From 4f6808eb8600053f39e1d88d32dddebda3914954 Mon Sep 17 00:00:00 2001 From: dscc-admin-ch <> Date: Wed, 5 Jun 2024 11:31:29 +0000 Subject: [PATCH] Update from https://github.com/dscc-admin-ch/lomas/commit/284686cb83ab75331b1760c70fec54273deb2b5e --- charts/lomas_server/templates/NOTES.txt | 46 ++- charts/lomas_server/templates/_helpers.tpl | 45 +-- .../templates/dashboard/_helpers.tpl | 55 +++ .../dashboard/dashboard_configmap.yaml | 14 + .../dashboard/dashboard_server_configmap.yaml | 14 + .../templates/dashboard/deployment.yaml | 79 ++++ .../templates/dashboard/ingress.yaml | 57 +++ .../templates/dashboard/service.yaml | 17 + .../templates/dashboard/serviceaccount.yaml | 14 + charts/lomas_server/templates/deployment.yaml | 60 --- .../templates/lomas_server_configmap.yaml | 24 -- .../templates/server/_helpers.tpl | 56 +++ .../templates/server/configmap.yaml | 24 ++ .../templates/server/deployment.yaml | 60 +++ .../templates/{ => server}/ingress.yaml | 26 +- .../secrets.yaml} | 4 +- .../templates/server/service.yaml | 15 + .../templates/server/serviceaccount.yaml | 12 + charts/lomas_server/templates/service.yaml | 15 - .../templates/serviceaccount.yaml | 12 - charts/lomas_server/values.schema.json | 356 ++++++++++++------ charts/lomas_server/values.yaml | 228 ++++++----- 22 files changed, 838 insertions(+), 395 deletions(-) create mode 100644 charts/lomas_server/templates/dashboard/_helpers.tpl create mode 100644 charts/lomas_server/templates/dashboard/dashboard_configmap.yaml create mode 100644 charts/lomas_server/templates/dashboard/dashboard_server_configmap.yaml create mode 100644 charts/lomas_server/templates/dashboard/deployment.yaml create mode 100644 charts/lomas_server/templates/dashboard/ingress.yaml create mode 100644 charts/lomas_server/templates/dashboard/service.yaml create mode 100644 charts/lomas_server/templates/dashboard/serviceaccount.yaml delete mode 100644 charts/lomas_server/templates/deployment.yaml delete mode 100644 charts/lomas_server/templates/lomas_server_configmap.yaml create mode 100644 charts/lomas_server/templates/server/_helpers.tpl create mode 100644 charts/lomas_server/templates/server/configmap.yaml create mode 100644 charts/lomas_server/templates/server/deployment.yaml rename charts/lomas_server/templates/{ => server}/ingress.yaml (55%) rename charts/lomas_server/templates/{lomas_server_secrets.yaml => server/secrets.yaml} (68%) create mode 100644 charts/lomas_server/templates/server/service.yaml create mode 100644 charts/lomas_server/templates/server/serviceaccount.yaml delete mode 100644 charts/lomas_server/templates/service.yaml delete mode 100644 charts/lomas_server/templates/serviceaccount.yaml diff --git a/charts/lomas_server/templates/NOTES.txt b/charts/lomas_server/templates/NOTES.txt index 3d8a9ac..8579997 100644 --- a/charts/lomas_server/templates/NOTES.txt +++ b/charts/lomas_server/templates/NOTES.txt @@ -1,22 +1,28 @@ -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range $host := .Values.ingress.hosts }} - {{- range .paths }} - http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} - {{- end }} +The Lomas service was successfully deployed! + +1. From within your namespace, the server is available at + + {{ include "lomas.server.fullname" . -}}:{{- .Values.server.service.port}} + +{{- if .Values.server.ingress.enabled }} + +Since server ingress was enabled, the application is also reachable from the internet at: + + http{{ if $.Values.server.ingress.tls }}s{{ end }}://{{ .Values.server.ingress.hostname }} {{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "lomas_server.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "lomas_server.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "lomas_server.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") - echo http://$SERVICE_IP:{{ .Values.service.port }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "lomas_server.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT + + +{{- if .Values.dashboard.create }} + +2. From within your namespace, the admin dashboard is available at + + {{ include "lomas.dashboard.fullname" . -}}:{{- .Values.dashboard.service.port}} + +{{- if .Values.dashboard.ingress.enabled }} + +Since dashboard ingress was enabled, the administration dashboard is also reachable from the internet at + + http{{ if $.Values.dashboard.ingress.tls }}s{{ end }}://{{ .Values.dashboard.ingress.hostname }}/about {{- end }} +{{- end }} + diff --git a/charts/lomas_server/templates/_helpers.tpl b/charts/lomas_server/templates/_helpers.tpl index fe8d97b..a3507ed 100644 --- a/charts/lomas_server/templates/_helpers.tpl +++ b/charts/lomas_server/templates/_helpers.tpl @@ -1,8 +1,8 @@ {{/* Expand the name of the chart. */}} -{{- define "lomas_server.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- define "lomas.name" -}} +{{- default .Chart.Name .Values.server.nameOverride | trunc 63 | trimSuffix "-" }} {{- end }} {{/* @@ -10,11 +10,11 @@ Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). If release name contains chart name it will be used as a full name. */}} -{{- define "lomas_server.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- define "lomas.fullname" -}} +{{- if .Values.server.fullnameOverride }} +{{- .Values.server.fullnameOverride | trunc 63 | trimSuffix "-" }} {{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} +{{- $name := default .Chart.Name .Values.server.nameOverride }} {{- if contains $name .Release.Name }} {{- .Release.Name | trunc 63 | trimSuffix "-" }} {{- else }} @@ -26,37 +26,6 @@ If release name contains chart name it will be used as a full name. {{/* Create chart name and version as used by the chart label. */}} -{{- define "lomas_server.chart" -}} +{{- define "lomas.chart" -}} {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} {{- end }} - -{{/* -Common labels -*/}} -{{- define "lomas_server.labels" -}} -helm.sh/chart: {{ include "lomas_server.chart" . }} -{{ include "lomas_server.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "lomas_server.selectorLabels" -}} -app.kubernetes.io/name: {{ include "lomas_server.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - -{{/* -Create the name of the service account to use -*/}} -{{- define "lomas_server.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "lomas_server.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} diff --git a/charts/lomas_server/templates/dashboard/_helpers.tpl b/charts/lomas_server/templates/dashboard/_helpers.tpl new file mode 100644 index 0000000..cb16cb3 --- /dev/null +++ b/charts/lomas_server/templates/dashboard/_helpers.tpl @@ -0,0 +1,55 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "lomas.dashboard.name" -}} +dashboard +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "lomas.dashboard.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- printf "%s-dashboard" .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s-dashboard" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "lomas.dashboard.labels" -}} +helm.sh/chart: {{ include "lomas.chart" . }} +{{ include "lomas.dashboard.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "lomas.dashboard.selectorLabels" -}} +app.kubernetes.io/name: {{ include "lomas.dashboard.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "lomas.dashboard.serviceAccountName" -}} +{{- if .Values.dashboard.serviceAccount.create }} +{{- default (include "lomas.dashboard.fullname" .) .Values.dashboard.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.dashboard.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/charts/lomas_server/templates/dashboard/dashboard_configmap.yaml b/charts/lomas_server/templates/dashboard/dashboard_configmap.yaml new file mode 100644 index 0000000..a31cd5a --- /dev/null +++ b/charts/lomas_server/templates/dashboard/dashboard_configmap.yaml @@ -0,0 +1,14 @@ +{{- if .Values.dashboard.create -}} +apiVersion: v1 +kind: ConfigMap +metadata: +{{- $fullname := include "lomas.dashboard.fullname" . }} + name: {{ printf "%s-dashboard-config" $fullname }} + labels: + {{- include "lomas.dashboard.labels" . | nindent 4 }} +data: + {{- $service_name := include "lomas.server.fullname" . }} + dashboard.yaml: | + server_url: {{ .Values.server.ingress.hostname }} + server_service: "http://{{- $service_name -}}:{{- .Values.server.service.port }}" +{{- end }} diff --git a/charts/lomas_server/templates/dashboard/dashboard_server_configmap.yaml b/charts/lomas_server/templates/dashboard/dashboard_server_configmap.yaml new file mode 100644 index 0000000..1d6cd43 --- /dev/null +++ b/charts/lomas_server/templates/dashboard/dashboard_server_configmap.yaml @@ -0,0 +1,14 @@ +{{- if .Values.dashboard.create -}} +apiVersion: v1 +kind: ConfigMap +metadata: +{{- $fullname := include "lomas.dashboard.fullname" . }} + name: {{ printf "%s-server-config" $fullname }} + labels: + {{- include "lomas.dashboard.labels" . | nindent 4 }} +data: + config.toml: | + [server] + address="{{ .Values.dashboard.serverConfig.address }}" + port="{{ .Values.dashboard.serverConfig.port }}" +{{- end }} diff --git a/charts/lomas_server/templates/dashboard/deployment.yaml b/charts/lomas_server/templates/dashboard/deployment.yaml new file mode 100644 index 0000000..d14a292 --- /dev/null +++ b/charts/lomas_server/templates/dashboard/deployment.yaml @@ -0,0 +1,79 @@ +{{- if .Values.dashboard.create -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "lomas.dashboard.fullname" . }} + labels: + {{- include "lomas.dashboard.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + {{- include "lomas.dashboard.selectorLabels" . | nindent 6 }} + replicas: 1 + template: + metadata: + {{- with .Values.dashboard.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "lomas.dashboard.selectorLabels" . | nindent 8 }} + spec: + serviceAccountName: {{ include "lomas.dashboard.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.dashboard.podSecurityContext | nindent 8 }} + + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.dashboard.securityContext | nindent 12 }} + image: "{{ .Values.dashboard.image.repository }}:{{ .Values.dashboard.image.tag }}" + imagePullPolicy: {{ .Values.dashboard.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.dashboard.serverConfig.port }} + protocol: TCP + volumeMounts: + - name: server-config-and-secrets + readOnly: True + mountPath: "/usr/lomas_server/" + - name: dashboard-config + readOnly: True + mountPath: "/usr/lomas_dashboard/" + - name: dashboard-server-config + readOnly: True + mountPath: "/code/.streamlit/" + resources: + {{- toYaml .Values.dashboard.resources | nindent 12 }} + volumes: + - name: server-config-and-secrets + projected: + sources: + - secret: + name: {{ include "lomas.server.fullname" . }} + - configMap: + name: {{ include "lomas.server.fullname" . }} + {{- $fullname := include "lomas.dashboard.fullname" . }} + - name: dashboard-config + projected: + sources: + - configMap: + name: {{ printf "%s-dashboard-config" $fullname }} + - name: dashboard-server-config + projected: + sources: + - configMap: + name: {{ printf "%s-server-config" $fullname }} + {{- with .Values.dashboard.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.dashboard.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.dashboard.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/charts/lomas_server/templates/dashboard/ingress.yaml b/charts/lomas_server/templates/dashboard/ingress.yaml new file mode 100644 index 0000000..0d83d16 --- /dev/null +++ b/charts/lomas_server/templates/dashboard/ingress.yaml @@ -0,0 +1,57 @@ +{{- if .Values.dashboard.create -}} +{{- if .Values.dashboard.ingress.enabled -}} +{{/* + These two are defined as such because calling . within a range loop + is shortcut for path (see https://stackoverflow.com/questions/72484286/ingress-variables-syntax-from-values-yaml) +*/}} +{{ "\n" }} +{{- $fullName := include "lomas.dashboard.fullname" . -}} +{{- $svcPort := .Values.dashboard.service.port -}} +{{- if and .Values.dashboard.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.dashboard.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.dashboard.ingress.annotations "kubernetes.io/ingress.class" .Values.dashboard.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "lomas.dashboard.labels" . | nindent 4 }} + {{- with .Values.dashboard.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.dashboard.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.dashboard.ingress.className }} + {{- end }} + {{- if .Values.dashboard.ingress.tls }} + tls: + - hosts: + - {{ .Values.dashboard.ingress.hostname | quote }} + {{- end }} + rules: + - host: {{ .Values.dashboard.ingress.hostname | quote }} + http: + paths: + - path: / + pathType: Prefix + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} +{{- end}} +{{- end }} diff --git a/charts/lomas_server/templates/dashboard/service.yaml b/charts/lomas_server/templates/dashboard/service.yaml new file mode 100644 index 0000000..4a2ab47 --- /dev/null +++ b/charts/lomas_server/templates/dashboard/service.yaml @@ -0,0 +1,17 @@ +{{- if .Values.dashboard.create -}} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "lomas.dashboard.fullname" . }} + labels: + {{- include "lomas.dashboard.labels" . | nindent 4 }} +spec: + type: {{ .Values.dashboard.service.type }} + ports: + - port: {{ .Values.dashboard.service.port}} + targetPort: {{ .Values.dashboard.serverConfig.port }} + protocol: TCP + name: http + selector: + {{- include "lomas.dashboard.selectorLabels" . | nindent 4 }} +{{- end }} diff --git a/charts/lomas_server/templates/dashboard/serviceaccount.yaml b/charts/lomas_server/templates/dashboard/serviceaccount.yaml new file mode 100644 index 0000000..d7c717f --- /dev/null +++ b/charts/lomas_server/templates/dashboard/serviceaccount.yaml @@ -0,0 +1,14 @@ +{{- if .Values.dashboard.create -}} +{{- if .Values.dashboard.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "lomas_admin_dashboard.serviceAccountName" . }} + labels: + {{- include "lomas_admin_dashboard.labels" . | nindent 4 }} + {{- with .Values.dashboard.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} +{{- end }} diff --git a/charts/lomas_server/templates/deployment.yaml b/charts/lomas_server/templates/deployment.yaml deleted file mode 100644 index 2f175fd..0000000 --- a/charts/lomas_server/templates/deployment.yaml +++ /dev/null @@ -1,60 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "lomas_server.fullname" . }} - labels: - {{- include "lomas_server.labels" . | nindent 4 }} -spec: - selector: - matchLabels: - {{- include "lomas_server.selectorLabels" . | nindent 6 }} - replicas: 1 - template: - metadata: - {{- with .Values.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - {{- include "lomas_server.selectorLabels" . | nindent 8 }} - spec: - serviceAccountName: {{ include "lomas_server.serviceAccountName" . }} - securityContext: - {{- toYaml .Values.podSecurityContext | nindent 8 }} - - containers: - - name: {{ .Chart.Name }} - securityContext: - {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - ports: - - name: http - containerPort: {{ .Values.service.port }} - protocol: TCP - volumeMounts: - - name: config-and-secrets - readOnly: True - mountPath: "/usr/lomas_server/" - resources: - {{- toYaml .Values.resources | nindent 12 }} - volumes: - - name: config-and-secrets - projected: - sources: - - secret: - name: {{ include "lomas_server.fullname" . }} - - configMap: - name: {{ include "lomas_server.fullname" . }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} diff --git a/charts/lomas_server/templates/lomas_server_configmap.yaml b/charts/lomas_server/templates/lomas_server_configmap.yaml deleted file mode 100644 index 0be851e..0000000 --- a/charts/lomas_server/templates/lomas_server_configmap.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "lomas_server.fullname" . }} - labels: - {{- include "lomas_server.labels" . | nindent 4 }} -data: - runtime.yaml: | - runtime_args: - settings: - develop_mode: {{ .Values.runtime_args.settings.develop_mode }} - submit_limit: {{ .Values.runtime_args.settings.submit_limit }} - server: - {{- toYaml .Values.runtime_args.settings.server | nindent 10 }} - admin_database: - db_type: "mongodb" - address: {{ .Values.mongodb.fullnameOverride }} - port: 27017 - password: {{ index .Values.mongodb.auth.passwords 0 }} - username: {{ index .Values.mongodb.auth.usernames 0 }} - db_name: {{ index .Values.mongodb.auth.databases 0}} - dataset_store: - ds_store_type: {{ .Values.runtime_args.settings.dataset_store.ds_store_type }} - max_memory_usage : {{ .Values.runtime_args.settings.dataset_store.max_memory_usage }} \ No newline at end of file diff --git a/charts/lomas_server/templates/server/_helpers.tpl b/charts/lomas_server/templates/server/_helpers.tpl new file mode 100644 index 0000000..e44ea11 --- /dev/null +++ b/charts/lomas_server/templates/server/_helpers.tpl @@ -0,0 +1,56 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "lomas.server.name" -}} +server +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "lomas.server.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- printf "%s-server" .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s-server" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + + +{{/* +Common labels +*/}} +{{- define "lomas.server.labels" -}} +helm.sh/chart: {{ include "lomas.chart" . }} +{{ include "lomas.server.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "lomas.server.selectorLabels" -}} +app.kubernetes.io/name: {{ include "lomas.server.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "lomas.server.serviceAccountName" -}} +{{- if .Values.server.serviceAccount.create }} +{{- default (include "lomas.server.fullname" .) .Values.server.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.server.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/charts/lomas_server/templates/server/configmap.yaml b/charts/lomas_server/templates/server/configmap.yaml new file mode 100644 index 0000000..df534ef --- /dev/null +++ b/charts/lomas_server/templates/server/configmap.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "lomas.server.fullname" . }} + labels: + {{- include "lomas.server.labels" . | nindent 4 }} +data: + runtime.yaml: | + runtime_args: + settings: + develop_mode: {{ .Values.server.runtime_args.settings.develop_mode }} + submit_limit: {{ .Values.server.runtime_args.settings.submit_limit }} + server: + {{- toYaml .Values.server.runtime_args.settings.server | nindent 10 }} + admin_database: + db_type: "mongodb" + address: {{ .Values.mongodb.fullnameOverride }} + port: 27017 + password: {{ index .Values.mongodb.auth.passwords 0 }} + username: {{ index .Values.mongodb.auth.usernames 0 }} + db_name: {{ index .Values.mongodb.auth.databases 0}} + dataset_store: + ds_store_type: {{ .Values.server.runtime_args.settings.dataset_store.ds_store_type }} + max_memory_usage : {{ .Values.server.runtime_args.settings.dataset_store.max_memory_usage }} \ No newline at end of file diff --git a/charts/lomas_server/templates/server/deployment.yaml b/charts/lomas_server/templates/server/deployment.yaml new file mode 100644 index 0000000..ea5f358 --- /dev/null +++ b/charts/lomas_server/templates/server/deployment.yaml @@ -0,0 +1,60 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "lomas.server.fullname" . }} + labels: + {{- include "lomas.server.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + {{- include "lomas.server.selectorLabels" . | nindent 6 }} + replicas: 1 + template: + metadata: + {{- with .Values.server.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "lomas.server.selectorLabels" . | nindent 8 }} + spec: + serviceAccountName: {{ include "lomas.server.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.server.podSecurityContext | nindent 8 }} + + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.server.securityContext | nindent 12 }} + image: "{{ .Values.server.image.repository }}:{{ .Values.server.image.tag }}" + imagePullPolicy: {{ .Values.server.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.server.service.port }} + protocol: TCP + volumeMounts: + - name: config-and-secrets + readOnly: True + mountPath: "/usr/lomas_server/" + resources: + {{- toYaml .Values.server.resources | nindent 12 }} + volumes: + - name: config-and-secrets + projected: + sources: + - secret: + name: {{ include "lomas.server.fullname" . }} + - configMap: + name: {{ include "lomas.server.fullname" . }} + {{- with .Values.server.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.server.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.server.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/lomas_server/templates/ingress.yaml b/charts/lomas_server/templates/server/ingress.yaml similarity index 55% rename from charts/lomas_server/templates/ingress.yaml rename to charts/lomas_server/templates/server/ingress.yaml index d6127d3..c25b1fc 100644 --- a/charts/lomas_server/templates/ingress.yaml +++ b/charts/lomas_server/templates/server/ingress.yaml @@ -1,14 +1,14 @@ -{{- if .Values.ingress.enabled -}} +{{- if .Values.server.ingress.enabled -}} {{/* These two are defined as such because calling . within a range loop is shortcut for path (see https://stackoverflow.com/questions/72484286/ingress-variables-syntax-from-values-yaml) */}} {{ "\n" }} -{{- $fullName := include "lomas_server.fullname" . -}} -{{- $svcPort := .Values.service.port -}} -{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} - {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} - {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} +{{- $fullName := include "lomas.server.fullname" . -}} +{{- $svcPort := .Values.server.service.port -}} +{{- if and .Values.server.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.server.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.server.ingress.annotations "kubernetes.io/ingress.class" .Values.server.ingress.className}} {{- end }} {{- end }} {{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} @@ -22,22 +22,22 @@ kind: Ingress metadata: name: {{ $fullName }} labels: - {{- include "lomas_server.labels" . | nindent 4 }} - {{- with .Values.ingress.annotations }} + {{- include "lomas.server.labels" . | nindent 4 }} + {{- with .Values.server.ingress.annotations }} annotations: {{- toYaml . | nindent 4 }} {{- end }} spec: - {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} - ingressClassName: {{ .Values.ingress.className }} + {{- if and .Values.server.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.server.ingress.className }} {{- end }} - {{- if .Values.ingress.tls }} + {{- if .Values.server.ingress.tls }} tls: - hosts: - - {{ .Values.ingress.hostname | quote }} + - {{ .Values.server.ingress.hostname | quote }} {{- end }} rules: - - host: {{ .Values.ingress.hostname | quote }} + - host: {{ .Values.server.ingress.hostname | quote }} http: paths: - path: / diff --git a/charts/lomas_server/templates/lomas_server_secrets.yaml b/charts/lomas_server/templates/server/secrets.yaml similarity index 68% rename from charts/lomas_server/templates/lomas_server_secrets.yaml rename to charts/lomas_server/templates/server/secrets.yaml index a658357..d19618b 100644 --- a/charts/lomas_server/templates/lomas_server_secrets.yaml +++ b/charts/lomas_server/templates/server/secrets.yaml @@ -2,9 +2,9 @@ apiVersion: v1 kind: Secret metadata: - name: {{ include "lomas_server.fullname" . }} + name: {{ include "lomas.server.fullname" . }} labels: - {{- include "lomas_server.labels" . | nindent 4 }} + {{- include "lomas.server.labels" . | nindent 4 }} stringData: secrets.yaml: | admin_database: diff --git a/charts/lomas_server/templates/server/service.yaml b/charts/lomas_server/templates/server/service.yaml new file mode 100644 index 0000000..20968c2 --- /dev/null +++ b/charts/lomas_server/templates/server/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "lomas.server.fullname" . }} + labels: + {{- include "lomas.server.labels" . | nindent 4 }} +spec: + type: {{ .Values.server.service.type }} + ports: + - port: {{ .Values.server.service.port}} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "lomas.server.selectorLabels" . | nindent 4 }} diff --git a/charts/lomas_server/templates/server/serviceaccount.yaml b/charts/lomas_server/templates/server/serviceaccount.yaml new file mode 100644 index 0000000..a615e75 --- /dev/null +++ b/charts/lomas_server/templates/server/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.server.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "lomas.server.serviceAccountName" . }} + labels: + {{- include "lomas.server.labels" . | nindent 4 }} + {{- with .Values.server.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/lomas_server/templates/service.yaml b/charts/lomas_server/templates/service.yaml deleted file mode 100644 index 3ad45ad..0000000 --- a/charts/lomas_server/templates/service.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ include "lomas_server.fullname" . }} - labels: - {{- include "lomas_server.labels" . | nindent 4 }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.port}} - targetPort: http - protocol: TCP - name: http - selector: - {{- include "lomas_server.selectorLabels" . | nindent 4 }} diff --git a/charts/lomas_server/templates/serviceaccount.yaml b/charts/lomas_server/templates/serviceaccount.yaml deleted file mode 100644 index 31e1a66..0000000 --- a/charts/lomas_server/templates/serviceaccount.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if .Values.serviceAccount.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "lomas_server.serviceAccountName" . }} - labels: - {{- include "lomas_server.labels" . | nindent 4 }} - {{- with .Values.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} diff --git a/charts/lomas_server/values.schema.json b/charts/lomas_server/values.schema.json index 4cfd80c..ff4d38d 100644 --- a/charts/lomas_server/values.schema.json +++ b/charts/lomas_server/values.schema.json @@ -2,52 +2,119 @@ "$schema": "http://json-schema.org/schema#", "type": "object", "properties": { - "affinity": { - "type": "object" - }, - "fullnameOverride": { - "description": "Fully overrides the lomas-server.fullname template.", - "type": "string" - }, - "image": { + "dashboard": { "type": "object", "properties": { - "pullPolicy": { - "type": "string" + "affinity": { + "type": "object" }, - "repository": { - "type": "string" + "create": { + "description": "Setting this to true also deploys the administration dashboard for this service.", + "type": "boolean" }, - "tag": { - "type": "string" - } - } - }, - "imagePullSecrets": { - "type": "array" - }, - "ingress": { - "type": "object", - "properties": { - "annotations": { + "image": { "type": "object", "properties": { - "nginx.ingress.kubernetes.io/proxy-read-timeout": { + "pullPolicy": { + "type": "string" + }, + "repository": { + "type": "string" + }, + "tag": { "type": "string" } } }, - "className": { - "type": "string" + "imagePullSecrets": { + "type": "array" }, - "enabled": { - "type": "boolean" + "ingress": { + "type": "object", + "properties": { + "annotations": { + "type": "object", + "properties": { + "nginx.ingress.kubernetes.io/proxy-read-timeout": { + "type": "string" + } + } + }, + "className": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "hostname": { + "type": "string" + } + } + }, + "nodeSelector": { + "type": "object" + }, + "podAnnotations": { + "type": "object" + }, + "podSecurityContext": { + "type": "object" + }, + "replicaCount": { + "type": "integer" + }, + "resources": { + "type": "object" + }, + "securityContext": { + "type": "object" + }, + "serverConfig": { + "description": "The values for building the streamlit server config.", + "type": "object", + "properties": { + "address": { + "type": "string" + }, + "port": { + "type": "string" + } + } + }, + "service": { + "type": "object", + "properties": { + "port": { + "type": "integer" + }, + "type": { + "type": "string" + } + } }, - "hostname":{ - "type":"string" - } + "serviceAccount": { + "type": "object", + "properties": { + "annotations": { + "type": "object" + }, + "create": { + "type": "boolean" + }, + "name": { + "type": "string" + } + } + }, + "tolerations": { + "type": "array" + } } }, + "fullnameOverride": { + "description": "Fully overrides the chart name", + "type": "string" + }, "mongodb": { "description": "The configuration for the mongodb database. Refer to the subchart for more detailed description.", "type": "object", @@ -141,131 +208,178 @@ } }, "nameOverride": { - "description": "Partially overrides lomas-server.fullname template, keeping the version number.", + "description": "Gives a name to this chart.", "type": "string" }, - "nodeSelector": { - "type": "object" - }, - "podAnnotations": { - "type": "object" - }, - "podSecurityContext": { - "type": "object" - }, - "replicaCount": { - "type": "integer" - }, - "resources": { - "type": "object" - }, - "runtime_args": { + "server": { "type": "object", "properties": { - "settings": { + "affinity": { + "type": "object" + }, + "image": { "type": "object", "properties": { - "dataset_store": { + "pullPolicy": { + "type": "string" + }, + "repository": { + "type": "string" + }, + "tag": { + "type": "string" + } + } + }, + "imagePullSecrets": { + "type": "array" + }, + "ingress": { + "type": "object", + "properties": { + "annotations": { "type": "object", "properties": { - "ds_store_type": { - "description": "The type of dataset store.", - "enum": [ - "basic", - "LRU_cache" - ], + "nginx.ingress.kubernetes.io/proxy-read-timeout": { "type": "string" - }, - "max_memory_usage": { - "description": "Max memory usage of dataset store. Only useful for LRU_cache type.", - "type": "integer" } } }, - "develop_mode": { - "description": "When True, service database is reset to default user and dataset collections.", - "type": "boolean" + "className": { + "type": "string" }, - "submit_limit": { - "type": "integer" + "enabled": { + "type": "boolean" }, - "server": { + "hostname": { + "type": "string" + } + } + }, + "nodeSelector": { + "type": "object" + }, + "podAnnotations": { + "type": "object" + }, + "podSecurityContext": { + "type": "object" + }, + "replicaCount": { + "type": "integer" + }, + "resources": { + "type": "object" + }, + "runtime_args": { + "type": "object", + "properties": { + "settings": { "type": "object", "properties": { - "time_attack": { + "dataset_store": { "type": "object", "properties": { - "magnitude": { - "type": "integer" - }, - "method": { + "ds_store_type": { + "description": "The type of dataset store.", "enum": [ - "jitter", - "stall" + "basic", + "LRU_cache" ], "type": "string" + }, + "max_memory_usage": { + "description": "Max memory usage of dataset store. Only useful for LRU_cache type.", + "type": "integer" } } }, - "host_ip": { - "type": "string" - }, - "host_port": { - "type": "string" - }, - "log_level": { - "enum": [ - "notset", - "debug", - "info", - "warning", - "error", - "critical" - ], - "type": "string" - }, - "reload": { + "develop_mode": { + "description": "When True, service database is reset to default user and dataset collections.", "type": "boolean" }, - "workers": { + "server": { + "type": "object", + "properties": { + "host_ip": { + "type": "string" + }, + "host_port": { + "type": "string" + }, + "log_level": { + "enum": [ + "notset", + "debug", + "info", + "warning", + "error", + "critical" + ], + "type": "string" + }, + "reload": { + "type": "boolean" + }, + "time_attack": { + "type": "object", + "properties": { + "magnitude": { + "type": "integer" + }, + "method": { + "enum": [ + "jitter", + "stall" + ], + "type": "string" + } + } + }, + "workers": { + "type": "integer" + } + } + }, + "submit_limit": { "type": "integer" } } } } - } - } - }, - "securityContext": { - "type": "object" - }, - "service": { - "type": "object", - "properties": { - "port": { - "type": "integer" }, - "type": { - "type": "string" - } - } - }, - "serviceAccount": { - "type": "object", - "properties": { - "annotations": { + "securityContext": { "type": "object" }, - "create": { - "type": "boolean" + "service": { + "type": "object", + "properties": { + "port": { + "type": "integer" + }, + "type": { + "type": "string" + } + } }, - "name": { - "type": "string" + "serviceAccount": { + "type": "object", + "properties": { + "annotations": { + "type": "object" + }, + "create": { + "type": "boolean" + }, + "name": { + "type": "string" + } + } + }, + "tolerations": { + "type": "array" } } - }, - "tolerations": { - "type": "array" } } -} \ No newline at end of file +} diff --git a/charts/lomas_server/values.yaml b/charts/lomas_server/values.yaml index 0cfb509..02beb3f 100644 --- a/charts/lomas_server/values.yaml +++ b/charts/lomas_server/values.yaml @@ -1,12 +1,14 @@ # Default values for lomas_server. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. + +# General stuff +nameOverride: "" +fullnameOverride: "lomas" # MongoDB ########################################################################## mongodb: resources: {} - fullnameOverride: lomas-mongodb + fullnameOverride: "lomas-mongodb" architecture: standalone image: tag: "6.0.9-debian-11-r5" @@ -31,94 +33,140 @@ mongodb: resourcePolicy: "" -# Secure Data Disclosure Fast-API server +# Dashboard Fast-API server ########################################################################## -replicaCount: 1 - -image: - repository: dsccadminch/lomas_server - pullPolicy: Always - tag: latest - -# Runtime args for server -runtime_args: - settings: - develop_mode: True # !! Set this to false in production mode !! - submit_limit: 300 - server: - host_ip: "0.0.0.0" - host_port: "80" - log_level: "info" - reload: True - workers: 1 # Will be overwritten to one anyway for now. - time_attack: - method: "jitter" # or "stall" - magnitude: 1 - dataset_store: - ds_store_type: "LRU_cache" - max_memory_usage : 512 - -imagePullSecrets: [] -nameOverride: "lomas-server" -fullnameOverride: "lomas-server" - -serviceAccount: - # Specifies whether a service account should be created - create: false # TODO enable this later - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - -podAnnotations: {} - -podSecurityContext: {} - # fsGroup: 2000 - -securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 - -service: - type: ClusterIP - port: 80 - -ingress: - enabled: true - className: "nginx" - annotations: - nginx.ingress.kubernetes.io/proxy-read-timeout: "3600" - hostname: chart-example.local - - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - -# Lomas server not intended to be autoscaled for now -# autoscaling: -# enabled: false -# minReplicas: 1 -# maxReplicas: 100 -# targetCPUUtilizationPercentage: 80 -# # targetMemoryUtilizationPercentage: 80 - -nodeSelector: {} +server: + image: + repository: dsccadminch/lomas_server + pullPolicy: Always + tag: latest + imagePullSecrets: [] + + # Runtime args for server + runtime_args: + settings: + develop_mode: True # !! Set this to false in production mode !! + submit_limit: 300 + server: + host_ip: "0.0.0.0" + host_port: "80" + log_level: "info" + reload: True + workers: 1 # Will be overwritten to one anyway for now. + time_attack: + method: "jitter" # or "stall" + magnitude: 1 + dataset_store: + ds_store_type: "LRU_cache" + max_memory_usage : 512 + + + service: + type: ClusterIP + port: 80 + + ingress: + enabled: true + className: "nginx" + annotations: + nginx.ingress.kubernetes.io/proxy-read-timeout: "3600" + hostname: "lomas-server.example.com" + # Lomas server not meant to be replicated for now + replicaCount: 1 + # Lomas server not intended to be autoscaled for now + # autoscaling: + # enabled: false + # minReplicas: 1 + # maxReplicas: 100 + # targetCPUUtilizationPercentage: 80 + # # targetMemoryUtilizationPercentage: 80 + + # We leave unset stuff here + serviceAccount: + create: false + annotations: {} + name: "" + resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + podAnnotations: {} + podSecurityContext: {} + # fsGroup: 2000 + securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + nodeSelector: {} + tolerations: [] + affinity: {} + +# Lomas Administration Dashboard +########################################################################## -tolerations: [] +dashboard: + create: true -affinity: {} + image: + repository: dsccadminch/lomas_admin_dashboard + pullPolicy: Always + tag: latest + imagePullSecrets: [] + + # Runtime args for server + serverConfig: + address: "0.0.0.0" + port: "8501" + + service: + type: ClusterIP + port: 80 + + ingress: + enabled: true + className: "nginx" + annotations: + nginx.ingress.kubernetes.io/proxy-read-timeout: "3600" + hostname: "lomas-admin-dashboard.example.com" + # Lomas dashboard not meant to be replicated for now + replicaCount: 1 + # Lomas dashboard not intended to be autoscaled for now + # autoscaling: + # enabled: false + # minReplicas: 1 + # maxReplicas: 100 + # targetCPUUtilizationPercentage: 80 + # # targetMemoryUtilizationPercentage: 80 + + # We leave unset stuff here + serviceAccount: + create: false + annotations: {} + name: "" + resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + podAnnotations: {} + podSecurityContext: {} + # fsGroup: 2000 + securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + nodeSelector: {} + tolerations: [] + affinity: {} \ No newline at end of file