[frinx-machine] 7.0 release (#431)

Co-authored-by: Jozef Volak <[email protected]>
FRINXio · Oct 4, 2024 · 1582fe5 · 1582fe5
1 parent 4044328
commit 1582fe5
Show file tree

Hide file tree

Showing 5 changed files with 100 additions and 61 deletions.
diff --git a/charts/frinx-machine/Chart.yaml b/charts/frinx-machine/Chart.yaml
@@ -7,8 +7,8 @@ description: |
   Further information is available on [docs.frinx.io](https://docs.frinx.io/frinx-machine/getting-started/).
 icon: https://avatars.githubusercontent.com/u/23452093?s=200&v=4
 type: application
-version: 10.0.2
-appVersion: 6.2.0
+version: 11.0.0
+appVersion: 7.0.0
 maintainers:
   - name: FRINX
 dependencies:
@@ -25,7 +25,7 @@ dependencies:
 
   - name: frinx-machine-monitoring
     repository: https://FRINXio.github.io/helm-charts
-    version: 0.1.1
+    version: 0.1.2
     condition: frinx-machine-monitoring.enabled
     tags:
       - monitoring
@@ -61,10 +61,10 @@ dependencies:
     tags:
       - database
 
-  - name: postgresql
+  - name: cloud-native-pg
     alias: timescale-db
-    repository: https://charts.bitnami.com/bitnami
-    version: 11.x.x
+    repository: https://FRINXio.github.io/helm-charts
+    version: 1.0.0
     condition: timescale-db.enabled
     tags:
       - database
@@ -115,21 +115,21 @@ dependencies:
 
   - name: uniconfig
     repository: https://FRINXio.github.io/helm-charts
-    version: 8.2.1
+    version: 8.2.2
     condition: uniconfig.enabled
     tags:
       - backend
 
   - name: topology-discovery
     repository: https://FRINXio.github.io/helm-charts
-    version: 3.1.1
+    version: 4.0.0
     condition: topology-discovery.enabled
     tags:
       - backend
 
   - name: performance-monitor
     repository: https://FRINXio.github.io/helm-charts
-    version: 0.1.5
+    version: 2.0.0
     condition: performance-monitor.enabled
     tags:
       - backend
@@ -153,5 +153,5 @@ dependencies:
 
   - name: oauth2-proxy
     repository: https://oauth2-proxy.github.io/manifests
-    version: 7.7.4
+    version: 7.7.23
     condition: oauth2-proxy.enabled
diff --git a/charts/frinx-machine/README.md b/charts/frinx-machine/README.md
@@ -5,11 +5,11 @@ User specific workflows are designed through the use of OpenConfig NETCONF & YAN
 The FRINX Machine uses dockerized containers that are designed and tested to work together to create a user specific solution.
 Further information is available on [docs.frinx.io](https://docs.frinx.io/frinx-machine/getting-started/).
 
-![Version: 10.0.2](https://img.shields.io/badge/Version-10.0.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 6.2.0](https://img.shields.io/badge/AppVersion-6.2.0-informational?style=flat-square)
+![Version: 11.0.0](https://img.shields.io/badge/Version-11.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 7.0.0](https://img.shields.io/badge/AppVersion-7.0.0-informational?style=flat-square)
 
 ## Prerequisites
 
-* Kubernetes 1.27+
+* Kubernetes 1.28+
 * Helm 3.2.0+
 
 ## Get Repo Info
@@ -67,24 +67,24 @@ Frinx Machine can be deployed with Oauth2-Proxy. Example of configuration can be
 
 | Repository | Name | Version |
 |------------|------|---------|
-| https://FRINXio.github.io/helm-charts | uniconfig-postgres(cloud-native-pg) | 1.0.0 |
+| https://FRINXio.github.io/helm-charts | timescale-db(cloud-native-pg) | 1.0.0 |
 | https://FRINXio.github.io/helm-charts | workflow-manager-postgres(cloud-native-pg) | 1.0.0 |
+| https://FRINXio.github.io/helm-charts | uniconfig-postgres(cloud-native-pg) | 1.0.0 |
 | https://FRINXio.github.io/helm-charts | frinx-arango-config | 4.2.0 |
 | https://FRINXio.github.io/helm-charts | frinx-frontend | 4.1.0 |
-| https://FRINXio.github.io/helm-charts | frinx-machine-monitoring | 0.1.1 |
+| https://FRINXio.github.io/helm-charts | frinx-machine-monitoring | 0.1.2 |
 | https://FRINXio.github.io/helm-charts | frinx-machine-operators | 0.3.0 |
 | https://FRINXio.github.io/helm-charts | inventory | 6.0.2 |
 | https://FRINXio.github.io/helm-charts | krakend | 5.0.2 |
-| https://FRINXio.github.io/helm-charts | performance-monitor | 0.1.5 |
+| https://FRINXio.github.io/helm-charts | performance-monitor | 2.0.0 |
 | https://FRINXio.github.io/helm-charts | resource-manager | 2.3.1 |
 | https://FRINXio.github.io/helm-charts | swagger-ui | 0.2.0 |
-| https://FRINXio.github.io/helm-charts | topology-discovery | 3.1.1 |
-| https://FRINXio.github.io/helm-charts | uniconfig | 8.2.1 |
+| https://FRINXio.github.io/helm-charts | topology-discovery | 4.0.0 |
+| https://FRINXio.github.io/helm-charts | uniconfig | 8.2.2 |
 | https://FRINXio.github.io/helm-charts | device-induction(worker) | 4.1.0 |
 | https://FRINXio.github.io/helm-charts | workflow-manager | 3.2.1 |
 | https://charts.bitnami.com/bitnami | kafka | 25.2.0 |
-| https://charts.bitnami.com/bitnami | timescale-db(postgresql) | 11.x.x |
-| https://oauth2-proxy.github.io/manifests | oauth2-proxy | 7.7.4 |
+| https://oauth2-proxy.github.io/manifests | oauth2-proxy | 7.7.23 |
 | https://traefik.github.io/charts | uc-zone-lb(traefik) | 27.0.2 |
 
 ## Hardware requirements
@@ -106,3 +106,9 @@ Frinx Machine can be deployed with Oauth2-Proxy. Example of configuration can be
 
 ## Where to Purchase
 For information regarding sales, visit [frinx.io](https://frinx.io/)
+
+## Troubleshooting
+
+### User limit of inotify watches reached
+The error "User limit of inotify watches reached" typically occurs when the system has reached its limit on the number of inotify watches that can be created.
+To solve this issue, increase the limit of inotify watches.
diff --git a/charts/frinx-machine/README.md.gotmpl b/charts/frinx-machine/README.md.gotmpl
@@ -6,7 +6,7 @@
 
 ## Prerequisites
 
-* Kubernetes 1.27+
+* Kubernetes 1.28+
 * Helm 3.2.0+
 
 ## Get Repo Info
@@ -81,3 +81,9 @@ Frinx Machine can be deployed with Oauth2-Proxy. Example of configuration can be
 
 ## Where to Purchase
 For information regarding sales, visit [frinx.io](https://frinx.io/)
+
+## Troubleshooting
+
+### User limit of inotify watches reached
+The error "User limit of inotify watches reached" typically occurs when the system has reached its limit on the number of inotify watches that can be created. 
+To solve this issue, increase the limit of inotify watches.
diff --git a/charts/frinx-machine/templates/db-persistance-secrets.yaml b/charts/frinx-machine/templates/db-persistance-secrets.yaml
@@ -21,4 +21,6 @@ data:
   UNICONFIG_POSTGRES_USERNAME: {{ .Values.global.dbPersistence.secrets.UNICONFIG_POSTGRES_USERNAME | b64enc }}
   UNICONFIG_POSTGRES_PASSWORD: {{ .Values.global.dbPersistence.secrets.UNICONFIG_POSTGRES_PASSWORD | b64enc }}
   UNICONFIG_CLISHELL_SSHSERVER_USERNAMEPASSWORDAUTH_PASSWORD: {{ .Values.global.dbPersistence.secrets.UNICONFIG_CLISHELL_SSHSERVER_USERNAMEPASSWORDAUTH_PASSWORD | b64enc }}
+  TIMESCALEDB_USERNAME: {{ .Values.global.dbPersistence.secrets.TIMESCALEDB_USERNAME | b64enc }}
+  TIMESCALEDB_PASSWORD: {{ .Values.global.dbPersistence.secrets.TIMESCALEDB_PASSWORD | b64enc }}
 {{- end -}}
diff --git a/charts/frinx-machine/values.yaml b/charts/frinx-machine/values.yaml
@@ -1,5 +1,5 @@
 # Anchor settings
-x-frinx-machine-version: &frinx-machine-version 6.2
+x-frinx-machine-version: &frinx-machine-version "7.0"
 x-frinx-database-password: &frinx-database-password frinx-database-password
 x-frinx-image-pull-secret: &frinx-image-pull-secret regcred
 x-frinx-rbac-admin-role: &frinx-rbac-admin-role FRINXio
@@ -28,6 +28,8 @@ global:
       UNICONFIG_POSTGRES_USERNAME: postgresU
       UNICONFIG_POSTGRES_PASSWORD: postgresP
       UNICONFIG_CLISHELL_SSHSERVER_USERNAMEPASSWORDAUTH_PASSWORD: admin
+      TIMESCALEDB_USERNAME: postgresU
+      TIMESCALEDB_PASSWORD: postgresP
 
 # Helm Chart dependency installation
 tags:
@@ -164,12 +166,40 @@ workflow-manager-postgres:
   monitoring:
     enablePodMonitor: *metrics-enabled
 
+timescale-db:
+  name: timescale-db
+  imageName: "frinx/cloudnativepg-timescale:16-ts2"
+
+  bootstrap:
+    initdb:
+      database: performancemonitor
+      owner: postgresU
+      postInitApplicationSQL:
+        - CREATE EXTENSION IF NOT EXISTS timescaledb;
+
+  postgresql:
+    parameters:
+      max_connections: "300"
+    shared_preload_libraries:
+      - timescaledb
+
+  secrets:
+    superuserSecret:
+      username: postgres
+      password: postgres
+    userSecret:
+      username: postgresU
+      password: postgresP
+
+  monitoring:
+    enablePodMonitor: *metrics-enabled
+
 frinx-arango-config:
   arangodb_config:
     enabled: true
     image:
       repository: arangodb/arangodb
-      tag: 3.11.8
+      tag: 3.12
     securityContext:
       readOnlyRootFilesystem: true
       runAsUser: 1000
@@ -187,10 +217,24 @@ kafka:
 
   configurationOverrides:
     log.retention.hours: 168
+
   persistence:
     enabled: true
     size: 10Gi
 
+  kraft:
+    # CHANGE IT IN PRODUCTION
+    clusterId: eN1N4bqk4ygDDBmM85QGys
+
+  sasl:
+    controller:
+      # CHANGE IT IN PRODUCTION
+      password: Aepr31lTfX
+
+    interbroker:
+      # CHANGE IT IN PRODUCTION
+      password: BgLj0pPhTz
+
   provisioning:
     enabled: true
     topics:
@@ -201,44 +245,15 @@ kafka:
           max.message.bytes: 64000
           flush.messages: 1
 
-timescale-db:
-  fullnameOverride: timescale-db
-
-  image:
-    repository: timescale/timescaledb-ha
-    tag: pg16-ts2.15-all
-
-  auth:
-    enablePostgresUser: true
-    username: postgresU
-    password: postgresP
-    database: performancemonitor
-  architecture: standalone
-  primary:
-    initdb:
-      scripts:
-        init_db.sql: |
-          CREATE EXTENSION IF NOT EXISTS timescaledb;
-
 
 # Core component configuration
 
 krakend:
   fullnameOverride: "krakend"
 
-  ingress:
-    enabled: false
-    annotations:
-      nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
-    hosts:
-      - host: krakend.127.0.0.1.nip.io
-        paths:
-          - path: "/"
-            pathType: ImplementationSpecific
-
   image:
     repository: "frinx/krakend"
-    tag: "6.1.1"
+    tag: "7.0.0"
 
   rbac:
     UNICONFIG_CONTROLLER_ADMIN_GROUP: *frinx-rbac-admin-role
@@ -273,11 +288,11 @@ frinx-frontend:
 
   image:
     repository: "frinx/frinx-frontend"
-    tag: "6.1.3"
+    tag: "7.0.1"
 
   proxyImage:
     name: frinx/frinx-graphql-proxy
-    tag: "6.1.0"
+    tag: "7.0.0"
 
   env:
     AUTH_ENABLED: true
@@ -358,7 +373,7 @@ inventory:
 
   image:
     repository: "frinx/frinx-inventory-server"
-    tag: "6.1.2"
+    tag: "7.0.1"
 
   postgresql:
     enabled: false
@@ -380,7 +395,7 @@ topology-discovery:
 
   image:
     repository: "frinx/topology-discovery"
-    tag: "6.2.5"
+    tag: "7.0.3"
 
   imagePullSecrets:
     - name: *frinx-image-pull-secret
@@ -397,6 +412,10 @@ topology-discovery:
 uc-zone-lb:
   fullnameOverride: "uc-zone-lb"
 
+  image:
+    repository: traefik
+    tag: v2.11
+
   ingressClass:
     enabled: false
 
@@ -428,7 +447,7 @@ uniconfig:
 
   image:
     repository: "frinx/uniconfig"
-    tag: "6.1.4"
+    tag: "7.0.0"
 
   imagePullSecrets:
     - name: *frinx-image-pull-secret
@@ -477,7 +496,7 @@ performance-monitor:
 
   image:
     repository: frinx/performance-monitor
-    tag: "6.0.3"
+    tag: "7.0.1"
 
   imagePullSecrets:
     - name: *frinx-image-pull-secret
@@ -489,7 +508,11 @@ performance-monitor:
     enabled: false
 
   dbPersistence:
-    POSTGRES_HOST: timescale-db
+    POSTGRES_HOST: timescale-db-rw
+    existingSecret:
+      secretName: *frinx-database-password
+      postgresUsernameKey: TIMESCALEDB_USERNAME
+      postgresPasswordKey: TIMESCALEDB_PASSWORD
     POSTGRES_USERNAME: postgresU
     POSTGRES_PASSWORD: postgresP
 
@@ -574,11 +597,13 @@ device-induction:
 
   image:
     repository: frinx/device-induction
-    tag: "0.6.5"
+    tag: "1.2.2"
 
   imagePullSecrets:
     - name: *frinx-image-pull-secret
 
+  commands: ["python3", "-u", "device_induction/main.py"]
+
   env:
     X_AUTH_USER_GROUP: *frinx-rbac-admin-role
     DEVI_DEVICE_AUTHENTICATION__DEFAULT_USERNAME: admin
@@ -592,7 +617,7 @@ oauth2-proxy:
 
   image:
     repository: "frinx/oauth2-proxy"
-    tag: "6.1.0-alpine"
+    tag: "7.0.0-alpine"
 
   imagePullSecrets:
     - name: *frinx-image-pull-secret