Commit Graph

90 Commits

Author SHA1 Message Date
vilorij
0670395369
move values to template (#210)
add ipfamily for operator

Co-authored-by: Dmitry Skokov <d.skokov@rbkmoney.com>
2021-09-17 09:36:41 +03:00
vilorij
4499bf2f62
Global values for metrics (#208)
Co-authored-by: Dmitry Skokov <d.skokov@rbkmoney.com>
2021-09-17 09:35:40 +03:00
vilorij
14e670d928
little fix in services (#211)
* add kafka persist for zookeeper

* anapi ingress header

* bump iddqd

* add stat ingress for iddqd

* bump payform

* increase ttl and add revocation statement for vault

Co-authored-by: Dmitry Skokov <d.skokov@rbkmoney.com>
2021-09-17 09:34:04 +03:00
vilorij
e3962a41c5
add values for registry address (#212)
* add values for registry address

* stage another lines

Co-authored-by: Dmitry Skokov <d.skokov@rbkmoney.com>
2021-09-17 09:31:49 +03:00
vilorij
40b938a563
Fix init domain config on first start up (#209)
* fix providerref statement
bump holmes in init container

* bump holmes with damsel

* party-management deps

Co-authored-by: Dmitry Skokov <d.skokov@rbkmoney.com>
2021-09-16 11:09:05 +03:00
Sergey Yelin
23fa06ce06
Add config for blacklisted ips (#207) 2021-09-14 13:06:02 +03:00
vilorij
0cd257f642
demostand-fix (#202)
* dark-api fix KK url

* Enlarge domainconfig init with providers, payouts, payment_routing

* add reporter
enable wapi-*
fix fistfull config for identities create

* add create account in settlement

* fix wallet_contract

* Service urls now requires own place in config

* fix wapi-pcidss config

* fix wapi for creation destination

* add environment for devstand

* fix wapi endpoint in fistful-magista

* darkapi bump

* bump dashboard

* bump KK version

* add roles to internal realm

* bump questionary-proxy

* reduce default_ttl

* add wapi port

* group ingress tls secrets for api and iddqd

* reduce cert number by splitting tls section in papi

* change domain inliner to use vars

* refactor ingress domain logic

* refactor trigger name

* Update erlang services (#204)

* Update wapi-pcidss to latest

* Update wapi-v0 to latest

* Update hellgate

* Update fistful

* Remove legacy capi services

* Add party-management

* Add limiter

* Fix files for config output for limiter and party-management

* Update capi-v2 to latest

* Update dominant

* Update kds

* Update cds

* Update bender

* Convert template vars to values

* Update machinegun

* Add token-keeper

* Add token-keeper

* ED-159: shamway fix

* ED-159: Add bouncer and bouncer-policies

* Update config/bouncer-policies/values.yaml.gotmpl

Co-authored-by: vilorij <vilorij@ya.ru>

* Code review fixes

* Update bouncer*

* Add keys

* Move to new way of ingress templating

* drop doubled parameter

* typofix in dominant host

* devstand change

* typofix in bouncers

* disable LE and tls in devstand

* Fix bouncer config

* Fix binapi config

* fix papi shebang

* typofix
add probes port

* fix bouncer-policies port

* disable KK tls if disabled in Values

* Fix path to party service in mg

* capi-v1 is back for test transaction

* ingress secret typofix

* capi-v1 in helmfile

* typofix in domain address

* enable idkfa

* fix ttl

* bump deps

* Add links to provider and rulesets

Co-authored-by: r.shaidullin <ndiezel0@gmail.com>
Co-authored-by: vilorij <vilorij@ya.ru>
Co-authored-by: Dmitry Skokov <d.skokov@rbkmoney.com>

* Update devstand.rbk.yaml

* move prometheus to helm-infra

* fix test-transaction stateless values

* Add comment to default.values

Co-authored-by: Dmitry Skokov <d.skokov@rbkmoney.com>
Co-authored-by: Sergey Yelin <elinsn@gmail.com>
Co-authored-by: ilyatrub <ilyatrub@gmail.com>
Co-authored-by: Sergey Yelin <s.elin@rbkmoney.com>
Co-authored-by: r.shaidullin <ndiezel0@gmail.com>
2021-09-09 20:44:45 +03:00
Pospolita Nikita
cee683d4df
Added xrates service (#205)
* Added xrates service

* adjust annotations and typofix

* store xrates secret in dev vault

* disable xrates deploy

Co-authored-by: Dmitry Skokov <d.skokov@rbkmoney.com>
Co-authored-by: vilorij <vilorij@ya.ru>
2021-09-03 15:35:26 +03:00
ilyatrub
49679b7aea
make test-transaction stateless (#203)
* make test-transaction stateless

* delete unused values

* delete gatewayService config as it's not used in stateless service template

* fix adding file to configMap

* change liveness and readyness probes

* delete create test shop logic

* fix nginx image and log files

* bump stateless chart version

* fix ipv4 logic and delete default nginx config

* helmfile deps

* change containerPort to port

* remove protocol
2021-08-26 17:42:07 +03:00
Ivan Panteleev
c61d10e004
update es (#200)
* update es

* fix_deps

Co-authored-by: i.panteleev <i.panteleev@rbk.money>
2021-08-16 15:25:05 +03:00
ilyatrub
ea6dd4b9fe
Cert manager added (#199)
* add cert-manager in helmfile-infra.yaml
2021-08-12 18:23:33 +03:00
ilyatrub
025aaf91b6
Frolov changes (#198)
* add deps, fix versions, vault host address, minikube config

* fix back unnecessary changes

* delete outdated vaulues.yaml for keycloak realms

* return back keycloak fixed version

* remove keycloak fixed version and fix ingress path

* made helmfile deps

* delete outdated values.yaml for vault-cm

* return back keycloak fixed version

* remove keycloak fixed version and fix ingress path

* made helmfile deps
2021-08-09 17:48:46 +03:00
Dmitry Skokov
ca8df7bbd6 tempalting vault values 2021-08-09 11:15:14 +03:00
Dmitry Skokov
bc277c8976 riak ipv6 support 2021-08-09 11:14:40 +03:00
Dmitry Skokov
65fa81490a change vault values with ipv6
fix indent
2021-08-09 11:14:17 +03:00
Ivan Panteleev
1ab5b8a394
Added ingress controller & state charts update (#195)
* Added ingress controller & state charts update

Co-authored-by: i.panteleev <i.panteleev@rbk.money>
2021-07-29 17:51:03 +03:00
Anatoly Karlov
33839f51bd
remove cashier properties from claim-management chart (#194) 2021-07-09 18:47:40 +03:00
Dmitry Skokov
6039398129 payouter fix config 2021-07-09 18:46:20 +03:00
Dmitry Skokov
ae8b53f47d fix service rendering 2021-07-09 16:58:54 +03:00
vilorij
07132eea39
Improove (#193)
* add epic branch with java services

* Introduce analytics (#166)

* Introduce questionary (#175)

* Introduce questionary

* actualize questionary

* actualize questionary

* Introduce claim-management (#173)

* Introduce questionary-aggr-proxy (#176)

* management.endpoint.prometheus.enabled=true

* Change Claim database name for PG compatability

* move CH pasword from template

* Introduce magista (#169)

* Introduce magista-kafka

* Introduce magista-kafka

* Introduce magista-kafka

* Introduce mst

* move kafka comment to the end of file

* actualize magista

* actualize magista

* actualize mgista

* management.endpoint.prometheus.enabled=true

Co-authored-by: Dmitry Skokov <d.skokov@rbkmoney.com>
Co-authored-by: vilorij <vilorij@ya.ru>

* fix url in anapi for correct rendering in logs

* Add LE certs issuer to ingress

* erl default templating
disable ServiceMonitor

* new db init

* riak fix ConfigMap

* shortener config templating

* Dashboard fix realm, 404 error and add ingress

* disable SM in hooker

* add objectselector in vault

* Shumway add schema

* add ingress tls variable into defaults.values

* Fistful templatimg erl defaults
typo fix in MG address

* add default realms

* Consuela for MG
add namespace for payouts

* helmfile deps bump

* add fistful-magista

* add payouter

* add columbus

* add columbus

* disable SM

* analitics fix
clickhouse node for analytics

* claimmgmt add

* fix iddqd appconfig mounts

* deanonimus add

* add antifraud

* kafka scale and infinity retention

* KK realms readability
fix password for manager
add roles mapping

* disable consuella for the issues in consul

* typo fix in checkout

* DB for antifraud

* add schema setting for questionary

* shortener fix with KK public key

* HG ingress for iddqd

* Dominant ingress for iddqd

* messages add
disable vault password control because of foreign keys in DB

* papi add

* idkfa add

* dark-api add

* fix hooker DB name
add DB for fraudbusters

* add new services in helmfile and bump deps

* delete useless keycloak values

Co-authored-by: karleowne <a.karlov@rbkmoney.com>
Co-authored-by: Dmitry Skokov <d.skokov@rbkmoney.com>
2021-07-08 04:10:39 +03:00
Sergey Yelin
c5d8e91863
Add wapi-v0 (#188)
* Add wapi-v0

* Update config/fistful/values.yaml.gotmpl

Co-authored-by: vilorij <vilorij@ya.ru>

Co-authored-by: vilorij <vilorij@ya.ru>
2021-05-14 14:50:40 +03:00
Sergey Yelin
81318399b3
Fix wapi and wapi-pciidss config and paths (#187)
* Fix wapi and wapi-pciidss config and paths

* change pem path in sys.config

Co-authored-by: vilorij <vilorij@ya.ru>
2021-05-11 17:53:14 +03:00
Ildar Galeev
6436fe6f0d
Bump dashboard with vrb theme (#186) 2021-03-12 17:13:58 +03:00
TeadRIM
efd6f577a6
add new dashboards to grafana (#185)
* add new dashboards to grafana

* fix wrong end

Co-authored-by: ilya <Ilya Ivanov>
2021-03-11 18:31:46 +03:00
Anatoly Karlov
12e1ebc243
Hooker - fix properties, bump images (#177) 2021-03-05 23:05:19 +07:00
Anatoly Karlov
c6a7e5314f
refactor synopsis description for 'hooker' and 'shumway' (#172) 2021-03-03 23:29:31 +07:00
vilorij
cf6ac00fbd
internal_services (#167)
* add dashboard and CC to helmfile

* ServiceMonitors and CNP move in Releases namespace

* -revert vault init script sleep for devsetup
- vault-injector webhook only for Release namespace

* - dont install prom if processing namespaced
- bump chart versions in lock

* bump TT version

Co-authored-by: Dmitry Skokov <d.skokov@rbkmoney.com>
2021-02-26 20:14:11 +03:00
vilorij
fc1a372534
Ft/k8s facelift (#165)
* namespaced vault for dev and standalone

* keycloak ingress

* ingress host templating

* payform templating

* Control center to k8s

* Dashboard service to k8s

* machinegun ipv6-ready config

* change default values structure
2021-02-24 20:48:54 +03:00
vilorij
d24b4db65a
Refactor (#157)
* delete submodule

* stateless

* capi switch to genericchart

* default ports change

* all capi move to generic

* change api port in values of capi

* add command to chart

* ingress port in chart

* right ingress values in capis

* binbase to stateless

* hellgate move

* move holmes

* move hooker

* fix needs

* move shortener

* move payform

* move cds

* more fixes

* hook in chart

* add pvc

* fix pvc template

* move kds

* move shumway

* move machinegun

* delay for moket

* MG fix

* binbase fix resource

* capi fix volumes path

* prepare config for dominant

* hooks

* move bender

* proxy move

* payform liveness

* needs fix

* fix urls

* add env to chart

* fix machineid matcher

* last move mocket

* ingress bump from deprecation

* moket url in dominanta fix

* move wapi

* add api init to chart

* move wapi-pcidss

* log annotations refactor

* add volumes for hook

* move dominant

* typo fix in vault annotations

* use zookeeper from kafka chart

* zookeeper replicas

* move to githab charts from services folder

* bender statefull and consul label

* delete useless folder

* Apply suggestions from code review

Co-authored-by: vilorij <vilorij@ya.ru>

* fix mocket-mpi port

* metrics enable

* delete metrics from service without metrics

* fix indent in values

Co-authored-by: Andrey Fadeev <me@ciiol.net>

* drop empty lines

Co-authored-by: Andrey Fadeev <me@ciiol.net>

* fix comment and bump deps

* riak and bump deps chart

* Add missing services (#159)

* Add anapi

* Add bin-api

* Fix naming

* Fix oopsBody paths

* Update config/anapi/sys.config

Co-authored-by: Andrey Fadeev <me@ciiol.net>

* Update config/anapi/sys.config

Co-authored-by: Andrey Fadeev <me@ciiol.net>

* Update config/binapi/sys.config

Co-authored-by: Andrey Fadeev <me@ciiol.net>

* Update config/binapi/sys.config

Co-authored-by: Andrey Fadeev <me@ciiol.net>

* Use existing binbase for API

Co-authored-by: Andrey Fadeev <me@ciiol.net>

* grafana to refactor (#160)

* grafana to refactor

* clean values

* clean

Co-authored-by: ilya <Ilya Ivanov>

* network policies refactored (#158)

* cilium network policies added
Co-authored-by: vilorij <vilorij@ya.ru>

* Add ability deploy to not only "default" namespace

* change kafka chart from incubator to bitnamii (#164)

* change kafka chart from incubator to bitnamii

* road to default

Co-authored-by: ilya <Ilya Ivanov>

* options for disable CNP

* riak fix

* raw chart

* bump deps

* Update config/machinegun/values.yaml.gotmpl

* delete netpolicy

* riak hacks

* bump deps

* another try

* Enable IPv6 for riak

* KK ipv6

* consul switch to native chart

* MG to new consul

* ipv6 for erlangs services

* riak adopt to ipv6

* Add inet6 to vm.args

* global value for ipv6-only cluster

* Enable ipv6 for machinegun

* add ipv6 support to keycloak

* vault config for ipv6

* disable dashboard if elk disabled

* bump deps version
add wrapper around elk enabled

* add transactions values

* typo fix in values

* payform ipv6

* typo fix transaction

Co-authored-by: Dmitry Skokov <d.skokov@rbkmoney.com>
Co-authored-by: Pospolita Nikita <nikita7asics@gmail.com>
Co-authored-by: Andrey Fadeev <me@ciiol.net>
Co-authored-by: Sergey Yelin <elinsn@gmail.com>
Co-authored-by: TeadRIM <37904338+TeadRIM@users.noreply.github.com>
Co-authored-by: Ivan Panteleev <amalgamm@users.noreply.github.com>
2021-02-19 15:27:50 +03:00
TeadRIM
a16237b954
Elk to monitoring (#152)
* clean grafana chart

* grafana autosync dashboard

* README update

* change ns for elk

* fix path

* change namespace for elk

* add grafana sync to prometheus chart

* update README

* fix error with secret

* Update README.md

Co-authored-by: vilorij <vilorij@ya.ru>

* Update README.md

Co-authored-by: vilorij <vilorij@ya.ru>

* clean

* fix

* fix

* fix

* clean

* resolve

* README update

Co-authored-by: ilya <Ilya Ivanov>
Co-authored-by: vilorij <vilorij@ya.ru>
2020-12-14 11:54:20 +03:00
Andrey Abramov
dc041c52e9
Fix gotmpl values escaping (#154)
* Fix shumway and hooker

* Remove nonexistent fileread
2020-11-26 16:58:06 +03:00
Boris
bf7e9f9534
test transaction through v2 (#153) 2020-11-26 15:51:44 +03:00
Andrey Fadeev
2e40e973c0
Move files embedding from helmfile.yaml (#151)
...to service values.yaml
2020-11-17 20:27:47 +03:00
Andrey Fadeev
645238b94b
Add grafana dashboards (#114)
* Add grafonnet-lib
* Add base erlang service dashboard
* Add machinegun namespace dashboard
2020-11-17 18:02:42 +03:00
Andrey Fadeev
87a36de906
Update services to add dummy payment system (#128) 2020-11-13 16:39:43 +03:00
Andrey Fadeev
216412e789
Turn off fault-detector usage (#117) 2020-11-10 16:33:20 +03:00
Andrey Abramov
dad04d4c55
Improve logging (#109)
* add index template with correct mapping

* add ILM object examples and it's autoupload via filebeat
2020-11-05 22:11:03 +03:00
a.romanov
6beda930ea BJ-1004: Add prometheus metrics for shumway 2020-11-02 12:04:42 +03:00
Sergey Yelin
70fc4438cc
Prometeus integration in erlang services (#96)
* Prometeus integration in erlang services
* Downgrade prometheus chart to 10.1.0
I got strange crd-related errors with the new version. Like
`manifest_sorter.go:192: info: skipping unknown hook: "crd-install"`
* Add ServiceMonitors

Co-authored-by: Andrey Fadeev <me@ciiol.net>
2020-11-02 10:39:30 +03:00
Baikov Dmitrii
c9fcc81704
BJ-1005: Add proxy-mocketbank-mpi (#101) 2020-10-29 18:32:45 +03:00
vilorij
0d0fdd2823
add grant for sequence (#100)
Co-authored-by: Dmitry Skokov <d.skokov@rbkmoney.com>
2020-10-28 10:07:44 +03:00
vilorij
e759a09dc3
add "default" namespace for servicemonitors (#97)
Co-authored-by: Dmitry Skokov <d.skokov@rbkmoney.com>
2020-10-27 15:58:59 +03:00
Alexander Romanov
05460c90fc
Improve java logging configuration (#92) 2020-10-23 17:03:47 +03:00
Andrey Fadeev
00b87d58d4
Fix token decription setting in capi-v2 config (#91) 2020-10-23 10:24:32 +03:00
Andrey Fadeev
29b5d5a5fe
Update capi (#90)
* Update capi-v1 to rbkmoney/erlang_capi_v1@b89010a0
* Update capi-v2 to rbkmoney/erlang_capi_v2@ac236aed
2020-10-22 21:31:36 +03:00
Andrey Abramov
a979b58a3e
Improve logging (#89)
* Fix ES index template dynamic mappings
* Add basic common logging setting
* Add stdout log configuration for shumway (with hardcode)
* Fix hellgate mapping

Co-authored-by: Sergey Yelin <elinsn@gmail.com>
2020-10-22 15:03:15 +03:00
Andrey Fadeev
51cdd7737a
Replace deprecated stable/prometheus-operator chart (#88)
See README in stable/prometheus-operator cart for details.
https://github.com/helm/charts/tree/master/stable/prometheus-operator
2020-10-21 14:39:41 +03:00
Sergey Yelin
35ae3ab89f
Switch to docker hub (#75)
* Switch to docker hub

* Add missing

* This image not in public

* bump image tags

* Fix more urls

* Fix URL to test image

* downgrade api

* Ft/use public repo update (#78)

* Fix test-transaction labels (#73)

And remove obsolete config mount

* fix pass to default (#76)

Co-authored-by: Dmitry Skokov <d.skokov@rbkmoney.com>

* Fix test_transaction_v2 volume mount in job (#77)

* Remove dr2reg from values

* Fix README

* Remove dedicated binbase-test from helmfile

* Completely remove dedicated binbase-test

* Wrap imagePullSecrets call in deployment's chart

* Bumb binbase-test-data

* Remove `pathType` from payform ingress spec (#80)

Only k8s >= 1.18 supports this field. And GKE doesn't support these versions of k8s

* Use standard io for logs (ex machinegun for now) (#81)

* Use standard io for logs (ex machinegun for now)

* Fix accesslog

* Unify podSecurityContext usage in riak chart (#79)

And also set fsGroup as container user id

* Use standard output for mg (#82)

* Update machinegun (#83)

* Add empty imagePullSecrets to our services' yamls

* Stabilize helmfile sync; add cold_reset.sh script

* Bump binbase-test-data

Co-authored-by: Andrey Fadeev <me@ciiol.net>
Co-authored-by: vilorij <vilorij@ya.ru>
Co-authored-by: Dmitry Skokov <d.skokov@rbkmoney.com>
Co-authored-by: Sergey Yelin <elinsn@gmail.com>

Co-authored-by: Dmitry Skokov <d.skokov@rbkmoney.com>
Co-authored-by: Andrey Abramov <a.abramov@rbkmoney.com>
Co-authored-by: Andrey Fadeev <me@ciiol.net>
Co-authored-by: vilorij <vilorij@ya.ru>
2020-10-20 13:10:02 +03:00
Sergey Yelin
971dd65012
Use standard output for mg (#82) 2020-10-16 19:50:35 +03:00
Sergey Yelin
9c3b629b79
Use standard io for logs (ex machinegun for now) (#81)
* Use standard io for logs (ex machinegun for now)

* Fix accesslog
2020-10-16 16:22:39 +03:00