diff --git a/charts/zeppelin/.helmignore b/charts/zeppelin/.helmignore new file mode 100644 index 00000000000..0e8a0eb36f4 --- /dev/null +++ b/charts/zeppelin/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/zeppelin/Chart.yaml b/charts/zeppelin/Chart.yaml new file mode 100644 index 00000000000..3f129f967d7 --- /dev/null +++ b/charts/zeppelin/Chart.yaml @@ -0,0 +1,15 @@ +apiVersion: v2 + +name: zeppelin + +description: A Helm chart for deploying Apache Zeppelin on Kubernetes. + +type: application + +version: 0.1.0 + +appVersion: 0.11.2 + +maintainers: +- name: ChenYi015 + email: github@chenyicn.net diff --git a/charts/zeppelin/README.md b/charts/zeppelin/README.md new file mode 100644 index 00000000000..b7a69d9e6f3 --- /dev/null +++ b/charts/zeppelin/README.md @@ -0,0 +1,52 @@ +# zeppelin + +![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.11.2](https://img.shields.io/badge/AppVersion-0.11.2-informational?style=flat-square) + +A Helm chart for deploying Apache Zeppelin on Kubernetes. + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| nameOverride | string | `""` | String to partially override release name. | +| fullnameOverride | string | `""` | String to fully override release name. | +| global.image.registry | string | `"docker.io"` | Image registry. | +| global.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy. | +| global.image.pullSecrets | list | `[]` | Image pull secrets for private image registry. | +| server.image.registry | string | If not set, `global.image.registry` will be used. | Zeppelin server image registry. | +| server.image.repository | string | `"apache/zeppelin"` | Zeppelin server image repository. | +| server.image.tag | string | If not set, the chart appVersion will be used. | Zeppelin image tag. | +| server.serviceAccount.create | bool | `true` | Specifies whether a service account should be created for the Zeppelin server. | +| server.serviceAccount.name | string | `""` | Optional name for the Zeppelin server service account. | +| server.serviceAccount.annotations | object | `{}` | Extra annotations for the Zeppelin server service account. | +| interpreter.image.registry | string | If not set, `global.image.registry` will be used. | Zeppelin interpreter image registry. | +| interpreter.image.repository | string | `"apache/zeppelin-interpreter"` | Zeppelin interpreter image repository. | +| interpreter.image.tag | string | If not set, the chart appVersion will be used. | Zeppelin interpreter image tag. | +| interpreter.serviceAccount.serviceAccount | string | `nil` | | +| interpreter.serviceAccount.create | bool | `true` | Specifies whether a service account should be created for the Zeppelin interpreter. | +| interpreter.serviceAccount.name | string | `""` | Optional name for the Zeppelin interpreter service account. | +| interpreter.serviceAccount.annotations | object | `{}` | Extra annotations for the Zeppelin interpreter service account. | +| spark.image.registry | string | If not set, `global.image.registry` will be used. | Spark image registry. | +| spark.image.repository | string | `"spark"` | Spark image repository. | +| spark.image.tag | string | `"3.5.3"` | Spark image tag. | +| replicas | int | `1` | | +| labels | object | `{}` | Extra labels for controller pods. | +| annotations | object | `{}` | Extra annotations for controller pods. | +| volumes | list | `[]` | Volumes for controller pods. | +| nodeSelector | object | `{}` | Node selector for controller pods. | +| affinity | object | `{}` | Affinity for controller pods. | +| tolerations | list | `[]` | List of node taints to tolerate for controller pods. | +| priorityClassName | string | `""` | Priority class for controller pods. | +| podSecurityContext | object | `{}` | Security context for controller pods. | +| env | list | `[]` | Environment variables for controller containers. | +| envFrom | list | `[]` | Environment variable sources for controller containers. | +| volumeMounts | list | `[]` | Volume mounts for controller containers. | +| resources | object | `{}` | Pod resource requests and limits for controller containers. | +| securityContext | object | `{}` | Security context for controller containers. | +| service.type | string | `"ClusterIP"` | | + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| ChenYi015 | | | diff --git a/charts/zeppelin/README.md.gotmpl b/charts/zeppelin/README.md.gotmpl new file mode 100644 index 00000000000..6b734a1a0ee --- /dev/null +++ b/charts/zeppelin/README.md.gotmpl @@ -0,0 +1,13 @@ +{{ template "chart.header" . }} + +{{ template "chart.deprecationWarning" . }} + +{{ template "chart.badgesSection" . }} + +{{ template "chart.description" . }} + +{{ template "chart.homepageLine" . }} + +{{ template "chart.valuesSection" . }} + +{{ template "chart.maintainersSection" . }} diff --git a/charts/zeppelin/templates/_helpers.tpl b/charts/zeppelin/templates/_helpers.tpl new file mode 100644 index 00000000000..4384debc9be --- /dev/null +++ b/charts/zeppelin/templates/_helpers.tpl @@ -0,0 +1,95 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "zeppelin.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "zeppelin.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "zeppelin.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "zeppelin.labels" -}} +helm.sh/chart: {{ include "zeppelin.chart" . }} +{{ include "zeppelin.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "zeppelin.selectorLabels" -}} +app.kubernetes.io/name: {{ include "zeppelin.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the configmap to use +*/}} +{{- define "zeppelin.configMapName" -}} +{{- include "zeppelin.fullname" . }}-conf +{{- end -}} + +{{/* +Create the name of the nginx configmap to use +*/}} +{{- define "zeppelin.nginxConfigMapName" -}} +{{- include "zeppelin.fullname" . }}-nginx-conf +{{- end -}} + +{{/* +Create the name of the Zeppelin image to use +*/}} +{{- define "zeppelin.server.image" -}} +{{- $imageRegistry := .Values.server.image.registry | default .Values.global.image.registry | default "docker.io" }} +{{- $imageRepository := .Values.server.image.repository | default "apache/zeppelin" }} +{{- $imageTag := .Values.server.image.tag | default "latest" }} +{{- printf "%s/%s:%s" $imageRegistry $imageRepository $imageTag }} +{{- end -}} + +{{/* +Create the name of the Zeppelin interpreter image to use +*/}} +{{- define "zeppelin.interpreter.image" -}} +{{- $imageRegistry := .Values.interpreter.image.registry | default .Values.global.image.registry | default "docker.io" }} +{{- $imageRepository := .Values.interpreter.image.repository | default "apache/zeppelin" }} +{{- $imageTag := .Values.interpreter.image.tag | default "latest" }} +{{- printf "%s/%s:%s" $imageRegistry $imageRepository $imageTag }} +{{- end -}} + +{{/* +Create the name of the Spark image to use +*/}} +{{- define "zeppelin.spark.image" -}} +{{- $imageRegistry := .Values.spark.image.registry | default .Values.global.image.registry | default "docker.io" }} +{{- $imageRepository := .Values.spark.image.repository | default "spark" }} +{{- $imageTag := .Values.spark.image.tag | default "latest" }} +{{- printf "%s/%s:%s" $imageRegistry $imageRepository $imageTag }} +{{- end -}} diff --git a/charts/zeppelin/templates/interpreter/_helpers.tpl b/charts/zeppelin/templates/interpreter/_helpers.tpl new file mode 100644 index 00000000000..4fbb7ed70ca --- /dev/null +++ b/charts/zeppelin/templates/interpreter/_helpers.tpl @@ -0,0 +1,55 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{/* +Create the name of Zeppelin interpreter. +*/}} +{{- define "zeppelin.interpreter.name" -}} +{{- include "zeppelin.fullname" . }}-interpreter +{{- end -}} + +{{/* +Create the name of the service account for Zeppelin interpreter. +*/}} +{{- define "zeppelin.interpreter.serviceAccountName" -}} +{{- if .Values.interpreter.serviceAccount.create }} +{{- default (include "zeppelin.interpreter.name" .) .Values.interpreter.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.interpreter.serviceAccount.name }} +{{- end }} +{{- end -}} + +{{/* +Create the name of the role for Zeppelin interpreter. +*/}} +{{- define "zeppelin.interpreter.roleName" -}} +{{- include "zeppelin.interpreter.serviceAccountName" . }} +{{- end -}} + +{{/* +Create the name of the role binding for Zeppelin interpreter. +*/}} +{{- define "zeppelin.interpreter.roleBindingName" -}} +{{- include "zeppelin.interpreter.serviceAccountName" . }} +{{- end -}} + +{{/* +Create the name of the config map for Zeppelin interpreter. +*/}} +{{- define "zeppelin.interpreter.configMapName" -}} +{{- include "zeppelin.interpreter.name" . }}-conf +{{- end -}} diff --git a/charts/zeppelin/templates/interpreter/configmap.yaml b/charts/zeppelin/templates/interpreter/configmap.yaml new file mode 100644 index 00000000000..08d5237107a --- /dev/null +++ b/charts/zeppelin/templates/interpreter/configmap.yaml @@ -0,0 +1,203 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "zeppelin.interpreter.configMapName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "zeppelin.labels" . | nindent 4 }} +data: + interpreter-spec.yaml: | + # + # Licensed to the Apache Software Foundation (ASF) under one or more + # contributor license agreements. See the NOTICE file distributed with + # this work for additional information regarding copyright ownership. + # The ASF licenses this file to You under the Apache License, Version 2.0 + # (the "License"); you may not use this file except in compliance with + # the License. You may obtain a copy of the License at + # + # http://www.apache.org/licenses/LICENSE-2.0 + # + # Unless required by applicable law or agreed to in writing, software + # distributed under the License is distributed on an "AS IS" BASIS, + # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + # See the License for the specific language governing permissions and + # limitations under the License. + # + + apiVersion: v1 + kind: Pod + metadata: + name: {{ "{{" }} zeppelin.k8s.interpreter.pod.name {{ "}}" }} + namespace: {{ "{{" }} zeppelin.k8s.interpreter.namespace {{ "}}" }} + labels: + app: {{ "{{" }} zeppelin.k8s.interpreter.pod.name {{ "}}" }} + interpreterGroupId: {{ "{{" }} zeppelin.k8s.interpreter.group.id {{ "}}" }} + interpreterSettingName: {{ "{{" }} zeppelin.k8s.interpreter.setting.name {{ "}}" }} + user: {{ "{{" }} zeppelin.k8s.interpreter.user {{ "}}" }} + {% if zeppelin.k8s.server.uid is defined %} + ownerReferences: + - apiVersion: v1 + kind: Pod + name: {{ "{{" }} zeppelin.k8s.server.pod.name }} + controller: false + blockOwnerDeletion: false + uid: {{ "{{" }} zeppelin.k8s.server.uid }} + {% endif %} + spec: + serviceAccountName: {{ "{{" }} include "zeppelin.interpreter.serviceAccountName" . }} + {% if zeppelin.k8s.interpreter.group.name == "spark" %} + automountServiceAccountToken: true + {% else %} + automountServiceAccountToken: false + {% endif %} + restartPolicy: Never + terminationGracePeriodSeconds: 30 + containers: + - name: {{ "{{" }} zeppelin.k8s.interpreter.container.name {{ "}}" }} + image: {{ "{{" }} zeppelin.k8s.interpreter.container.image {{ "}}" }} + {% if zeppelin.k8s.interpreter.container.imagePullPolicy is defined %} + imagePullPolicy: {{ "{{" }} zeppelin.k8s.interpreter.container.imagePullPolicy {{ "}}" }} + {% endif %} + args: + - "$(ZEPPELIN_HOME)/bin/interpreter.sh" + - "-d" + - "$(ZEPPELIN_HOME)/interpreter/{{ "{{" }} zeppelin.k8s.interpreter.group.name {{ "}}" }}" + - "-r" + - "{{ "{{" }} zeppelin.k8s.interpreter.rpc.portRange {{ "}}" }}" + - "-c" + - "{{ "{{" }} zeppelin.k8s.server.rpc.service {{ "}}" }}" + - "-p" + - "{{ "{{" }} zeppelin.k8s.server.rpc.portRange {{ "}}" }} + - "-i" + - "{{ "{{" }} zeppelin.k8s.interpreter.group.id {{ "}}" }}" + - "-l" + - "{{ "{{" }} zeppelin.k8s.interpreter.localRepo {{ "}}" }}/{{ "{{" }} zeppelin.k8s.interpreter.setting.name {{ "}}" }}" + - "-g" + - "{{ "{{" }} zeppelin.k8s.interpreter.setting.name {{ "}}" }}" + env: + {% for key, value in zeppelin.k8s.envs.items() %} + - name: {{ "{{" }} key {{ "}}" }} + value: {{ "{{" }} value {{ "}}" }} + {% endfor %} + {% if zeppelin.k8s.interpreter.cores is defined and zeppelin.k8s.interpreter.memory is defined %} + resources: + requests: + memory: "{{ "{{" }} zeppelin.k8s.interpreter.memory {{ "}}" }}" + cpu: "{{ "{{" }} zeppelin.k8s.interpreter.cores {{ "}}" }}" + {# limits.memory is not set because of a potential OOM-Killer. https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#requests-and-limits #} + limits: + cpu: "{{ "{{" }} zeppelin.k8s.interpreter.cores {{ "}}" }}" + {% if zeppelin.k8s.interpreter.gpu.type is defined and zeppelin.k8s.interpreter.gpu.nums is defined %} + {{ "{{" }} zeppelin.k8s.interpreter.gpu.type {{ "}}" }}: " {{ "{{" }} zeppelin.k8s.interpreter.gpu.nums {{ "}}" }}" + {% endif %} + {% else %} + {% if zeppelin.k8s.interpreter.gpu.type is defined and zeppelin.k8s.interpreter.gpu.nums is defined %} + resources: + limits: + {{ "{{" }} zeppelin.k8s.interpreter.gpu.type {{ "}}" }}: " {{ "{{" }} zeppelin.k8s.interpreter.gpu.nums {{ "}}" }}" + {% endif %} + {% endif %} + {% if zeppelin.k8s.interpreter.group.name == "spark" %} + volumeMounts: + - name: spark-home + mountPath: /spark + initContainers: + - name: spark-home-init + image: {{ "{{" }} zeppelin.k8s.spark.container.image {{ "}}" }} + {% if zeppelin.k8s.spark.container.imagePullPolicy is defined %} + imagePullPolicy: {{ "{{" }} zeppelin.k8s.spark.container.imagePullPolicy {{ "}}" }} + {% endif %} + command: ["sh", "-c", "cp -r /opt/spark/* /spark/"] + volumeMounts: + - name: spark-home + mountPath: /spark + {% if zeppelin.k8s.interpreter.imagePullSecrets is defined %} + imagePullSecrets: + {% for secret in zeppelin.k8s.interpreter.imagePullSecrets.split(',') %} + - name: {{ "{{" }} secret {{ "}}" }} + {% endfor %} + {% endif %} + volumes: + - name: spark-home + emptyDir: {} + {% endif %} + + --- + apiVersion: v1 + kind: Service + metadata: + name: {{ "{{" }} zeppelin.k8s.interpreter.pod.name {{ "}}" }} + namespace: {{ "{{" }} zeppelin.k8s.interpreter.namespace {{ "}}" }} + {% if zeppelin.k8s.server.uid is defined %} + ownerReferences: + - apiVersion: v1 + controller: false + blockOwnerDeletion: false + kind: Pod + name: {{ "{{" }} zeppelin.k8s.server.pod.name {{ "}}" }} + uid: {{ "{{" }} zeppelin.k8s.server.uid {{ "}}" }} + {% endif %} + spec: + clusterIP: None + ports: + - name: intp + port: 12321 + {% if zeppelin.k8s.interpreter.group.name == "spark" %} + - name: spark-driver + port: 22321 + - name: spark-blockmanager + port: 22322 + - name: spark-ui + port: 4040 + {% endif %} + selector: + app: {{ "{{" }} zeppelin.k8s.interpreter.pod.name {{ "}}" }} + {% if zeppelin.k8s.interpreter.group.name == "spark" %} + + --- + # create ingress of spark UI + apiVersion: networking.k8s.io/v1 + kind: Ingress + metadata: + name: spark-ui-{{ "{{" }} zeppelin.k8s.interpreter.pod.name {{ "}}" }} + namespace: {{ "{{" }} zeppelin.k8s.interpreter.namespace {{ "}}" }} + {% if zeppelin.k8s.server.uid is defined %} + ownerReferences: + - apiVersion: v1 + controller: false + blockOwnerDeletion: false + kind: Pod + name: {{ "{{" }} zeppelin.k8s.server.pod.name {{ "}}" }} + uid: {{ "{{" }} zeppelin.k8s.server.uid {{ "}}" }} + {% endif %} + spec: + rules: + - host: {{ "{{" }} zeppelin.k8s.spark.ingress.host {{ "}}" }} + http: + paths: + - pathType: Prefix + path: "/" + backend: + service: + name: {{ "{{" }} zeppelin.k8s.interpreter.pod.name {{ "}}" }} + port: + number: 4040 + {% endif %} + {% endif %} diff --git a/charts/zeppelin/templates/interpreter/role.yaml b/charts/zeppelin/templates/interpreter/role.yaml new file mode 100644 index 00000000000..69ff9220f95 --- /dev/null +++ b/charts/zeppelin/templates/interpreter/role.yaml @@ -0,0 +1,36 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "zeppelin.interpreter.roleName" . }} + namespace: {{ .Release.Namespace }} +rules: +- apiGroups: + - "" + resources: + - pods + - configmaps + - services + verbs: + - get + - list + - watch + - create + - update + - delete \ No newline at end of file diff --git a/charts/zeppelin/templates/interpreter/rolebinding.yaml b/charts/zeppelin/templates/interpreter/rolebinding.yaml new file mode 100644 index 00000000000..b9d23d7d66d --- /dev/null +++ b/charts/zeppelin/templates/interpreter/rolebinding.yaml @@ -0,0 +1,29 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "zeppelin.interpreter.roleBindingName" . }} + namespace: {{ .Release.Namespace }} +subjects: +- kind: ServiceAccount + name: {{ include "zeppelin.interpreter.serviceAccountName" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "zeppelin.interpreter.roleName" . }} \ No newline at end of file diff --git a/charts/zeppelin/templates/interpreter/serviceaccount.yaml b/charts/zeppelin/templates/interpreter/serviceaccount.yaml new file mode 100644 index 00000000000..08efae88dfd --- /dev/null +++ b/charts/zeppelin/templates/interpreter/serviceaccount.yaml @@ -0,0 +1,30 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{ if .Values.interpreter.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "zeppelin.interpreter.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "zeppelin.labels" . | nindent 4 }} + {{- with .Values.interpreter.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/zeppelin/templates/server/_helpers.tpl b/charts/zeppelin/templates/server/_helpers.tpl new file mode 100644 index 00000000000..8651aa15496 --- /dev/null +++ b/charts/zeppelin/templates/server/_helpers.tpl @@ -0,0 +1,78 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{/* +Create the name of Zeppelin server. +*/}} +{{- define "zeppelin.server.name" -}} +{{- include "zeppelin.fullname" . }}-server +{{- end -}} + +{{/* +Common labels for Zeppelin server. +*/}} +{{- define "zeppelin.server.labels" -}} +{{ include "zeppelin.labels" . }} +app.kubernetes.io/component: zeppelin-server +{{- end }} + +{{/* +Selector labels for Zeppelin server. +*/}} +{{- define "zeppelin.server.selectorLabels" -}} +{{ include "zeppelin.selectorLabels" . }} +app.kubernetes.io/component: zeppelin-server +{{- end }} + +{{/* +Create the name of the service account for Zeppelin server. +*/}} +{{- define "zeppelin.server.serviceAccountName" -}} +{{- if .Values.server.serviceAccount.create }} +{{- default (include "zeppelin.server.name" .) .Values.server.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.server.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +Create the name of the role for Zeppelin server. +*/}} +{{- define "zeppelin.server.roleName" -}} +{{- include "zeppelin.server.serviceAccountName" . }} +{{- end -}} + +{{/* +Create the name of the role binding for Zeppelin server. +*/}} +{{- define "zeppelin.server.roleBindingName" -}} +{{- include "zeppelin.server.serviceAccountName" . }} +{{- end -}} + +{{/* +Create the name of the deployment for Zeppelin server. +*/}} +{{- define "zeppelin.server.deploymentName" -}} +{{- include "zeppelin.server.name" . }} +{{- end -}} + +{{/* +Create the name of the service for Zeppelin server. +*/}} +{{- define "zeppelin.server.serviceName" -}} +{{ include "zeppelin.server.name" . }}-svc +{{- end -}} diff --git a/charts/zeppelin/templates/server/deployment.yaml b/charts/zeppelin/templates/server/deployment.yaml new file mode 100644 index 00000000000..ce50e71b4d7 --- /dev/null +++ b/charts/zeppelin/templates/server/deployment.yaml @@ -0,0 +1,163 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "zeppelin.server.deploymentName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "zeppelin.server.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.replicas }} + selector: + matchLabels: + {{- include "zeppelin.server.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "zeppelin.server.selectorLabels" . | nindent 8 }} + {{- with .Values.annotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + containers: + - name: zeppelin-server + image: {{ include "zeppelin.server.image" . }} + {{- with .Values.global.image.pullPolicy }} + imagePullPolicy: {{ . }} + {{- end }} + command: + - sh + - -c + - $(ZEPPELIN_HOME)/bin/zeppelin.sh + env: + - name: POD_UID + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.uid + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + {{- with .Values.env }} + {{- toYaml . | nindent 8 }} + {{- end }} + envFrom: + - configMapRef: + name: {{ include "zeppelin.configMapName" . }} + volumeMounts: + - name: zeppelin-interpreter-conf + mountPath: /opt/zeppelin/k8s/interpreter + ports: + - name: http + containerPort: 8080 + - name: https + containerPort: 8443 + - name: rpc + containerPort: 12320 + lifecycle: + preStop: + exec: + # SIGTERM triggers a quick exit; gracefully terminate instead + command: + - sh + - -c + - "ps -ef | grep org.apache.zeppelin.server.ZeppelinServer | grep -v grep | awk '{print $2}' | xargs kill" + {{- with .Values.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.securityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} + - name: zeppelin-server-gateway + image: nginx:1.14.0 + env: + - name: SERVICE_DOMAIN + valueFrom: + configMapKeyRef: + name: {{ include "zeppelin.configMapName" . }} + key: SERVICE_DOMAIN + command: + - bin/sh + - -c + args: + - cp -f /tmp/conf/nginx.conf /etc/nginx/nginx.conf; + sed -i -e "s/SERVICE_DOMAIN/$SERVICE_DOMAIN/g" /etc/nginx/nginx.conf; + sed -i -e "s/NAMESPACE/$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace)/g" /etc/nginx/nginx.conf; + cat /etc/nginx/nginx.conf; + /usr/sbin/nginx + volumeMounts: + - name: nginx-conf + mountPath: /tmp/conf + lifecycle: + preStop: + exec: + command: + - /usr/sbin/nginx + - -s + - quit + - name: dnsmasq + image: janeczku/go-dnsmasq:release-1.0.5 + args: + - --listen + - 127.0.0.1:53 + - --default-resolver + - --append-search-domains + - --hostsfile=/etc/hosts + - --verbose + volumes: + - name: zeppelin-interpreter-conf + configMap: + name: {{ include "zeppelin.interpreter.configMapName" . }} + items: + - key: interpreter-spec.yaml + path: interpreter-spec.yaml + mode: 400 + optional: false + - name: nginx-conf + configMap: + name: {{ include "zeppelin.nginxConfigMapName" . }} + items: + - key: nginx.conf + path: nginx.conf + {{- with .Values.global.image.pullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "zeppelin.server.serviceAccountName" . }} + {{- with .Values.podSecurityContext }} + securityContext: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/zeppelin/templates/server/env-configmap.yaml b/charts/zeppelin/templates/server/env-configmap.yaml new file mode 100644 index 00000000000..d3270be1cf4 --- /dev/null +++ b/charts/zeppelin/templates/server/env-configmap.yaml @@ -0,0 +1,50 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "zeppelin.configMapName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "zeppelin.labels" . | nindent 4 }} +data: + # 'serviceDomain' is a Domain name to use for accessing Zeppelin UI. + # Should point IP address of 'zeppelin-server' service. + # + # Wildcard subdomain need to be point the same IP address to access service inside of Pod (such as SparkUI). + # i.e. if service domain is 'local.zeppelin-project.org', DNS configuration should make 'local.zeppelin-project.org' and '*.local.zeppelin-project.org' point the same address. + # + # Default value is 'local.zeppelin-project.org' while it points 127.0.0.1 and `kubectl port-forward zeppelin-server` will give localhost to connects. + # If you have your ingress controller configured to connect to `zeppelin-server` service and have a domain name for it (with wildcard subdomain point the same address), you can replace serviceDomain field with your own domain. + SERVICE_DOMAIN: local.zeppelin-project.org:8080 + + ZEPPELIN_PORT: "8080" + + ZEPPELIN_K8S_SPARK_CONTAINER_IMAGE: {{ include "zeppelin.spark.image" . }} + + ZEPPELIN_K8S_CONTAINER_IMAGE: {{ include "zeppelin.interpreter.image" . }} + + ZEPPELIN_HOME: /opt/zeppelin + + ZEPPELIN_SERVER_RPC_PORTRANGE: 12320:12320 + + # default value of 'master' property for spark interpreter. + SPARK_MASTER: k8s://https://kubernetes.default.svc + + # default value of 'SPARK_HOME' property for spark interpreter. + SPARK_HOME: /spark diff --git a/charts/zeppelin/templates/server/nginx-conf.yaml b/charts/zeppelin/templates/server/nginx-conf.yaml new file mode 100644 index 00000000000..997a1c9188b --- /dev/null +++ b/charts/zeppelin/templates/server/nginx-conf.yaml @@ -0,0 +1,69 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "zeppelin.nginxConfigMapName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "zeppelin.labels" . | nindent 4 }} +data: + nginx.conf: | + daemon off; + worker_processes auto; + events { + worker_connections 1024; + } + http { + map $http_upgrade $connection_upgrade { + default upgrade; + '' close; + } + + # first server block will be default. Proxy zeppelin server. + server { + listen 80; + location / { + proxy_pass http://localhost:8080; + proxy_set_header Host $host; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + proxy_redirect http://localhost $scheme://SERVICE_DOMAIN; + } + } + + # match request domain [port]-[service].[serviceDomain] + # proxy extra service such as spark-ui + server { + listen 80; + server_name "~(?[0-9]+)-(?[^.]*)\.(.*)"; + location / { + resolver 127.0.0.1:53 ipv6=off; + proxy_pass http://$svc_name.NAMESPACE.svc:$svc_port; + proxy_set_header Host $host; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + proxy_redirect http://localhost $scheme://SERVICE_DOMAIN; + + # redirect rule for spark ui. 302 redirect response misses port number of service domain + proxy_redirect ~(http:[/]+[0-9]+[-][^-]+[-][^.]+)[^/]+(\/jobs.*) $1.SERVICE_DOMAIN$2; + } + } + } diff --git a/charts/zeppelin/templates/server/role.yaml b/charts/zeppelin/templates/server/role.yaml new file mode 100644 index 00000000000..9eb3dfc88d3 --- /dev/null +++ b/charts/zeppelin/templates/server/role.yaml @@ -0,0 +1,56 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.server.serviceAccount.create -}} +kind: Role +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "zeppelin.server.roleName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "zeppelin.server.labels" . | nindent 4 }} +rules: +- apiGroups: + - "" + resources: + - pods + - configmaps + - services + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - create + - delete +- apiGroups: + - networkging.k8s.io + resources: + - ingreses + verbs: + - create + - delete +{{- end }} diff --git a/charts/zeppelin/templates/server/rolebinding.yaml b/charts/zeppelin/templates/server/rolebinding.yaml new file mode 100644 index 00000000000..895867cce5e --- /dev/null +++ b/charts/zeppelin/templates/server/rolebinding.yaml @@ -0,0 +1,33 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{ if .Values.server.serviceAccount.create -}} +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "zeppelin.server.roleBindingName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "zeppelin.labels" . | nindent 4 }} +subjects: +- kind: ServiceAccount + name: {{ include "zeppelin.server.serviceAccountName" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "zeppelin.server.roleName" . }} +{{- end }} diff --git a/charts/zeppelin/templates/server/service.yaml b/charts/zeppelin/templates/server/service.yaml new file mode 100644 index 00000000000..5dd2afc515e --- /dev/null +++ b/charts/zeppelin/templates/server/service.yaml @@ -0,0 +1,33 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "zeppelin.server.serviceName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "zeppelin.server.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - name: http + port: 8080 + - name: rpc + port: 12320 + selector: + {{- include "zeppelin.server.selectorLabels" . | nindent 4 }} diff --git a/charts/zeppelin/templates/server/serviceaccount.yaml b/charts/zeppelin/templates/server/serviceaccount.yaml new file mode 100644 index 00000000000..de7d4ec3766 --- /dev/null +++ b/charts/zeppelin/templates/server/serviceaccount.yaml @@ -0,0 +1,30 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{ if .Values.server.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "zeppelin.server.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "zeppelin.server.labels" . | nindent 4 }} + {{- with .Values.server.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/zeppelin/values.yaml b/charts/zeppelin/values.yaml new file mode 100644 index 00000000000..467c2365d0e --- /dev/null +++ b/charts/zeppelin/values.yaml @@ -0,0 +1,122 @@ +# Default values for zeppelin. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +# -- String to partially override release name. +nameOverride: "" + +# -- String to fully override release name. +fullnameOverride: "" + +global: + image: + # -- Image registry. + registry: docker.io + # -- Image pull policy. + pullPolicy: IfNotPresent + # -- Image pull secrets for private image registry. + pullSecrets: [] + # - name: + +server: + image: + # -- Zeppelin server image registry. + # @default -- If not set, `global.image.registry` will be used. + registry: "" + # -- Zeppelin server image repository. + repository: apache/zeppelin + # -- Zeppelin image tag. + # @default -- If not set, the chart appVersion will be used. + tag: "" + + serviceAccount: + # -- Specifies whether a service account should be created for the Zeppelin server. + create: true + # -- Optional name for the Zeppelin server service account. + name: "" + # -- Extra annotations for the Zeppelin server service account. + annotations: {} + +interpreter: + image: + # -- Zeppelin interpreter image registry. + # @default -- If not set, `global.image.registry` will be used. + registry: "" + # -- Zeppelin interpreter image repository. + repository: apache/zeppelin-interpreter + # -- Zeppelin interpreter image tag. + # @default -- If not set, the chart appVersion will be used. + tag: "" + + serviceAccount: + serviceAccount: + # -- Specifies whether a service account should be created for the Zeppelin interpreter. + create: true + # -- Optional name for the Zeppelin interpreter service account. + name: "" + # -- Extra annotations for the Zeppelin interpreter service account. + annotations: {} + +spark: + image: + # -- Spark image registry. + # @default -- If not set, `global.image.registry` will be used. + registry: "" + # -- Spark image repository. + repository: spark + # -- Spark image tag. + tag: 3.5.3 + +replicas: 1 + +# -- Extra labels for controller pods. +labels: {} + # key1: value1 + # key2: value2 + +# -- Extra annotations for controller pods. +annotations: {} + # key1: value1 + # key2: value2 + +# -- Volumes for controller pods. +volumes: [] + +# -- Node selector for controller pods. +nodeSelector: {} + +# -- Affinity for controller pods. +affinity: {} + +# -- List of node taints to tolerate for controller pods. +tolerations: [] + +# -- Priority class for controller pods. +priorityClassName: "" + +# -- Security context for controller pods. +podSecurityContext: {} + +# -- Environment variables for controller containers. +env: [] + +# -- Environment variable sources for controller containers. +envFrom: [] + +# -- Volume mounts for controller containers. +volumeMounts: [] + +# -- Pod resource requests and limits for controller containers. +resources: {} + # limits: + # cpu: 100m + # memory: 300Mi + # requests: + # cpu: 100m + # memory: 300Mi + +# -- Security context for controller containers. +securityContext: {} + +service: + type: ClusterIP