diff --git a/helm/thingsboard/Chart.yaml b/helm/thingsboard/Chart.yaml index c334a3a3..7b645d07 100644 --- a/helm/thingsboard/Chart.yaml +++ b/helm/thingsboard/Chart.yaml @@ -25,14 +25,15 @@ home: https://github.com/thingsboard/thingsboard-ce-k8s/ dependencies: - name: postgresql-ha version: 8.5.2 - repository: https://charts.bitnami.com/bitnami + repository: https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami + condition: postgresql-ha.enabled - name: cassandra version: 9.1.8 - repository: https://charts.bitnami.com/bitnami + repository: https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami condition: cassandra.enabled - name: kafka version: 15.3.4 - repository: https://charts.bitnami.com/bitnami + repository: https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami - name: redis version: 16.4.5 - repository: https://charts.bitnami.com/bitnami + repository: https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami diff --git a/helm/thingsboard/templates/_helpers.tpl b/helm/thingsboard/templates/_helpers.tpl index d4a719c2..22a1aee5 100644 --- a/helm/thingsboard/templates/_helpers.tpl +++ b/helm/thingsboard/templates/_helpers.tpl @@ -32,6 +32,61 @@ For helm 3.4- we need to work it around: {{- include "postgresql-ha.pgpool" (mustMerge (dict "Chart" (dict "Name" "postgresql-ha") "Values" (index .Values "postgresql-ha")) (deepCopy $deepDictCopy)) }} {{- end -}} +{{/* +Determine PostgreSQL host. +*/}} +{{- define "thingsboard.postgresql.host" -}} +{{- if eq (index .Values "postgresql-ha" "enabled") true }} +{{- include "thingsboard.pgpoolservicename" . }} +{{- else }} +{{- .Values.externalPostgres.host }} +{{- end }} +{{- end }} + +{{/* +Determine PostgreSQL port. +*/}} +{{- define "thingsboard.postgresql.port" -}} +{{- if eq (index .Values "postgresql-ha" "enabled") true }} +{{- index .Values "postgresql-ha" "pgpool" "containerPort" }} +{{- else }} +{{- .Values.externalPostgres.port }} +{{- end }} +{{- end }} + +{{/* +Determine PostgreSQL database. +*/}} +{{- define "thingsboard.postgresql.database" -}} +{{- if eq (index .Values "postgresql-ha" "enabled") true }} +{{- index .Values "postgresql-ha" "postgresql" "database" }} +{{- else }} +{{- .Values.externalPostgres.database }} +{{- end }} +{{- end }} + +{{/* +Determine PostgreSQL username. +*/}} +{{- define "thingsboard.postgresql.username" -}} +{{- if eq (index .Values "postgresql-ha" "enabled") true }} +{{- index .Values "postgresql-ha" "postgresql" "username" }} +{{- else }} +{{- .Values.externalPostgres.username }} +{{- end }} +{{- end }} + +{{/* +Determine PostgreSQL password. +*/}} +{{- define "thingsboard.postgresql.password" -}} +{{- if eq (index .Values "postgresql-ha" "enabled") true }} +{{- index .Values "postgresql-ha" "postgresql" "password" }} +{{- else }} +{{- .Values.externalPostgres.password }} +{{- end }} +{{- end }} + {{/* Set the value of cassandra initdb configmap /*}} @@ -125,3 +180,28 @@ Create the name of the service account to use {{- default "default" .Values.serviceAccount.name }} {{- end }} {{- end }} + +{{/* +Use existing secrets of database credentials, where defined. +*/}} +{{- define "thingsboard.database.existingSecrets" -}} +{{- if .Values.cassandra.dbUser.existingSecret }} +- name: CASSANDRA_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "common.secrets.name" (dict "existingSecret" .Values.cassandra.dbUser.existingSecret "context" $) }} + key: {{ include "common.secrets.key" (dict "existingSecret" .Values.cassandra.dbUser.existingSecret "key" "cassandra-password") }} +{{- end }} +{{- if .Values.externalPostgres.existingSecret }} +- name: SPRING_DATASOURCE_USERNAME + valueFrom: + secretKeyRef: + name: {{ include "common.secrets.name" (dict "existingSecret" .Values.externalPostgres.existingSecret "context" $) }} + key: {{ include "common.secrets.key" (dict "existingSecret" .Values.externalPostgres.existingSecret "key" "username") }} +- name: SPRING_DATASOURCE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "common.secrets.name" (dict "existingSecret" .Values.externalPostgres.existingSecret "context" $) }} + key: {{ include "common.secrets.key" (dict "existingSecret" .Values.externalPostgres.existingSecret "key" "password") }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/helm/thingsboard/templates/initializedb-job.yaml b/helm/thingsboard/templates/initializedb-job.yaml index af46f5c9..63535946 100644 --- a/helm/thingsboard/templates/initializedb-job.yaml +++ b/helm/thingsboard/templates/initializedb-job.yaml @@ -30,10 +30,14 @@ spec: - name: check-db-ready image: postgres:{{ index .Values "postgresql-ha" "postgresqlImage" "tag" }} command: ['sh', '-c', - 'until pg_isready -h {{ include "thingsboard.pgpoolservicename" . }} -p {{ index .Values "postgresql-ha" "pgpool" "containerPort" }}; + 'until pg_isready -h {{ include "thingsboard.postgresql.host" . }} -p {{ include "thingsboard.postgresql.port" . }}; do echo waiting for database; sleep 2; done;'] containers: - name: init-db + {{- if or .Values.cassandra.dbUser.existingSecret (.Values.externalPostgres.existingSecret ) }} + env: + {{- include "thingsboard.database.existingSecrets" $ | indent 8 }} + {{- end }} envFrom: - configMapRef: name: '{{ .Release.Name }}-node-db-config' diff --git a/helm/thingsboard/templates/node-db-configmap.yaml b/helm/thingsboard/templates/node-db-configmap.yaml index ca2afbf1..f5469760 100644 --- a/helm/thingsboard/templates/node-db-configmap.yaml +++ b/helm/thingsboard/templates/node-db-configmap.yaml @@ -27,12 +27,16 @@ data: CASSANDRA_URL: {{ .Release.Name }}-cassandra:9042 CASSANDRA_USE_CREDENTIALS: 'true' CASSANDRA_USERNAME: {{ .Values.cassandra.dbUser.user }} +{{- if (not .Values.cassandra.dbUser.existingSecret) -}} CASSANDRA_PASSWORD: {{ .Values.cassandra.dbUser.password }} +{{- end }} {{ else }} DATABASE_TS_TYPE: sql {{- end }} SPRING_JPA_DATABASE_PLATFORM: org.hibernate.dialect.PostgreSQLDialect SPRING_DRIVER_CLASS_NAME: org.postgresql.Driver - SPRING_DATASOURCE_URL: jdbc:postgresql://{{ include "thingsboard.pgpoolservicename" . }}:{{ index .Values "postgresql-ha" "pgpool" "containerPort" }}/{{ index .Values "postgresql-ha" "postgresql" "database" }} - SPRING_DATASOURCE_USERNAME: {{ index .Values "postgresql-ha" "postgresql" "username" }} - SPRING_DATASOURCE_PASSWORD: {{ index .Values "postgresql-ha" "postgresql" "password" }} + SPRING_DATASOURCE_URL: jdbc:postgresql://{{ include "thingsboard.postgresql.host" . }}:{{ include "thingsboard.postgresql.port" . }}/{{ include "thingsboard.postgresql.database" . }} +{{- if not (.Values.externalPostgres.existingSecret ) }} + SPRING_DATASOURCE_USERNAME: {{ include "thingsboard.postgresql.username" . }} + SPRING_DATASOURCE_PASSWORD: {{ include "thingsboard.postgresql.password" . }} +{{- end }} \ No newline at end of file diff --git a/helm/thingsboard/templates/node.yaml b/helm/thingsboard/templates/node.yaml index 88f6232b..5bcd3fe7 100644 --- a/helm/thingsboard/templates/node.yaml +++ b/helm/thingsboard/templates/node.yaml @@ -83,6 +83,7 @@ spec: value: "{{ .Release.Name }}-redis-master" - name: REDIS_PASSWORD value: "{{ .Values.redis.auth.password }}" + {{- include "thingsboard.database.existingSecrets" $ | indent 10 }} envFrom: - configMapRef: name: {{ .Release.Name }}-node-db-config diff --git a/helm/thingsboard/values.yaml b/helm/thingsboard/values.yaml index b40b929b..73e22ce6 100644 --- a/helm/thingsboard/values.yaml +++ b/helm/thingsboard/values.yaml @@ -261,8 +261,12 @@ cassandra: replicaCount: 1 dbUser: password: setplease + # OR use existing Secret with `cassandra-password` key in it. + # existingSecret: + # name: mysecret postgresql-ha: + enabled: true # set to false when using an external PostgreSQL instance and see externalPostgres keys nameOverride: pg postgresql: database: thingsboard @@ -278,6 +282,20 @@ postgresql-ha: pgpoolImage: tag: 4 + +# When using an external PostgreSQL instance and `postgresql-ha.enabled: false` +externalPostgres: + host: localhost + port: 5432 + database: thingsboard + username: thingsboard + password: setplease +# # OR use existing Secret for username and password +# existingSecret: +# name: test-postgres-secret +# username: username +# password: password + redis: # Set architecture to either standalone or replication architecture: standalone