diff --git a/charts/lighthouse/README.md b/charts/lighthouse/README.md index afb08786..71a9a71b 100644 --- a/charts/lighthouse/README.md +++ b/charts/lighthouse/README.md @@ -78,6 +78,14 @@ We do not recommend that you upgrade the application by overriding `image.tag`. | grafana.dashboards | Enable creation of Grafana dashboards. [Grafana chart](https://github.com/grafana/helm-charts/tree/main/charts/grafana#grafana-helm-chart) must be configured to search this namespace, see `sidecar.dashboards.searchNamespace` | bool | `false` | | grafana.dashboardsConfigMapLabel | Must match `sidecar.dashboards.label` value for the [Grafana chart](https://github.com/grafana/helm-charts/tree/main/charts/grafana#grafana-helm-chart) | string | `"grafana_dashboard"` | | grafana.dashboardsConfigMapLabelValue | Must match `sidecar.dashboards.labelValue` value for the [Grafana chart](https://github.com/grafana/helm-charts/tree/main/charts/grafana#grafana-helm-chart) | string | `"1"` | + | grafana.operatorDashboards | Create GrafanaDashboard CRDs via Grafana Operator from files in `dashboards/` | object | `{"allowCrossNamespaceImport":false,"annotations":{},"enabled":false,"extraSpec":{},"folder":"","folderUID":"","instanceSelector":{"matchLabels":{}},"labels":{},"namespace":"","resyncPeriod":"","suspend":false,"uid":""}` | + | grafana.operatorDashboards.allowCrossNamespaceImport | Allow matching Grafana instances outside current namespace | bool | `false` | + | grafana.operatorDashboards.extraSpec | Additional spec fields to merge into GrafanaDashboard.spec | object | `{}` | + | grafana.operatorDashboards.folder | Optional folder metadata | string | `""` | + | grafana.operatorDashboards.instanceSelector | Selector to match Grafana instances managed by the operator | object | `{"matchLabels":{}}` | + | grafana.operatorDashboards.labels | Extra labels and annotations on the GrafanaDashboard resources | object | `{}` | + | grafana.operatorDashboards.namespace | Optional target namespace for the GrafanaDashboard CRDs (defaults to release namespace) | string | `""` | + | grafana.operatorDashboards.resyncPeriod | Operator sync behavior | string | `""` | | image.pullPolicy | | string | `"IfNotPresent"` | | image.repository | Image for lighthouse | string | `"sigp/lighthouse"` | | image.tag | Overrides the image tag | string | Chart.appVersion | @@ -93,6 +101,15 @@ We do not recommend that you upgrade the application by overriding `image.tag`. | lighthouse.jwt.existingSecret.name | Name of the Secret resource in the same namespace | string | `""` | | lighthouse.jwt.fromLiteral | Use this literal value for the JWT | string | `""` | | lighthouse.nodeSelector | | object | `{}` | + | lighthouse.p2p.service.advertiseIP | IP address to explicitly advertise in ENR (overrides autodetection and LB IP) | string | `""` | + | lighthouse.p2p.service.annotations | Annotations to add to the P2P Service (e.g., Cilium sharing keys) | object | `{}` | + | lighthouse.p2p.service.enabled | Enable a dedicated P2P Service | bool | `false` | + | lighthouse.p2p.service.externalIPs | Fixed external IPs to bind the Service to (requires upstream routing) | list | `[]` | + | lighthouse.p2p.service.externalTrafficPolicy | External traffic policy | string | `"Local"` | + | lighthouse.p2p.service.labels | Additional labels to add to the P2P Service | object | `{}` | + | lighthouse.p2p.service.loadBalancerIP | When using a LoadBalancer and your cloud supports it, set a specific LB IP | string | `""` | + | lighthouse.p2p.service.loadBalancerSourceRanges | Restrict which source ranges can access the LoadBalancer (CIDRs) | list | `[]` | + | lighthouse.p2p.service.type | Service type for P2P exposure | string | `"LoadBalancer"` | | lighthouse.p2pHostPort.enabled | Expose P2P ports via hostPort | bool | `false` | | lighthouse.p2pHostPort.initContainer.image.pullPolicy | Container pull policy | string | `"IfNotPresent"` | | lighthouse.p2pHostPort.initContainer.image.repository | Container image to fetch IP/port information | string | `"lachlanevenson/k8s-kubectl"` | diff --git a/charts/lighthouse/templates/dashboards-operator.yaml b/charts/lighthouse/templates/dashboards-operator.yaml new file mode 100644 index 00000000..047ab84a --- /dev/null +++ b/charts/lighthouse/templates/dashboards-operator.yaml @@ -0,0 +1,52 @@ +{{- $g := $.Values.grafana -}} +{{- if and $g.operatorDashboards $g.operatorDashboards.enabled -}} +{{- $op := $g.operatorDashboards -}} +{{- $files := .Files.Glob "dashboards/*" -}} +{{- range $path, $_ := $files }} +--- +apiVersion: grafana.integreatly.org/v1beta1 +kind: GrafanaDashboard +metadata: + name: {{ include "lighthouse.fullname" $ }}-{{ base $path | replace "." "-" | trunc 63 | trimSuffix "-" }} + {{- with $op.namespace }} + {{- if . }} + namespace: {{ . }} + {{- end }} + {{- end }} + labels: + {{- include "lighthouse.labels" $ | nindent 4 }} + {{- with $op.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with $op.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + allowCrossNamespaceImport: {{ default false $op.allowCrossNamespaceImport }} + {{- with $op.instanceSelector }} + instanceSelector: + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with $op.folder }} + folder: {{ . }} + {{- end }} + {{- with $op.folderUID }} + folderUID: {{ . }} + {{- end }} + {{- with $op.uid }} + uid: {{ . }} + {{- end }} + {{- with $op.resyncPeriod }} + resyncPeriod: {{ . }} + {{- end }} + {{- if hasKey $op "suspend" }} + suspend: {{ $op.suspend }} + {{- end }} + {{- with $op.extraSpec }} + {{- toYaml . | nindent 2 }} + {{- end }} + json: | + {{- $.Files.Get $path | nindent 4 }} +{{- end }} +{{- end }} diff --git a/charts/lighthouse/templates/lighthouse/service.yaml b/charts/lighthouse/templates/lighthouse/service.yaml index 9f9f1b3c..3d4aee04 100644 --- a/charts/lighthouse/templates/lighthouse/service.yaml +++ b/charts/lighthouse/templates/lighthouse/service.yaml @@ -81,3 +81,57 @@ spec: selector: {{- include "lighthouse.selectorLabels" . | nindent 4 }} {{- $componentLabel | nindent 4 }} +{{/* Dedicated P2P LoadBalancer Service */}} +{{- if and $values.p2p $values.p2p.service $values.p2p.service.enabled (eq (default "" $values.p2p.service.type) "LoadBalancer") }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "lighthouse.fullname" . }}-{{ $componentName }}-p2p + labels: + {{- include "lighthouse.labels" . | nindent 4 }} + {{- $componentLabel | nindent 4 }} + {{- with $values.p2p.service.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with $values.p2p.service.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + type: LoadBalancer + externalTrafficPolicy: {{ default "Local" $values.p2p.service.externalTrafficPolicy }} + {{- with $values.p2p.service.loadBalancerIP }} + {{- if . }} + loadBalancerIP: {{ . }} + {{- end }} + {{- end }} + {{- with $values.p2p.service.loadBalancerSourceRanges }} + {{- if . }} + loadBalancerSourceRanges: + {{- toYaml . | nindent 2 }} + {{- end }} + {{- end }} + {{- with $values.p2p.service.externalIPs }} + {{- if . }} + externalIPs: + {{- toYaml . | nindent 2 }} + {{- end }} + {{- end }} + ports: + - name: tcp-transport + port: {{ include "lighthouse.port" $values }} + targetPort: tcp-transport + protocol: TCP + - name: udp-discovery + port: {{ include "lighthouse.discoveryPort" $values }} + targetPort: udp-discovery + protocol: UDP + - name: udp-transport + port: {{ include "lighthouse.quicPort" $values }} + targetPort: udp-transport + protocol: UDP + selector: + {{- include "lighthouse.selectorLabels" . | nindent 4 }} + {{- $componentLabel | nindent 4 }} +{{- end }} diff --git a/charts/lighthouse/templates/lighthouse/statefulset.yaml b/charts/lighthouse/templates/lighthouse/statefulset.yaml index 91140dbd..0e5d567e 100644 --- a/charts/lighthouse/templates/lighthouse/statefulset.yaml +++ b/charts/lighthouse/templates/lighthouse/statefulset.yaml @@ -160,6 +160,14 @@ spec: --enr-address=$EXTERNAL_IP \ --enr-udp-port={{ $values.p2pHostPort.port }} \ --enr-tcp-port={{ $values.p2pHostPort.port }} \ + {{- else if and $values.p2p $values.p2p.service $values.p2p.service.enabled (eq $values.p2p.service.type "LoadBalancer") }} + {{- if $values.p2p.service.advertiseIP }} + --enr-address={{ $values.p2p.service.advertiseIP }} \ + {{- else if $values.p2p.service.loadBalancerIP }} + --enr-address={{ $values.p2p.service.loadBalancerIP }} \ + {{- end }} + --enr-udp-port={{ include "lighthouse.discoveryPort" $values }} \ + --enr-tcp-port={{ include "lighthouse.port" $values }} \ {{- end }} --port={{ include "lighthouse.port" $values }} \ --discovery-port={{ include "lighthouse.discoveryPort" $values }} \ diff --git a/charts/lighthouse/values.yaml b/charts/lighthouse/values.yaml index 742eab2e..28bfeeb4 100644 --- a/charts/lighthouse/values.yaml +++ b/charts/lighthouse/values.yaml @@ -66,6 +66,28 @@ grafana: dashboardsConfigMapLabel: grafana_dashboard # -- Must match `sidecar.dashboards.labelValue` value for the [Grafana chart](https://github.com/grafana/helm-charts/tree/main/charts/grafana#grafana-helm-chart) dashboardsConfigMapLabelValue: "1" + # -- Create GrafanaDashboard CRDs via Grafana Operator from files in `dashboards/` + operatorDashboards: + enabled: false + # -- Optional target namespace for the GrafanaDashboard CRDs (defaults to release namespace) + namespace: "" + # -- Extra labels and annotations on the GrafanaDashboard resources + labels: {} + annotations: {} + # -- Selector to match Grafana instances managed by the operator + instanceSelector: + matchLabels: {} + # -- Allow matching Grafana instances outside current namespace + allowCrossNamespaceImport: false + # -- Optional folder metadata + folder: "" + folderUID: "" + uid: "" + # -- Operator sync behavior + resyncPeriod: "" + suspend: false + # -- Additional spec fields to merge into GrafanaDashboard.spec + extraSpec: {} lighthouse: # -- URL to the Execution Client Engine API. Will use configured JWT to authenticate. @@ -172,3 +194,25 @@ lighthouse: tag: v1.25.4 # -- Container pull policy pullPolicy: IfNotPresent + + # P2P Service exposure (alternative to hostPort) + p2p: + service: + # -- Enable a dedicated P2P Service + enabled: false + # -- Service type for P2P exposure + type: LoadBalancer + # -- Additional labels to add to the P2P Service + labels: {} + # -- Annotations to add to the P2P Service (e.g., Cilium sharing keys) + annotations: {} + # -- External traffic policy + externalTrafficPolicy: Local + # -- Fixed external IPs to bind the Service to (requires upstream routing) + externalIPs: [] + # -- When using a LoadBalancer and your cloud supports it, set a specific LB IP + loadBalancerIP: "" + # -- Restrict which source ranges can access the LoadBalancer (CIDRs) + loadBalancerSourceRanges: [] + # -- IP address to explicitly advertise in ENR (overrides autodetection and LB IP) + advertiseIP: ""