]]; then
echo "Refreshing tls certs at /opt/certs/yugabyte/";
- cp /home/yugabyte/cert-manager/tls.crt /opt/certs/yugabyte/node.$(HOSTNAME).yb-tservers.$(NAMESPACE).svc.cluster.local.crt;
- cp /home/yugabyte/cert-manager/tls.key /opt/certs/yugabyte/node.$(HOSTNAME).yb-tservers.$(NAMESPACE).svc.cluster.local.key;
+ cp /home/yugabyte/cert-manager/tls.crt /opt/certs/yugabyte/node.${HOSTNAME}.yb-tservers.${NAMESPACE}.svc.cluster.local.crt;
+ cp /home/yugabyte/cert-manager/tls.key /opt/certs/yugabyte/node.${HOSTNAME}.yb-tservers.${NAMESPACE}.svc.cluster.local.key;
chmod 600 /opt/certs/yugabyte/*
else
echo "WARNING: Not refreshing certificates as the root ca.crt has changed"
fi && \
if [ -f /home/yugabyte/tools/k8s_preflight.py ]; then
PYTHONUNBUFFERED="true" /home/yugabyte/tools/k8s_preflight.py \
dnscheck \
- --addr="$(HOSTNAME).yb-tservers.$(NAMESPACE).svc.cluster.local" \
+ --addr="${HOSTNAME}.yb-tservers.${NAMESPACE}.svc.cluster.local" \
--port="9042"
fi && \
if [ -f /home/yugabyte/tools/k8s_preflight.py ]; then
PYTHONUNBUFFERED="true" /home/yugabyte/tools/k8s_preflight.py \
dnscheck \
--addr="0.0.0.0:5433" \
--port="5433"
fi && \
- exec ${k8s_parent} /home/yugabyte/bin/yb-tserver \
- --max_log_size="256" \
- --undefok="enable_ysql" \
- --fs_data_dirs=/mnt/disk0 \
- --tserver_master_addrs=yb-master-0.yb-masters.$(NAMESPACE).svc.cluster.local:7100 \
- --metric_node_name=$(HOSTNAME) \
- --memory_limit_hard_bytes=3649044480 \
- --stderrthreshold=0 \
- --num_cpus=2 \
- --undefok=num_cpus,enable_ysql \
- --use_node_hostname_for_local_tserver=true \
- --certs_dir=/opt/certs/yugabyte \
- --use_node_to_node_encryption=true \
- --allow_insecure_connections=false \
- --use_client_to_server_encryption=true \
- --certs_for_client_dir=/opt/certs/yugabyte \
- --rpc_bind_addresses=$(HOSTNAME).yb-tservers.$(NAMESPACE).svc.cluster.local \
- --server_broadcast_addresses=$(HOSTNAME).yb-tservers.$(NAMESPACE).svc.cluster.local:9100 \
- --webserver_interface=0.0.0.0 \
- --enable_ysql=true \
- --pgsql_proxy_bind_address=0.0.0.0:5433 \
- --cql_proxy_bind_address=$(HOSTNAME).yb-tservers.$(NAMESPACE).svc.cluster.local \
- --tserver_enable_metrics_snapshotter=true \
- --metrics_snapshotter_interval_ms=11000 \
- --metrics_snapshotter_tserver_metrics_whitelist=handler_latency_yb_tserver_TabletServerService_Read_count,handler_latency_yb_tserver_TabletServerService_Write_count,handler_latency_yb_tserver_TabletServerService_Read_sum,handler_latency_yb_tserver_TabletServerService_Write_sum,disk_usage,cpu_usage,node_up
+ mkdir -p /tmp/yugabyte/tserver/conf && \
+ envsubst < /opt/tserver/conf/server.conf.template > /tmp/yugabyte/tserver/conf/server.conf && \
+ exec ${k8s_parent} /home/yugabyte/bin/yb-tserver \
+ --flagfile /tmp/yugabyte/tserver/conf/server.conf
ports:
- containerPort: 9000
name: http-ui
- containerPort: 12000
name: http-ycql-met
- containerPort: 11000
@@ -222,24 +202,26 @@
name: tcp-ysql-port
- containerPort: 15433
name: yugabyted-ui
volumeMounts:
- name: tserver-tmp
mountPath: /tmp
+ - name: tserver-gflags
+ mountPath: /opt/tserver/conf
- name: debug-hooks-volume
mountPath: /opt/debug_hooks_config
- name: datadir0
mountPath: /mnt/disk0
- name: yb-tserver-yugabyte-tls-cert
mountPath: /home/yugabyte/cert-manager
readOnly: true
- name: yugabyte-tls-client-cert
mountPath: /root/.yugabytedb/
readOnly: true
- name: yb-cleanup
- image: yugabytedb/yugabyte:2024.1.3.1-b8
+ image: yugabytedb/yugabyte:2024.2.0.0-b145
imagePullPolicy: IfNotPresent
env:
- name: USER
value: yugabyte
command:
- /sbin/tini
@@ -258,13 +240,13 @@
mountPath: /home/yugabyte/
subPath: yb-data
- name: datadir0
mountPath: /var/yugabyte/cores
subPath: cores
- name: yugabyted-ui
- image: yugabytedb/yugabyte:2024.1.3.1-b8
+ image: yugabytedb/yugabyte:2024.2.0.0-b145
imagePullPolicy: IfNotPresent
env:
- name: HOSTNAME
valueFrom:
fieldRef:
fieldPath: metadata.name
@@ -278,13 +260,13 @@
args:
- /bin/bash
- -c
- |
while true; do
/home/yugabyte/bin/yugabyted-ui \
- -database_host=$(HOSTNAME).yb-tservers.$(NAMESPACE).svc.cluster.local \
+ -database_host=${HOSTNAME}.yb-tservers.${NAMESPACE}.svc.cluster.local \
-bind_address=0.0.0.0 \
-ysql_port=5433 \
-ycql_port=9042 \
-master_ui_port=7000 \
-tserver_ui_port=9000 \
-secure=true \
@@ -298,12 +280,16 @@
done \
volumes:
- name: debug-hooks-volume
configMap:
name: yugabyte-db-tserver-hooks
defaultMode: 493
+ - name: tserver-gflags
+ secret:
+ secretName: yugabyte-db-tserver-gflags
+ defaultMode: 493
- name: tserver-tmp
emptyDir: {}
- name: yb-tserver-yugabyte-tls-cert
projected:
sources:
- secret: |
renovate
bot
force-pushed
the
renovate/yugabyte-2024.x
branch
from
7ee1d8c to
9c01380
Compare
jfroy
force-pushed
the
main
branch
2 times, most recently
from
6eb2c51 to
8af725e
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
2024.1.3->2024.2.0Configuration
π Schedule: Branch creation - "* 0-4,22-23 * * 1-5,* * * * 0,6" in timezone America/Los_Angeles, Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.