launchdarkly / ld-relay-helm Goto Github PK

View Code? Open in Web Editor NEW

6.0 27.0 14.0 796 KB

A helm chart to ease deployment of the LaunchDarkly Relay Proxy

License: Other

Smarty 5.45% Makefile 2.24% Go 92.31%

feature-flags feature-toggles helm helm-chart launchdarkly tools

ld-relay-helm's Introduction

LaunchDarkly Relay Proxy Helm Chart

A Helm chart to ease deployment of the LaunchDarkly Relay Proxy to Kubernetes (k8s).

Basic installation and configuration information is below.

To learn more, read the Getting started guide. For additional examples, read:

LaunchDarkly overview

LaunchDarkly is a feature management platform that serves trillions of feature flags daily to help teams build better software, faster. Get started using LaunchDarkly today!

Installation

The default configuration is insufficient to have a working instance of the Relay Proxy running. You must minimally provide an environment for the Relay Proxy to connect to, using your LaunchDarkly SDK key for that environment.

To deploy the Relay Proxy to the Kubernetes cluster using the default configuration and an environment:

helm repo add launchdarkly-ld-relay https://launchdarkly.github.io/ld-relay-helm
helm install ld-relay --set relay.environment.LD_ENV_YourEnvironment=your-sdk-key launchdarkly-ld-relay/ld-relay

For additional configuration, use the Configuration options below.

Configuration options

To customize this Helm chart, override the configuration options defined in the values file. The values file contains detailed documentation on each option.

Here's a summary of the available configuration options:

Key	Type	Default	Description
relay.environment	object	`{}`	Defines container environment variables to configure the Relay Proxy instance (via ConfigMap)
relay.environmentVariables	array	`[]`	Defines container environment variables to configure the Relay Proxy instance (via container spec)
relay.envFromSecret	string	`null`	Defines container environment variables to configure the Relay Proxy instance (via existing k8s secrets)
relay.secrets	array	`[]`	Defines container environment variables or volumes populated from k8s secrets
relay.volume	object	`{}`	Enables offline mode or references an existing config file from a defined volume
relay.livenessProbe	object	`{httpGet: { port: "api", path: "/status" }}`	Defines the liveness probe for the relay container
relay.readinessProbe	object	`{httpGet: { port: "api", path: "/status" }}`	Defines the readiness probe for the relay container
relay.lifecycle	object	`[]`	Defines the lifecycle hooks for the relay container
replicaCount	integer	`1`	Number of replicas of the relay pod
image.repository	string	`launchdarkly/ld-relay`	ld-relay image repository
image.pullPolicy	string	`IfNotPresent`	ld-relay image pull policy
image.tag	string	`""`	Overrides the image tag whose default is the chart appVersion
imagePullSecrets	array	`[]`	Specifies docker registry secret names as an array
nameOverride	string	`""`	Partially overrides the fullname template with a string (includes release name)
fullnameOverride	string	`""`	Fully overrides the fullname template with a string
serviceAccount.create	bool	`true`	Specifies whether a service account should be created
serviceAccount.annotations	object	`{}`	Annotations to add to the service account
serviceAccount.name	string	`""`	The name of the service account
pod.annotations	object	`{}`	Pod annotations
pod.labels	object	`{}`	Pod labels
pod.securityContext	object	`{}`	Pod security context
terminationGracePeriodSeconds	string	`null`	Pod terminationGracePeriodSeconds
securityContext	object	`{}`	Container security context
service.type	string	`ClusterIP`	Kubernetes service type
service.annotations	object	`{}`	Annotations to add to the service
service.ports	array	`[{port: 8030, targetPort: 8030, protocol: TCP, name: api}]`	Service port mapping. Must include one port named `api`.
ingress.enabled	bool	`false`	Enables ingress controller
ingress.className	string	`""`	Ingress class name
ingress.annotations	object	`{}`	Ingress annotations
ingress.hosts	array	`[]`	List of host rules
ingress.tls	array	`[]`	Ingress TLS configuration
resources	object	`{}`	Resource requirements for the relay container
autoscaling.enabled	bool	`false`	Enables HorizontalPodAutoscaler
autoscaling.minReplicas	integer	`1`	Sets minimum number of running replicas
autoscaling.maxReplicas	integer	`100`	Sets maximum number of running replicas
autoscaling.targetCPUUtilizationPercentage	integer	`80`	Configures CPU as an average utilization metrics resource
autoscaling.targetMemoryUtilizationPercentage	integer	`80`	Configures memory as an average utilization metrics resource
nodeSelector	object	`{}`	Selector to target node placement for the relay pod
tolerations	array	`[]`	Specify pod tolerations
affinity	object	`{}`	Specify pod affinity
pod.distruptionBudget.enabled	boolean	`false`	Enabled podDistruptionBudget
pod.distruptionBudget.minAvailable	string	`""`	Minimum number of pods that are available after eviction as number or percentage
pod.distruptionBudget.maxUnavailable	string	`""`	Maximum number of pods that are unavailable after eviction as number or percentage
pod.topologySpreadConstraints	array	`[]`	Specify the topology spread constrait definitions to apply to the relay deployment
pod.priorityClassName	string	`""`	Specify a PriorityClass for the pod

Learn more

Read our documentation for in-depth instructions on configuring and using LaunchDarkly. To learn more about the Relay Proxy specifically, read the complete reference guide for the Relay Proxy.

Contributing

We encourage pull requests and other contributions from the community. Check out our contributing guidelines for instructions on how to contribute to this repository.

About LaunchDarkly

LaunchDarkly is a continuous delivery platform that provides feature flags as a service and allows developers to iterate quickly and safely. We allow you to easily flag your features and manage them from the LaunchDarkly dashboard. With LaunchDarkly, you can:
- Roll out a new feature to a subset of your users (like a group of users who opt-in to a beta tester group), gathering feedback and bug reports from real-world use cases.
- Gradually roll out a feature to an increasing percentage of users, and track the effect that the feature has on key metrics (for instance, how likely is a user to complete a purchase if they have feature A versus feature B?).
- Turn off a feature that you realize is causing performance problems in production, without needing to re-deploy, or even restart the application with a changed configuration file.
- Grant access to certain features based on user attributes, like payment plan (eg: users on the ‘gold’ plan get access to more features than users in the ‘silver’ plan). Disable parts of your application to facilitate maintenance, without taking everything offline.
LaunchDarkly provides feature flag SDKs for a wide variety of languages and technologies. Read our documentation for a complete list.
Explore LaunchDarkly
- launchdarkly.com for more information
- docs.launchdarkly.com for our documentation and SDK reference guides
- apidocs.launchdarkly.com for our API documentation
- launchdarkly.com/blog for the latest product updates

ld-relay-helm's People

Contributors

Stargazers

Watchers

Forkers

tomaskuznetsov guifl mimiandcanada kovaxur moyingnana uristernik liamstorkey pjaak billheroinc emilhorne mansong1 kh3dron helinanu

ld-relay-helm's Issues

Upgrade Relay proxy to version 7.0

Hello hello,

First of all: thank you for this helm chart !

Is your feature request related to a problem? Please describe.
Our proxy was not working because we used the last version of the react-client-sdk which requires version 7.0 of the relay proxy as mentionned here.

Describe the solution you'd like
Either update the version of the relay proxy to match up-to-date documentation.

Describe alternatives you've considered
Update README.md to emphasis which version of SDK (Client side and Server side) can be used when using this helm chart.

Additional context
Add any other context about the feature request here.

Support for dynamic envFrom k8s Secrets

Is your feature request related to a problem? Please describe.
Currently, the helm chart supports envfrom the configMapRef but this does not support secure string secrets (like sdk keys) as it would require them to be in plain text in the values files.

Describe the solution you'd like
Allowing dynamic envFrom pre-existing k8s secrets. This would allow users to create k8s secrets that hold a bunch of key-value pairs (like the external secrets operator does via aws ssm) and the helm chart would create the environment variables from this secret. Removing the need for having secrets in the plain text of the values files. This could be a boolean toggle in the values files.

For now, we can leave the onus of creating/maintaining the k8s secret to the individual user. This way they can use any tool they would like to create the secret, as long as the secret name is <helm release name>-secret-environment-variables it will be picked up and used here.

make HPA compatible with older kubernetes versions

Is your feature request related to a problem? Please describe.
We're using EKS and we're now running k8s in version 1.22, which doesn't support autoscaling/v2 API for HPA

Describe the solution you'd like
Have a check to use a compatible version of HPA based on k8s version.

Describe alternatives you've considered
We tried overriding the chart locally, but it created us issues with our argocd integration

Additional context
Add any other context about the feature request here.

priorityClassName is not assignable

Is your feature request related to a problem? Please describe.

priorityClassName is not assignable to the LD relay pod.

Describe the solution you'd like

Let priorityClassName be passed into the deployment int he same way as other pod attributes, like annotations or labels.

Describe alternatives you've considered

No real alternatives considered - this should be a pretty minor addition.

Additional context

Pull Request here.

Add support fo container lifecycle hooks

Is your feature request related to a problem? Please describe.
It's not possible to add lifecycle hooks for relay container.

With some ingress controllers e.g. Azure application gateway ingress controller, the backend pool refreshes too slowly and causes downtime without a preStop hook. Documentation

Describe the solution you'd like
An ability to add lifecycle hooks via helm values

Describe alternatives you've considered
No reasonable alternatives afaik as this would be a pretty minor feature.

Additional context
Add any other context about the feature request here.

Readiness and liveness fails after enabling TLS termination on ld-proxy.

Describe the bug
Readiness and liveness fails when enabling TLS termination on ld-proxy.
Pods restarts because of Liveness failure

To reproduce

Create a tls secret named "tls" with a certificate and key.
Create values.yaml with below to enable TLS.

  relay:
    environment:
      TLS_ENABLED: "true"
      TLS_CERT: "/mnt/secrets/tls.crt"
      TLS_KEY: "/mnt/secrets/tls.key"
    secrets:
    - volumePath: tls.key
      volumeName: tlskey
      secretName: tls
      secretKey: tls.key
    - volumePath: tls.crt
      volumeName: tlscrt
      secretName: tls
      secretKey: tls.crt

Use below helm command to install the chart

helm install relay --set relay.environment.LD_ENV_YourEnvironment=your-sdk-key -f values.yaml launchdarkly-ld-relay/ld-relay

Expected behavior
The Liveness and Readiness check should be using scheme HTTPS instead of default HTTP when TLS termination is enabled on the ld-proxy side.

        livenessProbe:
          failureThreshold: 3
          httpGet:
            path: /status
            port: api
            scheme: HTTP <<---- in chart, there is no scheme set, so it sets to default HTTP instead of HTTPS
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        readinessProbe:
          failureThreshold: 3
          httpGet:
            path: /status
            port: api
            scheme: HTTP <<---- in chart, there is no scheme set, so it sets to default HTTP instead of HTTPS
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1

Logs

ld-proxy kubectl pod describe output

  Warning  Unhealthy  9s (x10 over 47s)  kubelet            Readiness probe failed: HTTP probe failed with statuscode: 400
  Warning  Unhealthy  9s (x4 over 39s)   kubelet            Liveness probe failed: HTTP probe failed with statuscode: 400

Helm chart version

NAME                          	CHART VERSION	APP VERSION	DESCRIPTION
launchdarkly-ld-relay/ld-relay	2.2.1        	7.2.1      	LaunchDarkly Relay Proxy

Relay proxy configuration, developer tools
Helm : v3.11.2
LD Version : launchdarkly/ld-relay:7.2.1

Additional context
This issue surfaced after fixing the issue #36

Add Annotations for Service

Is your feature request related to a problem? Please describe.
Currently there is no way to configure an AWS ELB when deploying this helm chart. However this is possible via annotations. This would be very helpful to allow deployment of load balancers with their full configuration via this helm chart.

Describe the solution you'd like
Allow annotations to be made to the service like what is possible for ingress and pods.

Add ability to add environment variable on deployment

Is your feature request related to a problem? Please describe.
I want to use an environment variable with valueFrom.fieldRef.fieldPath. Because you are passing it to the config map, this is not an option at the moment.

Describe the solution you'd like
Have another value that renders to the containers environment variable

Describe alternatives you've considered
None right now

Pods do not restart when configmap changes via values

Is this a support request?
No

Describe the bug
Pods don't restart when configmap changes via .Values.relay.environment. This can be combatted with an annotation such as

spec:
  template:
    metadata:
      annotations:
        checksum/config: {{ include ("chart-name.configmap") . | sha256sum }}

To reproduce
Install the chart, change the environment variables via the .Values.relay.environment, and update the deployment. Notice that the pods don't automatically restart to account for the new environment

Expected behavior
Pods should restart

Logs
If applicable, add any log output related to your problem.

Helm chart version
1.0.0

Additional context
Add any other context about the problem here.

I'd be happy to make a PR if preffered?

Add possibility to specify pod labels

Is your feature request related to a problem? Please describe.
No

Describe the solution you'd like
We should be able to add additional labels to the pods. For us this is required for log collections.

Describe alternatives you've considered
No alternatives, as this is a de-facto way.

Additional context
N/A

Allow Mounting of Secrets

Is your feature request related to a problem? Please describe.
Currently there is no way to mount a secret into the pod, just environment variables. This means there is no way to pass in a TLS cert into the pod, something that is supported by the relay proxy.

Describe the solution you'd like
I want to be able to mount a secret inside the pod

Releases prior to 3.3.0 no longer resolve

Describe the bug
References to older chart versions no longer resolve

I noticed the index.yaml was recently completely re-built (deleted, then re-added), and older releases now have a new URL like:

https://launchdarkly.github.io/ld-relay-helm/helm-repo/ld-relay-3.1.0.tgz

note the /helm-repo/ component, which doesn't seem to exist in the repo itself. These URLs 404 when fetched

but the newest release 3.3.0 has a URL like:

https://launchdarkly.github.io/ld-relay-helm/ld-relay-3.3.0.tgz

which works.

To reproduce

# Chart.yaml
---
apiVersion: v2
name: launchdarkly-relay-proxy
description: |
  The LaunchDarkly Relay Proxy is a small Go application that runs on your own infrastructure. It connects to the
  LaunchDarkly streaming API and proxies that connection to clients within your organization's network.
type: application
version: 1.0.0
appVersion: '1.0.0'
dependencies:
  - name: ld-relay
    version: 3.1.0
    repository: https://launchdarkly.github.io/ld-relay-helm

$ helm repo add launch-darkly-relay https://launchdarkly.github.io/ld-relay-helm
...

$ helm dependency build .                                                       
Hang tight while we grab the latest from your chart repositories...
...Successfully got an update from the "launch-darkly-relay" chart repository
Update Complete. ⎈Happy Helming!⎈
Saving 1 charts
Downloading ld-relay from repo https://launchdarkly.github.io/ld-relay-helm
Save error occurred:  could not download https://launchdarkly.github.io/ld-relay-helm/helm-repo/ld-relay-3.1.0.tgz: failed to fetch https://launchdarkly.github.io/ld-relay-helm/helm-repo/ld-relay-3.1.0.tgz : 404 Not Found
Error: could not download https://launchdarkly.github.io/ld-relay-helm/helm-repo/ld-relay-3.1.0.tgz: failed to fetch https://launchdarkly.github.io/ld-relay-helm/helm-repo/ld-relay-3.1.0.tgz : 404 Not Found

Expected behavior
Expected old chart versions to be able to be resolved when listed as a dependency

Logs
n/a

Helm chart version
I've verified that all versions < 3.3.0 have the broken URL (/helm-repo/ component)

Relay proxy configuration, developer tools
n/a

Additional context
n/a

Upgrade Relay proxy to version 8.x

Is your feature request related to a problem? Please describe.
With v8.0.0 being released 2 weeks ago we would like to update the proxy chart accordingly. Preventing us from upgrading our PHP SDK to v6.0

Describe the solution you'd like
Update the version of the relay proxy to match up-to-date documentation.

Describe alternatives you've considered
Manually bumping the image version on the helm chart on our side but would like to be able to use the stock helm chart.

Additional context
Add any other context about the feature request here.

No support for topologySpreadConstraints or podAntiAffinity

Describe the bug
LD relay is a critical component in our stack and we cannot allow it to be down even if there is a zone failure. We would like to define something like this in a deployment:

      topologySpreadConstraints:
      - labelSelector:
          matchLabels:
          {{- include "launchdarkly-relay.selectorLabels" . | nindent 12 }}
        maxSkew: 1
        topologyKey: topology.kubernetes.io/zone
        whenUnsatisfiable: ScheduleAnyway

Deployment.apps "relay" is invalid: spec.template.spec.containers[0].volumeMounts[1].mountPath: Invalid value: "/mnt/secrets/": must be unique

Describe the bug
Adding more than one secrets to mount certificate and keys causes below error during helm installation

Deployment.apps "relay" is invalid: spec.template.spec.containers[0].volumeMounts[1].mountPath: Invalid value: "/mnt/secrets/": must be unique

To reproduce
Create values.yaml with below

  relay:
    environment:
      TLS_ENABLED: "true"
      TLS_CERT: "/mnt/secrets/tls.crt"
      TLS_KEY: "/mnt/secrets/tls.key"
    secrets:
    - volumePath: tls.key
      volumeName: tlskey
      secretName: tls
      secretKey: tls.key
    - volumePath: tls.crt
      volumeName: tlscrt
      secretName: tls
      secretKey: tls.crt

Use below helm template command

helm install relay --set relay.environment.LD_ENV_YourEnvironment=your-sdk-key -f values.yaml launchdarkly-ld-relay/ld-relay

Expected behavior
The generated mountPath should be uniq

Logs
If applicable, add any log output related to your problem.

Helm chart version

NAME                          	CHART VERSION	APP VERSION	DESCRIPTION
launchdarkly-ld-relay/ld-relay	2.2.0        	7.2.1      	LaunchDarkly Relay Proxy

Relay proxy configuration, developer tools

Helm : v3.11.2
LD Version : launchdarkly/ld-relay:7.2.1

No support for poddisruptionbudget

Describe the bug
LD relay is a critical component in our stack and we cannot allow it to be down even when rolling nodes.

launchdarkly / ld-relay-helm Goto Github PK

ld-relay-helm's Introduction

LaunchDarkly Relay Proxy Helm Chart

LaunchDarkly overview

Installation

Configuration options

Learn more

Contributing

About LaunchDarkly

ld-relay-helm's People

Contributors

Stargazers

Watchers

Forkers

ld-relay-helm's Issues

Recommend Projects

Recommend Topics

Recommend Org