feat: add probes, pesistent heap dumps and crash logs

frankframework · Jan 9, 2024 · 7e78d5b · 7e78d5b
1 parent 2297c1e
commit 7e78d5b
Show file tree

Hide file tree

Showing 30 changed files with 1,528 additions and 242 deletions.
diff --git a/charts/ff-common/Chart.yaml b/charts/ff-common/Chart.yaml
@@ -1,8 +1,8 @@
 apiVersion: v2
 name: ff-common
 description: ff-common chart building components and helpers for the Frank!Framework
-version: 0.1.18
-appVersion: "7.8"
+version: 0.1.19
+appVersion: "8.0"
 type: library
 home: https://frankframework.org
 icon: https://raw.githubusercontent.com/frankframework/charts/master/charts/ff-common/icon.svg
diff --git a/charts/ff-common/README.md b/charts/ff-common/README.md
@@ -64,6 +64,7 @@ Whereas the sub-chart can only be used "as is", the library can be modified in y
 | `frank.security.http.activeDirectory.roleMapping.observer`   | Map the rol for Observer                                                                                         | `""`    |
 | `frank.server.transactionManager`                            | Set the transaction manager for Tomcat. Options: `NARAYANA`, `BTM`, ``                                           | `""`    |
 | `frank.environmentVariables`                                 | Set extra environment variables for the Frank!                                                                   | `{}`    |
+| `frank.javaOpts`                                             | Append custom options to the `JAVA_OPTS` environment variable for the Frank!                                     | `""`    |
 
 ### Frank!Framework Connection parameters
 
@@ -87,22 +88,38 @@ Whereas the sub-chart can only be used "as is", the library can be modified in y
 
 ### Frank!Framework deployment parameters
 
-| Name                                | Description                                             | Value     |
-| ----------------------------------- | ------------------------------------------------------- | --------- |
-| `replicaCount`                      | Number of Frank!Framework replicas to deploy            | `1`       |
-| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe                 | `40`      |
-| `livenessProbe.periodSeconds`       | Period seconds for livenessProbe                        | `10`      |
-| `livenessProbe.timeoutSeconds`      | Timeout seconds for livenessProbe                       | `1`       |
-| `livenessProbe.failureThreshold`    | Failure threshold for livenessProbe                     | `6`       |
-| `livenessProbe.successThreshold`    | Success threshold for livenessProbe                     | `1`       |
-| `resources`                         | Set the resources for the Frank!Framework containers    | `{}`      |
-| `resources.limits`                  | The resources limits for the Frank!Framework containers | `""`      |
-| `resources.requests.memory`         | The requested memory for the Frank!Framework containers | `""`      |
-| `resources.requests.cpu`            | The requested cpu for the Frank!Framework containers    | `""`      |
-| `nodeSelector`                      | Node labels for pod assignment                          | `{}`      |
-| `tolerations`                       | Set tolerations for pod assignment                      | `[]`      |
-| `affinity`                          | Set affinity for pod assignment                         | `{}`      |
-| `timeZone`                          | used for database connection and log timestamps         | `Etc/UTC` |
+The startup probe will enable blue-green deployment, which are great for uptime during upgrades and such.
+It (and the liveness probe) will check if the console is accessible, until a better health endpoint is available.
+The readiness probe will check if all adapters are running using the server health endpoint
+
+| Name                                 | Description                                              | Value     |
+| ------------------------------------ | -------------------------------------------------------- | --------- |
+| `replicaCount`                       | Number of Frank!Framework replicas to deploy             | `1`       |
+| `startupProbe.initialDelaySeconds`   | Initial delay seconds for startupProbe                   | `40`      |
+| `startupProbe.periodSeconds`         | Period seconds for startupProbe                          | `20`      |
+| `startupProbe.timeoutSeconds`        | Timeout seconds for startupProbe                         | `1`       |
+| `startupProbe.failureThreshold`      | Failure threshold for startupProbe                       | `6`       |
+| `startupProbe.successThreshold`      | Success threshold for startupProbe                       | `1`       |
+| `livenessProbe.initialDelaySeconds`  | Initial delay seconds for livenessProbe                  | `10`      |
+| `livenessProbe.periodSeconds`        | Period seconds for livenessProbe                         | `10`      |
+| `livenessProbe.timeoutSeconds`       | Timeout seconds for livenessProbe                        | `10`      |
+| `livenessProbe.failureThreshold`     | Failure threshold for livenessProbe                      | `3`       |
+| `livenessProbe.successThreshold`     | Success threshold for livenessProbe                      | `1`       |
+| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe                 | `60`      |
+| `readinessProbe.periodSeconds`       | Period seconds for readinessProbe                        | `5`       |
+| `readinessProbe.timeoutSeconds`      | Timeout seconds for readinessProbe                       | `3`       |
+| `readinessProbe.failureThreshold`    | Failure threshold for readinessProbe                     | `3`       |
+| `readinessProbe.successThreshold`    | Success threshold for readinessProbe                     | `1`       |
+| `resources`                          | Set the resources for the Frank!Framework containers     | `{}`      |
+| `resources.limits`                   | The resources limits for the Frank!Framework containers  | `""`      |
+| `resources.requests.memory`          | The requested memory for the Frank!Framework containers  | `""`      |
+| `resources.requests.cpu`             | The requested cpu for the Frank!Framework containers     | `""`      |
+| `terminationGracePeriodSeconds`      | Number of seconds after which pods are forcefully killed | `60`      |
+| `terminationGracePeriodSeconds`      | Note: Lower values may cause running adapters to fail    |           |
+| `nodeSelector`                       | Node labels for pod assignment                           | `{}`      |
+| `tolerations`                        | Set tolerations for pod assignment                       | `[]`      |
+| `affinity`                           | Set affinity for pod assignment                          | `{}`      |
+| `timeZone`                           | used for database connection and log timestamps          | `Etc/UTC` |
 
 ### Traffic Exposure Parameters
 
@@ -132,6 +149,22 @@ Whereas the sub-chart can only be used "as is", the library can be modified in y
 | `podSecurityContext`         | Set Frank!Framework pod's Security Context                | `{}`   |
 | `securityContext`            | Set Frank!Framework container's Security Context          | `{}`   |
 
+### Persistence
+
+Persistence is used for keeping heap dumps. They can be found at `/heap-dumps` with persistence enabled.
+Otherwise, they can be found at `/usr/local/tomcat/logs`
+
+| Name                        | Description                                                                        | Value   |
+| --------------------------- | ---------------------------------------------------------------------------------- | ------- |
+| `persistence.enabled`       | Enable persistence using Persistent Volume Claims                                  | `false` |
+| `persistence.storageClass`  | Persistent Volume storage class                                                    | `""`    |
+| `persistence.accessModes`   | Persistent Volume access modes                                                     | `[]`    |
+| `persistence.size`          | Persistent Volume size                                                             | `5Gi`   |
+| `persistence.dataSource`    | Custom PVC data source                                                             | `{}`    |
+| `persistence.existingClaim` | The name of an existing PVC to use for persistence                                 | `""`    |
+| `persistence.selector`      | Selector to match an existing Persistent Volume for the Frank!Framework's data PVC | `{}`    |
+| `persistence.annotations`   | Persistent Volume Claim annotations                                                | `{}`    |
+
 ## Configuration and installation details
 
 ### DTAP Stage

diff --git a/charts/ff-common/templates/_configmap.env.yaml b/charts/ff-common/templates/_configmap.env.yaml
@@ -12,13 +12,23 @@ metadata:
 data:
   # Enable Narayana transaction manager
   application.server.type.custom: "{{ .Values.frank.server.transactionManager }}"
+  JAVA_OPTS: "\
   {{- with .Values.frank.memory }}
   {{- if .percentage }}
-  JAVA_OPTS: "-XX:InitialRAMPercentage={{ .minimum }} -XX:MaxRAMPercentage={{ .maximum }}"
+  -XX:InitialRAMPercentage={{ .minimum }} \
+  -XX:MaxRAMPercentage={{ .maximum }} \
   {{- else }}
-  JAVA_OPTS: "-Xms{{ .minimum }} -Xmx{{ .maximum }}"
+  -Xms{{ .minimum }} -Xmx{{ .maximum }}
   {{- end }}
   {{- end }}
+  {{- if .Values.persistence.enabled }}
+  -XX:HeapDumpPath=/heap-dumps/$(hostname)-$(date --iso-8601=seconds).hprof \
+  {{- else }}
+  -XX:HeapDumpPath=/usr/local/tomcat/logs
+  {{- end }}
+  -XX:+HeapDumpOnOutOfMemoryError \
+  -XX:+ExitOnOutOfMemoryError \
+  {{ .Values.frank.javaOpts }}"
   TZ: {{ .Values.timeZone }}
   instance.name: {{ include "ff-common.instance.name" .  }}
   dtap.stage: {{ $dtapStage }}

diff --git a/charts/ff-common/templates/_container.yaml b/charts/ff-common/templates/_container.yaml
@@ -7,6 +7,7 @@ securityContext:
   {{- toYaml .Values.securityContext | nindent 2 }}
 image: "{{ .Values.image.registry }}{{ if .Values.image.registry }}/{{ end }}{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
 imagePullPolicy: {{ .Values.image.pullPolicy }}
+terminationMessagePolicy: FallbackToLogsOnError
 envFrom:
   - configMapRef:
       name: {{ template "ff-common.fullname" . }}-env
@@ -44,17 +45,32 @@ volumeMounts:
     mountPath: /opt/frank/secrets/
     readOnly: true
     {{- end }}
+  {{- if .Values.persistence.enabled }}
+  - name: {{ template "ff-common.fullname" . }}-data
+    subPath: heap-dumps
+    mountPath: /heap-dumps
+  {{- end }}
 ports:
   - name: http
     containerPort: 8080
     protocol: TCP
   - name: https
     containerPort: 8443
     protocol: TCP
+startupProbe:
+  {{- toYaml .Values.startupProbe | nindent 2 }}
+  httpGet:
+    path: /iaf/gui
+    port: 8080
 livenessProbe:
   {{- toYaml .Values.livenessProbe | nindent 2 }}
   httpGet:
-    path: /iaf/
+    path: /iaf/gui
+    port: 8080
+readinessProbe:
+  {{- toYaml .Values.readinessProbe | nindent 2 }}
+  httpGet:
+    path: /iaf/api/server/health
     port: 8080
 {{- with .Values.resources }}
 resources:

diff --git a/charts/ff-common/templates/_deployment.yaml b/charts/ff-common/templates/_deployment.yaml
@@ -30,6 +30,7 @@ spec:
         {{- toYaml . | nindent 8 }}
       {{- end }}
       serviceAccountName: {{ include "ff-common.serviceAccountName" . }}
+      terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }}
       {{- with .Values.podSecurityContext }}
       securityContext:
         {{- toYaml . | nindent 8 }}
@@ -74,6 +75,11 @@ spec:
           configMap:
             name: {{ template "ff-common.fullname" . }}-ldap-role-mapping
         {{- end }}
+        {{- if .Values.persistence.enabled }}
+        - name: {{ template "ff-common.fullname" . }}-data
+          persistentVolumeClaim:
+            claimName: {{ .Values.persistence.existingClaim | default (printf "%s-%s" ( include "ff-common.fullname" . ) "data") }}
+        {{- end }}
 {{- end -}}
 {{- define "ff-common.deployment" -}}
 {{- template "ff-common.util.merge" (append . "ff-common.deployment.tpl") -}}

diff --git a/charts/ff-common/templates/_persistentvolumeclaim.yaml b/charts/ff-common/templates/_persistentvolumeclaim.yaml
@@ -1,24 +1,34 @@
 {{- define "ff-common.persistentvolumeclaim.tpl" -}}
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
 apiVersion: v1
 kind: PersistentVolumeClaim
-{{ template "ff-common.metadata" . }}
+metadata:
+  name: {{ template "ff-common.fullname" . }}-data
+  labels:
+    {{- include "ff-common.labels" . | nindent 4 }}
+  {{- if .Values.persistence.annotations }}
+  annotations:
+    {{- toYaml .Values.persistence.annotations | nindent 4 }}
+  {{- end }}
 spec:
   accessModes:
-    - {{ .Values.persistence.accessMode | quote }}
+    {{- range .Values.persistence.accessModes }}
+    - {{ . | quote }}
+    {{- end }}
+  {{- with .Values.persistence.selector }}
+  selector:
+    {{- toYaml . | nindent 6 }}
+  {{- end }}
+  {{- if .Values.persistence.storageClass }}
+  {{- if eq "-" .Values.persistence.storageClass}}
+  storageClassName: ""
+  {{- else }}
+  storageClassName: {{ .Values.persistence.storageClass | quote }}
+  {{- end }}
+  {{- end }}
   resources:
     requests:
       storage: {{ .Values.persistence.size | quote }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
-  storageClassName: ""
-{{- else }}
-  storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
-{{- end -}}
-{{- define "ff-common.persistentvolumeclaim" -}}
-{{- $top := first . -}}
-{{- if and $top.Values.persistence.enabled (not $top.Values.persistence.existingClaim) -}}
-{{- template "ff-common.util.merge" (append . "ff-common.persistentvolumeclaim.tpl") -}}
 {{- end -}}
 {{- end -}}
+{{- template "ff-common.util.merge" (append . "ff-common.persistentvolumeclaim.tpl") -}}