Skip to content

Latest commit

 

History

History
152 lines (129 loc) · 19.4 KB

README.md

File metadata and controls

152 lines (129 loc) · 19.4 KB

Official Safe Software Helm Charts

Helm Chart Rename

Starting with FME Flow 2024.0, the helm chart has been renamed from having separate charts for each major release (e.g., safesoftware/fmeserver-2023-1, safesoftware/fmeserver-2023-2, etc) to having a single chart safesoftware/fmeflow.

This change is being made to make this repo less complex with so many versions of the chart. The new fmeflow chart will be made compatible with versions of FME Flow moving forward starting with 2024.0. If there are changes we need to make that will break backwards compatibility, we will increment the major version of this chart and will provide guidance to users on which versions of the chart to use with which versions of FME Flow. These types of changes should be very infrequent.

Along with the rename of the chart itself, everything in the chart has been renamed from fmeserver to fmeflow, including values specified in the values.yaml file.
Ensure that you update any existing values.yaml files you have to the new parameter names.

Deploying with versions prior to 2024.0 should still use the old fmeserver-<version> charts.

Helm Chart Versioning

Starting with 2024.1, we had to make some changes to the deployment that are not backwards compatible. This means that FME Flow 2024.0 should use version 1 of this chart, and 2024.1 and newer should use the latest version (version 2). This can be specified when calling helm install as follows:

2024.0: helm install --version 1 ...
2024.1+: helm install ... or helm install --version 2 ...

You can view all versions of the helm chart by running the command helm search repo fmeflow --versions after adding the repository. It is a good idea to make your deployments reproducible to pin an exact version of the helm chart when deploying and use the same version for any helm operations you need to perform on that deployment. You can pin a helm chart version with the --version flag. For example, helm install --version 2.0.4 ...

Prerequisites

To add the Safe Software charts repository:
helm repo add safesoftware https://safesoftware.github.io/helm-charts/

Installing the Chart

To quickly get started, find the latest docker image tag for this version of FME Flow here.

Then run the command specifying the docker tag found above: helm install fmeflow safesoftware/fmeflow --set fmeflow.image.tag=<docker_tag>

See all available parameters below.

For more information see the documentation and our FME Community landing page for Kubernetes.

Configuration

The following table lists the configurable parameters of the FME Flow helm chart and their default values.

Parameter Description Default
fmeflow.image.tag The docker image tag to use. Nil You must provide a tag. You can find available tags here.
fmeflow.image.pullPolicy Image pull policy. IfNotPresent means that the image is pulled only if it is not already present on the node. If this is changed to "Always", then the node will always try to pull to make sure it has the latest version of that tag. IfNotPresent
fmeflow.image.registry Docker registry docker.io This parameter should not be changed.
fmeflow.image.namespace Docker registry namespace safesoftware This parameter should not be changed.
fmeflow.debugLevel Set the verbosity of the FME Flow Core logs. Can be set to NONE, LOW, MEDIUM, HIGH or SUPER_VERBOSE. NONE
deployment.hostname FME Flow hostname localhost
deployment.port FME Flow port 443
deployment.tlsSecretName Custom TLS certificate, see documentation for more details Nil
deployment.certManager.issuerName Cert Manager issuer name, see documentation for more details Nil
deployment.certManager.issuerType Can be cluster or namespace, ignored if no issuerName is provided. See documentation for more details cluster
deployment.numCores Number of cores to launch. Multi-core only works in a multi-host cluster with ReadWriteMany storage 1
deployment.startAsRoot Starts core container as root and grants the fmeflow user access to the file system. false
deployment.useHostnameIngress Configures the ingress to route traffic to FME Flow only if the request matches the value of deployment.hostname. Setting this to false will route all traffic on the ingress to FME Flow. true
deployment.deployPostgresql Deploy a Postgresql Database for FME Flow to use. Set this to false if you have an existing database you would like FME Flow to connect to. true
deployment.disableTLS Set this to true if you would like to disable TLS on the ingress. This is not recommended. false
deployment.automountServiceAccountToken Set this to true if you would like to automatically mount the service token for the namespace. See documentation for more details. false
resources.core Core CPU/Memory resource requests/limits Memory: 1.5Gi, CPU: 200m
resources.web Web CPU/Memory resource requests/limits Memory: 1Gi, CPU: 200m
resources.queue Queue CPU/Memory resource requests/limits Memory: 128Mi, CPU: 100m
resources.websocket Websocket CPU/Memory resource requests/limits Memory: 256Mi, CPU: 100m
storage.reclaimPolicy Volume Reclaim Policy Delete
storage.useHostDir Allows to map data and database volumes to a directory on a node. Requires path parameters. false
storage.postgresql.class Storage class for PostgreSQL data. Ignored if host dir mapping is used. Nil
storage.postgresql.size PostgreSQL volume size 1Gi
storage.postgresql.path Absolute path where database data should be stored on host. Only required if useHostDir is enabled. Nil
storage.fmeflow.accessMode Access mode for FME Flow data storage class. ReadWriteOnce
storage.fmeflow.class Storage class for FME Flow data. Ignored if host dir mapping is used. Nil
storage.fmeflow.size FME Flow data volume size 10Gi
storage.fmeflow.path Absolute path where FME Flow data should be stored on host. Only required if useHostDir is enabled. Nil
fmeflow.engines.debugLevel Set the verbosity of the FME Flow Engine logs. Can be set to NONE, LOW, MEDIUM, HIGH or SUPER_VERBOSE. NONE
fmeflow.engines.receiveTimeout Engines that have not received a job in this period of time (measured in milliseconds) will be restarted. Set to 0 to never restart. 0
fmeflow.engines.groups An array of engine deployments. Each deployment defines a name, queues to join, number of replicas, and scheduling information.
fmeflow.engines.groups[].name The name of this group of engines. default
fmeflow.engines.groups[].engines The number of engines to deploy in this engine deployment. 2
fmeflow.engines.groups[].type The FME Engine licensing type to use. Must be STANDARD or DYNAMIC. STANDARD
fmeflow.engines.groups[].engineProperties A comma delimited list of properties to set on this engine. The engine deployment name will be automatically added. See this link for more info ""
fmeflow.engines.groups[].resources Engine CPU/Memory resource requests/limits Memory: 512Mi, CPU: 200m
fmeflow.engines.groups[].memorylimit.top Tell the FME Engine the percentage of available memory to use. Only set this if a memory limit is being set for this engine group. Must be a float between 0.0 and 1.0 and greater than memorylimit.bottom. Note this parameter is set automatically when a memory limit is set for an engine. Use these parameters to override.
fmeflow.engines.groups[].memorylimit.bottom Tell the FME Engine the percentage of available memory to use. Only set this if a memory limit is being set for this engine group. Must be a float between 0.0 and 1.0 and less than memorylimit.top. Note this parameter is set automatically when a memory limit is set for an engine. Use these parameters to override.
fmeflow.engines.groups[].affinity Affinity labels for pod assignment for this engine deployment {}
fmeflow.engines.groups[].nodeSelector Map of nodeselector annotations to add to this engine deployment {}
fmeflow.engines.groups[].tolerations Toleration labels for pod assignment for this engine deployment []
fmeflow.engines.groups[].labels Labels to apply to the engine pods {}
fmeflow.engines.awsServiceAccount.iamRoleArn IAM Role to associate with the FME Engine pods (this will create a service account for FME Engine to access AWS) Nil
fmeflow.engines.groups[].image Changes the image that the engine uses. Defaults to the image set in the fmeflow.image settings if not set.
fmeflow.engines.groups[].image.tag The docker image tag to use.
fmeflow.engines.groups[].image.pullPolicy Image pull policy. IfNotPresent means that the image is pulled only if it is not already present on the node. If this is changed to "Always", then the node will always try to pull to make sure it has the latest version of that tag.
fmeflow.engines.groups[].image.registry Docker registry
fmeflow.engines.groups[].image.namespace Docker registry namespace
fmeflow.database.host The hostname of the Postgres database to use. Only set this if you are not using the included Postgres database The service DNS of the Postgresql database deployed with this chart
fmeflow.database.port The port of the Postgres database to use. 5432
fmeflow.database.name The database name for FME Flow to use for its schema. fmeflow
fmeflow.database.user The database user for FME Flow to use/create. fmeflow
fmeflow.database.password The database password for the fmeflow user. 4fmmsgrz09
fmeflow.database.passwordSecret Instead of specifying a database password in plaintext, specify an existing secret that contains the password to use.
fmeflow.database.passwordSecretKey The key in the above specified secret that contains the fmeflow database password. fmeflow-db-password
fmeflow.database.adminUser The admin database user for FME Flow to use to create its schema in the database. postgres
fmeflow.database.adminPasswordSecret The name of the secret that contains the password of the admin user specified in fmeflow.database.adminUser Secret generated by the Postgresql chart
fmeflow.database.adminPasswordSecretKey The key in the specified fmeflow.database.adminPasswordSecret that contains the password for the admin user specified in fmeflow.database.adminUser postgres-password
fmeflow.database.adminDatabase The admin database to use when connecting with the adminUser. postgres
fmeflow.database.ssl Adds sslmode=require to the JDBC connections to the database false
fmeflow.database.azure NOTE: This flag is needed for Azure Database for PostgreSQL Single Server, which is being retired from Azure at the end of March 2025, and is no longer needed for the newer Azure PosgreSQL Flexible Servers. (more info here) Set this to true only if connecting to an Azure Managed Postgresql Single Server database to format the username properly when connecting. false
fmeflow.webserver.maxThreads Max threads the Tomcat webserver can use (more info here) 200
fmeflow.forcePasswordChange Force the admin user to change password on first login true
fmeflow.enableTransactionQueueTimeout Enable timeout on queue connections. false
fmeflow.portpool Range of ports which can be assigned to FME Engines, Subscribers and Protocols when connecting to FME Flow. Port pools may be specified as a comma-seperated list of port numbers and port number ranges. E.g. 20000-21000,21200 Nil
fmeflow.waitForDatabase Wait until the database is up and can be connected to before starting FME Flow Core and Engines. Only disable this if this check is causing issues. true
fmeflow.waitForQueue Wait until the redis queue is up and can be connected to before starting FME Flow Core. Only disable this if this check is causing issues. true
fmeflow.healthcheck.startup.initialDelaySeconds Set the initial delay before running the startup probes. 10
fmeflow.healthcheck.startup.failureThreshold Set the failure threshold for the startup probes. This can be increased if pods take longer to start in your cluster. 20
fmeflow.healthcheck.startup.timeoutSeconds Set the timeout for the the startup probes. 5
fmeflow.healthcheck.startup.periodSeconds Set the time (in seconds) between startup probe invocations. This can be increased if pods take longer to start in your cluster. 30
scheduling.core.affinity Affinity labels for pod assignment for Core pod. For information on how to assign pods to specific nodes using the affinity feature, read the official documentation. {}
scheduling.core.nodeselector Map of nodeselector annotations to add to the Core pod. For information on how to assign pods to specific nodes using the nodeSelector parameter, read the official documentation. {}
scheduling.core.tolerations Toleration labels for pod assignment for Core pod. Official documentation on taints and tolerations. []
scheduling.queue.affinity Affinity labels for pod assignment for Queue pod. For information on how to assign pods to specific nodes using the affinity feature, read the official documentation. {}
scheduling.queue.nodeselector Map of nodeselector annotations to add to the Queue pod. For information on how to assign pods to specific nodes using the nodeSelector parameter, read the official documentation. {}
scheduling.queue.tolerations Toleration labels for pod assignment for Queue pod. Official documentation on taints and tolerations. []
scheduling.websocket.affinity Affinity labels for pod assignment for Websocket pod. For information on how to assign pods to specific nodes using the affinity feature, read the official documentation. {}
scheduling.websocket.nodeselector Map of nodeselector annotations to add to the Websocket pod. For information on how to assign pods to specific nodes using the nodeSelector parameter, read the official documentation. {}
scheduling.websocket.tolerations Toleration labels for pod assignment for Websocket pod. Official documentation on taints ansd tolerations. []
annotations.core.statefulset Annotations for the core statefulset {}
annotations.core.template Annotations for the core pod template {}
annotations.engine.deployment Annotations for the engine deployment {}
annotations.engine.template Annotations for the engine pod template {}
annotations.queue.statefulset Annotations for the queue statefulset {}
annotations.queue.template Annotations for the queue pod template {}
annotations.websocket.statefulset Annotations for the websocket statefulset {}
annotations.websocket.template Annotations for the websocket pod template {}
ingress.general.ingressClassName Ingress class name to use for ingress objects. nginx
ingress.general.annotations Annotations to apply to all ingress objects. nginx.ingress.kubernetes.io/proxy-body-size: "0"
nginx.ingress.kubernetes.io/affinity: cookie
nginx.ingress.kubernetes.io/session-cookie-name: fmeflow-ingress
nginx.ingress.kubernetes.io/session-cookie-hash: md5
ingress.web.annotations Annotations to apply to the default web ingress nginx.ingress.kubernetes.io/proxy-read-timeout: "300"
nginx.ingress.kubernetes.io/proxy-body-size: "0"
ingress.migration.annotations Annotations to apply to the migration REST endpoint ingress. Typically a longer timeout is set for large backup and restore REST calls. nginx.ingress.kubernetes.io/proxy-read-timeout: "1800"
ingress.transact.annotations Annotations to apply to the transact REST endpoint ingress. Typically a long timeout is set for synchronous calls to execute long running jobs. nginx.ingress.kubernetes.io/proxy-read-timeout: "1209600"
ingress.websocket.annotations Annotations to apply to the websocket REST endpoint ingress. Typically a long timeout is set for long open websocket connections. nginx.ingress.kubernetes.io/proxy-read-timeout: "2592000"
labels.core Labels to apply to the core pods {}
labels.queue Labels to apply to the core pods {}
labels.websocket Labels to apply to the core pods {}

Development

Run unit tests

  1. helm plugin install https://github.com/lrills/helm-unittest
  2. helm unittest <path/to/chart/source>

Third Party Dependancies

PostgreSQL Helm Chart - Apache 2.0 - Available from Bitnami.