From 4dd53eb12e9f276231333e31f3f41e347d5a1f71 Mon Sep 17 00:00:00 2001 From: Sam Weston <187511418+samweston-tails@users.noreply.github.com> Date: Wed, 18 Dec 2024 15:36:03 +0000 Subject: [PATCH 1/4] Set up emptydir volume for appdata --- helm-chart-sources/k8s-metrics-collector/Chart.yaml | 2 +- .../k8s-metrics-collector/templates/cronjob.yaml | 4 ++++ .../k8s-metrics-collector/templates/deployment.yaml | 4 ++++ helm-chart-sources/k8s-metrics-collector/values.yaml | 1 + 4 files changed, 10 insertions(+), 1 deletion(-) diff --git a/helm-chart-sources/k8s-metrics-collector/Chart.yaml b/helm-chart-sources/k8s-metrics-collector/Chart.yaml index a5b84fb..685c530 100644 --- a/helm-chart-sources/k8s-metrics-collector/Chart.yaml +++ b/helm-chart-sources/k8s-metrics-collector/Chart.yaml @@ -3,7 +3,7 @@ appVersion: 0.3.20 description: A Helm chart for Kubernetes name: k8s-metrics-collector type: application -version: 0.1.21 +version: 0.1.22 dependencies: - condition: kubePrometheusStack.enabled name: kube-prometheus-stack diff --git a/helm-chart-sources/k8s-metrics-collector/templates/cronjob.yaml b/helm-chart-sources/k8s-metrics-collector/templates/cronjob.yaml index f65710b..6f142f9 100644 --- a/helm-chart-sources/k8s-metrics-collector/templates/cronjob.yaml +++ b/helm-chart-sources/k8s-metrics-collector/templates/cronjob.yaml @@ -97,6 +97,8 @@ spec: {{- end }} {{- end }} {{- end }} + - mountPath: /usr/src/app/src/agent/data + name: appdata resources: {{- toYaml .Values.resources | nindent 16 }} @@ -108,6 +110,8 @@ spec: name: {{ include "k8s-metrics-collector.fullname" . }} {{- end }} {{- end }} + - emptyDir: {} + name: appdata {{- with .Values.nodeSelector }} nodeSelector: diff --git a/helm-chart-sources/k8s-metrics-collector/templates/deployment.yaml b/helm-chart-sources/k8s-metrics-collector/templates/deployment.yaml index a4c2525..d9d96ac 100644 --- a/helm-chart-sources/k8s-metrics-collector/templates/deployment.yaml +++ b/helm-chart-sources/k8s-metrics-collector/templates/deployment.yaml @@ -95,6 +95,8 @@ spec: {{- end }} {{- end }} {{- end }} + - mountPath: /usr/src/app/src/agent/data + name: appdata resources: {{- toYaml .Values.resources | nindent 12 }} volumes: @@ -105,6 +107,8 @@ spec: name: {{ include "k8s-metrics-collector.fullname" . }} {{- end }} {{- end }} + - emptyDir: {} + name: appdata {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/helm-chart-sources/k8s-metrics-collector/values.yaml b/helm-chart-sources/k8s-metrics-collector/values.yaml index dd946f9..59792fe 100644 --- a/helm-chart-sources/k8s-metrics-collector/values.yaml +++ b/helm-chart-sources/k8s-metrics-collector/values.yaml @@ -179,6 +179,7 @@ podSecurityContext: {} # fsGroup: 2000 securityContext: {} + # allowPrivilegeEscalation: false # capabilities: # drop: # - ALL From dd4119baa173bd91d9c6e000cede2cfaf1d5bb75 Mon Sep 17 00:00:00 2001 From: Sam Weston <187511418+samweston-tails@users.noreply.github.com> Date: Wed, 18 Dec 2024 15:45:46 +0000 Subject: [PATCH 2/4] Also mount /var/log --- .../k8s-metrics-collector/templates/deployment.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/helm-chart-sources/k8s-metrics-collector/templates/deployment.yaml b/helm-chart-sources/k8s-metrics-collector/templates/deployment.yaml index d9d96ac..4e54c0a 100644 --- a/helm-chart-sources/k8s-metrics-collector/templates/deployment.yaml +++ b/helm-chart-sources/k8s-metrics-collector/templates/deployment.yaml @@ -97,6 +97,10 @@ spec: {{- end }} - mountPath: /usr/src/app/src/agent/data name: appdata + subPath: data + - mountPath: /var/log + name: appdata + subPath: log resources: {{- toYaml .Values.resources | nindent 12 }} volumes: From 93ec24cd280ebfd740a507c39a39887e0187a442 Mon Sep 17 00:00:00 2001 From: Sam Weston <187511418+samweston-tails@users.noreply.github.com> Date: Wed, 18 Dec 2024 15:49:28 +0000 Subject: [PATCH 3/4] Also mount /var/log for cronjob --- .../k8s-metrics-collector/templates/cronjob.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/helm-chart-sources/k8s-metrics-collector/templates/cronjob.yaml b/helm-chart-sources/k8s-metrics-collector/templates/cronjob.yaml index 6f142f9..b10f8c9 100644 --- a/helm-chart-sources/k8s-metrics-collector/templates/cronjob.yaml +++ b/helm-chart-sources/k8s-metrics-collector/templates/cronjob.yaml @@ -99,7 +99,10 @@ spec: {{- end }} - mountPath: /usr/src/app/src/agent/data name: appdata - + subPath: data + - mountPath: /var/log + name: appdata + subPath: log resources: {{- toYaml .Values.resources | nindent 16 }} volumes: From 29126cb85cf54e8cef18486b2c443f1a8a5cfff2 Mon Sep 17 00:00:00 2001 From: Sam Weston <187511418+samweston-tails@users.noreply.github.com> Date: Wed, 18 Dec 2024 15:59:43 +0000 Subject: [PATCH 4/4] There is such thing as too much hackery --- .../k8s-metrics-collector/templates/cronjob.yaml | 7 +++++-- .../k8s-metrics-collector/templates/deployment.yaml | 7 +++++-- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/helm-chart-sources/k8s-metrics-collector/templates/cronjob.yaml b/helm-chart-sources/k8s-metrics-collector/templates/cronjob.yaml index b10f8c9..b3bca5a 100644 --- a/helm-chart-sources/k8s-metrics-collector/templates/cronjob.yaml +++ b/helm-chart-sources/k8s-metrics-collector/templates/cronjob.yaml @@ -45,6 +45,8 @@ spec: value: {{ .Values.workload }} - name: APP_VERSION value: {{ .Values.image.tag | default .Chart.AppVersion }} + - name: APP_DATA_DIR + value: /tmp/data {{- if .Values.kubePrometheusStack.enabled }} - name: PROMETHEUS_URL value: http://{{ index .Values "kube-prometheus-stack" "fullnameOverride" }}-prometheus:9090 @@ -97,12 +99,13 @@ spec: {{- end }} {{- end }} {{- end }} - - mountPath: /usr/src/app/src/agent/data + - mountPath: /tmp name: appdata - subPath: data + subPath: tmp - mountPath: /var/log name: appdata subPath: log + command: ["/bin/sh", "-c", "cp -r /usr/src/app/src/agent/data /tmp && /usr/src/app/entry.sh"] resources: {{- toYaml .Values.resources | nindent 16 }} volumes: diff --git a/helm-chart-sources/k8s-metrics-collector/templates/deployment.yaml b/helm-chart-sources/k8s-metrics-collector/templates/deployment.yaml index 4e54c0a..2598ce6 100644 --- a/helm-chart-sources/k8s-metrics-collector/templates/deployment.yaml +++ b/helm-chart-sources/k8s-metrics-collector/templates/deployment.yaml @@ -43,6 +43,8 @@ spec: value: {{ .Values.workload }} - name: APP_VERSION value: {{ .Values.image.tag | default .Chart.AppVersion }} + - name: APP_DATA_DIR + value: /tmp/data {{- if .Values.kubePrometheusStack.enabled }} - name: PROMETHEUS_URL value: http://{{ index .Values "kube-prometheus-stack" "fullnameOverride" }}-prometheus:9090 @@ -95,12 +97,13 @@ spec: {{- end }} {{- end }} {{- end }} - - mountPath: /usr/src/app/src/agent/data + - mountPath: /tmp name: appdata - subPath: data + subPath: tmp - mountPath: /var/log name: appdata subPath: log + command: ["/bin/sh", "-c", "cp -r /usr/src/app/src/agent/data /tmp && /usr/src/app/entry.sh"] resources: {{- toYaml .Values.resources | nindent 12 }} volumes: