diff --git a/charts/ades/.helmignore b/charts/ades/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/charts/ades/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/ades/Chart.yaml b/charts/ades/Chart.yaml new file mode 100644 index 0000000..cd6ac71 --- /dev/null +++ b/charts/ades/Chart.yaml @@ -0,0 +1,23 @@ +apiVersion: v2 +name: ades +description: A Helm chart for the ADES + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.8 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +appVersion: 0.3.5 \ No newline at end of file diff --git a/charts/ades/README.md b/charts/ades/README.md new file mode 100644 index 0000000..5667b25 --- /dev/null +++ b/charts/ades/README.md @@ -0,0 +1,156 @@ +# HELM Chart for Application, Deployment Execution Service + +## Prerequisites + +* This chart requires Docker Engine 1.8+ in any of their supported platforms. Please see vendor requirements [here for more information](https://docs.microsoft.com/en-us/sql/linux/quickstart-install-connect-docker). +* At least 2GB of RAM. Make sure to assign enough memory to the Docker VM if you're running on Docker for Mac or Windows. + +## Chart Components + +* Creates an ADES deployment +* Creates a Kubernetes Service on specified port (default: 80) +* Creates a processing-manager ades service account with an advanced role allowing to create namespaces and related resources + +## Important note about processing manager + +The ADES provision a new namespace for each processing job submitted. To do so, it uses a specific service account created during the deployment. This service account will have admin privileges. The service account creates is called `-processing-manager`. + +## Installing the Chart + +You can install the chart with the release name `ades` in `eoepca` namespace as below. + +```console +$ helm install ades charts/ades --namespace eoepca +... +``` + +> Note - If you do not specify a name, helm will select a name for you. + +### Stage-in/Out with Stars + +By default, CWL values for stage-in and stage-out are not set. Therefore, the default stage-in and stage-out from [`cwl-wrapper`](https://github.com/EOEPCA/cwl-wrapper) project are used. It is strongly recommended to install the default stage-in and stage-out contained in this repository. +This can be done installing or upgrading the chart with + +```console +helm upgrade --install ades charts/ades/ --namespace eoepca --set-file workflowExecutor.stagein.cwl=charts/ades/files/cwl/stagein/terradue_stars_t2_latest.cwl --set-file workflowExecutor.stageout.cwl=charts/ades/files/cwl/stageout/terradue_stars_latest.cwl +``` + +Those stage-in and stage-out includes the [Stars](https://github.com/Terradue/Stars) CLI that are able to read the EOEPCA catalog reference and provision with the assets referenced. In stage-in, data are also harvested to create a [STAC](https://github.com/radiantearth/stac-spec) catalog describing the assets staged. + +### Installed Components + +You can use `kubectl get` to view all of the installed components. + +```console +$ kubectl get all -l app.kubernetes.io/instance=ades -n eoepca +NAME READY STATUS RESTARTS AGE +pod/ades-66fc8f5566-w7456 2/2 Running 0 6d + +NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE +service/ades ClusterIP 172.30.89.159 80/TCP 8d + +NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE +deployment.apps/ades 1 1 1 1 8d + +NAME DESIRED CURRENT READY AGE +replicaset.apps/ades-6669bcbc5d 0 0 0 8d +replicaset.apps/ades-66fc8f5566 1 1 1 7d + +NAME HOST/PORT PATH SERVICES PORT TERMINATION WILDCARD +route.route.openshift.io/ades-5w2ww ades.eoepca.com / ades http edge/Redirect None +``` + +## Connecting to the ADES + +1. Run the following command to get the openAPI document + +```console +$ curl -H 'Accept: application/json' https://ades-cpe.terradue.com/terradue/wps3/api +``` + +## Values + +The configuration parameters in this section control the resources requested and utilized by the ADES instance. + +| Parameter | Description | Default | +| --------------------------------------- | ---------------------------------------------------------------------------------------------- | -------------------------------- | +| clusterAdminRoleName | Name of the role binding for the ades service account that provision resources for processing | `cluster-admin` | +| useKubeProxy | If the ADES interacts with the kubernetes cluster via proxy or not. If false, workflowExecutor.kubeconfig file location must be provided | `true` | +| workflowExecutor.kubeconfig | kube config file to be used by the ADES to connect to th cluster where to provision resource for the processing. | `files/kubeconfig` | +| workflowExecutor.inputs | Key/Value Dictionary of input values to be passed to all nodes of the application workflow. They will be prefixed with 'ADES_'. e.g. 'APP: ades' will be 'ADES_APP: ades' | `[Empty dictionary]` | +| workflowExecutor.main/stagein/stageout/rulez | data structure for defining the CWL parameter used by [`cwl-wrapper`](https://github.com/EOEPCA/cwl-wrapper) | `empty` | +| workflowExecutor.processingStorageClass | kubernetes storage class to be used for provisioning volumes for processing. Must be ReadWriteMany compliant | `glusterfs-storage` | +| workflowExecutor.processingVolumeTmpSize | Size of the volumes for processing result of one workflow nodeouput | `5Gi` +| workflowExecutor.processingVolumeOutputSize | Size of the volumes for processing result for the whole workflow ouput | `10Gi` | +| workflowExecutor.processingMaxRam | Total maximum RAM pool available for all pods running concurrently | `16Gi` | +| workflowExecutor.processingMaxCores | Total maximum CPU cores pool available for all pods running concurrently | `8` | +| workflowExecutor.processingKeepWorkspace | Name of the secret to use to pull docker images | `false` | +| workflowExecutor.stageincwl | Stage-in CWL workflo file path | `files/stageincwl.cwl` | +| workflowExecutor.imagePullSecrets | ImagePullSecrets is an optional list of references to secrets for the processing namespace to use for pulling any of the images used by the processing pods. If specified, these secrets will be passed to individual puller implementations for them to use. For example, in the case of docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod | `[]` | +| wps.maincfgtpl | Main config file template for WPS interface | `files/main.cfg.tpl` | +| wps.usePep | Use the policy Enforcement Point for registering resources | `false` | +| wps.pepBaseUrl | Policy Enforcement Point Base Url | `https://pep.eoepca.terradue.com` | +| persistence.enabled | Persist the user and processing Data of the ADES | `true` | +| persistence.existingUserDataClaim | Identify an existing Claim to be used for the User Data Directory | `Commented Out` | +| persistence.existingProcServicesClaim | Identify an existing Claim to be used for the Processing data directory | `Commented Out` | +| persistence.storageClass | Storage Class to be used | `standard` | +| persistence.userDataAccessMode | Data Access Mode to be used for the user data Directory | `ReadWriteOnce` | +| persistence.userDataSize | PVC Size for user data Directory | `10Gi` | +| persistence.procServicesAccessMode | Data Access Mode to be used for the processing data Directory | `ReadWriteOnce` | +| persistence.procServicesSize | PVC Size for user data Directory | `5Gi` | +| tolerations | List of node taints to tolerate | `[]` | +| affinity | Map of node/pod affinities | `{}` | +| podSecurityContext | SecurityContext to apply to the pod | `{}` | + +## Liveness and Readiness + +The ADES instance has liveness and readiness checks specified. + +## Resources + +You can specify the resource limits for this chart in the values.yaml file. Make sure you comment out or remove the curly brackets from the values.yaml file before specifying resource limits. +Example: + +```yaml +resources: + limits: + cpu: 2 + memory: 4Gi + requests: + cpu: 1 + memory: 2Gi +``` + +## Persistence Examples + +Persistence in this chart can be enabled by specifying `persistence.enabled=true`. The path to the user and processing data can be customized to fit different requirements. + +* Example 1 - Enable persistence in values.yaml without specifying claim +> Note - This is useful for local development in a minikube environment + +```yaml +persistence: + enabled: true + # existingUserDataClaim: + # existingProcServicesClaim: + # storageClass: "-" + userDataAccessMode: ReadWriteOnce + userDataSize: 5Gi + procServicesAccessMode: ReadWriteOnce + procServicesSize: 2Gi +``` + +* Example 2 - Enable persistence in values.yaml with existing claim +> Note - This is useful for production based environments for persistence volumes and claims already exist. + +```yaml +persistence: + enabled: true + existingUserDataClaim: pvc-ades-userdata + existingProcServicesClaim: pvc-ades-processingdata + # storageClass: "-" + # userDataAccessMode: ReadWriteOnce + # userDataSize: 1Gi + # procServicesAccessMode: ReadWriteOnce + # procServicesSize: 1Gi +``` diff --git a/charts/ades/files/cwl/stagein/eoepca_stage-in_0_2.cwl b/charts/ades/files/cwl/stagein/eoepca_stage-in_0_2.cwl new file mode 100644 index 0000000..7adf4bf --- /dev/null +++ b/charts/ades/files/cwl/stagein/eoepca_stage-in_0_2.cwl @@ -0,0 +1,18 @@ +baseCommand: stage-in +class: CommandLineTool +hints: + DockerRequirement: + dockerPull: eoepca/stage-in:0.2 +id: stagein +arguments: + - prefix: -t + position: 1 + valueFrom: "./" + +inputs: {} +outputs: {} +requirements: + EnvVarRequirement: + envDef: + PATH: /opt/anaconda/envs/env_stagein/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + ResourceRequirement: {} \ No newline at end of file diff --git a/charts/ades/files/cwl/stagein/eoepca_stage-in_0_9.cwl b/charts/ades/files/cwl/stagein/eoepca_stage-in_0_9.cwl new file mode 100644 index 0000000..82208a9 --- /dev/null +++ b/charts/ades/files/cwl/stagein/eoepca_stage-in_0_9.cwl @@ -0,0 +1,48 @@ + +baseCommand: stage-in +arguments: ['-t', './'] +class: CommandLineTool +hints: + DockerRequirement: + dockerPull: eoepca/stage-in:0.9 +id: stagein +inputs: + stage_in_username: + inputBinding: + position: 1 + prefix: -u + type: string? + stage_in_password: + inputBinding: + position: 2 + prefix: -p + type: string? + stage_in_s3_endpoint: + inputBinding: + position: 3 + prefix: -e + type: string? + stage_in_s3_region: + inputBinding: + position: 4 + prefix: -r + type: string? + stage_in_s3_signature_version: + inputBinding: + position: 5 + prefix: -s + type: string? + input_reference: + inputBinding: + position: 6 + type: string[] +outputs: + results: + outputBinding: + glob: . + type: Any +requirements: + EnvVarRequirement: + envDef: + PATH: /opt/anaconda/envs/env_stagein/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + ResourceRequirement: {} \ No newline at end of file diff --git a/charts/ades/files/cwl/stagein/terradue_stars_latest.cwl b/charts/ades/files/cwl/stagein/terradue_stars_latest.cwl new file mode 100644 index 0000000..2134d41 --- /dev/null +++ b/charts/ades/files/cwl/stagein/terradue_stars_latest.cwl @@ -0,0 +1,34 @@ +cwlVersion: v1.0 +baseCommand: Stars +doc: "Run Stars for staging input data" +class: CommandLineTool +hints: + DockerRequirement: + dockerPull: terradue/stars:latest +id: stars +arguments: +- copy +- -v +- -rel +- -r +- '4' +- -o +- ./ +inputs: + ADES_STAGEIN_AWS_SERVICEURL: + type: string? + ADES_STAGEIN_AWS_ACCESS_KEY_ID: + type: string? + ADES_STAGEIN_AWS_SECRET_ACCESS_KEY: + type: string? +outputs: {} +requirements: + EnvVarRequirement: + envDef: + PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + # AWS__Profile: $(inputs.aws_profile) + # AWS__ProfilesLocation: $(inputs.aws_profiles_location.path) + AWS__ServiceURL: $(inputs.ADES_STAGEIN_AWS_SERVICEURL) + AWS_ACCESS_KEY_ID: $(inputs.ADES_STAGEIN_AWS_ACCESS_KEY_ID) + AWS_SECRET_ACCESS_KEY: $(inputs.ADES_STAGEIN_AWS_SECRET_ACCESS_KEY) + ResourceRequirement: {} \ No newline at end of file diff --git a/charts/ades/files/cwl/stagein/terradue_stars_t2_latest.cwl b/charts/ades/files/cwl/stagein/terradue_stars_t2_latest.cwl new file mode 100644 index 0000000..c63fc70 --- /dev/null +++ b/charts/ades/files/cwl/stagein/terradue_stars_t2_latest.cwl @@ -0,0 +1,35 @@ +cwlVersion: v1.0 +baseCommand: Stars +doc: "Run Stars for staging input data" +class: CommandLineTool +hints: + DockerRequirement: + dockerPull: terradue/stars-t2:0.6.18.19 +id: stars +arguments: +- copy +- -v +- -rel +- -r +- '4' +- -o +- ./ +- --harvest +inputs: + ADES_STAGEIN_AWS_SERVICEURL: + type: string? + ADES_STAGEIN_AWS_ACCESS_KEY_ID: + type: string? + ADES_STAGEIN_AWS_SECRET_ACCESS_KEY: + type: string? +outputs: {} +requirements: + EnvVarRequirement: + envDef: + PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + # AWS__Profile: $(inputs.aws_profile) + # AWS__ProfilesLocation: $(inputs.aws_profiles_location.path) + AWS__ServiceURL: $(inputs.ADES_STAGEIN_AWS_SERVICEURL) + AWS_ACCESS_KEY_ID: $(inputs.ADES_STAGEIN_AWS_ACCESS_KEY_ID) + AWS_SECRET_ACCESS_KEY: $(inputs.ADES_STAGEIN_AWS_SECRET_ACCESS_KEY) + ResourceRequirement: {} \ No newline at end of file diff --git a/charts/ades/files/cwl/stageout/eoepca_stage-out_0_2.cwl b/charts/ades/files/cwl/stageout/eoepca_stage-out_0_2.cwl new file mode 100644 index 0000000..5e266b3 --- /dev/null +++ b/charts/ades/files/cwl/stageout/eoepca_stage-out_0_2.cwl @@ -0,0 +1,49 @@ +class: CommandLineTool +baseCommand: stage-out +inputs: + job: + type: string + inputBinding: + position: 1 + prefix: --job + valueFrom: $( inputs.job ) + + ADES_STAGEOUT_STORAGE_HOST: + type: string + inputBinding: + position: 2 + prefix: --store-host + + + ADES_STAGEOUT_STORAGE_USERNAME: + type: string + inputBinding: + position: 3 + prefix: --store-username + + + ADES_STAGEOUT_STORAGE_APIKEY: + type: string + inputBinding: + position: 4 + prefix: --store-apikey + + + outputfile: + type: string + inputBinding: + position: 5 + prefix: --outputfile + valueFrom: $( inputs.outputfile ) + +outputs: {} +requirements: + InlineJavascriptRequirement: {} + EnvVarRequirement: + envDef: + PATH: /opt/anaconda/envs/env_stageout/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + + ResourceRequirement: {} +hints: + DockerRequirement: + dockerPull: eoepca/stage-out:0.2 \ No newline at end of file diff --git a/charts/ades/files/cwl/stageout/terradue_stars_latest.cwl b/charts/ades/files/cwl/stageout/terradue_stars_latest.cwl new file mode 100644 index 0000000..18a22b1 --- /dev/null +++ b/charts/ades/files/cwl/stageout/terradue_stars_latest.cwl @@ -0,0 +1,57 @@ +cwlVersion: v1.0 +baseCommand: Stars +doc: "Run Stars for staging results" +class: CommandLineTool +hints: + DockerRequirement: + dockerPull: terradue/stars-t2:0.6.18.19 +id: stars +arguments: +- copy +- -v +- -r +- '4' +inputs: + ADES_STAGEOUT_AWS_PROFILE: + type: string? + ADES_STAGEOUT_AWS_SERVICEURL: + type: string? + ADES_STAGEOUT_AWS_ACCESS_KEY_ID: + type: string? + ADES_STAGEOUT_AWS_SECRET_ACCESS_KEY: + type: string? + aws_profiles_location: + type: File? + result_directory: + type: Directory? + inputBinding: + position: 7 + ADES_STAGEOUT_OUTPUT: + type: string? + inputBinding: + position: 5 + prefix: -o + valueFrom: $( self + "/" + inputs.process ) + ADES_STAGEOUT_AWS_REGION: + type: string? + process: + type: string? + inputBinding: + position: 6 + prefix: -res + valueFrom: $( inputs.process + ".res" ) +outputs: {} +requirements: + InlineJavascriptRequirement: {} + EnvVarRequirement: + envDef: + PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + # AWS__Profile: $(inputs.ADES_STAGEOUT_AWS_PROFILE) + # AWS__ProfilesLocation: $(inputs.aws_profiles_location.path) + AWS__ServiceURL: $(inputs.ADES_STAGEOUT_AWS_SERVICEURL) + AWS__SignatureVersion: "2" + AWS_ACCESS_KEY_ID: $(inputs.ADES_STAGEOUT_AWS_ACCESS_KEY_ID) + AWS_SECRET_ACCESS_KEY: $(inputs.ADES_STAGEOUT_AWS_SECRET_ACCESS_KEY) + #AWS__Region: $(inputs.ADES_STAGEOUT_AWS_REGION) + #AWS__AuthenticationRegion: $(inputs.ADES_STAGEOUT_AWS_REGION) + ResourceRequirement: {} \ No newline at end of file diff --git a/charts/ades/files/kubeconfig b/charts/ades/files/kubeconfig new file mode 100644 index 0000000..e69de29 diff --git a/charts/ades/files/main.cfg.tpl b/charts/ades/files/main.cfg.tpl new file mode 100644 index 0000000..9f6874f --- /dev/null +++ b/charts/ades/files/main.cfg.tpl @@ -0,0 +1,86 @@ +[headers] +X-Powered-By=ZOO@ZOO-Project + +[main] +version=2.0.0 +encoding=utf-8 +__rewriteUrl=call +dataPath=/var/www/data +tmpPath=/var/www/_run/res +sessPath=/tmp +cacheDir=/var/www/cache +lang=en-US,en-GB +language=en-US +msOgcVersion=1.0.0 +tmpUrl=/res +cors=false +storeExecuteResponse=true +servicePath=/zooservices/ + +[identification] +title=Ellip-WPS +keywords= +abstract= +accessConstraints=none +fees=None + +[provider] +positionName=xxxx +providerName=xxxx +addressAdministrativeArea=False +addressDeliveryPoint=xxxxx +addressCountry=IT +phoneVoice=+xxxxx +addressPostalCode=xxx +role=Support +providerSite=https://www.xxxxx.com +phoneFacsimile=False +addressElectronicMailAddress=support@xxxx.com +addressCity=xx +individualName=Operations Support team + +[java] + +[javax] + +[env] + +[database] + +[jwt] +secret= +cert1= +cert2= + +[serviceConf] +sleepGetStatus=100 +sleepGetPrepare=30 +sleepBeforeRes=30 + +[pep] +pepresource=/opt/t2service/libpep_resource.so +usepep={{ .Values.wps.usePep }} +pephost={{ .Values.wps.pepBaseUrl }} +scopes=public +pathBase=/%s/wps3/processes/%s +pathStatus=/%s/watchjob/processes/%s/jobs/%s +pathResult=/%s/watchjob/processes/%s/jobs/%s/result +stopOnError=true + +[resourcemanager] +useResourceManager={{ .Values.workflowExecutor.useResourceManager }} +resourceManagerEndpoint={{ .Values.workflowExecutor.resourceManagerEndpoint }} +resourceManagerWorkspacePrefix= {{ .Values.workflowExecutor.resourceManagerWorkspacePrefix }} + +[eoepca] +owsparser=/opt/t2libs/libeoepcaows.so +buildPath=/opt/t2template/ + +WorkflowExecutorHost=http://localhost:8000 +WorkflowExecutorConfig=/opt/t2config/workflowwxecutorconfig.json +libWorkflowExecutor=/opt/t2service/libworkflow_executor.so + +userworkspace=/opt/zooservices_user +defaultUser=anonymous +userSpaceScript=/opt/t2scripts/prepareUserSpace.sh +removeServiceScript=/opt/t2scripts/removeservice.sh \ No newline at end of file diff --git a/charts/ades/files/maincwlmetrics.cwl b/charts/ades/files/maincwlmetrics.cwl new file mode 100644 index 0000000..013fd4b --- /dev/null +++ b/charts/ades/files/maincwlmetrics.cwl @@ -0,0 +1,102 @@ +class: Workflow +doc: Main stage manager +id: stage-manager +label: theStage +inputs: + workflow: + doc: workflow + label: workflow + type: string + process: + doc: process + label: process + type: string +outputs: {} +requirements: + SubworkflowFeatureRequirement: {} + ScatterFeatureRequirement: {} +steps: + node_metrics_in: + in: + inp1: workflow + inp2: process + out: + - results + run: + baseCommand: metrics + hints: + DockerRequirement: + dockerPull: terradue/metrics:0.1 + class: CommandLineTool + id: clt + arguments: + - prefix: --event + position: 3 + valueFrom: "started" + inputs: + inp1: + inputBinding: + position: 1 + prefix: --workflow + type: string + inp2: + inputBinding: + position: 2 + prefix: --process + type: string + outputs: + results: + type: stdout + requirements: + EnvVarRequirement: + envDef: + PATH: /srv/conda/envs/env_metrics/bin:/opt/anaconda/bin:/usr/share/java/maven/bin:/opt/anaconda/bin:/opt/anaconda/envs/notebook/bin:/opt/anaconda/bin:/usr/share/java/maven/bin:/opt/anaconda/bin:/opt/anaconda/condabin:/opt/anaconda/bin:/usr/lib64/qt-3.3/bin:/usr/share/java/maven/bin:/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin + ResourceRequirement: { } + node_stage_in: + in: + metrics: node_metrics_in/results + out: [] + run: '' +# +# on_stage: +# in: {} +# out: [] +# run: '' +# node_stage_out: +# in: {} +# out: [] +# run: '' + node_metrics_out: + in: + inp1: workflow + inp2: process + out: + - results + run: + baseCommand: metrics + hints: + DockerRequirement: + dockerPull: terradue/metrics:0.1 + class: CommandLineTool + id: clt + arguments: + - prefix: --event + position: 3 + valueFrom: "succeeded" + inputs: + inp1: + inputBinding: + position: 1 + prefix: --workflow + type: string + inp2: + inputBinding: + position: 1 + prefix: --process + type: string + outputs: {} + requirements: + EnvVarRequirement: + envDef: + PATH: /srv/conda/envs/env_metrics/bin:/opt/anaconda/bin:/usr/share/java/maven/bin:/opt/anaconda/bin:/opt/anaconda/envs/notebook/bin:/opt/anaconda/bin:/usr/share/java/maven/bin:/opt/anaconda/bin:/opt/anaconda/condabin:/opt/anaconda/bin:/usr/lib64/qt-3.3/bin:/usr/share/java/maven/bin:/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin + ResourceRequirement: { } \ No newline at end of file diff --git a/charts/ades/templates/NOTES.txt b/charts/ades/templates/NOTES.txt new file mode 100644 index 0000000..4895a50 --- /dev/null +++ b/charts/ades/templates/NOTES.txt @@ -0,0 +1,21 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ . }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ades.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ades.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ades.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ades.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:80 +{{- end }} diff --git a/charts/ades/templates/_helpers.tpl b/charts/ades/templates/_helpers.tpl new file mode 100644 index 0000000..a0cd325 --- /dev/null +++ b/charts/ades/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ades.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ades.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ades.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ades.labels" -}} +helm.sh/chart: {{ include "ades.chart" . }} +{{ include "ades.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ades.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ades.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ades.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ades.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/charts/ades/templates/configmap.yaml b/charts/ades/templates/configmap.yaml new file mode 100644 index 0000000..0186807 --- /dev/null +++ b/charts/ades/templates/configmap.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "ades.fullname" . }}-configmap + namespace: {{ .Release.Namespace }} + labels: + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: + ppImagePullSecrets.json: {{ toJson .Values.workflowExecutor.imagePullSecrets | quote }} + kubeconfig: {{ tpl .Values.workflowExecutor.kubeconfig . | quote }} + maincfg: {{ tpl (.Files.Get .Values.wps.maincfgtpl) . | quote }} + main.cwl: {{ required "A valid .Values.Values.workflowExecutor.main.cwl entry required!" (tpl (.Values.workflowExecutor.main.cwl) . | quote) }} + stagein.cwl: {{ required "A valid .Values.Values.workflowExecutor.stagein.cwl entry required!" (tpl (.Values.workflowExecutor.stagein.cwl) . | quote) }} + stageout.cwl: {{ required "A valid .Values.Values.workflowExecutor.stageout.cwl entry required!" (tpl (.Values.workflowExecutor.stageout.cwl) . | quote) }} + rulez.cwl: {{ required "A valid .Values.Values.workflowExecutor.rulez.cwl entry required!" (tpl (.Values.workflowExecutor.rulez.cwl) . | quote) }} + wfinputs.yaml: {{ toYaml .Values.workflowExecutor.inputs | quote }} + pod_env_vars.yaml: {{ toYaml .Values.workflowExecutor.pod.env | quote }} + + + diff --git a/charts/ades/templates/deployment-proxy.yaml b/charts/ades/templates/deployment-proxy.yaml new file mode 100644 index 0000000..e8fb91c --- /dev/null +++ b/charts/ades/templates/deployment-proxy.yaml @@ -0,0 +1,48 @@ +{{- if .Values.useKubeProxy }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "ades.fullname" . }}-kubeproxy + labels: + app.kubernetes.io/name: {{ include "ades.name" . }}-kubeproxy +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ include "ades.name" . }}-kubeproxy + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + app.kubernetes.io/name: {{ include "ades.name" . }}-kubeproxy + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "ades.fullname" . }}-processing-manager + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ include "ades.fullname" . }}-kubeproxy + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: eoepca/kubectl-proxy:latest + ports: + - containerPort: 8001 + restartPolicy: Always + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/ades/templates/deployment.yaml b/charts/ades/templates/deployment.yaml new file mode 100644 index 0000000..252ae44 --- /dev/null +++ b/charts/ades/templates/deployment.yaml @@ -0,0 +1,149 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "ades.fullname" . }} + labels: + {{- include "ades.labels" . | nindent 4 }} +spec: +{{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} +{{- end }} + selector: + matchLabels: + {{- include "ades.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "ades.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "ades.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: 80 + protocol: TCP + # livenessProbe: + # httpGet: + # path: / + # port: http + readinessProbe: + httpGet: + path: /terradue/wps3/processes + port: http + httpHeaders: + - name: Accept + value: application/json + resources: + {{- toYaml .Values.resources | nindent 12 }} + env: + {{- if .Values.useKubeProxy }} + - name: HTTP_PROXY + value: "http://{{ include "ades.fullname" . }}-kubeproxy:8001" + {{- else }} + - name: KUBECONFIG + value: /var/etc/ades/kubeconfig + {{- end }} + - name: ADES_NAMESPACE + value: {{ .Release.Namespace }} + - name: ADES_CWL_INPUTS + value: /var/etc/ades/wfinputs.yaml + - name: ADES_POD_ENV_VARS + value: /var/etc/ades/pod_env_vars.yaml + - name: STORAGE_CLASS + value: {{ .Values.workflowExecutor.processingStorageClass | quote }} + - name: VOLUME_TMP_SIZE + value: {{ .Values.workflowExecutor.processingVolumeTmpSize | quote }} + - name: VOLUME_OUTPUT_SIZE + value: {{ .Values.workflowExecutor.processingVolumeOutputSize | quote }} + - name: JOB_MAX_RAM + value: {{ .Values.workflowExecutor.processingMaxRam | quote }} + - name: JOB_MAX_CORES + value: {{ .Values.workflowExecutor.processingMaxCores | quote }} + - name: JOB_KEEPWORKSPACE + value: {{ .Values.workflowExecutor.processingKeepWorkspace | quote }} + - name: JOB_KEEPWORKSPACE_IF_FAILED + value: {{ .Values.workflowExecutor.processingKeepWorkspaceIfFailed | quote }} + - name: ADES_WFEXEC_MAINCWL + value: /var/etc/ades/main.cwl + - name: ADES_WFEXEC_STAGEIN_CWL + value: /var/etc/ades/stagein.cwl + - name: ADES_WFEXEC_STAGEOUT_CWL + value: /var/etc/ades/stageout.cwl + - name: ADES_WFEXEC_RULEZ_CWL + value: /var/etc/ades/rulez.cwl + - name: IMAGE_PULL_SECRETS + value: /var/etc/ades/ppImagePullSecrets.json + {{- if .Values.workflowExecutor.useResourceManager }} + - name: USE_RESOURCE_MANAGER + value: {{ .Values.workflowExecutor.useResourceManager | quote }} + - name: RESOURCE_MANAGER_USERNAME + value: {{ .Values.workflowExecutor.resourceManagerUser | quote }} + - name: RESOURCE_MANAGER_ENDPOINT + value: {{ .Values.workflowExecutor.resourceManagerEndpoint | quote }} + - name: RESOURCE_MANAGER_WORKSPACE_PREFIX + value: {{ .Values.workflowExecutor.resourceManagerWorkspacePrefix | quote }} + {{- end }} + volumeMounts: + - name: ades-config + mountPath: /var/etc/ades + - name: ades-user-data + mountPath: /var/www/html/res + - name: ades-processing-services + mountPath: /opt/zooservices_user + - name: ades-config + mountPath: /zooservices/main.cfg + subPath: maincfg + volumes: + - name: ades-config + configMap: + name: {{ template "ades.fullname" . }}-configmap + - name: ades-user-data + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + {{- if .Values.persistence.existingUserDataClaim }} + claimName: {{ .Values.persistence.existingUserDataClaim }} + {{- else }} + claimName: {{ template "ades.fullname" . }}-user-data + {{- end -}} + {{- else }} + emptyDir: {} + {{- end }} + - name: ades-processing-services + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + {{- if .Values.persistence.existingProcessingServicesClaim }} + claimName: {{ .Values.persistence.existingProcessingServicesClaim }} + {{- else }} + claimName: {{ template "ades.fullname" . }}-processing-services + {{- end -}} + {{- else }} + emptyDir: {} + {{- end }} + restartPolicy: Always + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/ades/templates/hpa.yaml b/charts/ades/templates/hpa.yaml new file mode 100644 index 0000000..d4c7e2a --- /dev/null +++ b/charts/ades/templates/hpa.yaml @@ -0,0 +1,28 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2beta1 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "ades.fullname" . }} + labels: + {{- include "ades.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "ades.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/charts/ades/templates/ingress.yaml b/charts/ades/templates/ingress.yaml new file mode 100644 index 0000000..3338a2e --- /dev/null +++ b/charts/ades/templates/ingress.yaml @@ -0,0 +1,41 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "ades.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "ades.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ . }} + backend: + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} diff --git a/charts/ades/templates/processing-manager-serviceaccount.yaml b/charts/ades/templates/processing-manager-serviceaccount.yaml new file mode 100644 index 0000000..6ee127f --- /dev/null +++ b/charts/ades/templates/processing-manager-serviceaccount.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ades.fullname" . }}-processing-manager + labels: + {{- include "ades.labels" . | nindent 4 }} diff --git a/charts/ades/templates/processing-rolebinding.yaml b/charts/ades/templates/processing-rolebinding.yaml new file mode 100644 index 0000000..617cb50 --- /dev/null +++ b/charts/ades/templates/processing-rolebinding.yaml @@ -0,0 +1,12 @@ +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "ades.fullname" . }}-processing +subjects: + - kind: ServiceAccount + name: {{ include "ades.fullname" . }}-processing-manager + namespace: {{ .Release.Namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ .Values.clusterAdminRoleName }} \ No newline at end of file diff --git a/charts/ades/templates/processing-services-pv-claim.yaml b/charts/ades/templates/processing-services-pv-claim.yaml new file mode 100644 index 0000000..127038f --- /dev/null +++ b/charts/ades/templates/processing-services-pv-claim.yaml @@ -0,0 +1,29 @@ +{{- if and .Values.persistence.enabled (not .Values.persistence.existingProcServicesClaim) }} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ template "ades.fullname" . }}-processing-services + namespace: {{ .Release.Namespace }} + labels: + app: {{ template "ades.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + accessModes: + - {{ .Values.persistence.procServicesAccessMode | quote }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} + resources: + requests: + storage: {{ .Values.persistence.procServicesSize | quote }} +{{- end -}} \ No newline at end of file diff --git a/charts/ades/templates/service-proxy.yaml b/charts/ades/templates/service-proxy.yaml new file mode 100644 index 0000000..c49c64b --- /dev/null +++ b/charts/ades/templates/service-proxy.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "ades.fullname" . }}-kubeproxy +spec: + type: ClusterIP + ports: + - port: 8001 + targetPort: 8001 + protocol: TCP + name: http-kubeproxy + selector: + app.kubernetes.io/name: {{ include "ades.name" . }}-kubeproxy diff --git a/charts/ades/templates/service.yaml b/charts/ades/templates/service.yaml new file mode 100644 index 0000000..cd46b1e --- /dev/null +++ b/charts/ades/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "ades.fullname" . }} + labels: + {{- include "ades.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "ades.selectorLabels" . | nindent 4 }} diff --git a/charts/ades/templates/serviceaccount.yaml b/charts/ades/templates/serviceaccount.yaml new file mode 100644 index 0000000..5eee994 --- /dev/null +++ b/charts/ades/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ades.serviceAccountName" . }} + labels: + {{- include "ades.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/ades/templates/tests/test-connection.yaml b/charts/ades/templates/tests/test-connection.yaml new file mode 100644 index 0000000..5dead5a --- /dev/null +++ b/charts/ades/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "ades.fullname" . }}-test-connection" + labels: + {{- include "ades.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test-success +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "ades.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/charts/ades/templates/user-data-pv-claim.yaml b/charts/ades/templates/user-data-pv-claim.yaml new file mode 100644 index 0000000..1f55523 --- /dev/null +++ b/charts/ades/templates/user-data-pv-claim.yaml @@ -0,0 +1,29 @@ +{{- if and .Values.persistence.enabled (not .Values.persistence.existingUserDataClaim) }} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ template "ades.fullname" . }}-user-data + namespace: {{ .Release.Namespace }} + labels: + app: {{ template "ades.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + accessModes: + - {{ .Values.persistence.userDataAccessMode | quote }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} + resources: + requests: + storage: {{ .Values.persistence.userDataSize | quote }} +{{- end -}} \ No newline at end of file diff --git a/charts/ades/values.eoepca-creodias.terradue.yaml b/charts/ades/values.eoepca-creodias.terradue.yaml new file mode 100644 index 0000000..13758c8 --- /dev/null +++ b/charts/ades/values.eoepca-creodias.terradue.yaml @@ -0,0 +1,129 @@ +replicaCount: 1 +image: + repository: eoepca/proc-ades + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "devlatest" +nameOverride: "" +fullnameOverride: "" +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" +podAnnotations: {} +podSecurityContext: {} + # fsGroup: 2000 +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 +service: + type: ClusterIP + port: 80 +ingress: + enabled: true + annotations: {} + hosts: + - host: ades.185.52.193.87.nip.io + paths: ["/"] + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 1 + memory: 4Gi + requests: + cpu: 500m + memory: 2Gi +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 3 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 +storageClassName: managed-nfs-storage +clusterAdminRoleName: cluster-admin +nodeSelector: {} +tolerations: [] +affinity: {} +useKubeProxy: True +workflowExecutor: + # Necessary if useKubeProxy set to false + # kubeconfig: "files/kubeconfig" + + # Here specify fixed inputs to all workflows execution in all stages (main, stage-in/out) + # They will be prefixed with 'ADES_'. e.g. 'APP: ades' will be 'ADES_APP: ades' + inputs: + APP: ades + + STAGEIN_AWS_SERVICEURL: http://data.cloudferro.com + STAGEIN_AWS_ACCESS_KEY_ID: test + STAGEIN_AWS_SECRET_ACCESS_KEY: test + + STAGEOUT_AWS_SERVICEURL: https://s3.fr-par.scw.cloud + STAGEOUT_AWS_ACCESS_KEY_ID: SCW96Y8P089TRZHV9HY2 + STAGEOUT_AWS_SECRET_ACCESS_KEY: 04c39142-faab-40b6-a9ab-5239805b4e77 + STAGEOUT_AWS_REGION: fr-par + STAGEOUT_OUTPUT: s3://eoepca-ades + + +# STAGEOUT_STORAGE_HOST: https://nx13206.your-storageshare.de/ +# STAGEOUT_STORAGE_USERNAME: eoepca-storage +# STAGEOUT_STORAGE_APIKEY: 4k8wMajA5ABaYdk + + main: + cwl: "" + + stagein: + cwl: "" + + stageout: + cwl: "" + + rulez: + cwl: "" + + # kubernetes storage class to be used for provisioning volumes. Must be a persistent volume claim compliant (glusterfs-storage) + processingStorageClass: managed-nfs-storage + # Size of the Kubernetes Tmp Volumes + processingVolumeTmpSize: "6Gi" + # Size of the Kubernetes Output Volumes + processingVolumeOutputSize: "6Gi" + # Max ram to use for a job + processingMaxRam: "8Gi" + # Max number of CPU cores to use concurrently for a job + processingMaxCores: "2" + # if false the Ades will clean the volume after the workflow has successfully finished running + processingKeepWorkspace: "False" + # image pull secrects + imagePullSecrets: + - name: "terradue" + # custom stagein cwl + #stageincwl: "files/stageincwl.cwl" + #maincwl: "files/maincwlmetrics.cwl" +wps: + pepBaseUrl: "http://mock-pep" + usePep: "false" + maincfgtpl: "files/main.cfg.tpl" +persistence: + enabled: true + # existingUserDataClaim: + # existingProcServicesClaim: + storageClass: "managed-nfs-storage" + userDataAccessMode: ReadWriteOnce + userDataSize: 10Gi + procServicesAccessMode: ReadWriteOnce + procServicesSize: 5Gi \ No newline at end of file diff --git a/charts/ades/values.yaml b/charts/ades/values.yaml new file mode 100644 index 0000000..c234fe7 --- /dev/null +++ b/charts/ades/values.yaml @@ -0,0 +1,146 @@ +# Default values for ades. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: eoepca/proc-ades + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 80 + +ingress: + enabled: true + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: ades.eoepca.com + paths: ["/"] + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 2 + # memory: 4Gi + # requests: + # cpu: 1 + # memory: 2Gi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 3 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +clusterAdminRoleName: cluster-admin + +nodeSelector: {} + +tolerations: [] + +affinity: {} + +useKubeProxy: true + +workflowExecutor: + # Necessary if useKubeProxy set to false + kubeconfig: "" + + # Here specify fixed inputs to all workflows execution in all stages (main, stage-in/out) + # They will be prefixed with 'ADES_'. e.g. 'APP: ades' will be 'ADES_APP: ades' + inputs: + APP: ades + + main: + cwl: "" + + stagein: + cwl: "" + + stageout: + cwl: "" + + rulez: + cwl: "" + + # kubernetes storage class to be used for provisioning volumes. Must be a persistent volume claim compliant (glusterfs-storage) + processingStorageClass: glusterfs-storage + # Size of the Kubernetes Tmp Volumes + processingVolumeTmpSize: "5Gi" + # Size of the Kubernetes Output Volumes + processingVolumeOutputSize: "10Gi" + # Max ram to use for a job + processingMaxRam: "16Gi" + # Max number of CPU cores to use concurrently for a job + processingMaxCores: "8" + # if false the Ades will clean the volume after the workflow has successfully finished running + processingKeepWorkspace: false + # if false the Ades will clean the volume after the workflow has finished with an error + processingKeepWorkspaceIfFailed: false + # includes terradue.docker.com docker credentials + imagePullSecrets: [] + # some configuration values for submitted pod + pod: + env: {} + # HTTP_PROXY: http://1.2.3.4:8534 + + useResourceManager: false + resourceManagerEndpoint: "https://resourcemanager-api.com" + resourceManagerWorkspacePrefix: "rm-user" + +wps: + pepBaseUrl: "https://pep.eoepca.terradue.com" + usePep: "false" + maincfgtpl: "files/main.cfg.tpl" + + +persistence: + enabled: true + # existingUserDataClaim: + # existingProcServicesClaim: + storageClass: "standard" + userDataAccessMode: ReadWriteOnce + userDataSize: 10Gi + procServicesAccessMode: ReadWriteOnce + procServicesSize: 5Gi + diff --git a/charts/billing-service/Chart.yaml b/charts/billing-service/Chart.yaml new file mode 100644 index 0000000..33cde51 --- /dev/null +++ b/charts/billing-service/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +name: billing-service +description: A Helm chart for Billing Service +maintainers: + - name: eoepca +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +appVersion: 1.0 \ No newline at end of file diff --git a/charts/billing-service/templates/_helpers.tpl b/charts/billing-service/templates/_helpers.tpl new file mode 100644 index 0000000..7b47312 --- /dev/null +++ b/charts/billing-service/templates/_helpers.tpl @@ -0,0 +1,31 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "billing-service.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "billing-service.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "billing-service.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} \ No newline at end of file diff --git a/charts/billing-service/templates/bis-cm.yml b/charts/billing-service/templates/bis-cm.yml new file mode 100644 index 0000000..ba8fe21 --- /dev/null +++ b/charts/billing-service/templates/bis-cm.yml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: um-billing-service-config +data: + BIS_AUTH_SERVER_URL: {{ .Values.global.auth_server_url | quote }} + BIS_PREFIX: {{ .Values.global.prefix | quote }} + BIS_HOST: {{ .Values.global.host | quote }} + BIS_PORT: {{ .Values.global.port | quote }} + BIS_CHECK_SSL_CERTS: {{ .Values.global.check_ssl_certs | quote }} + BIS_DEBUG_MODE: {{ .Values.global.debug_mode | quote }} diff --git a/charts/billing-service/templates/bis-deployment.yml b/charts/billing-service/templates/bis-deployment.yml new file mode 100644 index 0000000..0af72e8 --- /dev/null +++ b/charts/billing-service/templates/bis-deployment.yml @@ -0,0 +1,52 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Values.global.bis }} + labels: + app: {{ .Values.global.bis }} +spec: + replicas: 1 + selector: + matchLabels: + app: {{ .Values.global.bis }} + template: + metadata: + labels: + app: {{ .Values.global.bis }} + spec: + containers: + - name: {{ .Values.global.bis }} + imagePullPolicy: {{ .Values.image.imagePullPolicy }} + image: {{ .Values.image.image }} + ports: + - name: http-bis + containerPort: 5569 + protocol: TCP + - name: https-bis + containerPort: 443 + protocol: TCP + envFrom: + - configMapRef: + name: um-billing-service-config + - name: mongo + imagePullPolicy: {{ .Values.image.imagePullPolicy }} + image: mongo + ports: + - name: http-rp + containerPort: 27017 + protocol: TCP + envFrom: + - configMapRef: + name: um-billing-service-config + volumeMounts: + - mountPath: /data/db/ + sub_path: billing-service/db/policy + name: eoepca-bis-pv-host + hostAliases: + - ip: {{ .Values.global.nginxIp }} + hostnames: + - {{ .Values.global.ep }} + volumes: + - name: eoepca-bis-pv-host + persistentVolumeClaim: + claimName: eoepca-bis-pvc \ No newline at end of file diff --git a/charts/billing-service/templates/bis-service.yml b/charts/billing-service/templates/bis-service.yml new file mode 100644 index 0000000..671091a --- /dev/null +++ b/charts/billing-service/templates/bis-service.yml @@ -0,0 +1,20 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.global.bis }} + labels: + app: {{ .Values.global.bis }} +spec: + type: NodePort + ports: + - port: 5569 + name: http-bis + targetPort: 5569 + protocol: TCP + nodePort: 31709 + - port: 1029 + name: https-bis + targetPort: 443 + protocol: TCP + selector: + app: {{ .Values.global.bis }} \ No newline at end of file diff --git a/charts/billing-service/templates/ingress.yaml b/charts/billing-service/templates/ingress.yaml new file mode 100644 index 0000000..0258e50 --- /dev/null +++ b/charts/billing-service/templates/ingress.yaml @@ -0,0 +1,18 @@ +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: gluu-ingress-billing-service + + annotations: + kubernetes.io/ingress.class: nginx + nginx.ingress.kubernetes.io/ssl-redirect: "false" + nginx.ingress.kubernetes.io/rewrite-target: /$2 +spec: + rules: + - host: {{ .Values.global.ep | quote }} + http: + paths: + - path: /bis(/|$)(.*) + backend: + serviceName: billing-service + servicePort: 5569 \ No newline at end of file diff --git a/charts/billing-service/templates/pv.yaml b/charts/billing-service/templates/pv.yaml new file mode 100644 index 0000000..b6dfa67 --- /dev/null +++ b/charts/billing-service/templates/pv.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: eoepca-bis-pv-host + labels: + eoepca_type: userman +spec: + capacity: + storage: {{ .Values.persistence.dbStorageSize }} + accessModes: + - {{ .Values.persistence.accessModes }} + hostPath: + path: "/kubedata/userman" + type: {{ .Values.persistence.type }} \ No newline at end of file diff --git a/charts/billing-service/templates/pvc.yaml b/charts/billing-service/templates/pvc.yaml new file mode 100644 index 0000000..ddfe781 --- /dev/null +++ b/charts/billing-service/templates/pvc.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: eoepca-bis-pvc + namespace: {{ .Release.Namespace }} + labels: + eoepca_type: userman + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + accessModes: + - {{ .Values.persistence.accessModes }} + capacity: + storage: {{ .Values.persistence.dbStorageSize }} + resources: + requests: + storage: {{ .Values.persistence.dbStorageSize }} + selector: + matchLabels: + eoepca_type: userman \ No newline at end of file diff --git a/charts/billing-service/values.yaml b/charts/billing-service/values.yaml new file mode 100644 index 0000000..a554555 --- /dev/null +++ b/charts/billing-service/values.yaml @@ -0,0 +1,29 @@ +# Default values for billing-service. + +# Global variables the Billing Service might need +# To be filled out during development +global: + namespace: default + ep: test.10.0.2.15.nip.io + domain: https://test.10.0.2.15.nip.io + auth_server_url: https://test.10.0.2.15.nip.io + prefix: / + host: 0.0.0.0 + port: 5569 + check_ssl_certs: "'false'" + debug_mode: "'true'" + nginxIp: 10.0.2.15 + + + +image: + statefulSetReplicas: 1 + imagePullPolicy: Always + image: eoepca/um-billing-service:latest +persistence: + accessModes: ReadWriteMany + dbStorageSize: 5Gi + type: DirectoryOrCreate + +config: + enabled: true \ No newline at end of file diff --git a/charts/cheese/Chart.yaml b/charts/cheese/Chart.yaml index 58c81de..290b437 100644 --- a/charts/cheese/Chart.yaml +++ b/charts/cheese/Chart.yaml @@ -15,9 +15,9 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.2.7 +version: 0.2.8 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. -appVersion: 0.2.7 +appVersion: 0.2.8 diff --git a/charts/jupyter/Chart.yaml b/charts/jupyter/Chart.yaml index 67a6635..3a09007 100644 --- a/charts/jupyter/Chart.yaml +++ b/charts/jupyter/Chart.yaml @@ -15,9 +15,9 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.3 +version: 0.1.9 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. -appVersion: 0.2.0 +appVersion: 0.3.2 diff --git a/charts/jupyter/templates/ingress.yaml b/charts/jupyter/templates/ingress.yaml index b4db198..79fe3e0 100644 --- a/charts/jupyter/templates/ingress.yaml +++ b/charts/jupyter/templates/ingress.yaml @@ -2,7 +2,13 @@ apiVersion: extensions/v1beta1 kind: Ingress metadata: name: jupyter + annotations: + cert-manager.io/cluster-issuer: letsencrypt spec: + tls: + - hosts: + - jupyter.{{ .Values.hostname }} + secretName: jupyter-tls rules: - host: jupyter.{{ .Values.hostname }} http: diff --git a/charts/jupyter/templates/jupyter-deployment.yaml b/charts/jupyter/templates/jupyter-deployment.yaml index a7b941a..f652e6b 100644 --- a/charts/jupyter/templates/jupyter-deployment.yaml +++ b/charts/jupyter/templates/jupyter-deployment.yaml @@ -17,6 +17,8 @@ spec: containers: - name: jupyter image: {{ .Values.image.image }} + command: ["jupyter"] + args: ["lab", "--NotebookApp.token=''"] {{- if .Values.image.imagePullPolicy }} imagePullPolicy: {{ .Values.image.imagePullPolicy }} {{- end }} diff --git a/charts/jupyter/values.yaml b/charts/jupyter/values.yaml index 720383e..94d7aa7 100644 --- a/charts/jupyter/values.yaml +++ b/charts/jupyter/values.yaml @@ -2,7 +2,7 @@ hostname: 192.168.49.2.nip.io image: - image: eoepca/jupyter-demo + image: eoepca/jupyterlab:latest # imagePullPolicy: IfNotPresent service: diff --git a/charts/license-manager/Chart.yaml b/charts/license-manager/Chart.yaml new file mode 100755 index 0000000..5cf5c05 --- /dev/null +++ b/charts/license-manager/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +name: license-manager +description: A Helm chart for License Manager +maintainers: + - name: eoepca +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +appVersion: 1.0 diff --git a/charts/license-manager/templates/_helpers.tpl b/charts/license-manager/templates/_helpers.tpl new file mode 100755 index 0000000..7b4094b --- /dev/null +++ b/charts/license-manager/templates/_helpers.tpl @@ -0,0 +1,32 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "login-service.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "login-service.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "login-service.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + diff --git a/charts/license-manager/templates/ingress.yaml b/charts/license-manager/templates/ingress.yaml new file mode 100755 index 0000000..aa8f6e6 --- /dev/null +++ b/charts/license-manager/templates/ingress.yaml @@ -0,0 +1,20 @@ + +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: gluu-ingress-license-manager + + annotations: + kubernetes.io/ingress.class: nginx + nginx.ingress.kubernetes.io/ssl-redirect: "false" + nginx.ingress.kubernetes.io/rewrite-target: /$2 +spec: + rules: + - host: {{ .Values.global.ep | quote }} + http: + paths: + - path: /secure(/|$)(.*) + backend: + serviceName: license-manager + servicePort: 5566 + diff --git a/charts/license-manager/templates/license-cm.yml b/charts/license-manager/templates/license-cm.yml new file mode 100755 index 0000000..ed19526 --- /dev/null +++ b/charts/license-manager/templates/license-cm.yml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: license-cm +data: + LICENSE_REALM: {{ .Values.global.realm | quote }} + LICENSE_AUTH_SERVER_URL: {{ .Values.global.domain | quote }} + LICENSE_SERVICE_HOST: {{ .Values.global.serviceHost | quote }} + LICENSE_SERVICE_PORT: {{ .Values.global.servicePort | quote }} + LICENSE_S_MARGIN_RPT_VALID: {{ .Values.global.margin | quote }} + LICENSE_CHECK_SSL_CERTS: {{ .Values.global.sslCerts | quote }} + LICENSE_USE_THREADS: {{ .Values.global.useThreads | quote }} + LICENSE_DEBUG_MODE: {{ .Values.global.debugMode | quote }} + LICENSE_RESOURCE_SERVER_ENDPOINT: {{ .Values.global.resourceServer | quote }} + LICENSE_API_RPT_UMA_VALIDATION: {{ .Values.global.umaValidation | quote }} + LICENSE_RPT_LIMIT_USES: {{ .Values.global.limitUses | quote }} + LICENSE_PDP_URL: {{ .Values.global.pdpUrl | quote }} + LICENSE_PDP_PORT: {{ .Values.global.pdpPort | quote }} + LICENSE_PDP_POLICY_ENDPOINT: {{ .Values.global.pdpPolicy | quote }} + LICENSE_VERIFY_SIGNATURE: {{ .Values.global.verifySignature | quote }} + LICENSE_PROXY_SERVICE_PORT: {{ .Values.global.proxyServicePort | quote }} + LICENSE_RESOURCES_SERVICE_PORT: {{ .Values.global.resourcesServicePort | quote }} \ No newline at end of file diff --git a/charts/license-manager/templates/license-deployment.yml b/charts/license-manager/templates/license-deployment.yml new file mode 100755 index 0000000..2db8371 --- /dev/null +++ b/charts/license-manager/templates/license-deployment.yml @@ -0,0 +1,52 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Values.global.license }} + labels: + app: {{ .Values.global.license }} +spec: + replicas: 1 + selector: + matchLabels: + app: {{ .Values.global.license }} + template: + metadata: + labels: + app: {{ .Values.global.license }} + spec: + containers: + - name: {{ .Values.global.license }} + imagePullPolicy: {{ .Values.image.imagePullPolicy }} + image: {{ .Values.image.image }} + ports: + - name: http-license + containerPort: 5566 + protocol: TCP + - name: https-license + containerPort: 443 + protocol: TCP + envFrom: + - configMapRef: + name: license-cm + - name: mongo + imagePullPolicy: {{ .Values.image.imagePullPolicy }} + image: mongo + ports: + - name: http-rp + containerPort: 27017 + protocol: TCP + envFrom: + - configMapRef: + name: license-cm + volumeMounts: + - mountPath: /data/db/ + sub_path: license-engine/db/resource + name: eoepca-license-pv-host + hostAliases: + - ip: {{ .Values.global.nginxIp }} + hostnames: + - {{ .Values.global.ep }} + volumes: + - name: eoepca-license-pv-host + persistentVolumeClaim: + claimName: eoepca-license-pvc diff --git a/charts/license-manager/templates/license-service.yml b/charts/license-manager/templates/license-service.yml new file mode 100755 index 0000000..4b7e220 --- /dev/null +++ b/charts/license-manager/templates/license-service.yml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.global.license }} + labels: + app: {{ .Values.global.license }} +spec: + type: NodePort + ports: + - port: 5566 + name: http-license + targetPort: 5566 + protocol: TCP + nodePort: 31707 + - port: 1025 + name: https-license + targetPort: 443 + protocol: TCP + selector: + app: {{ .Values.global.license }} + \ No newline at end of file diff --git a/charts/license-manager/templates/licenses-cm.yml b/charts/license-manager/templates/licenses-cm.yml new file mode 100755 index 0000000..ed19526 --- /dev/null +++ b/charts/license-manager/templates/licenses-cm.yml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: license-cm +data: + LICENSE_REALM: {{ .Values.global.realm | quote }} + LICENSE_AUTH_SERVER_URL: {{ .Values.global.domain | quote }} + LICENSE_SERVICE_HOST: {{ .Values.global.serviceHost | quote }} + LICENSE_SERVICE_PORT: {{ .Values.global.servicePort | quote }} + LICENSE_S_MARGIN_RPT_VALID: {{ .Values.global.margin | quote }} + LICENSE_CHECK_SSL_CERTS: {{ .Values.global.sslCerts | quote }} + LICENSE_USE_THREADS: {{ .Values.global.useThreads | quote }} + LICENSE_DEBUG_MODE: {{ .Values.global.debugMode | quote }} + LICENSE_RESOURCE_SERVER_ENDPOINT: {{ .Values.global.resourceServer | quote }} + LICENSE_API_RPT_UMA_VALIDATION: {{ .Values.global.umaValidation | quote }} + LICENSE_RPT_LIMIT_USES: {{ .Values.global.limitUses | quote }} + LICENSE_PDP_URL: {{ .Values.global.pdpUrl | quote }} + LICENSE_PDP_PORT: {{ .Values.global.pdpPort | quote }} + LICENSE_PDP_POLICY_ENDPOINT: {{ .Values.global.pdpPolicy | quote }} + LICENSE_VERIFY_SIGNATURE: {{ .Values.global.verifySignature | quote }} + LICENSE_PROXY_SERVICE_PORT: {{ .Values.global.proxyServicePort | quote }} + LICENSE_RESOURCES_SERVICE_PORT: {{ .Values.global.resourcesServicePort | quote }} \ No newline at end of file diff --git a/charts/license-manager/templates/pv.yaml b/charts/license-manager/templates/pv.yaml new file mode 100755 index 0000000..9815ee4 --- /dev/null +++ b/charts/license-manager/templates/pv.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: eoepca-license-pv-host + labels: + eoepca_type: userman +spec: + capacity: + storage: {{ .Values.persistence.dbStorageSize }} + accessModes: + - {{ .Values.persistence.accessModes }} + hostPath: + path: "/kubedata/userman" + type: {{ .Values.persistence.type }} \ No newline at end of file diff --git a/charts/license-manager/templates/pvc.yaml b/charts/license-manager/templates/pvc.yaml new file mode 100755 index 0000000..8ae7a74 --- /dev/null +++ b/charts/license-manager/templates/pvc.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: eoepca-license-pvc + namespace: {{ .Release.Namespace }} + labels: + eoepca_type: userman + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + accessModes: + - {{ .Values.persistence.accessModes }} + capacity: + storage: {{ .Values.persistence.dbStorageSize }} + resources: + requests: + storage: {{ .Values.persistence.dbStorageSize }} + selector: + matchLabels: + eoepca_type: userman diff --git a/charts/license-manager/values.yaml b/charts/license-manager/values.yaml new file mode 100755 index 0000000..3e5b77b --- /dev/null +++ b/charts/license-manager/values.yaml @@ -0,0 +1,52 @@ +# Default values for login-service. + +global: + namespace: default + serviceName: opendj + ep: demoexample.gluu.org + domain: https://demoexample.gluu.org + realm: eoepca + serviceHost: 0.0.0.0 + servicePort: 5566 + margin: 5 + sslCerts: "'false'" + useThreads: "'true'" + debugMode: "'true'" + resourceServer: http://ades/ + umaValidation: "'true'" + limitUses: 1 + pdpUrl: http://demoexample.gluu.org + pdpPort: 5567 + pdpPolicy: /policy/ + verifySignature: "'false'" + nginxIp: 10.0.2.15 + proxyServicePort: 5566 + resourcesServicePort: 5576 + + + +image: + statefulSetReplicas: 1 + imagePullPolicy: Always + image: eoepca/um-pep-engine:task203_1 +persistence: + accessModes: ReadWriteMany + dbStorageSize: 5Gi + type: DirectoryOrCreate + +config: + enabled: true + + +ingress: + enabled: true + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + path: / + hosts: + - demoexample.gluu.org + tls: + - secretName: tls-certificate + hosts: + - demoexample.gluu.org diff --git a/charts/login-service/Chart.yaml b/charts/login-service/Chart.yaml index a7ddaad..7388360 100644 --- a/charts/login-service/Chart.yaml +++ b/charts/login-service/Chart.yaml @@ -16,9 +16,9 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.5 +version: 0.9.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. -appVersion: 1 +appVersion: v1.0-RC diff --git a/charts/login-service/charts/opendj/Chart.yaml b/charts/login-service/charts/opendj/Chart.yaml index f661163..6032424 100644 --- a/charts/login-service/charts/opendj/Chart.yaml +++ b/charts/login-service/charts/opendj/Chart.yaml @@ -4,4 +4,4 @@ maintainers: - name: eoepca description: A Helm chart for Gluu server name: opendj -version: 1.1.0 \ No newline at end of file +version: 1.1.1 \ No newline at end of file diff --git a/charts/login-service/charts/opendj/values.yaml b/charts/login-service/charts/opendj/values.yaml index ae17919..a7356d9 100644 --- a/charts/login-service/charts/opendj/values.yaml +++ b/charts/login-service/charts/opendj/values.yaml @@ -38,7 +38,7 @@ persistence: statefulSetReplicas: 1 imagePullPolicy: Always restartPolicy: Never - image: eoepca/um-login-persistence:v0.3 + image: eoepca/um-login-persistence:v1.0-RC configAdapter: GLUU_CONFIG_ADAPTER adapter: "kubernetes" secretAdapter: GLUU_SECRET_ADAPTER diff --git a/charts/login-service/charts/oxauth/Chart.yaml b/charts/login-service/charts/oxauth/Chart.yaml index b075cee..d950c59 100755 --- a/charts/login-service/charts/oxauth/Chart.yaml +++ b/charts/login-service/charts/oxauth/Chart.yaml @@ -4,4 +4,4 @@ maintainers: - name: eoepca description: A Helm chart for Kubernetes name: oxauth -version: 1.1.0 +version: 1.1.1 diff --git a/charts/login-service/charts/oxauth/values.yaml b/charts/login-service/charts/oxauth/values.yaml index 57fa4a3..a521f12 100755 --- a/charts/login-service/charts/oxauth/values.yaml +++ b/charts/login-service/charts/oxauth/values.yaml @@ -8,9 +8,6 @@ image: tag: 4.1.1_03 pullPolicy: Always -# VolumeClaim values -volumeClaim: - storage: 50M falsure: "'false'" #ConfigMap values gluuLdapUrl: opendj:1636 @@ -31,7 +28,7 @@ persistence: statefulSetReplicas: 1 imagePullPolicy: Always restartPolicy: Never - image: eoepca/um-login-persistence:v0.3 + image: eoepca/um-login-persistence:v1.0-RC configAdapter: GLUU_CONFIG_ADAPTER adapter: "kubernetes" secretAdapter: GLUU_SECRET_ADAPTER @@ -69,6 +66,7 @@ readinessProbe: # VolumeClaim values volumeClaim: name: um-login-service-oxauth-pvc + storage: 50M #VolumeMounts volumeMounts: diff --git a/charts/pdp-engine/Chart.yaml b/charts/pdp-engine/Chart.yaml index 2198238..e992f0d 100644 --- a/charts/pdp-engine/Chart.yaml +++ b/charts/pdp-engine/Chart.yaml @@ -16,9 +16,9 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.3 +version: 0.9.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. -appVersion: 1.0 +appVersion: v1.0-RC diff --git a/charts/pdp-engine/values.yaml b/charts/pdp-engine/values.yaml index 397a593..1f08c88 100644 --- a/charts/pdp-engine/values.yaml +++ b/charts/pdp-engine/values.yaml @@ -18,7 +18,7 @@ global: image: statefulSetReplicas: 1 imagePullPolicy: IfNotPresent - image: eoepca/um-pdp-engine:latest + image: eoepca/um-pdp-engine:v1.0-RC persistence: accessModes: ReadWriteMany dbStorageSize: 5Gi diff --git a/charts/pep-engine/Chart.yaml b/charts/pep-engine/Chart.yaml index e47511d..9f57328 100644 --- a/charts/pep-engine/Chart.yaml +++ b/charts/pep-engine/Chart.yaml @@ -16,9 +16,9 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.6 +version: 0.9.1 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. -appVersion: 1.0 +appVersion: v1.0-RC diff --git a/charts/pep-engine/scripts/default-resources.json b/charts/pep-engine/scripts/default-resources.json new file mode 100644 index 0000000..3ee9a94 --- /dev/null +++ b/charts/pep-engine/scripts/default-resources.json @@ -0,0 +1,4 @@ +{ + "default_resources": [ + ] +} diff --git a/charts/pep-engine/templates/ingress.yaml b/charts/pep-engine/templates/ingress.yaml index 3513a74..f35dca5 100644 --- a/charts/pep-engine/templates/ingress.yaml +++ b/charts/pep-engine/templates/ingress.yaml @@ -8,13 +8,13 @@ metadata: kubernetes.io/ingress.class: nginx spec: rules: - - host: {{ .Values.global.proxyHost | quote }} + - host: {{ printf "%s.%s" .Values.context .Values.global.domain | quote }} http: paths: - path: / backend: serviceName: {{ .Values.global.pep }} - servicePort: 5566 + servicePort: {{ .Values.global.proxyServicePort }} --- apiVersion: extensions/v1beta1 kind: Ingress @@ -25,10 +25,10 @@ metadata: kubernetes.io/ingress.class: nginx spec: rules: - - host: {{ .Values.global.resourceHost | quote }} + - host: {{ printf "%s-pepapi.%s" .Values.context .Values.global.domain | quote }} http: paths: - path: / backend: serviceName: {{ .Values.global.pep }} - servicePort: 5576 + servicePort: {{ .Values.global.resourcesServicePort }} diff --git a/charts/pep-engine/templates/pep-cm.yml b/charts/pep-engine/templates/pep-cm.yml index 5480ea3..4d922dc 100755 --- a/charts/pep-engine/templates/pep-cm.yml +++ b/charts/pep-engine/templates/pep-cm.yml @@ -1,22 +1,36 @@ apiVersion: v1 kind: ConfigMap metadata: - name: pep-cm + name: {{ .Values.global.pep }}-cm data: PEP_REALM: {{ .Values.global.realm | quote }} - PEP_AUTH_SERVER_URL: {{ .Values.global.domain | quote }} + PEP_AUTH_SERVER_URL: https://{{ .Values.global.domain }} PEP_SERVICE_HOST: {{ .Values.global.serviceHost | quote }} - PEP_SERVICE_PORT: {{ .Values.global.servicePort | quote }} - PEP_S_MARGIN_RPT_VALID: {{ .Values.global.margin | quote }} - PEP_CHECK_SSL_CERTS: {{ .Values.global.sslCerts | quote }} - PEP_USE_THREADS: {{ .Values.global.useThreads | quote }} - PEP_DEBUG_MODE: {{ .Values.global.debugMode | quote }} - PEP_RESOURCE_SERVER_ENDPOINT: {{ .Values.global.resourceServer | quote }} - PEP_API_RPT_UMA_VALIDATION: {{ .Values.global.umaValidation | quote }} - PEP_RPT_LIMIT_USES: {{ .Values.global.limitUses | quote }} - PEP_PDP_URL: {{ .Values.global.pdpUrl | quote }} - PEP_PDP_PORT: {{ .Values.global.pdpPort | quote }} - PEP_PDP_POLICY_ENDPOINT: {{ .Values.global.pdpPolicy | quote }} - PEP_VERIFY_SIGNATURE: {{ .Values.global.verifySignature | quote }} + PEP_SERVICE_PORT: {{ .Values.global.proxyServicePort | quote }} + PEP_S_MARGIN_RPT_VALID: {{ .Values.configMap.margin | quote }} + PEP_CHECK_SSL_CERTS: {{ .Values.configMap.sslCerts | quote }} + PEP_USE_THREADS: {{ .Values.configMap.useThreads | quote }} + PEP_DEBUG_MODE: {{ .Values.configMap.debugMode | quote }} + PEP_RESOURCE_SERVER_ENDPOINT: {{ .Values.configMap.resourceServer | quote }} + PEP_API_RPT_UMA_VALIDATION: {{ .Values.configMap.umaValidation | quote }} + PEP_RPT_LIMIT_USES: {{ .Values.configMap.limitUses | quote }} + PEP_PDP_URL: http://{{ .Values.global.domain }} + PEP_PDP_PORT: {{ .Values.configMap.pdpPort | quote }} + PEP_PDP_POLICY_ENDPOINT: {{ .Values.configMap.pdpPolicy | quote }} + PEP_VERIFY_SIGNATURE: {{ .Values.configMap.verifySignature | quote }} PEP_PROXY_SERVICE_PORT: {{ .Values.global.proxyServicePort | quote }} - PEP_RESOURCES_SERVICE_PORT: {{ .Values.global.resourcesServicePort | quote }} \ No newline at end of file + PEP_RESOURCES_SERVICE_PORT: {{ .Values.global.resourcesServicePort | quote }} + PEP_DEFAULT_RESOURCE_PATH: {{ .Values.configMap.defaultResourcePath | quote }} + +--- + +apiVersion: v1 +kind: ConfigMap +metadata: + name: custom-resources +data: + {{ if .Files.Get "scripts/default-resources.json" }} + default-resources.json: {{ .Files.Get "scripts/default-resources.json" | quote }} + {{ else }} + {{ fail "you need to supply a default resource JSON file! add 'default-resources.json' to your chart 'scripts' directory." }} + {{ end }} \ No newline at end of file diff --git a/charts/pep-engine/templates/pep-deployment.yml b/charts/pep-engine/templates/pep-deployment.yml index 5b7237b..406a764 100755 --- a/charts/pep-engine/templates/pep-deployment.yml +++ b/charts/pep-engine/templates/pep-deployment.yml @@ -18,35 +18,58 @@ spec: - name: {{ .Values.global.pep }} imagePullPolicy: {{ .Values.image.imagePullPolicy }} image: {{ .Values.image.image }} + resources: + requests: + memory: {{ .Values.requests.serviceMemory }} + cpu: {{ .Values.requests.serviceCpu }} + livenessProbe: + tcpSocket: + port: {{ .Values.global.proxyServicePort }} + initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.livenessProbe.initialDelaySeconds }} + readinessProbe: + tcpSocket: + port: {{ .Values.global.proxyServicePort }} + initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.livenessProbe.initialDelaySeconds }} ports: - - name: proxy-pep - containerPort: 5566 - protocol: TCP - - name: resources-pep - containerPort: 5576 - protocol: TCP + {{- range $key, $value := .Values.ports }} + - containerPort: {{ $value.targetPort }} + name: {{ $key }} + protocol: {{ $value.type }} + {{- end }} envFrom: - configMapRef: - name: pep-cm + name: {{ .Values.global.pep }}-cm + volumeMounts: + - name: default-resources + mountPath: /data/ - name: mongo - imagePullPolicy: IfNotPresent + imagePullPolicy: {{ .Values.image.imagePullPolicy }} image: mongo + resources: + requests: + memory: {{ .Values.requests.dbMemory }} + cpu: {{ .Values.requests.dbCpu }} ports: - name: http-rp containerPort: 27017 protocol: TCP envFrom: - configMapRef: - name: pep-cm + name: {{ .Values.global.pep }}-cm volumeMounts: - mountPath: /data/db/ subPath: {{ .Values.global.pep }}/{{ .Values.context }}/data/db - name: vol-pep-engine + name: {{ .Values.volumeClaim.name }} hostAliases: - ip: {{ .Values.global.nginxIp }} hostnames: - - {{ .Values.global.ep }} + - {{ .Values.global.domain }} volumes: - - name: vol-pep-engine + - name: {{ .Values.volumeClaim.name }} persistentVolumeClaim: claimName: {{ .Values.volumeClaim.name }} + - name: default-resources + configMap: + name: custom-resources \ No newline at end of file diff --git a/charts/pep-engine/templates/pep-service.yml b/charts/pep-engine/templates/pep-service.yml index f8555c1..32f8bec 100755 --- a/charts/pep-engine/templates/pep-service.yml +++ b/charts/pep-engine/templates/pep-service.yml @@ -5,16 +5,12 @@ metadata: labels: app: {{ .Values.global.pep }} spec: - type: NodePort ports: - - port: 5566 - name: proxy-pep - targetPort: 5566 - protocol: TCP - nodePort: {{ .Values.global.proxyNodePort | default 31707 }} - - port: 5576 - name: resources-pep - targetPort: 5576 - protocol: TCP + {{- range $key, $value := .Values.ports }} + - port: {{ $value.port }} + targetPort: {{ $value.targetPort }} + protocol: {{ $value.type }} + name: {{ $key }} + {{- end }} selector: - app: {{ .Values.global.pep }} + app: {{ .Values.global.pep }} \ No newline at end of file diff --git a/charts/pep-engine/templates/pv.yaml b/charts/pep-engine/templates/pv.yaml new file mode 100644 index 0000000..b737fa0 --- /dev/null +++ b/charts/pep-engine/templates/pv.yaml @@ -0,0 +1,17 @@ +{{ if .Values.volumeClaim.create }} +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: {{ .Values.volumeClaim.name }} + labels: + eoepca_type: userman +spec: + capacity: + storage: {{ .Values.persistence.dbStorageSize }} + accessModes: + - {{ .Values.persistence.accessModes }} + hostPath: + path: "/data/" + type: {{ .Values.persistence.type }} +{{ end }} diff --git a/charts/pep-engine/templates/pvc.yaml b/charts/pep-engine/templates/pvc.yaml new file mode 100644 index 0000000..1ebf042 --- /dev/null +++ b/charts/pep-engine/templates/pvc.yaml @@ -0,0 +1,23 @@ +{{ if .Values.volumeClaim.create }} +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ .Values.volumeClaim.name }} + namespace: {{ .Release.Namespace }} + labels: + eoepca_type: userman + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + storageClassName: "" + accessModes: + - {{ .Values.persistence.accessModes }} + resources: + requests: + storage: {{ .Values.persistence.dbStorageSize }} + selector: + matchLabels: + eoepca_type: userman +{{ end }} diff --git a/charts/pep-engine/values.yaml b/charts/pep-engine/values.yaml index fed79ac..c515729 100644 --- a/charts/pep-engine/values.yaml +++ b/charts/pep-engine/values.yaml @@ -2,12 +2,25 @@ global: namespace: default - ep: demoexample.gluu.org - domain: https://demoexample.gluu.org + domain: demoexample.gluu.org pep: pep-engine realm: eoepca serviceHost: 0.0.0.0 - servicePort: 5566 + proxyServicePort: 5566 + resourcesServicePort: 5576 + nginxIp: 10.0.2.15 + +ports: + proxy-pep: + port: 5566 + targetPort: 5566 + type: TCP + resources-pep: + port: 5576 + targetPort: 5576 + type: TCP + +configMap: margin: 5 sslCerts: "'false'" useThreads: "'true'" @@ -15,45 +28,38 @@ global: resourceServer: http://ades/ umaValidation: "'true'" limitUses: 1 - pdpUrl: http://demoexample.gluu.org pdpPort: 5567 - pdpPolicy: /policy/ + pdpPolicy: /pdp/policy/ verifySignature: "'false'" - nginxIp: 10.0.2.15 - proxyServicePort: 5566 - resourcesServicePort: 5576 - proxyHost: http://demoexample.gluu.org/service - resourceHost: http://demoexample.gluu.org/res + defaultResourcePath: /data/default-resources.json +readinessProbe: + initialDelaySeconds: 1 + periodSeconds: 90 +livenessProbe: + initialDelaySeconds: 1 + periodSeconds: 90 +requests: + serviceCpu: 2m + serviceMemory: 50Mi + dbCpu: 3m + dbMemory: 150Mi image: statefulSetReplicas: 1 imagePullPolicy: Always - image: eoepca/um-pep-engine:v0.3.1 + image: eoepca/um-pep-engine:v1.0-RC persistence: accessModes: ReadWriteMany dbStorageSize: 5Gi type: DirectoryOrCreate -config: - enabled: true - +# The PEP context is used to distinguish PEP instances, +# e.g. PEP for ADES vs PEP for Catalogue etc. context: generic +# VolumeClaim values volumeClaim: name: um-pep-engine-pvc - - -ingress: - enabled: true - annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - path: / - hosts: - - demoexample.gluu.org - tls: - - secretName: tls-certificate - hosts: - - demoexample.gluu.org + create: true \ No newline at end of file diff --git a/charts/pricing-engine/Chart.yaml b/charts/pricing-engine/Chart.yaml new file mode 100644 index 0000000..58c107a --- /dev/null +++ b/charts/pricing-engine/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +name: pricing-engine +description: A Helm chart for Pricing Engine +maintainers: + - name: eoepca +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +appVersion: 1.0 \ No newline at end of file diff --git a/charts/pricing-engine/templates/_helpers.tpl b/charts/pricing-engine/templates/_helpers.tpl new file mode 100644 index 0000000..4c65c74 --- /dev/null +++ b/charts/pricing-engine/templates/_helpers.tpl @@ -0,0 +1,31 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "pricing-engine.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "pricing-engine.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "pricing-engine.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} \ No newline at end of file diff --git a/charts/pricing-engine/templates/ingress.yaml b/charts/pricing-engine/templates/ingress.yaml new file mode 100644 index 0000000..04b9c05 --- /dev/null +++ b/charts/pricing-engine/templates/ingress.yaml @@ -0,0 +1,18 @@ +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: gluu-ingress-pricing-engine + + annotations: + kubernetes.io/ingress.class: nginx + nginx.ingress.kubernetes.io/ssl-redirect: "false" + nginx.ingress.kubernetes.io/rewrite-target: /$2 +spec: + rules: + - host: {{ .Values.global.ep | quote }} + http: + paths: + - path: /pricing(/|$)(.*) + backend: + serviceName: pricing-engine + servicePort: 5570 \ No newline at end of file diff --git a/charts/pricing-engine/templates/pricing-cm.yml b/charts/pricing-engine/templates/pricing-cm.yml new file mode 100644 index 0000000..b9ffbad --- /dev/null +++ b/charts/pricing-engine/templates/pricing-cm.yml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: um-pricing-engine-config +data: + PRICING_AUTH_SERVER_URL: {{ .Values.global.auth_server_url | quote }} + PRICING_PREFIX: {{ .Values.global.prefix | quote }} + PRICING_HOST: {{ .Values.global.host | quote }} + PRICING_PORT: {{ .Values.global.port | quote }} + PRICING_CHECK_SSL_CERTS: {{ .Values.global.check_ssl_certs | quote }} + PRICING_DEBUG_MODE: {{ .Values.global.debug_mode | quote }} diff --git a/charts/pricing-engine/templates/pricing-deployment.yml b/charts/pricing-engine/templates/pricing-deployment.yml new file mode 100644 index 0000000..e21de87 --- /dev/null +++ b/charts/pricing-engine/templates/pricing-deployment.yml @@ -0,0 +1,52 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Values.global.pricing }} + labels: + app: {{ .Values.global.pricing }} +spec: + replicas: 1 + selector: + matchLabels: + app: {{ .Values.global.pricing }} + template: + metadata: + labels: + app: {{ .Values.global.pricing }} + spec: + containers: + - name: {{ .Values.global.pricing }} + imagePullPolicy: {{ .Values.image.imagePullPolicy }} + image: {{ .Values.image.image }} + ports: + - name: http-pricing + containerPort: 5570 + protocol: TCP + - name: https-pricing + containerPort: 443 + protocol: TCP + envFrom: + - configMapRef: + name: um-pricing-engine-config + - name: mongo + imagePullPolicy: {{ .Values.image.imagePullPolicy }} + image: mongo + ports: + - name: http-rp + containerPort: 27017 + protocol: TCP + envFrom: + - configMapRef: + name: um-pricing-engine-config + volumeMounts: + - mountPath: /data/db/ + sub_path: pricing-engine/db/item + name: eoepca-pricing-pv-host + hostAliases: + - ip: {{ .Values.global.nginxIp }} + hostnames: + - {{ .Values.global.ep }} + volumes: + - name: eoepca-pricing-pv-host + persistentVolumeClaim: + claimName: eoepca-pricing-pvc \ No newline at end of file diff --git a/charts/pricing-engine/templates/pricing-service.yml b/charts/pricing-engine/templates/pricing-service.yml new file mode 100644 index 0000000..a3ea571 --- /dev/null +++ b/charts/pricing-engine/templates/pricing-service.yml @@ -0,0 +1,20 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.global.pricing }} + labels: + app: {{ .Values.global.pricing }} +spec: + type: NodePort + ports: + - port: 5570 + name: http-pricing + targetPort: 5570 + protocol: TCP + nodePort: 31708 + - port: 1025 + name: https-pricing + targetPort: 443 + protocol: TCP + selector: + app: {{ .Values.global.pricing }} \ No newline at end of file diff --git a/charts/pricing-engine/templates/pv.yaml b/charts/pricing-engine/templates/pv.yaml new file mode 100644 index 0000000..2948e61 --- /dev/null +++ b/charts/pricing-engine/templates/pv.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: eoepca-pricing-pv-host + labels: + eoepca_type: userman +spec: + capacity: + storage: {{ .Values.persistence.dbStorageSize }} + accessModes: + - {{ .Values.persistence.accessModes }} + hostPath: + path: "/kubedata/userman" + type: {{ .Values.persistence.type }} \ No newline at end of file diff --git a/charts/pricing-engine/templates/pvc.yaml b/charts/pricing-engine/templates/pvc.yaml new file mode 100644 index 0000000..810693b --- /dev/null +++ b/charts/pricing-engine/templates/pvc.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: eoepca-pricing-pvc + namespace: {{ .Release.Namespace }} + labels: + eoepca_type: userman + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + accessModes: + - {{ .Values.persistence.accessModes }} + capacity: + storage: {{ .Values.persistence.dbStorageSize }} + resources: + requests: + storage: {{ .Values.persistence.dbStorageSize }} + selector: + matchLabels: + eoepca_type: userman \ No newline at end of file diff --git a/charts/pricing-engine/values.yaml b/charts/pricing-engine/values.yaml new file mode 100644 index 0000000..5a2149d --- /dev/null +++ b/charts/pricing-engine/values.yaml @@ -0,0 +1,28 @@ +# Default values for pricing-engine. + +global: + namespace: default + ep: test.10.0.2.15.nip.io + domain: https://test.10.0.2.15.nip.io + pricing: pricing-engine + auth_server_url: https://test.10.0.2.15.nip.io + prefix: / + host: 0.0.0.0 + port: 5570 + check_ssl_certs: "'false'" + debug_mode: "'true'" + nginxIp: 10.0.2.15 + + + +image: + statefulSetReplicas: 1 + imagePullPolicy: Always + image: eoepca/um-pricing-engine:latest +persistence: + accessModes: ReadWriteMany + dbStorageSize: 5Gi + type: DirectoryOrCreate + +config: + enabled: true \ No newline at end of file diff --git a/charts/rm-resource-catalogue/Chart.yaml b/charts/rm-resource-catalogue/Chart.yaml index 2191d6b..cfcbc62 100644 --- a/charts/rm-resource-catalogue/Chart.yaml +++ b/charts/rm-resource-catalogue/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 name: rm-resource-catalogue description: A Helm chart for Resource Catalogue -version: 0.1.5 +version: 0.3.1 appVersion: 2.6.0 diff --git a/charts/rm-resource-catalogue/templates/resource-catalogue-configmap.yaml b/charts/rm-resource-catalogue/templates/resource-catalogue-configmap.yaml index a4bb519..21255b5 100644 --- a/charts/rm-resource-catalogue/templates/resource-catalogue-configmap.yaml +++ b/charts/rm-resource-catalogue/templates/resource-catalogue-configmap.yaml @@ -18,6 +18,7 @@ data: {{ end }}{{ if .Values.pycsw.config.server.domaincounts }} domaincounts={{ .Values.pycsw.config.server.domaincounts }} {{ end }}{{ if .Values.pycsw.config.server.spatial_ranking }} spatial_ranking={{ .Values.pycsw.config.server.spatial_ranking }} {{ end }}{{ if .Values.pycsw.config.server.profiles }} profiles={{ .Values.pycsw.config.server.profiles }} +{{ end }}{{ if .Values.pycsw.config.server.workers }} workers={{ .Values.pycsw.config.server.workers }} {{ end }} [manager] {{ if .Values.pycsw.config.manager.transactions }} transactions={{ .Values.pycsw.config.manager.transactions }} diff --git a/charts/rm-resource-catalogue/templates/resource-catalogue-deployment.yaml b/charts/rm-resource-catalogue/templates/resource-catalogue-deployment.yaml index 015319c..fe77c9b 100644 --- a/charts/rm-resource-catalogue/templates/resource-catalogue-deployment.yaml +++ b/charts/rm-resource-catalogue/templates/resource-catalogue-deployment.yaml @@ -24,6 +24,7 @@ spec: - name: PYCSW_REPOSITORY_DATABASE_URI value: {{ .Values.pycsw.config.repository.database }} image: {{ .Values.pycsw.image }} + imagePullPolicy: "Always" name: pycsw ports: - containerPort: {{ .Values.pycsw.container_port }} diff --git a/charts/rm-user-workspace/Chart.lock b/charts/rm-user-workspace/Chart.lock index 8c05f7c..a6d3725 100644 --- a/charts/rm-user-workspace/Chart.lock +++ b/charts/rm-user-workspace/Chart.lock @@ -4,6 +4,6 @@ dependencies: version: 1.1.5 - name: rm-resource-catalogue repository: file://../rm-resource-catalogue - version: 0.1.5 -digest: sha256:1d46e16ffc56ba4bd1f5d628ffd48466c7c1fc77bcba28d0a9725d2598e8d9e1 -generated: "2021-05-28T14:25:01.486639177+01:00" + version: 0.3.1 +digest: sha256:c667ac1e77da2820aef79c339b7bd352d36a7e81fab6dbdf112f1550dd25db7f +generated: "2021-06-12T13:26:17.789915332+03:00" diff --git a/charts/rm-user-workspace/Chart.yaml b/charts/rm-user-workspace/Chart.yaml index 150be9b..83a1d16 100644 --- a/charts/rm-user-workspace/Chart.yaml +++ b/charts/rm-user-workspace/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.13 +version: 0.0.28 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to @@ -29,5 +29,5 @@ dependencies: repository: "https://charts-public.hub.eox.at/" - name: "rm-resource-catalogue" - version: 0.1.5 + version: 0.3.1 repository: "file://../rm-resource-catalogue" diff --git a/charts/rm-user-workspace/values.yaml b/charts/rm-user-workspace/values.yaml index 4258db5..89b9b59 100644 --- a/charts/rm-user-workspace/values.yaml +++ b/charts/rm-user-workspace/values.yaml @@ -319,7 +319,7 @@ rm-resource-catalogue: config: server: home: /home/pycsw - url: http://resource-catalogue.user.185.52.193.87.nip.io/ + url: https://resource-catalogue.user.185.52.193.87.nip.io/ mimetype: application/xml; charset=UTF-8 encoding: UTF-8 language: en-US @@ -334,6 +334,7 @@ rm-resource-catalogue: # domaincounts: true # spatial_ranking: true profiles: apiso + # workers: 2 manager: transactions: "false" allowed_ips: 127.0.0.1 diff --git a/charts/storage/Chart.yaml b/charts/storage/Chart.yaml index 1c750f8..4e8e900 100644 --- a/charts/storage/Chart.yaml +++ b/charts/storage/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.4 +version: 0.1.7 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/charts/storage/templates/resource-management.yaml b/charts/storage/templates/resource-management.yaml index 1c8910e..022d14b 100644 --- a/charts/storage/templates/resource-management.yaml +++ b/charts/storage/templates/resource-management.yaml @@ -40,6 +40,7 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: name: eoepca-resman-pvc + namespace: rm labels: eoepca-type: resman spec: diff --git a/charts/user-profile/Chart.yaml b/charts/user-profile/Chart.yaml index 5fc9cfd..0372222 100644 --- a/charts/user-profile/Chart.yaml +++ b/charts/user-profile/Chart.yaml @@ -16,9 +16,9 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.1 +version: 0.9.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. -appVersion: 1.0 +appVersion: v0.3 diff --git a/charts/user-profile/values.yaml b/charts/user-profile/values.yaml index dfcf186..17d6637 100644 --- a/charts/user-profile/values.yaml +++ b/charts/user-profile/values.yaml @@ -33,7 +33,7 @@ global: image: statefulSetReplicas: 1 imagePullPolicy: Always - image: eoepca/um-user-profile:latest + image: eoepca/um-user-profile:v0.3 persistence: accessModes: ReadWriteMany dbStorageSize: 5Gi