From c4828e851323e97cbaece42dd77d523a1baefdbb Mon Sep 17 00:00:00 2001 From: rachit89 Date: Fri, 5 Apr 2024 12:47:00 +0530 Subject: [PATCH 1/3] Upgraded version of mongodb helm chart form 13.1.5 to 15.1.2 --- README.md | 10 +- examples/complete/aws/README.md | 4 +- examples/complete/aws/helm/exporter.yaml | 4 +- examples/complete/aws/helm/values.yaml | 6 +- examples/complete/aws/main.tf | 11 +- examples/complete/aws/provider.tf | 4 +- helm/values/mongodb/values.yaml | 485 +++++++++++++++++- main.tf | 2 +- .../backup/templates/fullbackup-cronjob.yaml | 2 +- variables.tf | 8 +- 10 files changed, 505 insertions(+), 31 deletions(-) diff --git a/README.md b/README.md index b81722b..f707177 100644 --- a/README.md +++ b/README.md @@ -12,7 +12,7 @@ This module is for deploying a highly available MongoDB cluster on Kubernetes us | MongoDB Helm Chart Version | K8s supported version (EKS, AKS & GKE) | | :-----: | :--- | -| **13.1.5** | **1.23,1.24,1.25,1.26,1.27** | +| **15.1.2** | **1.23,1.24,1.25,1.26,1.27,** | ## Usage Example @@ -115,7 +115,7 @@ Features - s3_bucket_region: The region of the S3 bucket. - cron_for_full_backup: The cron expression for scheduling full backups. ### Restore Configuration -- mongodb_restore_config: Configuration for restoring databases. +- mongodb_restore_config: Configuration for restoring databases. - bucket_uri: The URI of the S3 bucket containing the backup file. - file_name: The name of the backup file to restore. - s3_bucket_region: The region of the S3 bucket containing the backup file. @@ -161,16 +161,16 @@ No modules. | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| [app\_version](#input\_app\_version) | Version of the Mongodb application that will be deployed. | `string` | `"5.0.8-debian-10-r9"` | no | +| [app\_version](#input\_app\_version) | Version of the Mongodb application that will be deployed. | `string` | `"7.0.8-debian-12-r0"` | no | | [az\_account\_backup](#input\_az\_account\_backup) | Azure user managed account backup identity | `string` | `""` | no | | [az\_account\_restore](#input\_az\_account\_restore) | Azure user managed account restore identity | `string` | `""` | no | | [azure\_container\_name](#input\_azure\_container\_name) | Azure container name | `string` | `""` | no | | [azure\_storage\_account\_key](#input\_azure\_storage\_account\_key) | Azure storage account key | `string` | `""` | no | | [azure\_storage\_account\_name](#input\_azure\_storage\_account\_name) | Azure storage account name | `string` | `""` | no | | [bucket\_provider\_type](#input\_bucket\_provider\_type) | Choose what type of provider you want (s3, gcs) | `string` | `"gcs"` | no | -| [chart\_version](#input\_chart\_version) | Version of the Mongodb chart that will be used to deploy Mongodb application. | `string` | `"13.1.5"` | no | | [cluster\_name](#input\_cluster\_name) | Specifies the name of the EKS cluster to deploy the Mongodb application on. | `string` | `""` | no | | [create\_namespace](#input\_create\_namespace) | Specify whether or not to create the namespace if it does not already exist. Set it to true to create the namespace. | `string` | `false` | no | +| [helm\_chart\_version](#input\_helm\_chart\_version) | Version of the Mongodb chart that will be used to deploy Mongodb application. | `string` | `"15.1.2"` | no | | [iam\_role\_arn\_backup](#input\_iam\_role\_arn\_backup) | IAM role ARN for backup (AWS) | `string` | `""` | no | | [iam\_role\_arn\_restore](#input\_iam\_role\_arn\_restore) | IAM role ARN for restore (AWS) | `string` | `""` | no | | [metric\_exporter\_password](#input\_metric\_exporter\_password) | Metric exporter password for MongoDB | `string` | `""` | no | @@ -179,7 +179,7 @@ No modules. | [mongodb\_config](#input\_mongodb\_config) | Specify the configuration settings for Mongodb, including the name, environment, storage options, replication settings, and custom YAML values. | `any` | 
{
  "architecture": "",
  "custom_databases": "",
  "custom_databases_passwords": "",
  "custom_databases_usernames": "",
  "environment": "",
  "name": "",
  "replica_count": 2,
  "storage_class_name": "",
  "store_password_to_secret_manager": true,
  "values_yaml": "",
  "volume_size": ""
}
| no | | [mongodb\_custom\_credentials\_config](#input\_mongodb\_custom\_credentials\_config) | Specify the configuration settings for Mongodb to pass custom credentials during creation. | `any` | 
{
  "metric_exporter_password": "",
  "metric_exporter_user": "",
  "root_password": "",
  "root_user": ""
}
| no | | [mongodb\_custom\_credentials\_enabled](#input\_mongodb\_custom\_credentials\_enabled) | Specifies whether to enable custom credentials for MongoDB database. | `bool` | `false` | no | -| [mongodb\_exporter\_config](#input\_mongodb\_exporter\_config) | Specify whether or not to deploy Mongodb exporter to collect Mongodb metrics for monitoring in Grafana. | `any` | 
{
  "version": "2.9.0"
}
| no | +| [mongodb\_exporter\_config](#input\_mongodb\_exporter\_config) | Specify whether or not to deploy Mongodb exporter to collect Mongodb metrics for monitoring in Grafana. | `any` | 
{
  "version": "3.5.0"
}
| no | | [mongodb\_exporter\_enabled](#input\_mongodb\_exporter\_enabled) | Specify whether or not to deploy Mongodb exporter to collect Mongodb metrics for monitoring in Grafana. | `bool` | `false` | no | | [mongodb\_exporter\_values](#input\_mongodb\_exporter\_values) | Mongo DB prometheus exporter values file | `any` | `""` | no | | [mongodb\_restore\_config](#input\_mongodb\_restore\_config) | Configuration options for restoring dump to the Mongodb database. | `any` | 
{
  "bucket_uri": "s3://mymongo/mongodumpfull_20230424_112501.gz",
  "file_name": "",
  "s3_bucket_region": "us-east-2"
}
| no | diff --git a/examples/complete/aws/README.md b/examples/complete/aws/README.md index 49f5245..d641bd7 100644 --- a/examples/complete/aws/README.md +++ b/examples/complete/aws/README.md @@ -21,8 +21,8 @@ No requirements. | Name | Source | Version | |------|--------|---------| -| [aws](#module\_aws) | squareops/mongodb/kubernetes//modules/resources/aws | n/a | -| [mongodb](#module\_mongodb) | squareops/mongodb/kubernetes | n/a | +| [aws](#module\_aws) | ../../../modules/resources/aws | n/a | +| [mongodb](#module\_mongodb) | ../../../ | n/a | ## Resources diff --git a/examples/complete/aws/helm/exporter.yaml b/examples/complete/aws/helm/exporter.yaml index 9c998f9..151f5b3 100644 --- a/examples/complete/aws/helm/exporter.yaml +++ b/examples/complete/aws/helm/exporter.yaml @@ -3,7 +3,7 @@ affinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - - key: "Infra-Services" + - key: "Addons-Services" operator: In values: - "true" @@ -13,4 +13,4 @@ resources: memory: 200Mi requests: cpu: 50m - memory: 100Mi \ No newline at end of file + memory: 100Mi diff --git a/examples/complete/aws/helm/values.yaml b/examples/complete/aws/helm/values.yaml index 7f9049e..775d8a9 100644 --- a/examples/complete/aws/helm/values.yaml +++ b/examples/complete/aws/helm/values.yaml @@ -3,7 +3,7 @@ affinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - - key: "Infra-Services" + - key: "Addons-Services" operator: In values: - "true" @@ -34,7 +34,7 @@ arbiter: requests: cpu: 100m memory: 250Mi - + affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: @@ -61,4 +61,4 @@ restorejob: cpu: 50m limits: memory: 200Mi - cpu: 100m \ No newline at end of file + cpu: 100m diff --git a/examples/complete/aws/main.tf b/examples/complete/aws/main.tf index e202c4a..ffbde6d 100644 --- a/examples/complete/aws/main.tf +++ b/examples/complete/aws/main.tf @@ -1,7 +1,7 @@ locals { name = "mongo" - region = "us-east-2" - environment = "prod" + region = "ap-northeast-1" + environment = "stg" additional_tags = { Owner = "organization_name" Expires = "Never" @@ -19,18 +19,19 @@ locals { } } module "aws" { - source = "squareops/mongodb/kubernetes//modules/resources/aws" + # source = "squareops/mongodb/kubernetes//modules/resources/aws" + source = "../../../modules/resources/aws" environment = local.environment name = local.name namespace = local.namespace store_password_to_secret_manager = local.store_password_to_secret_manager - cluster_name = "" + cluster_name = "stg-rachit" mongodb_custom_credentials_enabled = local.mongodb_custom_credentials_enabled mongodb_custom_credentials_config = local.mongodb_custom_credentials_config } module "mongodb" { - source = "squareops/mongodb/kubernetes" + source = "../../../" namespace = local.namespace create_namespace = local.create_namespace mongodb_config = { diff --git a/examples/complete/aws/provider.tf b/examples/complete/aws/provider.tf index e8957a1..e17ca5b 100644 --- a/examples/complete/aws/provider.tf +++ b/examples/complete/aws/provider.tf @@ -6,11 +6,11 @@ provider "aws" { } data "aws_eks_cluster" "cluster" { - name = "" + name = "stg-rachit" } data "aws_eks_cluster_auth" "cluster" { - name = "" + name = "stg-rachit" } provider "kubernetes" { diff --git a/helm/values/mongodb/values.yaml b/helm/values/mongodb/values.yaml index 731fc76..3a26174 100644 --- a/helm/values/mongodb/values.yaml +++ b/helm/values/mongodb/values.yaml @@ -19,6 +19,14 @@ global: storageClass: "${storage_class_name}" namespaceOverride: "" + compatibility: + ## Compatibility adaptations for Openshift + ## + openshift: + ## @param global.compatibility.openshift.adaptSecurityContext Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) + ## + adaptSecurityContext: auto + ## @section Common parameters ## @@ -97,6 +105,20 @@ commonLabels: {} ## commonAnnotations: {} +## @param topologyKey Override common lib default topology key. If empty - "kubernetes.io/hostname" is used +## i.e. topologyKey: topology.kubernetes.io/zone +## +topologyKey: "" + +serviceBindings: + enabled: false +## @param enableServiceLinks Whether information about services should be injected into pod's environment variable +## The environment variables injected by service links are not used, but can lead to slow boot times or slow running of the scripts when there are many services in the current namespace. +## If you experience slow pod startups or slow running of the scripts you probably want to set this to `false`. +## +enableServiceLinks: true +## Enable diagnostic mode in the deployment + ## Enable diagnostic mode in the deployment ## diagnosticMode: @@ -197,6 +219,9 @@ tls: enabled: false ## @param tls.autoGenerated Generate a custom CA and self-signed certificates ## + mTLS: + ## @param tls.mTLS.enabled IF TLS support is enabled, require clients to provide certificates + enabled: true autoGenerated: true ## @param tls.existingSecret Existing secret with TLS certificates (keys: `mongodb-ca-cert`, `mongodb-ca-key`, `client-pem`) ## NOTE: When it's set it will disable certificate creation @@ -216,10 +241,46 @@ tls: ## @param tls.image.pullSecrets Init container TLS certs specify docker-registry secret names as an array ## @param tls.extraDnsNames Add extra dns names to the CA, can solve x509 auth issue for pod clients ## + pemChainIncluded: false + standalone: + ## @param tls.standalone.existingSecret Existing secret with TLS certificates (`tls.key`, `tls.crt`, `ca.crt`) or (`tls.key`, `tls.crt`) with tls.pemChainIncluded set as enabled. + ## NOTE: When it's set it will disable certificate self-generation from existing CA. + ## + existingSecret: "" + replicaset: + ## @param tls.replicaset.existingSecrets Array of existing secrets with TLS certificates (`tls.key`, `tls.crt`, `ca.crt`) or (`tls.key`, `tls.crt`) with tls.pemChainIncluded set as enabled. + ## existingSecrets: + ## - "mySecret-0" + ## - "mySecret-1" + ## NOTE: When it's set it will disable certificate self-generation from existing CA. + ## + existingSecrets: [] + hidden: + ## @param tls.hidden.existingSecrets Array of existing secrets with TLS certificates (`tls.key`, `tls.crt`, `ca.crt`) or (`tls.key`, `tls.crt`) with tls.pemChainIncluded set as enabled. + ## existingSecrets: + ## - "mySecret-0" + ## - "mySecret-1" + ## NOTE: When it's set it will disable certificate self-generation from existing CA. + ## + existingSecrets: [] + arbiter: + ## @param tls.arbiter.existingSecret Existing secret with TLS certificates (`tls.key`, `tls.crt`, `ca.crt`) or (`tls.key`, `tls.crt`) with tls.pemChainIncluded set as enabled. + ## NOTE: When it's set it will disable certificate self-generation from existing CA. + ## + existingSecret: "" + ## Bitnami Nginx image + ## @param tls.image.registry [default: REGISTRY_NAME] Init container TLS certs setup image registry + ## @param tls.image.repository [default: REPOSITORY_NAME/nginx] Init container TLS certs setup image repository + ## @skip tls.image.tag Init container TLS certs setup image tag (immutable tags are recommended) + ## @param tls.image.digest Init container TLS certs setup image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag + ## @param tls.image.pullPolicy Init container TLS certs setup image pull policy + ## @param tls.image.pullSecrets Init container TLS certs specify docker-registry secret names as an array + ## @param tls.extraDnsNames Add extra dns names to the CA, can solve x509 auth issue for pod clients + ## image: registry: docker.io repository: bitnami/nginx - tag: 1.21.6-debian-10-r92 + tag: 1.25.4-debian-12-r6 pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. ## Secrets must be manually created in the namespace. @@ -239,6 +300,40 @@ tls: ## @param tls.mode Allows to set the tls mode which should be used when tls is enabled (options: `allowTLS`, `preferTLS`, `requireTLS`) ## mode: requireTLS + ## Init Container resource requests and limits + ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ + ## We usually recommend not to specify default resources and to leave this as a conscious + ## choice for the user. This also increases chances charts run on environments with little + ## resources, such as Minikube. If you do want to specify resources, uncomment the following + ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. + ## @param tls.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if tls.resources is set (tls.resources is recommended for production). + ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 + ## + resourcesPreset: "nano" + ## @param tls.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) + ## Example: + ## resources: + ## requests: + ## cpu: 2 + ## memory: 512Mi + ## limits: + ## cpu: 3 + ## memory: 1024Mi + ## + resources: {} + ## Init Container securityContext + ## ref: https://kubernetes.io/docs/concepts/security/pod-security-policy/ + ## @param tls.securityContext Init container generate-tls-cert Security context + ## + securityContext: {} + ## Example: + ## allowPrivilegeEscalation: false + ## capabilities: + ## drop: ["ALL"] + ## +## @param automountServiceAccountToken Mount Service Account token in pod +## +automountServiceAccountToken: true ## @param hostAliases Add deployment host aliases ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ ## @@ -498,6 +593,8 @@ runtimeClassName: "" podSecurityContext: enabled: true fsGroup: 1001 + fsGroupChangePolicy: Always + supplementalGroups: [] ## sysctl settings ## Example: ## sysctls: @@ -513,8 +610,18 @@ podSecurityContext: ## containerSecurityContext: enabled: true + seLinuxOptions: {} runAsUser: 1001 + runAsGroup: 1001 runAsNonRoot: true + privileged: false + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] + seccompProfile: + type: "RuntimeDefault" + ## MongoDB(®) containers' resource requests and limits. ## ref: https://kubernetes.io/docs/user-guide/compute-resources/ ## We usually recommend not to specify default resources and to leave this as a conscious @@ -524,6 +631,17 @@ containerSecurityContext: ## @param resources.limits The resources limits for MongoDB(®) containers ## @param resources.requests The requested resources for MongoDB(®) containers ## +resourcesPreset: "small" +## @param resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) +## Example: +## resources: +## requests: +## cpu: 2 +## memory: 512Mi +## limits: +## cpu: 3 +## memory: 1024Mi +## resources: {} ## Example: ## limits: @@ -728,7 +846,15 @@ service: ## @param service.loadBalancerSourceRanges Address(es) that are allowed when service is LoadBalancer (only for standalone architecture) ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service ## + ## @param service.loadBalancerClass loadBalancerClass for MongoDB(®) Service (only for standalone architecture) + # ref: https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-class + loadBalancerClass: "" + loadBalancerSourceRanges: [] + ## @param service.allocateLoadBalancerNodePorts Wheter to allocate node ports when service type is LoadBalancer + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-nodeport-allocation + ## + allocateLoadBalancerNodePorts: true ## @param service.extraPorts Extra ports to expose (normally used with the `sidecar` value) ## extraPorts: [] @@ -750,6 +876,14 @@ service: ## timeoutSeconds: 300 ## sessionAffinityConfig: {} + ## Headless service properties + ## + headless: + ## @param service.headless.annotations Annotations for the headless service. + ## + annotations: {} +## External Access to MongoDB(®) nodes configuration +## ## External Access to MongoDB(®) nodes configuration ## externalAccess: @@ -775,7 +909,7 @@ externalAccess: image: registry: docker.io repository: bitnami/kubectl - tag: 1.23.6-debian-10-r8 + tag: 1.29.3-debian-12-r3 ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' ## ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images @@ -797,6 +931,17 @@ externalAccess: ## @param externalAccess.autoDiscovery.resources.limits Init container auto-discovery resource limits ## @param externalAccess.autoDiscovery.resources.requests Init container auto-discovery resource requests ## + resourcesPreset: "nano" + ## @param externalAccess.autoDiscovery.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) + ## Example: + ## resources: + ## requests: + ## cpu: 2 + ## memory: 512Mi + ## limits: + ## cpu: 3 + ## memory: 1024Mi + ## resources: ## Example: ## limits: @@ -813,6 +958,15 @@ externalAccess: ## Parameters to configure K8s service(s) used to externally access MongoDB(®) ## A new service per broker will be created ## + ## Parameters to configure a set of Pods that connect to an existing MongoDB(®) deployment that lies outside of Kubernetes. + ## @param externalAccess.externalMaster.enabled Use external master for bootstrapping + ## @param externalAccess.externalMaster.host External master host to bootstrap from + ## @param externalAccess.externalMaster.port Port for MongoDB(®) service external master host + ## + externalMaster: + enabled: false + host: "" + port: 27017 service: ## @param externalAccess.service.type Kubernetes Service type for external access. Allowed values: NodePort, LoadBalancer or ClusterIP ## @@ -837,7 +991,16 @@ externalAccess: ## loadBalancerSourceRanges: ## - 10.10.10.0/24 ## + ## @param externalAccess.service.loadBalancerClass loadBalancerClass when service type is LoadBalancer + # ref: https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-class + loadBalancerClass: "" + loadBalancerSourceRanges: [] + ## @param externalAccess.service.allocateLoadBalancerNodePorts Wheter to allocate node ports when service type is LoadBalancer + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-nodeport-allocation + ## + allocateLoadBalancerNodePorts: true + ## @param externalAccess.service.externalTrafficPolicy MongoDB(®) service external traffic policy ## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip ## @@ -899,6 +1062,11 @@ externalAccess: ## - Y.Y.Y.Y ## loadBalancerIPs: [] + + ## @param externalAccess.hidden.service.loadBalancerClass loadBalancerClass when service type is LoadBalancer + # ref: https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-class + loadBalancerClass: "" + ## @param externalAccess.hidden.service.loadBalancerSourceRanges Address(es) that are allowed when service is LoadBalancer ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service ## Example: @@ -906,6 +1074,10 @@ externalAccess: ## - 10.10.10.0/24 ## loadBalancerSourceRanges: [] + ## @param externalAccess.hidden.service.allocateLoadBalancerNodePorts Wheter to allocate node ports when service type is LoadBalancer + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-nodeport-allocation + ## + allocateLoadBalancerNodePorts: true ## @param externalAccess.hidden.service.externalTrafficPolicy MongoDB(®) service external traffic policy ## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip ## @@ -940,10 +1112,67 @@ externalAccess: ## timeoutSeconds: 300 ## sessionAffinityConfig: {} +## @section Network policy parameters +## -## @section Persistence parameters +## Network Policies +## Ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/ ## +networkPolicy: + ## @param networkPolicy.enabled Specifies whether a NetworkPolicy should be created + ## + enabled: true + ## @param networkPolicy.allowExternal Don't require server label for connections + ## The Policy model to apply. When set to false, only pods with the correct + ## server label will have network access to the ports server is listening + ## on. When true, server will accept connections from any source + ## (with the correct destination port). + ## + allowExternal: true + ## @param networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations. + ## + allowExternalEgress: true + ## @param networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolice + ## e.g: + ## extraIngress: + ## - ports: + ## - port: 1234 + ## from: + ## - podSelector: + ## - matchLabels: + ## - role: frontend + ## - podSelector: + ## - matchExpressions: + ## - key: role + ## operator: In + ## values: + ## - frontend + extraIngress: [] + ## @param networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy + ## e.g: + ## extraEgress: + ## - ports: + ## - port: 1234 + ## to: + ## - podSelector: + ## - matchLabels: + ## - role: frontend + ## - podSelector: + ## - matchExpressions: + ## - key: role + ## operator: In + ## values: + ## - frontend + ## + extraEgress: [] + ## @param networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces + ## @param networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces + ## + ingressNSMatchLabels: {} + ingressNSPodMatchLabels: {} +## @section Persistence parameters +## ## Enable persistence using Persistent Volume Claims ## ref: https://kubernetes.io/docs/user-guide/persistent-volumes/ ## @@ -951,6 +1180,8 @@ persistence: ## @param persistence.enabled Enable MongoDB(®) data persistence using PVC ## enabled: true + ## @param persistence.name Name of the PVC and mounted volume + ## ## @param persistence.medium Provide a medium for `emptyDir` volumes. ## Requires persistence.enabled: false ## @@ -1007,7 +1238,135 @@ persistence: ## @section RBAC parameters ## +persistentVolumeClaimRetentionPolicy: + ## @param persistentVolumeClaimRetentionPolicy.enabled Enable Persistent volume retention policy for MongoDB(®) Statefulset + ## + enabled: false + ## @param persistentVolumeClaimRetentionPolicy.whenScaled Volume retention behavior when the replica count of the StatefulSet is reduced + ## + whenScaled: Retain + ## @param persistentVolumeClaimRetentionPolicy.whenDeleted Volume retention behavior that applies when the StatefulSet is deleted + ## + whenDeleted: Retain +## @section Backup parameters +## This section implements a trivial logical dump cronjob of the database. +## This only comes with the consistency guarantees of the dump program. +## This is not a snapshot based roll forward/backward recovery backup. +## ref: https://kubernetes.io/docs/concepts/workloads/controllers/cron-jobs/ +## +backup: + ## @param backup.enabled Enable the logical dump of the database "regularly" + ## + enabled: false + ## Fine tuning cronjob's config + ## + cronjob: + ## @param backup.cronjob.schedule Set the cronjob parameter schedule + ## + schedule: "@daily" + ## @param backup.cronjob.concurrencyPolicy Set the cronjob parameter concurrencyPolicy + ## + concurrencyPolicy: Allow + ## @param backup.cronjob.failedJobsHistoryLimit Set the cronjob parameter failedJobsHistoryLimit + ## + failedJobsHistoryLimit: 1 + ## @param backup.cronjob.successfulJobsHistoryLimit Set the cronjob parameter successfulJobsHistoryLimit + ## + successfulJobsHistoryLimit: 3 + ## @param backup.cronjob.startingDeadlineSeconds Set the cronjob parameter startingDeadlineSeconds + ## + startingDeadlineSeconds: "" + ## @param backup.cronjob.ttlSecondsAfterFinished Set the cronjob parameter ttlSecondsAfterFinished + ## + ttlSecondsAfterFinished: "" + ## @param backup.cronjob.restartPolicy Set the cronjob parameter restartPolicy + ## + restartPolicy: OnFailure + ## @param backup.cronjob.backoffLimit Set the cronjob parameter backoffLimit + backoffLimit: 6 + ## backup container's Security Context + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container + ## @param backup.cronjob.containerSecurityContext.enabled Enabled containers' Security Context + ## @param backup.cronjob.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container + ## @param backup.cronjob.containerSecurityContext.runAsUser Set containers' Security Context runAsUser + ## @param backup.cronjob.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup + ## @param backup.cronjob.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot + ## @param backup.cronjob.containerSecurityContext.privileged Set container's Security Context privileged + ## @param backup.cronjob.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem + ## @param backup.cronjob.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation + ## @param backup.cronjob.containerSecurityContext.capabilities.drop List of capabilities to be dropped + ## @param backup.cronjob.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile + ## + containerSecurityContext: + enabled: true + seLinuxOptions: {} + runAsUser: 1001 + runAsGroup: 1001 + runAsNonRoot: true + privileged: false + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] + seccompProfile: + type: "RuntimeDefault" + ## @param backup.cronjob.command Set backup container's command to run + ## + command: [] + ## @param backup.cronjob.labels Set the cronjob labels + ## + labels: {} + ## @param backup.cronjob.annotations Set the cronjob annotations + ## + annotations: {} + ## Backup container's + ## + storage: + ## @param backup.cronjob.storage.existingClaim Provide an existing `PersistentVolumeClaim` (only when `architecture=standalone`) + ## If defined, PVC must be created manually before volume will be bound + ## + existingClaim: "" + ## @param backup.cronjob.storage.resourcePolicy Setting it to "keep" to avoid removing PVCs during a helm delete operation. Leaving it empty will delete PVCs after the chart deleted + ## + resourcePolicy: "" + ## @param backup.cronjob.storage.storageClass PVC Storage Class for the backup data volume + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. + ## + storageClass: "" + ## @param backup.cronjob.storage.accessModes PV Access Mode + ## + accessModes: + - ReadWriteOnce + ## @param backup.cronjob.storage.size PVC Storage Request for the backup data volume + ## + size: 8Gi + ## @param backup.cronjob.storage.annotations PVC annotations + ## + annotations: {} + ## @param backup.cronjob.storage.mountPath Path to mount the volume at + ## + mountPath: /backup/mongodb + ## @param backup.cronjob.storage.subPath Subdirectory of the volume to mount at + ## and one PV for multiple services. + ## + subPath: "" + ## Fine tuning for volumeClaimTemplates + ## + volumeClaimTemplates: + ## @param backup.cronjob.storage.volumeClaimTemplates.selector A label query over volumes to consider for binding (e.g. when using local volumes) + ## A label query over volumes to consider for binding (e.g. when using local volumes) + ## See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#labelselector-v1-meta for more details + ## + selector: {} +## @section RBAC parameters +## +## ServiceAccount +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ +## ## ServiceAccount ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ ## @@ -1130,8 +1489,8 @@ volumePermissions: ## image: registry: docker.io - repository: bitnami/bitnami-shell - tag: 10-debian-10-r410 + repository: bitnami/os-shell + tag: 12-debian-12-r18 ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' ## ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images @@ -1153,6 +1512,17 @@ volumePermissions: ## @param volumePermissions.resources.limits Init container volume-permissions resource limits ## @param volumePermissions.resources.requests Init container volume-permissions resource requests ## + resourcesPreset: "nano" + ## @param volumePermissions.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) + ## Example: + ## resources: + ## requests: + ## cpu: 2 + ## memory: 512Mi + ## limits: + ## cpu: 3 + ## memory: 1024Mi + ## resources: ## Example: ## limits: @@ -1177,6 +1547,7 @@ volumePermissions: ## @param volumePermissions.securityContext.runAsUser User ID for the volumePermissions container ## securityContext: + seLinuxOptions: {} runAsUser: 0 ## @section Arbiter parameters @@ -1191,6 +1562,7 @@ arbiter: ## @param arbiter.hostAliases Add deployment host aliases ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ ## + automountServiceAccountToken: true hostAliases: [] ## @param arbiter.configuration Arbiter configuration file to be used ## http://docs.mongodb.org/manual/reference/configuration-options/ @@ -1326,6 +1698,8 @@ arbiter: podSecurityContext: enabled: true fsGroup: 1001 + fsGroupChangePolicy: Always + supplementalGroups: [] ## sysctl settings ## Example: ## sysctls: @@ -1341,8 +1715,21 @@ arbiter: ## containerSecurityContext: enabled: true + seLinuxOptions: {} runAsUser: 1001 + runAsGroup: 1001 runAsNonRoot: true + privileged: false + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] + seccompProfile: + type: "RuntimeDefault" + # containerSecurityContext: + # enabled: true + # runAsUser: 1001 + # runAsNonRoot: true ## MongoDB(®) Arbiter containers' resource requests and limits. ## ref: https://kubernetes.io/docs/user-guide/compute-resources/ ## We usually recommend not to specify default resources and to leave this as a conscious @@ -1352,6 +1739,7 @@ arbiter: ## @param arbiter.resources.limits The resources limits for Arbiter containers ## @param arbiter.resources.requests The requested resources for Arbiter containers ## + resourcesPreset: "small" resources: {} ## Example: ## limits: @@ -1498,6 +1886,12 @@ arbiter: ## @param arbiter.service.annotations Provide any additional annotations that may be required ## annotations: {} + headless: + ## @param arbiter.service.headless.annotations Annotations for the headless service. + ## + annotations: {} +## @section Hidden Node parameters +## ## @section Hidden Node parameters ## @@ -1507,6 +1901,9 @@ hidden: ## https://docs.mongodb.com/manual/tutorial/configure-a-hidden-replica-set-member/ ## enabled: false + ## @param hidden.automountServiceAccountToken Mount Service Account token in pod + ## + automountServiceAccountToken: true ## @param hidden.hostAliases Add deployment host aliases ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ ## @@ -1649,6 +2046,8 @@ hidden: podSecurityContext: enabled: true fsGroup: 1001 + fsGroupChangePolicy: Always + supplementalGroups: [] ## sysctl settings ## Example: ## sysctls: @@ -1664,8 +2063,21 @@ hidden: ## containerSecurityContext: enabled: true + seLinuxOptions: {} runAsUser: 1001 + runAsGroup: 1001 runAsNonRoot: true + privileged: false + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] + seccompProfile: + type: "RuntimeDefault" + # containerSecurityContext: + # enabled: true + # runAsUser: 1001 + # runAsNonRoot: true ## MongoDB(®) Hidden containers' resource requests and limits. ## ref: https://kubernetes.io/docs/user-guide/compute-resources/ ## We usually recommend not to specify default resources and to leave this as a conscious @@ -1675,6 +2087,7 @@ hidden: ## @param hidden.resources.limits The resources limits for hidden node containers ## @param hidden.resources.requests The requested resources for hidden node containers ## + resourcesPreset: "micro" resources: ## Example: ## limits: @@ -1884,7 +2297,7 @@ metrics: image: registry: docker.io repository: bitnami/mongodb-exporter - tag: 0.32.0-debian-10-r3 + tag: 0.40.0-debian-12-r14 pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. ## Secrets must be manually created in the namespace. @@ -1904,7 +2317,59 @@ metrics: ## @param metrics.extraFlags String with extra flags to the metrics exporter ## ref: https://github.com/percona/mongodb_exporter/blob/master/mongodb_exporter.go ## + compatibleMode: true + collector: + ## @param metrics.collector.all Enable all collectors. Same as enabling all individual metrics + ## Enabling all metrics will cause significant CPU load on mongod + all: false + ## @param metrics.collector.diagnosticdata Boolean Enable collecting metrics from getDiagnosticData + diagnosticdata: true + ## @param metrics.collector.replicasetstatus Boolean Enable collecting metrics from replSetGetStatus + replicasetstatus: true + ## @param metrics.collector.dbstats Boolean Enable collecting metrics from dbStats + dbstats: false + ## @param metrics.collector.topmetrics Boolean Enable collecting metrics from top admin command + topmetrics: false + ## @param metrics.collector.indexstats Boolean Enable collecting metrics from $indexStats + indexstats: false + ## @param metrics.collector.collstats Boolean Enable collecting metrics from $collStats + collstats: false + ## @param metrics.collector.collstatsColls List of \.\ to get $collStats + collstatsColls: [] + ## @param metrics.collector.indexstatsColls List - List of \.\ to get $indexStats + indexstatsColls: [] + ## @param metrics.collector.collstatsLimit Number - Disable collstats, dbstats, topmetrics and indexstats collector if there are more than \ collections. 0=No limit + collstatsLimit: 0 + ## @param metrics.extraFlags String with extra flags to the metrics exporter + ## ref: https://github.com/percona/mongodb_exporter/blob/main/main.go + ## extraFlags: "" + ## Command and args for running the container (set to default if not set). Use array form + ## @param metrics.command Override default container command (useful when using custom images) + ## @param metrics.args Override default container args (useful when using custom images) + ## + command: [] + args: [] + ## Metrics exporter container resource requests and limits + ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ + ## We usually recommend not to specify default resources and to leave this as a conscious + ## choice for the user. This also increases chances charts run on environments with little + ## resources, such as Minikube. If you do want to specify resources, uncomment the following + ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. + ## @param metrics.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if metrics.resources is set (metrics.resources is recommended for production). + ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 + ## + resourcesPreset: "nano" + ## @param metrics.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) + ## Example: + ## resources: + ## requests: + ## cpu: 2 + ## memory: 512Mi + ## limits: + ## cpu: 3 + ## memory: 1024Mi + ## ## Metrics exporter container resource requests and limits ## ref: https://kubernetes.io/docs/user-guide/compute-resources/ ## We usually recommend not to specify default resources and to leave this as a conscious @@ -2010,6 +2475,14 @@ metrics: ## ref: https://github.com/coreos/prometheus-operator ## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md ## + ## @param metrics.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the metrics container(s) + ## Examples: + ## extraVolumeMounts: + ## - name: extras + ## mountPath: /usr/share/extras + ## readOnly: true + ## + extraVolumeMounts: [] serviceMonitor: ## @param metrics.serviceMonitor.enabled Create ServiceMonitor Resource for scraping metrics using Prometheus Operator ## diff --git a/main.tf b/main.tf index 2983f76..c0eacf0 100644 --- a/main.tf +++ b/main.tf @@ -26,7 +26,7 @@ resource "helm_release" "mongodb" { depends_on = [kubernetes_namespace.mongodb] name = "mongodb" chart = "mongodb" - version = var.chart_version + version = var.helm_chart_version timeout = 600 namespace = var.namespace repository = "https://charts.bitnami.com/bitnami" diff --git a/modules/backup/templates/fullbackup-cronjob.yaml b/modules/backup/templates/fullbackup-cronjob.yaml index e6cc682..139e5f5 100644 --- a/modules/backup/templates/fullbackup-cronjob.yaml +++ b/modules/backup/templates/fullbackup-cronjob.yaml @@ -34,5 +34,5 @@ spec: value: {{ .Values.bucket_provider_type }} - name: AWS_DEFAULT_REGION value: {{ .Values.backup.aws_default_region }} - resources: + resources: {{- toYaml .Values.backupjob.resources | nindent 14 }} diff --git a/variables.tf b/variables.tf index ad247ce..5e6284c 100644 --- a/variables.tf +++ b/variables.tf @@ -33,15 +33,15 @@ variable "mongodb_custom_credentials_config" { description = "Specify the configuration settings for Mongodb to pass custom credentials during creation." } -variable "chart_version" { +variable "helm_chart_version" { type = string - default = "13.1.5" + default = "15.1.2" description = "Version of the Mongodb chart that will be used to deploy Mongodb application." } variable "app_version" { type = string - default = "5.0.8-debian-10-r9" + default = "7.0.8-debian-12-r0" description = "Version of the Mongodb application that will be deployed." } @@ -76,7 +76,7 @@ variable "mongodb_exporter_enabled" { variable "mongodb_exporter_config" { type = any default = { - version = "2.9.0" + version = "3.5.0" } description = "Specify whether or not to deploy Mongodb exporter to collect Mongodb metrics for monitoring in Grafana." } From c4645d36c48ab4dd74c0277b2b9572031fd8a50b Mon Sep 17 00:00:00 2001 From: rachit89 Date: Mon, 22 Apr 2024 13:39:45 +0530 Subject: [PATCH 2/3] Upgraded helm chart version and app version of mongodb and also modified values.yaml. --- .gitignore | 0 .pre-commit-config.yaml | 0 .tflint.hcl | 0 IAM.md | 0 LICENSE | 0 README.md | 1 + examples/complete/aws/README.md | 0 examples/complete/aws/helm/exporter.yaml | 0 examples/complete/aws/helm/values.yaml | 0 examples/complete/aws/main.tf | 2 +- examples/complete/aws/output.tf | 0 examples/complete/aws/provider.tf | 2 +- examples/complete/azure/README.md | 0 examples/complete/azure/helm/values.yaml | 0 examples/complete/azure/main.tf | 0 examples/complete/azure/output.tf | 0 examples/complete/azure/provider.tf | 0 examples/complete/gcp/README.md | 0 examples/complete/gcp/helm/values.yaml | 0 examples/complete/gcp/main.tf | 0 examples/complete/gcp/output.tf | 0 examples/complete/gcp/provider.tf | 0 helm/values/backup/values.yaml | 0 helm/values/exporter/values.yaml | 0 helm/values/mongodb/values.yaml | 0 helm/values/restore/values.yaml | 0 main.tf | 0 modules/backup/.helmignore | 0 modules/backup/Chart.yaml | 0 modules/backup/templates/backup-secrets.yaml | 0 modules/backup/templates/fullbackup-cronjob.yaml | 0 modules/backup/templates/service_account.yaml | 0 modules/resources/aws/README.md | 0 modules/resources/aws/main.tf | 0 modules/resources/aws/outputs.tf | 0 modules/resources/aws/variables.tf | 0 modules/resources/azure/README.md | 0 modules/resources/azure/main.tf | 0 modules/resources/azure/outputs.tf | 0 modules/resources/azure/variables.tf | 0 modules/resources/gcp/README.md | 0 modules/resources/gcp/main.tf | 0 modules/resources/gcp/outputs.tf | 0 modules/resources/gcp/variables.tf | 0 modules/restore/.helmignore | 0 modules/restore/Chart.yaml | 0 modules/restore/templates/job.yaml | 0 modules/restore/templates/restore-secrets.yaml | 0 modules/restore/templates/service_account.yaml | 0 output.tf | 0 variables.tf | 6 ++++++ 51 files changed, 9 insertions(+), 2 deletions(-) mode change 100644 => 100755 .gitignore mode change 100644 => 100755 .pre-commit-config.yaml mode change 100644 => 100755 .tflint.hcl mode change 100644 => 100755 IAM.md mode change 100644 => 100755 LICENSE mode change 100644 => 100755 README.md mode change 100644 => 100755 examples/complete/aws/README.md mode change 100644 => 100755 examples/complete/aws/helm/exporter.yaml mode change 100644 => 100755 examples/complete/aws/helm/values.yaml mode change 100644 => 100755 examples/complete/aws/main.tf mode change 100644 => 100755 examples/complete/aws/output.tf mode change 100644 => 100755 examples/complete/aws/provider.tf mode change 100644 => 100755 examples/complete/azure/README.md mode change 100644 => 100755 examples/complete/azure/helm/values.yaml mode change 100644 => 100755 examples/complete/azure/main.tf mode change 100644 => 100755 examples/complete/azure/output.tf mode change 100644 => 100755 examples/complete/azure/provider.tf mode change 100644 => 100755 examples/complete/gcp/README.md mode change 100644 => 100755 examples/complete/gcp/helm/values.yaml mode change 100644 => 100755 examples/complete/gcp/main.tf mode change 100644 => 100755 examples/complete/gcp/output.tf mode change 100644 => 100755 examples/complete/gcp/provider.tf mode change 100644 => 100755 helm/values/backup/values.yaml mode change 100644 => 100755 helm/values/exporter/values.yaml mode change 100644 => 100755 helm/values/mongodb/values.yaml mode change 100644 => 100755 helm/values/restore/values.yaml mode change 100644 => 100755 main.tf mode change 100644 => 100755 modules/backup/.helmignore mode change 100644 => 100755 modules/backup/Chart.yaml mode change 100644 => 100755 modules/backup/templates/backup-secrets.yaml mode change 100644 => 100755 modules/backup/templates/fullbackup-cronjob.yaml mode change 100644 => 100755 modules/backup/templates/service_account.yaml mode change 100644 => 100755 modules/resources/aws/README.md mode change 100644 => 100755 modules/resources/aws/main.tf mode change 100644 => 100755 modules/resources/aws/outputs.tf mode change 100644 => 100755 modules/resources/aws/variables.tf mode change 100644 => 100755 modules/resources/azure/README.md mode change 100644 => 100755 modules/resources/azure/main.tf mode change 100644 => 100755 modules/resources/azure/outputs.tf mode change 100644 => 100755 modules/resources/azure/variables.tf mode change 100644 => 100755 modules/resources/gcp/README.md mode change 100644 => 100755 modules/resources/gcp/main.tf mode change 100644 => 100755 modules/resources/gcp/outputs.tf mode change 100644 => 100755 modules/resources/gcp/variables.tf mode change 100644 => 100755 modules/restore/.helmignore mode change 100644 => 100755 modules/restore/Chart.yaml mode change 100644 => 100755 modules/restore/templates/job.yaml mode change 100644 => 100755 modules/restore/templates/restore-secrets.yaml mode change 100644 => 100755 modules/restore/templates/service_account.yaml mode change 100644 => 100755 output.tf mode change 100644 => 100755 variables.tf diff --git a/.gitignore b/.gitignore old mode 100644 new mode 100755 diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml old mode 100644 new mode 100755 diff --git a/.tflint.hcl b/.tflint.hcl old mode 100644 new mode 100755 diff --git a/IAM.md b/IAM.md old mode 100644 new mode 100755 diff --git a/LICENSE b/LICENSE old mode 100644 new mode 100755 diff --git a/README.md b/README.md old mode 100644 new mode 100755 index f707177..f57943d --- a/README.md +++ b/README.md @@ -161,6 +161,7 @@ No modules. | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| +| [additional\_aws\_tags](#input\_additional\_aws\_tags) | Additional tags to be applied to resources | `map(string)` | `{}` | no | | [app\_version](#input\_app\_version) | Version of the Mongodb application that will be deployed. | `string` | `"7.0.8-debian-12-r0"` | no | | [az\_account\_backup](#input\_az\_account\_backup) | Azure user managed account backup identity | `string` | `""` | no | | [az\_account\_restore](#input\_az\_account\_restore) | Azure user managed account restore identity | `string` | `""` | no | diff --git a/examples/complete/aws/README.md b/examples/complete/aws/README.md old mode 100644 new mode 100755 diff --git a/examples/complete/aws/helm/exporter.yaml b/examples/complete/aws/helm/exporter.yaml old mode 100644 new mode 100755 diff --git a/examples/complete/aws/helm/values.yaml b/examples/complete/aws/helm/values.yaml old mode 100644 new mode 100755 diff --git a/examples/complete/aws/main.tf b/examples/complete/aws/main.tf old mode 100644 new mode 100755 index ffbde6d..b6f36ce --- a/examples/complete/aws/main.tf +++ b/examples/complete/aws/main.tf @@ -2,7 +2,7 @@ locals { name = "mongo" region = "ap-northeast-1" environment = "stg" - additional_tags = { + additional_aws_tags = { Owner = "organization_name" Expires = "Never" Department = "Engineering" diff --git a/examples/complete/aws/output.tf b/examples/complete/aws/output.tf old mode 100644 new mode 100755 diff --git a/examples/complete/aws/provider.tf b/examples/complete/aws/provider.tf old mode 100644 new mode 100755 index e17ca5b..4011c30 --- a/examples/complete/aws/provider.tf +++ b/examples/complete/aws/provider.tf @@ -1,7 +1,7 @@ provider "aws" { region = local.region default_tags { - tags = local.additional_tags + tags = local.additional_aws_tags } } diff --git a/examples/complete/azure/README.md b/examples/complete/azure/README.md old mode 100644 new mode 100755 diff --git a/examples/complete/azure/helm/values.yaml b/examples/complete/azure/helm/values.yaml old mode 100644 new mode 100755 diff --git a/examples/complete/azure/main.tf b/examples/complete/azure/main.tf old mode 100644 new mode 100755 diff --git a/examples/complete/azure/output.tf b/examples/complete/azure/output.tf old mode 100644 new mode 100755 diff --git a/examples/complete/azure/provider.tf b/examples/complete/azure/provider.tf old mode 100644 new mode 100755 diff --git a/examples/complete/gcp/README.md b/examples/complete/gcp/README.md old mode 100644 new mode 100755 diff --git a/examples/complete/gcp/helm/values.yaml b/examples/complete/gcp/helm/values.yaml old mode 100644 new mode 100755 diff --git a/examples/complete/gcp/main.tf b/examples/complete/gcp/main.tf old mode 100644 new mode 100755 diff --git a/examples/complete/gcp/output.tf b/examples/complete/gcp/output.tf old mode 100644 new mode 100755 diff --git a/examples/complete/gcp/provider.tf b/examples/complete/gcp/provider.tf old mode 100644 new mode 100755 diff --git a/helm/values/backup/values.yaml b/helm/values/backup/values.yaml old mode 100644 new mode 100755 diff --git a/helm/values/exporter/values.yaml b/helm/values/exporter/values.yaml old mode 100644 new mode 100755 diff --git a/helm/values/mongodb/values.yaml b/helm/values/mongodb/values.yaml old mode 100644 new mode 100755 diff --git a/helm/values/restore/values.yaml b/helm/values/restore/values.yaml old mode 100644 new mode 100755 diff --git a/main.tf b/main.tf old mode 100644 new mode 100755 diff --git a/modules/backup/.helmignore b/modules/backup/.helmignore old mode 100644 new mode 100755 diff --git a/modules/backup/Chart.yaml b/modules/backup/Chart.yaml old mode 100644 new mode 100755 diff --git a/modules/backup/templates/backup-secrets.yaml b/modules/backup/templates/backup-secrets.yaml old mode 100644 new mode 100755 diff --git a/modules/backup/templates/fullbackup-cronjob.yaml b/modules/backup/templates/fullbackup-cronjob.yaml old mode 100644 new mode 100755 diff --git a/modules/backup/templates/service_account.yaml b/modules/backup/templates/service_account.yaml old mode 100644 new mode 100755 diff --git a/modules/resources/aws/README.md b/modules/resources/aws/README.md old mode 100644 new mode 100755 diff --git a/modules/resources/aws/main.tf b/modules/resources/aws/main.tf old mode 100644 new mode 100755 diff --git a/modules/resources/aws/outputs.tf b/modules/resources/aws/outputs.tf old mode 100644 new mode 100755 diff --git a/modules/resources/aws/variables.tf b/modules/resources/aws/variables.tf old mode 100644 new mode 100755 diff --git a/modules/resources/azure/README.md b/modules/resources/azure/README.md old mode 100644 new mode 100755 diff --git a/modules/resources/azure/main.tf b/modules/resources/azure/main.tf old mode 100644 new mode 100755 diff --git a/modules/resources/azure/outputs.tf b/modules/resources/azure/outputs.tf old mode 100644 new mode 100755 diff --git a/modules/resources/azure/variables.tf b/modules/resources/azure/variables.tf old mode 100644 new mode 100755 diff --git a/modules/resources/gcp/README.md b/modules/resources/gcp/README.md old mode 100644 new mode 100755 diff --git a/modules/resources/gcp/main.tf b/modules/resources/gcp/main.tf old mode 100644 new mode 100755 diff --git a/modules/resources/gcp/outputs.tf b/modules/resources/gcp/outputs.tf old mode 100644 new mode 100755 diff --git a/modules/resources/gcp/variables.tf b/modules/resources/gcp/variables.tf old mode 100644 new mode 100755 diff --git a/modules/restore/.helmignore b/modules/restore/.helmignore old mode 100644 new mode 100755 diff --git a/modules/restore/Chart.yaml b/modules/restore/Chart.yaml old mode 100644 new mode 100755 diff --git a/modules/restore/templates/job.yaml b/modules/restore/templates/job.yaml old mode 100644 new mode 100755 diff --git a/modules/restore/templates/restore-secrets.yaml b/modules/restore/templates/restore-secrets.yaml old mode 100644 new mode 100755 diff --git a/modules/restore/templates/service_account.yaml b/modules/restore/templates/service_account.yaml old mode 100644 new mode 100755 diff --git a/output.tf b/output.tf old mode 100644 new mode 100755 diff --git a/variables.tf b/variables.tf old mode 100644 new mode 100755 index 5e6284c..53f49fb --- a/variables.tf +++ b/variables.tf @@ -1,3 +1,9 @@ +variable "additional_aws_tags" { + description = "Additional tags to be applied to resources" + type = map(string) + default = {} +} + variable "mongodb_config" { type = any default = { From df2b1ed6a8409c4b8986b244c3d0198243918436 Mon Sep 17 00:00:00 2001 From: rachit89 <115970922+rachit89@users.noreply.github.com> Date: Tue, 23 Apr 2024 17:37:40 +0530 Subject: [PATCH 3/3] Update README.md --- README.md | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index f57943d..ecfdf14 100755 --- a/README.md +++ b/README.md @@ -1,8 +1,10 @@ ## MongoDB -![squareops_avatar] - -[squareops_avatar]: https://squareops.com/wp-content/uploads/2022/12/squareops-logo.png + + + + + ### [SquareOps Technologies](https://squareops.com/) Your DevOps Partner for Accelerating cloud journey.