diff --git a/charts/styles-api/Chart.yaml b/charts/styles-api/Chart.yaml new file mode 100644 index 00000000..afe025c3 --- /dev/null +++ b/charts/styles-api/Chart.yaml @@ -0,0 +1,12 @@ +apiVersion: v2 +name: styles-api +type: application +description: A Helm chart for Kubernetes to deploy API Styles service + +version: 1.26.0 +appVersion: 1.0.0 + +maintainers: + - name: 2gis + url: https://github.com/2gis + email: on-premise@2gis.com diff --git a/charts/styles-api/README.md b/charts/styles-api/README.md new file mode 100644 index 00000000..ba5135b3 --- /dev/null +++ b/charts/styles-api/README.md @@ -0,0 +1,147 @@ +# 2GIS API Styles service + +Use this Helm chart to deploy API Styles service, which is a part of 2GIS's [On-Premise solution](https://docs.2gis.com/en/on-premise/overview). + +> **Note:** +> +> All On-Premise services are beta, and under development. + +## Values + +### Docker Registry settings + +| Name | Description | Value | +| --------------------- | --------------------------------------------------------------------------------------- | ----- | +| `dgctlDockerRegistry` | Docker Registry endpoint where On-Premise services' images reside. Format: `host:port`. | `""` | + +### Common settings + +| Name | Description | Value | +| ------------------ | --------------------------------------------------------------------------------------------- | ---------------------------- | +| `imagePullSecrets` | Kubernetes image pull secrets. | `[]` | +| `imagePullPolicy` | Image [pull policy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) | `IfNotPresent` | +| `image.repository` | Styles API service image repository. | `2gis-on-premise/styles-api` | +| `image.tag` | Styles API service image tag. | `1.13.0` | + +### API service settings + +| Name | Description | Value | +| ------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------- | +| `api.strategy.type` | Type of Kubernetes deployment. Can be `Recreate` or `RollingUpdate`. | `RollingUpdate` | +| `api.strategy.rollingUpdate.maxUnavailable` | Maximum number of pods that can be created over the desired number of pods when doing [rolling update](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment). | `0` | +| `api.strategy.rollingUpdate.maxSurge` | Maximum number of pods that can be unavailable during the [rolling update](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment) process. | `1` | +| `api.replicas` | A replica count for the pod. | `1` | +| `api.revisionHistoryLimit` | Revision history limit (used for [rolling back](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) a deployment). | `3` | + +### api.resources **Kubernetes [resource management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) settings** + +| Name | Description | Value | +| --------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------- | +| `api.resources.requests.cpu` | A CPU request. | `50m` | +| `api.resources.requests.memory` | A memory request. | `128Mi` | +| `api.resources.limits.cpu` | A CPU limit. | `1` | +| `api.resources.limits.memory` | A memory limit. | `256Mi` | +| `api.annotations` | Kubernetes [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/). | `{}` | +| `api.labels` | Kubernetes [labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/). | `{}` | +| `api.podAnnotations` | Kubernetes [pod annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/). | `{}` | +| `api.podLabels` | Kubernetes [pod labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/). | `{}` | +| `api.nodeSelector` | Kubernetes [node selectors](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector). | `{}` | +| `api.affinity` | Kubernetes pod [affinity settings](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity). | `{}` | +| `api.tolerations` | Kubernetes [tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) settings. | `{}` | +| `api.service.annotations` | Kubernetes [service annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/). | `{}` | +| `api.service.labels` | Kubernetes [service labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/). | `{}` | +| `api.service.type` | Kubernetes [service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types). | `ClusterIP` | +| `api.service.port` | Service port. | `80` | +| `api.ingress.enabled` | If Ingress is enabled for the service. | `false` | +| `api.ingress.className` | Name of the Ingress controller class. | `nginx` | +| `api.ingress.annotations` | Kubernetes [Ingress annotations](https://kubernetes.io/docs/concepts/services-networking/ingress/#the-ingress-resource). | `{}` | +| `api.ingress.hosts[0].host` | Hostname for the Ingress service. | `styles.example.com` | +| `api.ingress.hosts[0].paths[0].path` | Path of the host for the Ingress service. | `/` | +| `api.ingress.hosts[0].paths[0].pathType` | Type of the path for the Ingress service. | `Prefix` | +| `api.ingress.tls` | TLS configuration | `[]` | +| `api.hpa.enabled` | If HPA is enabled for the service. | `false` | +| `api.hpa.minReplicas` | Lower limit for the number of replicas to which the autoscaler can scale down. | `1` | +| `api.hpa.maxReplicas` | Upper limit for the number of replicas to which the autoscaler can scale up. | `2` | +| `api.hpa.scaleDownStabilizationWindowSeconds` | Scale-down window. | `""` | +| `api.hpa.scaleUpStabilizationWindowSeconds` | Scale-up window. | `""` | +| `api.hpa.targetCPUUtilizationPercentage` | Target average CPU utilization (represented as a percentage of requested CPU) over all the pods; if not specified the default autoscaling policy will be used. | `80` | +| `api.hpa.targetMemoryUtilizationPercentage` | Target average memory utilization (represented as a percentage of requested memory) over all the pods; if not specified the default autoscaling policy will be used. | `""` | + +### Worker service settings + +| Name | Description | Value | +| ---------------------------- | ---------------------------------------- | ----- | +| `worker.initialDelaySeconds` | Delay in seconds at the service startup. | `0` | + +### worker.persistentVolume **Persistent Volume settings** + +| Name | Description | Value | +| -------------------------------------- | ------------------------------------------------------------------------------------------------------------------- | ------------------- | +| `worker.persistentVolume.enabled` | If [Persistent Volumes](https://kubernetes.io/docs/concepts/storage/persistent-volumes/) is enabled for the service | `false` | +| `worker.persistentVolume.accessModes` | Persistent Volume [Access Mode](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes) | `["ReadWriteOnce"]` | +| `worker.persistentVolume.storageClass` | Kubernetes [Storage Classes](https://kubernetes.io/docs/concepts/storage/storage-classes/) | `topolvm-ext4` | +| `worker.persistentVolume.size` | Volume size | `256Mi` | + +### worker.resources **Kubernetes [resource management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) settings** + +| Name | Description | Value | +| ---------------------------------- | ----------------- | ------- | +| `worker.resources.requests.cpu` | A CPU request. | `50m` | +| `worker.resources.requests.memory` | A memory request. | `128Mi` | +| `worker.resources.limits.cpu` | A CPU limit. | `1` | +| `worker.resources.limits.memory` | A memory limit. | `256Mi` | + +### Migrate service settings + +| Name | Description | Value | +| ----------------------------- | ---------------------------------------- | ----- | +| `migrate.initialDelaySeconds` | Delay in seconds at the service startup. | `0` | + +### migrate.resources **Kubernetes [resource management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) settings** + +| Name | Description | Value | +| ----------------------------------- | ------------------------------------------------------------------------------------------------------------------- | ------ | +| `migrate.resources.requests.cpu` | A CPU request. | `10m` | +| `migrate.resources.requests.memory` | A memory request. | `32Mi` | +| `migrate.resources.limits.cpu` | A CPU limit. | `100m` | +| `migrate.resources.limits.memory` | A memory limit. | `64Mi` | +| `migrate.nodeSelector` | Kubernetes [node selectors](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector). | `{}` | + +### Logging settings + +| Name | Description | Value | +| ----------- | ----------------------------------------------------------------------------------- | ------ | +| `log.level` | Log level. Possible values: `debug`, `info`, `warn`, `error`, `fatal`. **Required** | `info` | + +### Database access settings + +| Name | Description | Value | +| ------------------- | ----------------------------------------------------------------------------------- | ------ | +| `postgres.host` | PostgreSQL hostname or IP. **Required** | `""` | +| `postgres.port` | PostgreSQL port. | `5432` | +| `postgres.timeout` | PostgreSQL client connection timeout. | `3s` | +| `postgres.retry` | PostgreSQL client connection retry. | `10` | +| `postgres.name` | PostgreSQL database name. **Required** | `""` | +| `postgres.schema` | PostgreSQL database schema. If not specified, schema from SEARCH_PATH will be used. | `""` | +| `postgres.username` | PostgreSQL username. **Required** | `""` | +| `postgres.password` | PostgreSQL password. **Required** | `""` | + +### S3 like storage access settings + +| Name | Description | Value | +| -------------------- | ----------------------------------------------------------------------------------- | -------- | +| `s3.endpoint` | S3 endpoint as `host|ip:port`. **Required** | `""` | +| `s3.accessKey` | S3 access key. **Required** | `""` | +| `s3.secretKey` | S3 secret key. **Required** | `""` | +| `s3.bucket` | S3 bucket name. **Required** | `styles` | +| `s3.publicDomain` | S3 public access domain. **Required** | `""` | +| `s3.connectTimeout` | S3 management client connection timeout. If not specified, the default value is 3s. | `3s` | +| `s3.requestTimeout` | S3 management client request timeout. If not specified, the default value is 30s. | `5s` | +| `s3.responseTimeout` | S3 management client response timeout. If not specified, the default value is 3s. | `5s` | + +### customCAs **Custom Certificate Authority** + +| Name | Description | Value | +| --------------------- | --------------------------------------------------------------------------------------------------------------------------- | ----- | +| `customCAs.bundle` | Custom CA [text representation of the X.509 PEM public-key certificate](https://www.rfc-editor.org/rfc/rfc7468#section-5.1) | `""` | +| `customCAs.certsPath` | Custom CA bundle mount directory in the container. | `""` | diff --git a/charts/styles-api/templates/NOTES.txt b/charts/styles-api/templates/NOTES.txt new file mode 100644 index 00000000..6ee7aa91 --- /dev/null +++ b/charts/styles-api/templates/NOTES.txt @@ -0,0 +1,10 @@ +Twins API service is released as "{{ .Release.Name }}" at "{{ .Release.Namespace }}" namespace. + +{{ if .Values.api.ingress.enabled }} +You can check service using curl +{{- range $host := .Values.api.ingress.hosts }} + http{{ if $.Values.api.ingress.tls }}s{{ end }}://{{ $host.host }}/healthcheck +{{- end }} +{{- else }} +You can publish api service in your preferred way (ingress, balancer, etc). +{{ end }} diff --git a/charts/styles-api/templates/_helpers.tpl b/charts/styles-api/templates/_helpers.tpl new file mode 100644 index 00000000..37939315 --- /dev/null +++ b/charts/styles-api/templates/_helpers.tpl @@ -0,0 +1,198 @@ +{{- define "styles.name" -}} +{{- .Release.Name | trunc 32 | trimSuffix "-" }} +{{- end }} + +{{- define "styles.api.name" -}} +{{ include "styles.name" . }} +{{- end }} + +{{- define "styles.worker.name" -}} +{{ include "styles.name" . }}-worker +{{- end }} + +{{- define "styles.migrate.name" -}} +{{ include "styles.name" . }}-migrate +{{- end }} + +{{- define "styles.secret.deploys.name" -}} +{{ include "styles.name" . }}-secret-deploys +{{- end }} + +{{- define "styles.secret.jobs.name" -}} +{{ include "styles.name" . }}-secret-jobs +{{- end }} + +{{- define "styles.selectorLabels" -}} +app.kubernetes.io/name: {{ .Chart.Name }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{- define "styles.labels" -}} +{{ include "styles.selectorLabels" . }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} + +{{- define "styles.api.selectorLabels" -}} +app.kubernetes.io/name: {{ .Chart.Name }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{- define "styles.api.labels" -}} +{{ include "styles.api.selectorLabels" . }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} + +{{- define "styles.worker.labels" -}} +app.kubernetes.io/name: {{ .Chart.Name }}-worker +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} + +{{- define "styles.migrate.labels" -}} +app.kubernetes.io/name: {{ .Chart.Name }}-migrate +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} + +{{- define "styles.env.loglevel" -}} +- name: MGS_LOG_LEVEL + value: "{{ .Values.log.level }}" +{{- end }} + +{{- define "styles.env.db" -}} +- name: MGS_DB_HOST + value: "{{ required "A valid .Values.postgres.host required" .Values.postgres.host }}" +- name: MGS_DB_PORT + value: "{{ .Values.postgres.port }}" +- name: MGS_DB_NAME + value: "{{ required "A valid .Values.postgres.name required" .Values.postgres.name }}" +- name: MGS_DB_SCHEMA + value: "{{ .Values.postgres.schema }}" +- name: MGS_DB_CONNECTION_TIMEOUT + value: "{{ .Values.postgres.timeout }}" +- name: MGS_DB_CONNECTION_RETRY + value: "{{ .Values.postgres.retry }}" +- name: MGS_DB_USERNAME + value: "{{ required "A valid .Values.postgres.ro.username required" .Values.postgres.username }}" +{{- end}} + +{{- define "styles.env.db.deploys" -}} +{{ include "styles.env.db" . }} +- name: MGS_DB_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "styles.secret.deploys.name" . }} + key: dbPassword +{{- end }} + +{{- define "styles.env.s3" -}} +- name: MGS_S3_ENDPOINT + value: "{{ required "A valid .Values.s3.endpoint required" .Values.s3.endpoint }}" +- name: MGS_S3_BUCKET + value: "{{ .Values.s3.bucket }}" +- name: MGS_S3_PUBLIC_DOMAIN + value: "{{ .Values.s3.publicDomain }}" +- name: MGS_S3_CONNECT_TIMEOUT + value: "{{ .Values.s3.connectTimeout }}" +- name: MGS_S3_REQUEST_TIMEOUT + value: "{{ .Values.s3.requestTimeout }}" +- name: MGS_S3_RESPONSE_TIMEOUT + value: "{{ .Values.s3.responseTimeout }}" +{{- end}} + +{{- define "styles.env.s3.deploys" -}} +{{ include "styles.env.s3" . }} +- name: MGS_S3_ACCESS_KEY + valueFrom: + secretKeyRef: + name: {{ include "styles.secret.deploys.name" . }} + key: s3AccessKey +- name: MGS_S3_SECRET_KEY + valueFrom: + secretKeyRef: + name: {{ include "styles.secret.deploys.name" . }} + key: s3SecretKey +{{- end }} + +{{- define "styles.env.api" -}} +{{ include "styles.env.loglevel" . }} +{{ include "styles.env.db.deploys" . }} +{{ include "styles.env.s3.deploys" . }} +{{- end }} + +{{- define "styles.env.worker" -}} +{{ include "styles.env.loglevel" . }} +{{ include "styles.env.db.deploys" . }} +{{ include "styles.env.s3.deploys" . }} +{{- end }} + +{{- define "styles.env.migrate" -}} +{{ include "styles.env.loglevel" . }} +{{ include "styles.env.db.deploys" . }} +{{- end }} + +{{/* +Return the target Kubernetes version +*/}} +{{- define "capabilities.kubeVersion" -}} +{{- if .Values.global }} + {{- if .Values.global.kubeVersion }} + {{- .Values.global.kubeVersion -}} + {{- else }} + {{- default .Capabilities.KubeVersion.Version .Values.kubeVersion -}} + {{- end -}} +{{- else }} +{{- default .Capabilities.KubeVersion.Version .Values.kubeVersion -}} +{{- end -}} +{{- end -}} + +{{/* +Return the appropriate apiVersion for Horizontal Pod Autoscaler. +*/}} +{{- define "capabilities.hpa.apiVersion" -}} +{{- if semverCompare "<1.23-0" (include "capabilities.kubeVersion" .) -}} +{{- if .beta2 -}} +{{- print "autoscaling/v2beta2" -}} +{{- else -}} +{{- print "autoscaling/v2beta1" -}} +{{- end -}} +{{- else -}} +{{- print "autoscaling/v2" -}} +{{- end -}} +{{- end -}} + +{{- define "styles.env.custom.ca.path" -}} +- name: SSL_CERT_DIR + value: {{ include "styles.custom.ca.mountPath" . }} +{{- end }} + +{{- define "styles.custom.ca.mountPath" -}} +{{ .Values.customCAs.certsPath | default "/usr/local/share/ca-certificates" }} +{{- end -}} + +{{- define "styles.custom.ca.volumeMounts" -}} +- name: custom-ca + mountPath: {{ include "styles.custom.ca.mountPath" . }}/custom-ca.crt + subPath: custom-ca.crt + readOnly: true +{{- end -}} + +{{- define "styles.custom.ca.jobs.volumes" -}} +- name: custom-ca + configMap: + name: {{ include "styles.configmap.jobs.name" . }} +{{- end -}} + +{{- define "styles.custom.ca.deploys.volumes" -}} +- name: custom-ca + configMap: + name: {{ include "styles.configmap.deploys.name" . }} +{{- end -}} + +{{- define "styles.configmap.jobs.name" -}} +{{ include "styles.name" . }}-configmap-jobs +{{- end -}} + +{{- define "styles.configmap.deploys.name" -}} +{{ include "styles.name" . }}-configmap-deploys +{{- end -}} diff --git a/charts/styles-api/templates/api/deployment.yaml b/charts/styles-api/templates/api/deployment.yaml new file mode 100644 index 00000000..49bf4d57 --- /dev/null +++ b/charts/styles-api/templates/api/deployment.yaml @@ -0,0 +1,81 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "styles.api.name" . }} + {{- if or .Values.api.annotations .Values.customCAs.bundle }} + annotations: + {{- if .Values.customCAs.bundle }} + checksum/config: {{ include (print .Template.BasePath "/configmap-deploys.yaml") . | sha256sum }} + {{- end }} + {{- with .Values.api.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- end }} + labels: + {{- include "styles.api.labels" . | nindent 4 }} + {{- with .Values.api.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if not .Values.api.hpa.enabled }} + replicas: {{ .Values.api.replicas }} + {{- end }} + revisionHistoryLimit: {{ .Values.api.revisionHistoryLimit }} + strategy: + {{- toYaml .Values.api.strategy | nindent 4 }} + selector: + matchLabels: + {{- include "styles.api.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + checksum/config: {{ (include (print $.Template.BasePath "/secret-deploys.yaml") . | fromYaml).data | toYaml | sha256sum }} + {{- with .Values.api.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "styles.api.labels" . | nindent 8 }} + {{- with .Values.api.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + containers: + - name: api + image: {{ required "A valid .Values.dgctlDockerRegistry entry required" .Values.dgctlDockerRegistry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }} + imagePullPolicy: {{ .Values.imagePullPolicy }} + command: [ "mgs", "server" ] + ports: + - name: http + containerPort: 8080 + readinessProbe: + httpGet: + path: /healthcheck + port: http + resources: + {{- toYaml .Values.api.resources | nindent 12 }} + env: + {{- include "styles.env.api" . | nindent 12 }} + {{- if .Values.customCAs.bundle }} + volumeMounts: + {{- include "styles.custom.ca.volumeMounts" . | nindent 12 }} + {{- end }} + {{- if .Values.customCAs.bundle }} + volumes: + {{- include "styles.custom.ca.deploys.volumes" . | nindent 8 }} + {{- end }} + {{- with .Values.api.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.api.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.api.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/styles-api/templates/api/hpa.yaml b/charts/styles-api/templates/api/hpa.yaml new file mode 100644 index 00000000..97e042ee --- /dev/null +++ b/charts/styles-api/templates/api/hpa.yaml @@ -0,0 +1,39 @@ +{{- with .Values.api.hpa }} +{{- if .enabled }} +apiVersion: {{ include "capabilities.hpa.apiVersion" $ }} +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "styles.api.name" $ }} + labels: + {{- include "styles.api.labels" $ | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "styles.api.name" $ }} + minReplicas: {{ .minReplicas }} + maxReplicas: {{ .maxReplicas }} + behavior: + scaleUp: + stabilizationWindowSeconds: {{ .scaleUpStabilizationWindowSeconds }} + scaleDown: + stabilizationWindowSeconds: {{ .scaleDownStabilizationWindowSeconds }} + metrics: + {{- with .targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ . }} + {{- end }} + {{- with .targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ . }} + {{- end }} +{{- end }} +{{- end }} diff --git a/charts/styles-api/templates/api/ingress.yaml b/charts/styles-api/templates/api/ingress.yaml new file mode 100644 index 00000000..7573e1d5 --- /dev/null +++ b/charts/styles-api/templates/api/ingress.yaml @@ -0,0 +1,39 @@ +{{- if .Values.api.ingress.enabled -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ include "styles.api.name" . }} + labels: + {{- include "styles.api.labels" . | nindent 4 }} + {{- with .Values.api.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + ingressClassName: {{ .Values.api.ingress.className }} + {{- if .Values.api.ingress.tls }} + tls: + {{- range .Values.api.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.api.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + pathType: Prefix + backend: + service: + name: {{ include "styles.api.name" $ }} + port: + number: {{ $.Values.api.service.port }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/styles-api/templates/api/service.yaml b/charts/styles-api/templates/api/service.yaml new file mode 100644 index 00000000..b7b38310 --- /dev/null +++ b/charts/styles-api/templates/api/service.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "styles.api.name" . }} + {{- with .Values.api.service.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "styles.api.labels" . | nindent 4 }} + {{- with .Values.api.service.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + type: {{ .Values.api.service.type }} + ports: + - port: {{ .Values.api.service.port }} + name: http + targetPort: http + selector: + {{- include "styles.api.selectorLabels" . | nindent 4 }} diff --git a/charts/styles-api/templates/configmap-deploys.yaml b/charts/styles-api/templates/configmap-deploys.yaml new file mode 100644 index 00000000..d2271227 --- /dev/null +++ b/charts/styles-api/templates/configmap-deploys.yaml @@ -0,0 +1,11 @@ +{{- if .Values.customCAs.bundle }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "styles.configmap.deploys.name" . }} + labels: + {{- include "styles.labels" . | nindent 4}} +data: + custom-ca.crt: |- +{{- .Values.customCAs.bundle | nindent 4 }} +{{- end }} diff --git a/charts/styles-api/templates/configmap-jobs.yaml b/charts/styles-api/templates/configmap-jobs.yaml new file mode 100644 index 00000000..ba395474 --- /dev/null +++ b/charts/styles-api/templates/configmap-jobs.yaml @@ -0,0 +1,15 @@ +{{- if .Values.customCAs.bundle }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "styles.configmap.jobs.name" . }} + labels: + {{- include "styles.labels" . | nindent 4}} + annotations: + "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded,hook-failed + "helm.sh/hook-weight": "-10" +data: + custom-ca.crt: |- +{{- .Values.customCAs.bundle | nindent 4 }} +{{- end }} diff --git a/charts/styles-api/templates/migrate/job.yaml b/charts/styles-api/templates/migrate/job.yaml new file mode 100644 index 00000000..811a8acc --- /dev/null +++ b/charts/styles-api/templates/migrate/job.yaml @@ -0,0 +1,51 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "styles.migrate.name" . }} + labels: + {{- include "styles.migrate.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded + "helm.sh/hook-weight": "-10" +spec: + backoffLimit: 0 + template: + metadata: + name: {{ include "styles.migrate.name" . }} + labels: + {{- include "styles.migrate.labels" . | nindent 8 }} + spec: + restartPolicy: Never + {{- if .Values.migrate.initialDelaySeconds }} + initContainers: + - name: delay + image: {{ required "A valid .Values.dgctlDockerRegistry entry required" .Values.dgctlDockerRegistry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }} + command: [ "sh", "-c", "sleep {{ .Values.migrate.initialDelaySeconds }}" ] + resources: + {{- toYaml .Values.migrate.resources | nindent 12 }} + {{- end }} + containers: + - name: migrate + image: {{ required "A valid .Values.dgctlDockerRegistry entry required" .Values.dgctlDockerRegistry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }} + imagePullPolicy: {{ .Values.imagePullPolicy }} + command: [ "mgs", "migrate" ] + resources: + {{- toYaml .Values.migrate.resources | nindent 12 }} + env: + {{- include "styles.env.migrate" . | nindent 12 }} + {{- if .Values.customCAs.bundle }} + {{- include "styles.env.custom.ca.path" . | nindent 12 }} + {{- end }} + {{- if .Values.customCAs.bundle }} + volumeMounts: + {{- include "styles.custom.ca.volumeMounts" . | nindent 12 }} + {{- end }} + {{- if .Values.customCAs.bundle }} + volumes: + {{- include "styles.custom.ca.jobs.volumes" . | nindent 8 }} + {{- end }} + {{- with .Values.migrate.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/styles-api/templates/secret-deploys.yaml b/charts/styles-api/templates/secret-deploys.yaml new file mode 100644 index 00000000..9a12560d --- /dev/null +++ b/charts/styles-api/templates/secret-deploys.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "styles.secret.deploys.name" . }} + labels: + {{- include "styles.labels" . | nindent 4 }} +type: Opaque +data: + dbPassword: {{ required "A valid .Values.postgres.password required" .Values.postgres.password | b64enc }} + s3AccessKey: {{ required "A valid .Values.s3.accessKey required" .Values.s3.accessKey | b64enc }} + s3SecretKey: {{ required "A valid .Values.s3.secretKey required" .Values.s3.secretKey | b64enc }} diff --git a/charts/styles-api/templates/secret-post.yaml b/charts/styles-api/templates/secret-post.yaml new file mode 100644 index 00000000..de5cb34a --- /dev/null +++ b/charts/styles-api/templates/secret-post.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "styles.secret.jobs.name" . }} + labels: + {{- include "styles.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": post-install,post-upgrade + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded + "helm.sh/hook-weight": "-20" +type: Opaque +data: + dbPassword: {{ required "A valid .Values.postgres.password required" .Values.postgres.password | b64enc }} + s3AccessKey: {{ required "A valid .Values.s3.accessKey required" .Values.s3.accessKey | b64enc }} + s3SecretKey: {{ required "A valid .Values.s3.secretKey required" .Values.s3.secretKey | b64enc }} diff --git a/charts/styles-api/templates/secret-pre.yaml b/charts/styles-api/templates/secret-pre.yaml new file mode 100644 index 00000000..2b476037 --- /dev/null +++ b/charts/styles-api/templates/secret-pre.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "styles.secret.jobs.name" . }} + labels: + {{- include "styles.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded + "helm.sh/hook-weight": "-20" +type: Opaque +data: + dbPassword: {{ required "A valid .Values.postgres.password required" .Values.postgres.password | b64enc }} + s3AccessKey: {{ required "A valid .Values.s3.accessKey required" .Values.s3.accessKey | b64enc }} + s3SecretKey: {{ required "A valid .Values.s3.secretKey required" .Values.s3.secretKey | b64enc }} diff --git a/charts/styles-api/templates/worker/job.yaml b/charts/styles-api/templates/worker/job.yaml new file mode 100644 index 00000000..236bc47a --- /dev/null +++ b/charts/styles-api/templates/worker/job.yaml @@ -0,0 +1,66 @@ +{{- if .Values.worker.enabled }} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "styles.worker.name" . }} + labels: + {{- include "styles.worker.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded + "helm.sh/hook-weight": "10" +spec: + backoffLimit: 0 + template: + metadata: + name: {{ include "styles.worker.name" . }} + labels: + {{- include "styles.worker.labels" . | nindent 8 }} + spec: + restartPolicy: Never + {{- if .Values.worker.initialDelaySeconds }} + initContainers: + - name: delay + image: {{ required "A valid .Values.dgctlDockerRegistry entry required" .Values.dgctlDockerRegistry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }} + command: [ "sh", "-c", "sleep {{ .Values.worker.initialDelaySeconds }}" ] + resources: + {{- toYaml .Values.worker.resources | nindent 12 }} + {{- end }} + containers: + - name: worker + image: {{ required "A valid .Values.dgctlDockerRegistry entry required" .Values.dgctlDockerRegistry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }} + imagePullPolicy: {{ .Values.imagePullPolicy }} + command: [ "mgs", "worker" ] + resources: + {{- toYaml .Values.worker.resources | nindent 12 }} + env: + {{- include "styles.env.worker" . | nindent 12 }} + {{- if .Values.customCAs.bundle }} + {{- include "styles.env.custom.ca.path" . | nindent 12 }} + {{- end }} + {{- if or .Values.worker.persistentVolume.enabled .Values.customCAs.bundle }} + volumeMounts: + {{- if .Values.worker.persistentVolume.enabled }} + - name: {{ include "styles.worker.name" . }}-pv + mountPath: "/tmp" + {{- end }} + {{- if .Values.customCAs.bundle }} + {{- include "styles.custom.ca.volumeMounts" . | nindent 12 }} + {{- end }} + {{- end }} + {{- if or .Values.worker.persistentVolume.enabled .Values.customCAs.bundle }} + volumes: + {{- if .Values.worker.persistentVolume.enabled }} + - name: {{ include "styles.worker.name" . }}-pv + persistentVolumeClaim: + claimName: {{ include "styles.worker.name" . }} + {{- end }} + {{- if .Values.customCAs.bundle }} + {{- include "styles.custom.ca.jobs.volumes" . | nindent 8 }} + {{- end }} + {{- end }} + {{- with .Values.worker.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/charts/styles-api/values.yaml b/charts/styles-api/values.yaml new file mode 100644 index 00000000..85511ba5 --- /dev/null +++ b/charts/styles-api/values.yaml @@ -0,0 +1,248 @@ +# @section Docker Registry settings + +# @param dgctlDockerRegistry Docker Registry endpoint where On-Premise services' images reside. Format: `host:port`. + +dgctlDockerRegistry: '' + +# @section Common settings + +# @param imagePullSecrets Kubernetes image pull secrets. +# @param imagePullPolicy Image [pull policy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) +# @param image.repository Styles API service image repository. +# @param image.tag Styles API service image tag. + +imagePullSecrets: [] +imagePullPolicy: IfNotPresent +image: + repository: 2gis-on-premise/styles-api + tag: 1.13.0 + +# @section API service settings + +api: + + # @param api.strategy.type Type of Kubernetes deployment. Can be `Recreate` or `RollingUpdate`. + # @param api.strategy.rollingUpdate.maxUnavailable Maximum number of pods that can be created over the desired number of pods when doing [rolling update](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment). + # @param api.strategy.rollingUpdate.maxSurge Maximum number of pods that can be unavailable during the [rolling update](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment) process. + + strategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 0 + maxSurge: 1 + + # @param api.replicas A replica count for the pod. + # @param api.revisionHistoryLimit Revision history limit (used for [rolling back](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) a deployment). + + replicas: 1 + revisionHistoryLimit: 3 + + # @section api.resources **Kubernetes [resource management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) settings** + # @param api.resources.requests.cpu A CPU request. + # @param api.resources.requests.memory A memory request. + # @param api.resources.limits.cpu A CPU limit. + # @param api.resources.limits.memory A memory limit. + + resources: + requests: + cpu: 50m + memory: 128Mi + limits: + cpu: 1 + memory: 256Mi + + # @param api.annotations Kubernetes [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/). + # @param api.labels Kubernetes [labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/). + + annotations: { } + labels: { } + + # @param api.podAnnotations Kubernetes [pod annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/). + # @param api.podLabels Kubernetes [pod labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/). + + podAnnotations: {} + podLabels: {} + + # @param api.nodeSelector Kubernetes [node selectors](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector). + # @param api.affinity Kubernetes pod [affinity settings](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity). + # @param api.tolerations Kubernetes [tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) settings. + + nodeSelector: {} + affinity: {} + tolerations: {} + + # @param api.service.annotations Kubernetes [service annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/). + # @param api.service.labels Kubernetes [service labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/). + # @param api.service.type Kubernetes [service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types). + # @param api.service.port Service port. + + service: + annotations: {} + labels: {} + type: ClusterIP + port: 80 + + # @param api.ingress.enabled If Ingress is enabled for the service. + # @param api.ingress.className Name of the Ingress controller class. + # @param api.ingress.annotations Kubernetes [Ingress annotations](https://kubernetes.io/docs/concepts/services-networking/ingress/#the-ingress-resource). + # @param api.ingress.hosts[0].host Hostname for the Ingress service. + # @param api.ingress.hosts[0].paths[0].path Path of the host for the Ingress service. + # @param api.ingress.hosts[0].paths[0].pathType Type of the path for the Ingress service. + # @param api.ingress.tls TLS configuration + + ingress: + enabled: false + className: nginx + annotations: {} + hosts: + - host: styles.example.com + paths: + - path: / + pathType: Prefix + tls: [] + # - hosts: + # - styles-api.example.com + # secretName: secret.tls + + # @param api.hpa.enabled If HPA is enabled for the service. + # @param api.hpa.minReplicas Lower limit for the number of replicas to which the autoscaler can scale down. + # @param api.hpa.maxReplicas Upper limit for the number of replicas to which the autoscaler can scale up. + # @param api.hpa.scaleDownStabilizationWindowSeconds Scale-down window. + # @param api.hpa.scaleUpStabilizationWindowSeconds Scale-up window. + # @param api.hpa.targetCPUUtilizationPercentage Target average CPU utilization (represented as a percentage of requested CPU) over all the pods; if not specified the default autoscaling policy will be used. + # @param api.hpa.targetMemoryUtilizationPercentage Target average memory utilization (represented as a percentage of requested memory) over all the pods; if not specified the default autoscaling policy will be used. + + hpa: + enabled: false + minReplicas: 1 + maxReplicas: 2 + scaleDownStabilizationWindowSeconds: '' + scaleUpStabilizationWindowSeconds: '' + targetCPUUtilizationPercentage: 80 + targetMemoryUtilizationPercentage: '' + +# @section Worker service settings + +worker: + + # @param worker.initialDelaySeconds Delay in seconds at the service startup. + + initialDelaySeconds: 0 + + # @section worker.persistentVolume **Persistent Volume settings** + # @param worker.persistentVolume.enabled If [Persistent Volumes](https://kubernetes.io/docs/concepts/storage/persistent-volumes/) is enabled for the service + # @param worker.persistentVolume.accessModes Persistent Volume [Access Mode](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes) + # @param worker.persistentVolume.storageClass Kubernetes [Storage Classes](https://kubernetes.io/docs/concepts/storage/storage-classes/) + # @param worker.persistentVolume.size Volume size + + persistentVolume: + enabled: false + accessModes: + - ReadWriteOnce + storageClass: topolvm-ext4 + size: 256Mi + + # @section worker.resources **Kubernetes [resource management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) settings** + # @param worker.resources.requests.cpu A CPU request. + # @param worker.resources.requests.memory A memory request. + # @param worker.resources.limits.cpu A CPU limit. + # @param worker.resources.limits.memory A memory limit. + + resources: + requests: + cpu: 50m + memory: 128Mi + limits: + cpu: 1 + memory: 256Mi + +# @section Migrate service settings + +migrate: + + # @param migrate.initialDelaySeconds Delay in seconds at the service startup. + + initialDelaySeconds: 0 + + # @section migrate.resources **Kubernetes [resource management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) settings** + # @param migrate.resources.requests.cpu A CPU request. + # @param migrate.resources.requests.memory A memory request. + # @param migrate.resources.limits.cpu A CPU limit. + # @param migrate.resources.limits.memory A memory limit. + + resources: + requests: + cpu: 10m + memory: 32Mi + limits: + cpu: 100m + memory: 64Mi + + # @param migrate.nodeSelector Kubernetes [node selectors](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector). + + nodeSelector: {} + +# @section Logging settings + +log: + + # @param log.level Log level. Possible values: `debug`, `info`, `warn`, `error`, `fatal`. **Required** + + level: info + +# @section Database access settings + +postgres: + + # @param postgres.host PostgreSQL hostname or IP. **Required** + # @param postgres.port PostgreSQL port. + # @param postgres.timeout PostgreSQL client connection timeout. + # @param postgres.retry PostgreSQL client connection retry. + # @param postgres.name PostgreSQL database name. **Required** + # @param postgres.schema PostgreSQL database schema. If not specified, schema from SEARCH_PATH will be used. + # @param postgres.username PostgreSQL username. **Required** + # @param postgres.password PostgreSQL password. **Required** + + host: '' + port: 5432 + timeout: 3s + retry: 10 + name: '' + schema: '' + username: '' + password: '' + +# @section S3 like storage access settings + +s3: + + # @param s3.endpoint S3 endpoint as `host|ip:port`. **Required** + # @param s3.accessKey S3 access key. **Required** + # @param s3.secretKey S3 secret key. **Required** + # @param s3.bucket S3 bucket name. **Required** + # @param s3.publicDomain S3 public access domain. **Required** + # @param s3.connectTimeout S3 management client connection timeout. If not specified, the default value is 3s. + # @param s3.requestTimeout S3 management client request timeout. If not specified, the default value is 30s. + # @param s3.responseTimeout S3 management client response timeout. If not specified, the default value is 3s. + + endpoint: '' + accessKey: '' + secretKey: '' + bucket: styles + publicDomain: '' + connectTimeout: 3s + requestTimeout: 5s + responseTimeout: 5s + +# @section customCAs **Custom Certificate Authority** + +# @param customCAs.bundle Custom CA [text representation of the X.509 PEM public-key certificate](https://www.rfc-editor.org/rfc/rfc7468#section-5.1) +# @param customCAs.certsPath Custom CA bundle mount directory in the container. + +customCAs: + bundle: '' + # bundle: | + # -----BEGIN CERTIFICATE----- + # ... + # -----END CERTIFICATE----- + certsPath: '' diff --git a/charts/twins-api/templates/api/deployment.yaml b/charts/twins-api/templates/api/deployment.yaml index 6b97027d..3e79dc3a 100644 --- a/charts/twins-api/templates/api/deployment.yaml +++ b/charts/twins-api/templates/api/deployment.yaml @@ -22,7 +22,7 @@ spec: {{- end }} revisionHistoryLimit: {{ .Values.api.revisionHistoryLimit }} strategy: - {{- toYaml .Values.strategy | nindent 4 }} + {{- toYaml .Values.api.strategy | nindent 4 }} selector: matchLabels: {{- include "twins.api.selectorLabels" . | nindent 6 }} diff --git a/charts/twins-api/templates/migrate/job.yaml b/charts/twins-api/templates/migrate/job.yaml index fb826873..b35c1beb 100644 --- a/charts/twins-api/templates/migrate/job.yaml +++ b/charts/twins-api/templates/migrate/job.yaml @@ -46,7 +46,7 @@ spec: volumes: {{- include "twins.custom.ca.jobs.volumes" . | nindent 8 }} {{- end }} - {{- with .Values.nodeSelector }} + {{- with .Values.migrate.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }}