chore: update store-client-sdk and nvsentinel charts to make them pluggable

Signed-off-by: Davanum Srinivas <[email protected]>

Author: dims

Tiltfile

@@ -120,9 +120,9 @@ kwok_node_names = ['kwok-node-' + str(i) + ':node' for i in range(num_gpu_nodes)
 k8s_resource(
     new_name='kwok-fake-nodes',
     objects=kwok_node_names,
-    resource_deps=['kwok', 'nvsentinel-platform-connector', 'nvsentinel-fault-quarantine', 'nvsentinel-fault-remediation', 
+    resource_deps=['kwok', 'nvsentinel-platform-connector', 'nvsentinel-fault-quarantine', 'nvsentinel-fault-remediation',
         'nvsentinel-labeler', 'nvsentinel-node-drainer', 'nvsentinel-mongodb', 'simple-health-client'
-    ], 
+    ],
 )
 k8s_resource(
     'kwok-stage-fast',

distros/kubernetes/nvsentinel/charts/csp-health-monitor/templates/deployment.yaml

@@ -59,7 +59,6 @@ spec:
           args:
           - "--config=/etc/config/config.toml"
           - "--metrics-port={{ .Values.global.metricsPort }}"
-          - "--mongo-client-cert-mount-path={{ .Values.clientCertMountPath }}"
           - "-v={{ .Values.logLevel }}"
           resources:
             {{- toYaml .Values.resources | nindent 12 }}
@@ -86,7 +85,6 @@ spec:
           command: ["/app/maintenance-notifier"]
           args:
           - "--config=/etc/config/config.toml"
-          - "--mongo-client-cert-mount-path={{ .Values.clientCertMountPath }}"
           - "--uds-path={{ .Values.udsPath }}"
           - "--metrics-port={{ .Values.quarantineTriggerEngine.metricsPort }}"
           - "-v={{ .Values.quarantineTriggerEngine.logLevel | default .Values.logLevel }}"

distros/kubernetes/nvsentinel/charts/fault-quarantine/templates/deployment.yaml

@@ -44,7 +44,6 @@ spec:
             {{- toYaml .Values.resources | nindent 12 }}
           args:
           - "--metrics-port={{ .Values.global.metricsPort }}"
-          - "--mongo-client-cert-mount-path={{ .Values.clientCertMountPath }}"
           - "--dry-run={{ .Values.global.dryRun }}"
           - "--circuit-breaker-percentage={{ .Values.circuitBreaker.percentage }}"
           - "--circuit-breaker-duration={{ .Values.circuitBreaker.duration }}"
@@ -65,6 +64,8 @@ spec:
               valueFrom:
                 fieldRef:
                   fieldPath: metadata.namespace
+            - name: MONGODB_CLIENT_CERT_MOUNT_PATH
+              value: {{ .Values.clientCertMountPath }}
           envFrom:
             - configMapRef:
                 name: mongodb-config

distros/kubernetes/nvsentinel/charts/fault-remediation/templates/deployment.yaml

@@ -38,21 +38,13 @@ spec:
       serviceAccountName: {{ include "nvsentinel.serviceAccountName" . }}
       containers:
         - name: fault-remediation
-          env:
-          - name: MAINTENANCE_NAMESPACE
-            value: {{ .Values.maintenanceResource.namespace }}
-          - name: MAINTENANCE_VERSION
-            value: {{ .Values.maintenanceResource.version }}
-          - name: MAINTENANCE_API_GROUP
-            value: {{ .Values.maintenanceResource.apiGroup }}
-
           image: "{{ .Values.global.faultRemediationModule.image.repository }}:{{ .Values.global.image.tag | default .Chart.AppVersion }}"
           imagePullPolicy: {{ .Values.global.faultRemediationModule.image.pullPolicy | default "IfNotPresent" }}
           resources:
             {{- toYaml .Values.resources | nindent 12 }}
           args:
-          - "--mongo-client-cert-mount-path={{ .Values.clientCertMountPath }}"
           - "--dry-run={{ .Values.global.dryRun }}"
+          - "-v=4"
           ports:
             - name: metrics
               containerPort: {{ .Values.global.metricsPort }}
@@ -69,6 +61,8 @@ spec:
             value: {{ .Values.maintenanceResource.version }}
           - name: MAINTENANCE_API_GROUP
             value: {{ .Values.maintenanceResource.apiGroup }}
+          - name: MONGODB_CLIENT_CERT_MOUNT_PATH
+            value: {{ .Values.clientCertMountPath }}
           - name: TEMPLATE_MOUNT_PATH
             value: {{ .Values.maintenanceResource.template.mountPath }}
           - name: TEMPLATE_FILE_NAME

distros/kubernetes/nvsentinel/charts/health-events-analyzer/templates/deployment.yaml

@@ -45,7 +45,6 @@ spec:
             {{- toYaml .Values.resources | nindent 12 }}
           args:
           - "--metrics-port={{ .Values.global.metricsPort }}"
-          - "--mongo-client-cert-mount-path={{ .Values.clientCertMountPath }}"
           - "-v={{ .Values.logLevel }}"
           securityContext:
             {{- toYaml .Values.securityContext | nindent 12 }}
@@ -58,6 +57,9 @@ spec:
             readOnly: true
           - name: var-run-vol
             mountPath: /var/run/
+          env:
+            - name: MONGODB_CLIENT_CERT_MOUNT_PATH
+              value: {{ .Values.clientCertMountPath }}
           envFrom:
             - configMapRef:
                 name: mongodb-config

distros/kubernetes/nvsentinel/charts/mongodb-store/templates/configmap.yaml

@@ -17,6 +17,9 @@ kind: ConfigMap
 metadata:
   name: mongodb-config
 data:
+  # Datastore provider configuration for new abstraction layer
+  DATASTORE_PROVIDER: "mongodb"
+  # Legacy MongoDB configuration (maintained for backward compatibility)
   MONGODB_URI: {{ $uri := "" }}{{ if .Values.mongodb.configMapValues }}{{ $uri = .Values.mongodb.configMapValues.mongodbUri }}{{ end }}{{ default (printf "mongodb://%s-mongodb-headless.%s.svc.cluster.local:27017/?replicaSet=rs0&tls=true" .Release.Name .Release.Namespace) $uri | quote }}
   MONGODB_DATABASE_NAME: "HealthEventsDatabase"
   MONGODB_COLLECTION_NAME: "HealthEvents"

distros/kubernetes/nvsentinel/charts/node-drainer/templates/deployment.yaml

@@ -48,7 +48,6 @@ spec:
           args:
           - "--metrics-port={{ .Values.global.metricsPort }}"
           - "--config-path={{ .Values.configPath }}"
-          - "--mongo-client-cert-mount-path={{ .Values.clientCertMountPath }}"
           - "--dry-run={{ .Values.global.dryRun }}"
           volumeMounts:
           - name: config-volume
@@ -57,6 +56,9 @@ spec:
           - name: mongo-app-client-cert
             mountPath: {{ .Values.clientCertMountPath }}
             readOnly: true
+          env:
+          - name: MONGODB_CLIENT_CERT_MOUNT_PATH
+            value: {{ .Values.clientCertMountPath }}
           envFrom:
             - configMapRef:
                 name: mongodb-config

distros/kubernetes/nvsentinel/templates/configmap-datastore.yaml

@@ -0,0 +1,84 @@
+{{/*
+Copyright (c) 2025, NVIDIA CORPORATION.  All rights reserved.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+{{- if .Values.global.datastore }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "nvsentinel.fullname" . }}-datastore-config
+  labels:
+    {{- include "nvsentinel.labels" . | nindent 4 }}
+data:
+  datastore.yaml: |
+    provider: {{ .Values.global.datastore.provider | quote }}
+    connection:
+      host: {{ .Values.global.datastore.connection.host | quote }}
+      port: {{ .Values.global.datastore.connection.port | default 5432 }}
+      database: {{ .Values.global.datastore.connection.database | quote }}
+      {{- if .Values.global.datastore.connection.username }}
+      username: {{ .Values.global.datastore.connection.username | quote }}
+      {{- end }}
+      {{- if .Values.global.datastore.connection.sslmode }}
+      sslmode: {{ .Values.global.datastore.connection.sslmode | quote }}
+      {{- end }}
+      {{- if .Values.global.datastore.connection.sslcert }}
+      sslcert: {{ .Values.global.datastore.connection.sslcert | quote }}
+      {{- end }}
+      {{- if .Values.global.datastore.connection.sslkey }}
+      sslkey: {{ .Values.global.datastore.connection.sslkey | quote }}
+      {{- end }}
+      {{- if .Values.global.datastore.connection.sslrootcert }}
+      sslrootcert: {{ .Values.global.datastore.connection.sslrootcert | quote }}
+      {{- end }}
+      {{- if .Values.global.datastore.connection.extraParams }}
+      extraParams:
+        {{- toYaml .Values.global.datastore.connection.extraParams | nindent 8 }}
+      {{- end }}
+    {{- if .Values.global.datastore.options }}
+    options:
+      {{- toYaml .Values.global.datastore.options | nindent 6 }}
+    {{- end }}
+
+  # Environment variables for components
+  DATASTORE_PROVIDER: {{ .Values.global.datastore.provider | quote }}
+  DATASTORE_HOST: {{ .Values.global.datastore.connection.host | quote }}
+  DATASTORE_PORT: {{ .Values.global.datastore.connection.port | default 5432 | quote }}
+  DATASTORE_DATABASE: {{ .Values.global.datastore.connection.database | quote }}
+  {{- if .Values.global.datastore.connection.username }}
+  DATASTORE_USERNAME: {{ .Values.global.datastore.connection.username | quote }}
+  {{- end }}
+  {{- if .Values.global.datastore.connection.sslmode }}
+  DATASTORE_SSLMODE: {{ .Values.global.datastore.connection.sslmode | quote }}
+  {{- end }}
+  {{- if .Values.global.datastore.connection.sslcert }}
+  DATASTORE_SSLCERT: {{ .Values.global.datastore.connection.sslcert | quote }}
+  {{- end }}
+  {{- if .Values.global.datastore.connection.sslkey }}
+  DATASTORE_SSLKEY: {{ .Values.global.datastore.connection.sslkey | quote }}
+  {{- end }}
+  {{- if .Values.global.datastore.connection.sslrootcert }}
+  DATASTORE_SSLROOTCERT: {{ .Values.global.datastore.connection.sslrootcert | quote }}
+  {{- end }}
+
+  # MongoDB specific
+  MONGODB_URI: "mongodb://{{ .Values.global.datastore.connection.host }}:{{ .Values.global.datastore.connection.port | default 27017 }}"
+  MONGODB_DATABASE_NAME: {{ .Values.global.datastore.connection.database | quote }}
+  MONGODB_CLIENT_CERT_MOUNT_PATH: "/etc/ssl/mongo-client"
+  {{- if .Values.global.datastore.connection.collection }}
+  MONGODB_COLLECTION_NAME: {{ .Values.global.datastore.connection.collection | quote }}
+  {{- else }}
+  MONGODB_COLLECTION_NAME: "health_events"
+  {{- end }}
+{{- end }}

distros/kubernetes/nvsentinel/templates/daemonset.yaml

@@ -73,8 +73,8 @@ spec:
           args:
           - "--config=/etc/config/config.json"
           - "--metrics-port={{ .Values.global.metricsPort }}"
-          - "--mongo-client-cert-mount-path={{ .Values.platformConnector.mongodbStore.clientCertMountPath }}"
           - "--socket={{ .Values.socketPath }}"
+          - "-v={{ .Values.platformConnector.logVerbosity | default 2 }}"
           resources:
             {{- toYaml .Values.platformConnector.resources | nindent 12 }}
           volumeMounts:
@@ -91,6 +91,8 @@ spec:
                 fieldRef:
                   apiVersion: v1
                   fieldPath: spec.nodeName
+            - name: MONGODB_CLIENT_CERT_MOUNT_PATH
+              value: {{ .Values.platformConnector.mongodbStore.clientCertMountPath }}
           envFrom:
             - configMapRef:
                 name: mongodb-config

distros/kubernetes/nvsentinel/values-tilt.yaml

@@ -15,6 +15,21 @@
 global:
   dryRun: false
   kubeVersion: 1.31.0
+  clusterType: "standalone"
+  tiltMode: true  # Flag to identify Tilt-based development environments
+
+  # Datastore provider configuration (can be overridden)
+  datastore:
+    provider: "mongodb"  # Default to MongoDB for backward compatibility
+    connection:
+      host: "mongodb"
+      port: 27017
+      database: "nvsentinel"
+    options:
+      maxConnections: "25"
+      maxIdleConnections: "10"
+      connectionMaxLifetime: "1h"
+      pollInterval: "5s"
 
   nodeSelector: {}
 
@@ -60,31 +75,113 @@ global:
   inclusterFileServer:
     enabled: false
 
+# Service-specific configurations for MongoDB mode (Tilt defaults)
+
   mongodbStore:
     images:
       kubectl:
-        repository: bitnamilegacy/kubectl
+        repository: docker.io/bitnamilegacy/kubectl
         tag: "1.30.6"
         pullPolicy: IfNotPresent
       mongosh:
-        repository: rtsp/mongosh
+        repository: docker.io/rtsp/mongosh
         tag: "2.5.2"
         pullPolicy: IfNotPresent
 
   kata:
     enabled: false
 
+  # Enable syslog monitoring for both XID and SXID errors
+  # Disabled in Tilt mode as it requires NVIDIA drivers
+  xidUsingSyslogMonitor: false
+  sxidUsingSyslogMonitor: false
+
 platformConnector:
+  logVerbosity: 2
   mongodbStore:
     enabled: true
     clientCertMountPath: "/etc/ssl/mongo-client"
 
+gpu-health-monitor:
+  nodeSelector:
+    nvidia.com/gpu.present: "true"
+
+  systemNodeSelector:
+    node-role.kubernetes.io/control-plane: ""
+
+  tolerations:
+  - operator: Exists
+
+  systemNodeTolerations:
+  - operator: Exists
+
+csp-health-monitor:
+  clientCertMountPath: "/etc/ssl/mongo-client"
+  nodeSelector:
+    node-role.kubernetes.io/control-plane: ""
+
+  tolerations:
+  - operator: Exists
+
+fault-quarantine:
+  clientCertMountPath: "/etc/ssl/mongo-client"
+  nodeSelector:
+    node-role.kubernetes.io/control-plane: ""
+
+  tolerations:
+  - operator: Exists
+
+fault-remediation:
+  clientCertMountPath: "/etc/ssl/mongo-client"
+  nodeSelector:
+    node-role.kubernetes.io/control-plane: ""
+
+  tolerations:
+  - operator: Exists
+
+node-drainer:
+  clientCertMountPath: "/etc/ssl/mongo-client"
+  nodeSelector:
+    node-role.kubernetes.io/control-plane: ""
+
+  tolerations:
+  - operator: Exists
+
+syslog-health-monitor:
+  nodeSelector:
+    nvidia.com/gpu.present: "true"
+
+  tolerations:
+  - operator: Exists
+
+  systemNodeSelector:
+    node-role.kubernetes.io/control-plane: ""
+
+  systemNodeTolerations:
+  - operator: Exists
+
+health-events-analyzer:
+  logLevel: 2
+  clientCertMountPath: "/etc/ssl/mongo-client"
+  nodeSelector:
+    node-role.kubernetes.io/control-plane: ""
+
+  tolerations:
+  - operator: Exists
+
+tolerations:
+- operator: Exists
 
 mongodb-store:
   mongodb:
+
+    global:
+      imagePullSecrets:
+        - nvidia-ngcuser-pull-secret
+
     nodeSelector:
       node-role.kubernetes.io/control-plane: ""
-    
+
     tolerations:
     - operator: Exists
 
@@ -105,9 +202,26 @@ mongodb-store:
         pullPolicy: "IfNotPresent"
 
     metrics:
-      enabled: true
+      enabled: false
       image:
         registry: docker.io
         repository: bitnamilegacy/mongodb-exporter
         tag: 0.41.2-debian-12-r1
 
+#    # Reduce MongoDB log verbosity - using configuration for fine-grained control
+#    configuration: |-
+#      # Reduce overall log verbosity
+#      systemLog:
+#        quiet: true
+#        verbosity: 0
+#        # Reduce noisy component logs (network, replication)
+#        component:
+#          network:
+#            verbosity: 0
+#          replication:
+#            verbosity: 0
+
+  # Enable syslog monitoring for both XID and SXID errors
+  # Disabled in Tilt mode as it requires NVIDIA drivers
+  xidUsingSyslogMonitor: false
+  sxidUsingSyslogMonitor: false