From 181aa877ce09a66219b635845cd4373e8e7ee16d Mon Sep 17 00:00:00 2001 From: Torsten Simon Date: Tue, 25 Apr 2023 20:35:50 +0200 Subject: [PATCH 1/4] basic sample helm chart --- deploy/docker/helm/src/main/chart/Chart.yaml | 7 + deploy/docker/helm/src/main/chart/Readme.md | 28 ++++ .../helm/src/main/chart/templates/ingress.yml | 23 +++ .../helm/src/main/chart/templates/service.yml | 25 ++++ .../src/main/chart/templates/statefulset.yml | 131 ++++++++++++++++++ deploy/docker/helm/src/main/chart/values.yaml | 3 + 6 files changed, 217 insertions(+) create mode 100644 deploy/docker/helm/src/main/chart/Chart.yaml create mode 100644 deploy/docker/helm/src/main/chart/Readme.md create mode 100644 deploy/docker/helm/src/main/chart/templates/ingress.yml create mode 100644 deploy/docker/helm/src/main/chart/templates/service.yml create mode 100644 deploy/docker/helm/src/main/chart/templates/statefulset.yml create mode 100644 deploy/docker/helm/src/main/chart/values.yaml diff --git a/deploy/docker/helm/src/main/chart/Chart.yaml b/deploy/docker/helm/src/main/chart/Chart.yaml new file mode 100644 index 0000000..88051fe --- /dev/null +++ b/deploy/docker/helm/src/main/chart/Chart.yaml @@ -0,0 +1,7 @@ +apiVersion: v2 + +name: edu-sharing-services-connector +description: Helm chart for edu-sharing connector app +type: application +version: 0.1.0 +appVersion: 0.1.0 \ No newline at end of file diff --git a/deploy/docker/helm/src/main/chart/Readme.md b/deploy/docker/helm/src/main/chart/Readme.md new file mode 100644 index 0000000..452f506 --- /dev/null +++ b/deploy/docker/helm/src/main/chart/Readme.md @@ -0,0 +1,28 @@ +Usage: +Install via +```bash +helm upgrade --install connector . --set baseUrl=example.repo.org --set storageClassName=storage-class --set passwordDB=example +``` + +View logs of Container `edu-sharing-connector-0` and check for an output like + +``` +Connector is ready. Please register it at your repository (Admin Tools -> Remote-Systems) with the following url: +``` + +Go to the admin tools of your repository and register the app. + +In order to activate H5P as an editor, configure it in the repository. +Go to Admin Tools -> Global System Config -> Cluster-Override and add +``` +connectorList{ + connectors:[ + { + id:"H5P", icon:"edit", showNew: true, onlyDesktop: true, hasViewMode: false, + filetypes:[ + {mimetype: "application/zip",filetype: "h5p", ccressourcetype: "h5p", createable: true,editable: true} + ] + } + ] +} +``` \ No newline at end of file diff --git a/deploy/docker/helm/src/main/chart/templates/ingress.yml b/deploy/docker/helm/src/main/chart/templates/ingress.yml new file mode 100644 index 0000000..d649588 --- /dev/null +++ b/deploy/docker/helm/src/main/chart/templates/ingress.yml @@ -0,0 +1,23 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +annotations: +metadata: + name: edu-sharing-connector-ingress + annotations: + cert-manager.io/cluster-issuer: letsencrypt +spec: + tls: + - hosts: + - connector.services.{{ .Values.baseUrl }} + secretName: edu-sharing-connector-tls + rules: + - host: connector.services.{{ .Values.baseUrl }} + http: + paths: + - backend: + service: + name: edu-sharing-connector + port: + number: 80 + path: / + pathType: Prefix \ No newline at end of file diff --git a/deploy/docker/helm/src/main/chart/templates/service.yml b/deploy/docker/helm/src/main/chart/templates/service.yml new file mode 100644 index 0000000..12acf53 --- /dev/null +++ b/deploy/docker/helm/src/main/chart/templates/service.yml @@ -0,0 +1,25 @@ +kind: Service +apiVersion: v1 +metadata: + name: edu-sharing-connector +spec: + selector: + app: edu-sharing-connector + ports: + - port: 80 + name: api + targetPort: api + +--- + +kind: Service +apiVersion: v1 +metadata: + name: edu-sharing-connector-db +spec: + selector: + app: edu-sharing-connector-db + ports: + - port: 3306 + name: db + targetPort: db diff --git a/deploy/docker/helm/src/main/chart/templates/statefulset.yml b/deploy/docker/helm/src/main/chart/templates/statefulset.yml new file mode 100644 index 0000000..741e42b --- /dev/null +++ b/deploy/docker/helm/src/main/chart/templates/statefulset.yml @@ -0,0 +1,131 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: edu-sharing-connector +spec: + selector: + matchLabels: + app: edu-sharing-connector + replicas: 1 + serviceName: edu-sharing-connector + template: + metadata: + labels: + app: edu-sharing-connector + spec: + imagePullSecrets: + - name: registry-oeh + containers: + - name: edu-sharing-connector + image: docker.edu-sharing.com/projects/community/edu_sharing-projects-community-deploy-docker-services-connector:{{ .Values.version }} + imagePullPolicy: Always + env: + - name: WWWURL + value: "https://connector.services.{{ .Values.baseUrl }}" + - name: DBHOST + value: edu-sharing-connector-db + - name: DBPORT + value: "3306" + - name: DBUSER + value: "connector" + - name: DBNAME + value: "connector" + - name: DBPASSWORD + value: {{ required "A valid .Values.passwordDB is required!" .Values.passwordDB }} + - name: ONLYOFFICE_DOCUMENT_SERVER + value: {{ .Values.onlyofficeDocumentServer | default "" }} + livenessProbe: + httpGet: + path: /metadata + port: api + periodSeconds: 10 + timeoutSeconds: 10 + readinessProbe: + httpGet: + path: /metadata + port: api + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 10 + resources: + limits: + cpu: "1000m" + memory: "2Gi" + requests: + cpu: "500m" + memory: "2Gi" + ports: + - containerPort: 80 + name: api + volumeMounts: + - name: data + mountPath: /var/www/html/data + + volumeClaimTemplates: + - metadata: + name: data + spec: + storageClassName: {{ .Values.storageClassName }} + accessModes: + - ReadWriteMany + resources: + requests: + storage: "30Gi" + +--- + +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: edu-sharing-connector-db +spec: + selector: + matchLabels: + app: edu-sharing-connector-db + replicas: 1 + serviceName: edu-sharing-connector-db + template: + metadata: + labels: + app: edu-sharing-connector-db + spec: + containers: + - name: edu-sharing-connector-db + image: mysql:8.0.31-debian + env: + - name: MYSQL_DATABASE + value: connector + - name: MYSQL_USER + value: connector + - name: MYSQL_ROOT_HOST + value: "%" + - name: MYSQL_PASSWORD + value: {{ .Values.passwordDB }} + - name: MYSQL_ROOT_PASSWORD + value: {{ .Values.passwordDB }} + resources: + limits: + cpu: "2000m" + memory: "2Gi" + requests: + cpu: "1000m" + memory: "2Gi" + volumeMounts: + - name: data + mountPath: /var/lib/mysql + ports: + - containerPort: 3306 + name: db + + volumeClaimTemplates: + - metadata: + name: data + spec: + storageClassName: {{ .Values.storageClassName }} + accessModes: + - ReadWriteOnce + resources: + requests: + storage: "16Gi" diff --git a/deploy/docker/helm/src/main/chart/values.yaml b/deploy/docker/helm/src/main/chart/values.yaml new file mode 100644 index 0000000..fc51710 --- /dev/null +++ b/deploy/docker/helm/src/main/chart/values.yaml @@ -0,0 +1,3 @@ +baseUrl: +storageClassName: +version: maven-fixes-7-0 From a8d058e786d3d6fcb9e95b16b5f892de5c579f5e Mon Sep 17 00:00:00 2001 From: Torsten Simon Date: Wed, 26 Apr 2023 10:34:02 +0200 Subject: [PATCH 2/4] fix:wrong mount path --- docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index 644ee43..2cca4ed 100755 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -23,7 +23,7 @@ services: DATABASE_USER: connector DATABASE_PASSWORD: connector volumes: - - services-edu-connector-data:/var/www/html/data + - services-edu-connector-data:/var/data depends_on: - services-edu-connector-database networks: From a71bb039f9a77f643c3c048cc347908fbf747e65 Mon Sep 17 00:00:00 2001 From: Torsten Simon Date: Wed, 26 Apr 2023 10:34:17 +0200 Subject: [PATCH 3/4] update helm --- deploy/docker/helm/src/main/chart/Readme.md | 2 +- .../helm/src/main/chart/templates/ingress.yml | 2 +- .../chart/templates/persistentvolumeclaim.yml | 13 +++++ .../helm/src/main/chart/templates/service.yml | 4 +- .../src/main/chart/templates/statefulset.yml | 47 +++++++++---------- deploy/docker/helm/src/main/chart/values.yaml | 3 +- 6 files changed, 40 insertions(+), 31 deletions(-) create mode 100644 deploy/docker/helm/src/main/chart/templates/persistentvolumeclaim.yml diff --git a/deploy/docker/helm/src/main/chart/Readme.md b/deploy/docker/helm/src/main/chart/Readme.md index 452f506..2f4c3c0 100644 --- a/deploy/docker/helm/src/main/chart/Readme.md +++ b/deploy/docker/helm/src/main/chart/Readme.md @@ -1,7 +1,7 @@ Usage: Install via ```bash -helm upgrade --install connector . --set baseUrl=example.repo.org --set storageClassName=storage-class --set passwordDB=example +helm upgrade --install connector . --set baseUrl=example.repo.org --set storageClassName=storage-class --set clusterIssuer=letsencrypt --set passwordDB=example ``` View logs of Container `edu-sharing-connector-0` and check for an output like diff --git a/deploy/docker/helm/src/main/chart/templates/ingress.yml b/deploy/docker/helm/src/main/chart/templates/ingress.yml index d649588..c40fab5 100644 --- a/deploy/docker/helm/src/main/chart/templates/ingress.yml +++ b/deploy/docker/helm/src/main/chart/templates/ingress.yml @@ -4,7 +4,7 @@ annotations: metadata: name: edu-sharing-connector-ingress annotations: - cert-manager.io/cluster-issuer: letsencrypt + cert-manager.io/cluster-issuer: {{ .Values.clusterIssuer }} spec: tls: - hosts: diff --git a/deploy/docker/helm/src/main/chart/templates/persistentvolumeclaim.yml b/deploy/docker/helm/src/main/chart/templates/persistentvolumeclaim.yml new file mode 100644 index 0000000..37cc199 --- /dev/null +++ b/deploy/docker/helm/src/main/chart/templates/persistentvolumeclaim.yml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: edu-sharing-services-connector-data + annotations: + "helm.sh/resource-policy": keep +spec: + storageClassName: {{ .Values.storageClassName }} + accessModes: + - ReadWriteMany + resources: + requests: + storage: "30Gi" \ No newline at end of file diff --git a/deploy/docker/helm/src/main/chart/templates/service.yml b/deploy/docker/helm/src/main/chart/templates/service.yml index 12acf53..9ef03b4 100644 --- a/deploy/docker/helm/src/main/chart/templates/service.yml +++ b/deploy/docker/helm/src/main/chart/templates/service.yml @@ -7,7 +7,7 @@ spec: app: edu-sharing-connector ports: - port: 80 - name: api + name: http-api targetPort: api --- @@ -21,5 +21,5 @@ spec: app: edu-sharing-connector-db ports: - port: 3306 - name: db + name: tcp-db targetPort: db diff --git a/deploy/docker/helm/src/main/chart/templates/statefulset.yml b/deploy/docker/helm/src/main/chart/templates/statefulset.yml index 741e42b..c3eaf49 100644 --- a/deploy/docker/helm/src/main/chart/templates/statefulset.yml +++ b/deploy/docker/helm/src/main/chart/templates/statefulset.yml @@ -13,24 +13,26 @@ spec: labels: app: edu-sharing-connector spec: - imagePullSecrets: - - name: registry-oeh containers: - name: edu-sharing-connector - image: docker.edu-sharing.com/projects/community/edu_sharing-projects-community-deploy-docker-services-connector:{{ .Values.version }} + image: docker.edu-sharing.com/community/edu_sharing-community-services-edu-connector-service:{{ .Values.version }} imagePullPolicy: Always env: - - name: WWWURL - value: "https://connector.services.{{ .Values.baseUrl }}" - - name: DBHOST + - name: HOST_EXTERNAL + value: "connector.services.{{ .Values.baseUrl }}" + - name: PROT_EXTERNAL + value: "https" + - name: PORT_EXTERNAL + value: "443" + - name: DATABASE_HOST value: edu-sharing-connector-db - - name: DBPORT + - name: DATABASE_PORT value: "3306" - - name: DBUSER + - name: DATABASE_USER value: "connector" - - name: DBNAME + - name: DATABASE_NAME value: "connector" - - name: DBPASSWORD + - name: DATABASE_PASSWORD value: {{ required "A valid .Values.passwordDB is required!" .Values.passwordDB }} - name: ONLYOFFICE_DOCUMENT_SERVER value: {{ .Values.onlyofficeDocumentServer | default "" }} @@ -51,29 +53,22 @@ spec: timeoutSeconds: 10 resources: limits: - cpu: "1000m" - memory: "2Gi" + cpu: "4000m" + memory: "4Gi" requests: cpu: "500m" - memory: "2Gi" + memory: "4Gi" ports: - containerPort: 80 name: api volumeMounts: - name: data - mountPath: /var/www/html/data - - volumeClaimTemplates: - - metadata: - name: data - spec: - storageClassName: {{ .Values.storageClassName }} - accessModes: - - ReadWriteMany - resources: - requests: - storage: "30Gi" - + mountPath: /var/data + volumes: + - name: data + persistentVolumeClaim: + claimName: edu-sharing-services-connector-data + --- apiVersion: apps/v1 diff --git a/deploy/docker/helm/src/main/chart/values.yaml b/deploy/docker/helm/src/main/chart/values.yaml index fc51710..05db910 100644 --- a/deploy/docker/helm/src/main/chart/values.yaml +++ b/deploy/docker/helm/src/main/chart/values.yaml @@ -1,3 +1,4 @@ baseUrl: storageClassName: -version: maven-fixes-7-0 +clusterIssuer: letsencrypt +version: maven-fixes-7.0-SNAPSHOT From 57145d1c418c2edf8f856bdd0a6c589c587badcc Mon Sep 17 00:00:00 2001 From: Torsten Simon Date: Wed, 26 Apr 2023 10:39:11 +0200 Subject: [PATCH 4/4] fix:increase max execution time to prevent h5p timeoouts --- service/Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/service/Dockerfile b/service/Dockerfile index dbf53e7..7b321ca 100755 --- a/service/Dockerfile +++ b/service/Dockerfile @@ -23,6 +23,7 @@ RUN set -eux \ && apt-get install -yqq wait-for-it libzip-dev curl xmlstarlet jq nano \ && a2enmod rewrite \ && ln -s $PHP_INI_DIR/php.ini-production $PHP_INI_DIR/php.ini \ + && sed -i 's/max_execution_time = 30/max_execution_time = 120/g' $PHP_INI_DIR/php.ini \ && docker-php-ext-install pdo pdo_mysql zip \ && apt-get clean \ && rm -r /var/lib/apt/lists/*