diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml new file mode 100644 index 0000000..5e28bec --- /dev/null +++ b/.github/workflows/release.yaml @@ -0,0 +1,68 @@ +name: Release Charts + +on: + push: + branches: + - release + +jobs: + release: + # depending on default permission settings for your org (contents being read-only or read-write for workloads), you will have to add permissions + # see: https://docs.github.com/en/actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token + permissions: + contents: write + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + fetch-depth: 0 + + - name: Configure Git + run: | + git config user.name "$GITHUB_ACTOR" + git config user.email "$GITHUB_ACTOR@users.noreply.github.com" + + - name: Install Helm + uses: azure/setup-helm@v3 + + - name: Run chart-releaser + uses: helm/chart-releaser-action@v1.6.0 + with: + charts_dir: charts + pages_branch: release + env: + CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + copy-index: + needs: release + if: needs.release.result == 'success' + permissions: + contents: write + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + fetch-depth: 0 + + - name: Move Updated File + run: | + cp index.yaml build/ + + - name: Configure Git + run: | + git config --local user.name "github-actions[bot]" + git config --local user.email "github-actions[bot]@users.noreply.github.com" + + - name: Commit and Push Changes + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + git pull || true + git add build/index.yaml + if git diff --cached --exit-code; then + echo "No changes to commit." + else + git commit -m "Update index.yaml in build" + git push + fi \ No newline at end of file diff --git a/build/README.md b/build/README.md new file mode 100644 index 0000000..d8d9e1d --- /dev/null +++ b/build/README.md @@ -0,0 +1,19 @@ +# Readme +Helm charts for all the projects related to hamropatro. + +## Getting started with using Helm Charts + +In this repo you can find the Helm Charts related to hamropatro services. + +```sh +> helm repo add hamropatro https://hamropatro.github.io/helm-charts +> helm repo update + +> helm repo list +NAME URL +hamropatro http://hamropatro.github.io/helm-charts + +> helm install my-service hamropatro/web-service +``` +## Copyright +Smart Ideas Pvt. Ltd. \ No newline at end of file diff --git a/build/index.yaml b/build/index.yaml new file mode 100644 index 0000000..b7a2ec8 --- /dev/null +++ b/build/index.yaml @@ -0,0 +1,286 @@ +apiVersion: v1 +entries: + coturn: + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-14T11:07:41.699119206Z" + description: A Helm chart for Kubernetes + digest: 79b9b3b390cf6019b81f21a11ee1fbba103e64cd7fdcab94b84edf8ea4c2bb6c + name: coturn + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/coturn-0.3.1/coturn-0.3.1.tgz + version: 0.3.1 + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-14T09:28:33.873017515Z" + description: A Helm chart for Kubernetes + digest: e8c87b014afd4b97d2b1d5b1ef27fbca83a2392ee03d3e5e4f5934795d626325 + name: coturn + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/coturn-0.3.0/coturn-0.3.0.tgz + version: 0.3.0 + ecommerce-web: + - apiVersion: v2 + appVersion: "2021-05-04" + created: "2024-11-14T09:28:33.993363709Z" + description: A Helm chart for Kubernetes + digest: a3c017bb1710b03df07e254fb7d0f1ab48c9995844d239885d950c683fccb588 + name: ecommerce-web + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/ecommerce-web-0.3.0/ecommerce-web-0.3.0.tgz + version: 0.3.0 + grpc-service: + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-12-16T08:46:57.136124692Z" + description: A Helm chart for Kubernetes + digest: 6fdae3f8992416589b07ab17300f91e4a266f0030c4ebd406cdc619f0f827976 + name: grpc-service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/grpc-service-0.3.4/grpc-service-0.3.4.tgz + version: 0.3.4 + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-12-13T10:51:19.152080822Z" + description: A Helm chart for Kubernetes + digest: e8687feeebd6fe1a19213c5cc13ebc9d85c86311bbdf81912376a57db0aca409 + name: grpc-service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/grpc-service-0.3.3/grpc-service-0.3.3.tgz + version: 0.3.3 + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-12-13T09:30:20.990877385Z" + description: A Helm chart for Kubernetes + digest: 099a7eadc9ff321b25da5096ba2809f14d41a6100e895fb8b22c5902623e6dda + name: grpc-service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/grpc-service-0.3.2/grpc-service-0.3.2.tgz + version: 0.3.2 + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-22T05:12:42.336624823Z" + description: A Helm chart for Kubernetes + digest: 4280294b61f665d2ef9035b8725d2ac450c6f68e0b47ec9158e8426f5c40774d + name: grpc-service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/grpc-service-0.3.1/grpc-service-0.3.1.tgz + version: 0.3.1 + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-14T09:28:34.156161289Z" + description: A Helm chart for Kubernetes + digest: 9778bc4d8bbcf706e477a340ed0ea225f9b7ff4328a0a5b5db88cb27db35195e + name: grpc-service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/grpc-service-0.3.0/grpc-service-0.3.0.tgz + version: 0.3.0 + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-14T09:22:17.772249162Z" + description: A Helm chart for Kubernetes + digest: 09cb11af94c331c8ec29994b05337c9e676d1eca791317e1e9dc753615b575f8 + name: grpc-service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/grpc-service-0.2.0/grpc-service-0.2.0.tgz + version: 0.2.0 + micronaut-service: + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-14T09:28:34.267542785Z" + description: A Helm chart for Kubernetes + digest: 59dd238d30b7c3faba6afadee0ea921c904bb9c2e1e66bedff9e046409561d62 + name: micronaut-service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/micronaut-service-0.3.0/micronaut-service-0.3.0.tgz + version: 0.3.0 + msg-service: + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-14T09:28:34.379241543Z" + description: A Helm chart for Kubernetes + digest: 37b44c03aea9af10f92248d447cc17260f9ab379fd3dc2af18c3bca6f946831c + name: msg-service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/msg-service-0.3.0/msg-service-0.3.0.tgz + version: 0.3.0 + parewa-api: + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-14T09:28:34.508585189Z" + description: A Helm chart for Kubernetes + digest: fa231b2e5c629002da3bc564b537389573ead6eb35adf128f8642e2f6a3adc11 + name: parewa-api + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/parewa-api-0.3.0/parewa-api-0.3.0.tgz + version: 0.3.0 + quarkus-service: + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-14T09:28:34.635714352Z" + description: A Helm chart for Kubernetes + digest: da65c9f219ad5bfe0c755273833716e3fc1c717f006efd1f2b6522d3bdf80e20 + name: quarkus-service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/quarkus-service-0.3.0/quarkus-service-0.3.0.tgz + version: 0.3.0 + service: + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-12-16T08:46:57.230600511Z" + description: A Helm chart for Kubernetes + digest: fc366650efa216c25191fcfa79ea18cb29799187d18d3fda8b012d58e927dea8 + name: service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/service-0.3.6/service-0.3.6.tgz + version: 0.3.6 + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-12-13T10:51:19.255961883Z" + description: A Helm chart for Kubernetes + digest: 344948b962744c521f59304b75bdefc7685ef6d31cba2b2cfdcbc862baf57708 + name: service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/service-0.3.5/service-0.3.5.tgz + version: 0.3.5 + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-12-13T09:18:40.476433015Z" + description: A Helm chart for Kubernetes + digest: cbba5dd470b36bcf9d3a04eb778d2f540c3423bfaba20dfb1adcf0e3437f9899 + name: service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/service-0.3.4/service-0.3.4.tgz + version: 0.3.4 + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-22T05:12:42.567406801Z" + description: A Helm chart for Kubernetes + digest: 8c521cdfb7b6355a432d31b053adc4632a5d22b4ae9a7cd2cbd50a37e78ac7d2 + name: service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/service-0.3.3/service-0.3.3.tgz + version: 0.3.3 + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-14T10:19:20.266465027Z" + description: A Helm chart for Kubernetes + digest: d6b866f3ec7bab975018525daec24174447a0ece7be4bb20e43487b1e47382f3 + name: service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/service-0.3.2/service-0.3.2.tgz + version: 0.3.2 + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-14T10:04:41.23497082Z" + description: A Helm chart for Kubernetes + digest: 838fe2ecc8f964823e6955632c51b29092612b2037b8e020c7c765efeccca695 + name: service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/service-0.3.1/service-0.3.1.tgz + version: 0.3.1 + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-14T09:28:34.754468243Z" + description: A Helm chart for Kubernetes + digest: b8a956264622858143270dbe2d7f603c8fcd1a428013faaa0e2b3ca40e1a7f62 + name: service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/service-0.3.0/service-0.3.0.tgz + version: 0.3.0 + squid: + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-14T09:28:34.84724996Z" + description: A Helm chart for Kubernetes + digest: 4bb161a3411179df6ebee0da5f6c70c2a98e313ab25c312b2ed8cc5c339d5e3c + name: squid + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/squid-0.3.0/squid-0.3.0.tgz + version: 0.3.0 + trino: + - apiVersion: v2 + appVersion: "375" + created: "2024-11-14T09:28:34.965084802Z" + description: Fast distributed SQL query engine for big data analytics that helps + you explore your data universe + digest: a27614a88bce6c4a2871c33d29ffc28b32ad00e108198d7b4810c8678d50ba3e + name: trino + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/trino-0.3.0/trino-0.3.0.tgz + version: 0.3.0 + tusd: + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-14T09:28:35.087460182Z" + description: A Helm chart for Kubernetes + digest: d128420bc7e4ba1b5d5931807f015caab928b1632d8160e5d925e0081079546d + name: tusd + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/tusd-0.3.0/tusd-0.3.0.tgz + version: 0.3.0 + web-service: + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-12-16T08:37:22.426251695Z" + description: A Helm chart for Kubernetes + digest: 6f720eaa5dfac0b856b2d897f9ac30c0745a6aecf75cae1091c72d044f67faca + name: web-service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/web-service-0.3.3/web-service-0.3.3.tgz + version: 0.3.3 + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-12-13T10:51:19.41383103Z" + description: A Helm chart for Kubernetes + digest: 57aa2ede460fa81e957c59ae7296d9a6419c7e2afb766353dea94878a36213da + name: web-service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/web-service-0.3.2/web-service-0.3.2.tgz + version: 0.3.2 + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-12-13T08:45:54.815256622Z" + description: A Helm chart for Kubernetes + digest: ae4ed0d58cff32a9aa7c8e95ac7412b1549ed37e884de7206b20b5930a2b5e9d + name: web-service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/web-service-0.3.1/web-service-0.3.1.tgz + version: 0.3.1 + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-14T09:28:35.223058908Z" + description: A Helm chart for Kubernetes + digest: 6c6887327334c8634f3af88a603173ac0469bc16f3147410b64eb7264b3b7a12 + name: web-service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/web-service-0.3.0/web-service-0.3.0.tgz + version: 0.3.0 +generated: "2024-12-16T08:46:57.23066409Z" diff --git a/charts/coturn/.helmignore b/charts/coturn/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/charts/coturn/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/coturn/Chart.yaml b/charts/coturn/Chart.yaml new file mode 100644 index 0000000..fbbf87f --- /dev/null +++ b/charts/coturn/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: coturn +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.3.1 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/charts/coturn/templates/NOTES.txt b/charts/coturn/templates/NOTES.txt new file mode 100644 index 0000000..28e7ba0 --- /dev/null +++ b/charts/coturn/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "coturn.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "coturn.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "coturn.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "coturn.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/charts/coturn/templates/_helpers.tpl b/charts/coturn/templates/_helpers.tpl new file mode 100644 index 0000000..2e83cfa --- /dev/null +++ b/charts/coturn/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "coturn.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "coturn.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "coturn.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "coturn.labels" -}} +helm.sh/chart: {{ include "coturn.chart" . }} +{{ include "coturn.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "coturn.selectorLabels" -}} +app.kubernetes.io/name: {{ include "coturn.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "coturn.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "coturn.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/charts/coturn/templates/config.yaml b/charts/coturn/templates/config.yaml new file mode 100644 index 0000000..bf7b2b4 --- /dev/null +++ b/charts/coturn/templates/config.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "coturn.fullname" . }}-coturn-config + labels: + {{- include "coturn.labels" . | nindent 4 }} +data: + turnserver.conf: {{.Values.config | b64enc}} diff --git a/charts/coturn/templates/deployment.yaml b/charts/coturn/templates/deployment.yaml new file mode 100644 index 0000000..8b02b41 --- /dev/null +++ b/charts/coturn/templates/deployment.yaml @@ -0,0 +1,87 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "coturn.fullname" . }} + labels: + {{- include "coturn.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "coturn.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "coturn.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "coturn.serviceAccountName" . }} + securityContext: + runAsUser: 1000 + runAsGroup: 1000 + containers: + - name: "coturn" + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- with .Values.args }} + args: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.command }} + args: + {{- toYaml . | nindent 12 }} + {{- end }} + ports: + - name: turn-udp + containerPort: 3478 + protocol: UDP + - name: turn-tcp + containerPort: 3478 + protocol: TCP + - name: tcp-proxy + containerPort: 5555 + protocol: TCP + volumeMounts: + - name: coturn-config + mountPath: /etc/turnserver.conf + subPath: turnserver.conf + readOnly: true + - name: var-tmp + mountPath: /var/tmp + securityContext: + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + {{- with .Values.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + volumes: + - name: coturn-config + secret: + secretName: {{ include "coturn.fullname" . }}-coturn-config + - name: var-tmp + emptyDir: {} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/coturn/templates/hpa.yaml b/charts/coturn/templates/hpa.yaml new file mode 100644 index 0000000..3066f10 --- /dev/null +++ b/charts/coturn/templates/hpa.yaml @@ -0,0 +1,28 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2beta1 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "coturn.fullname" . }} + labels: + {{- include "coturn.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "coturn.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/charts/coturn/templates/ingress.yaml b/charts/coturn/templates/ingress.yaml new file mode 100644 index 0000000..8526298 --- /dev/null +++ b/charts/coturn/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "coturn.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "coturn.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/coturn/templates/service.yaml b/charts/coturn/templates/service.yaml new file mode 100644 index 0000000..afb6307 --- /dev/null +++ b/charts/coturn/templates/service.yaml @@ -0,0 +1,41 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "coturn.fullname" . }}-tcp + annotations: + metallb.universe.tf/allow-shared-ip: {{ include "coturn.fullname" . }}-controller + labels: + {{- include "coturn.labels" . | nindent 4 }} +spec: + type: LoadBalancer + ports: + - port: 3478 + targetPort: turn-tcp + protocol: TCP + name: turn-tcp + - name: tcp-proxy + targetPort: tcp-proxy + port: 5555 + protocol: TCP + selector: + {{- include "coturn.selectorLabels" . | nindent 4 }} + +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "coturn.fullname" . }}-udp + annotations: + metallb.universe.tf/allow-shared-ip: {{ include "coturn.fullname" . }}-controller + labels: + {{- include "coturn.labels" . | nindent 4 }} +spec: + type: LoadBalancer + ports: + - port: 3478 + targetPort: turn-udp + protocol: UDP + name: turn-udp + selector: + {{- include "coturn.selectorLabels" . | nindent 4 }} + diff --git a/charts/coturn/templates/serviceaccount.yaml b/charts/coturn/templates/serviceaccount.yaml new file mode 100644 index 0000000..0336993 --- /dev/null +++ b/charts/coturn/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "coturn.serviceAccountName" . }} + labels: + {{- include "coturn.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/coturn/templates/tests/test-connection.yaml b/charts/coturn/templates/tests/test-connection.yaml new file mode 100644 index 0000000..a85c5b3 --- /dev/null +++ b/charts/coturn/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "coturn.fullname" . }}-test-connection" + labels: + {{- include "coturn.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "coturn.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/charts/coturn/values.yaml b/charts/coturn/values.yaml new file mode 100644 index 0000000..302d65f --- /dev/null +++ b/charts/coturn/values.yaml @@ -0,0 +1,122 @@ +# Default values for coturn. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: "instrumentisto/coturn" + tag: "4.5.1.3" + pullPolicy: IfNotPresent + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" +args: [ "-c", "/etc/turnserver.conf" ] +command: [] +podAnnotations: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: LoadBalancer + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128M + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {} + +# Coturn specific labels +config: | + realm=hamropatro.com + server-name=turnserver + + # Use fingerprint in TURN message + fingerprint + + # IPs the TURN server listens to + listening-ip=0.0.0.0 + + # External IP-Address of the TURN server + external-ip=172.106.162.165 + # Main listening port + listening-port=3478 + + # Further ports that are open for communication + min-port=10000 + max-port=20000 + + # Log file path + log-file=/var/log/turnserver.log + + # Enable verbose logging + verbose + + # Specify the user for the TURN authentification + user=test:test123 + + # Enable long-term credential mechanism + lt-cred-mech + + # If running coturn version older than 4.5.2, uncomment these rules and ensure + # that you have listening-ip set to ipv4 addresses only. + # Prevent Loopback bypass https://github.com/coturn/coturn/security/advisories/GHSA-6g6j-r9rf-cm7p + #denied-peer-ip=0.0.0.0-0.255.255.255 + #denied-peer-ip=127.0.0.0-127.255.255.255 + #denied-peer-ip=::1 + + diff --git a/charts/ecommerce-web/.helmignore b/charts/ecommerce-web/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/charts/ecommerce-web/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/ecommerce-web/Chart.yaml b/charts/ecommerce-web/Chart.yaml new file mode 100644 index 0000000..5d3d9e4 --- /dev/null +++ b/charts/ecommerce-web/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: ecommerce-web +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.3.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "2021-05-04" diff --git a/charts/ecommerce-web/templates/NOTES.txt b/charts/ecommerce-web/templates/NOTES.txt new file mode 100644 index 0000000..d1e9ecb --- /dev/null +++ b/charts/ecommerce-web/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ecommerce-web.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ecommerce-web.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ecommerce-web.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ecommerce-web.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/charts/ecommerce-web/templates/_helpers.tpl b/charts/ecommerce-web/templates/_helpers.tpl new file mode 100644 index 0000000..b80ebc9 --- /dev/null +++ b/charts/ecommerce-web/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ecommerce-web.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ecommerce-web.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ecommerce-web.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ecommerce-web.labels" -}} +helm.sh/chart: {{ include "ecommerce-web.chart" . }} +{{ include "ecommerce-web.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ecommerce-web.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ecommerce-web.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ecommerce-web.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ecommerce-web.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/charts/ecommerce-web/templates/configmap.yaml b/charts/ecommerce-web/templates/configmap.yaml new file mode 100644 index 0000000..6998378 --- /dev/null +++ b/charts/ecommerce-web/templates/configmap.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "ecommerce-web.fullname" . }} +data: + service-account: |- +{{ .Values.firebase.service_account | indent 8}} \ No newline at end of file diff --git a/charts/ecommerce-web/templates/deployment.yaml b/charts/ecommerce-web/templates/deployment.yaml new file mode 100644 index 0000000..b5e3f24 --- /dev/null +++ b/charts/ecommerce-web/templates/deployment.yaml @@ -0,0 +1,92 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "ecommerce-web.fullname" . }} + labels: + {{- include "ecommerce-web.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "ecommerce-web.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "ecommerce-web.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "ecommerce-web.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- with .Values.args }} + args: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.command }} + args: + {{- toYaml . | nindent 12 }} + {{- end }} + env: + - name: PORT + value: "80" + - name: SESSION_MAX_AGE_MS + value: "2592000000" + {{- if .Values.firebase.enabled }} + - name: GOOGLE_APPLICATION_CREDENTIALS + value: "/config/service-account" + - name: FIREBASE_DATABASE_URL + value: "{{ .Values.firebase.database_url }}" + {{- end }} + {{- range $key, $value := .Values.env }} + - name: {{ $key}} + value: {{ $value | quote}} + {{- end }} + ports: + - name: http + containerPort: 80 + protocol: TCP + volumeMounts: + - mountPath: /config + name: firebase + livenessProbe: + httpGet: + path: / + port: http + readinessProbe: + httpGet: + path: / + port: http + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + + volumes: + - name: firebase + configMap: + name: {{ include "ecommerce-web.fullname" . }} \ No newline at end of file diff --git a/charts/ecommerce-web/templates/hpa.yaml b/charts/ecommerce-web/templates/hpa.yaml new file mode 100644 index 0000000..8c00ff0 --- /dev/null +++ b/charts/ecommerce-web/templates/hpa.yaml @@ -0,0 +1,28 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2beta1 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "ecommerce-web.fullname" . }} + labels: + {{- include "ecommerce-web.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "ecommerce-web.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/charts/ecommerce-web/templates/ingress.yaml b/charts/ecommerce-web/templates/ingress.yaml new file mode 100644 index 0000000..0e76a5e --- /dev/null +++ b/charts/ecommerce-web/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "ecommerce-web.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "ecommerce-web.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/ecommerce-web/templates/service.yaml b/charts/ecommerce-web/templates/service.yaml new file mode 100644 index 0000000..3ac5d97 --- /dev/null +++ b/charts/ecommerce-web/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "ecommerce-web.fullname" . }} + labels: + {{- include "ecommerce-web.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "ecommerce-web.selectorLabels" . | nindent 4 }} diff --git a/charts/ecommerce-web/templates/serviceaccount.yaml b/charts/ecommerce-web/templates/serviceaccount.yaml new file mode 100644 index 0000000..baf0757 --- /dev/null +++ b/charts/ecommerce-web/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ecommerce-web.serviceAccountName" . }} + labels: + {{- include "ecommerce-web.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/ecommerce-web/templates/tests/test-connection.yaml b/charts/ecommerce-web/templates/tests/test-connection.yaml new file mode 100644 index 0000000..c5a72f1 --- /dev/null +++ b/charts/ecommerce-web/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "ecommerce-web.fullname" . }}-test-connection" + labels: + {{- include "ecommerce-web.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "ecommerce-web.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/charts/ecommerce-web/values.yaml b/charts/ecommerce-web/values.yaml new file mode 100644 index 0000000..fc52f62 --- /dev/null +++ b/charts/ecommerce-web/values.yaml @@ -0,0 +1,105 @@ + +## Configurations + +hostname: example.com +hydra: + public_endpoint: https://example.com + admin_endpoint: https://example.com +session: + secret: "" +ouath2: + client_id: web-client + client_secret: client-secret + +reaction: + api_url: "https://example.com" + +firebase: + enabled: false + database_url: https://firebase-test.firebaseio.com + service_account: "" + +env: + +args: [] +command: [] +# Default values for ecommerce-web. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: hamropatrorepo/gift-web + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "dev" + +imagePullSecrets: + - name: regcred +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 80 + +ingress: + enabled: false + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: [] + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + # targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/charts/grpc-service/.helmignore b/charts/grpc-service/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/charts/grpc-service/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/grpc-service/Chart.yaml b/charts/grpc-service/Chart.yaml new file mode 100644 index 0000000..97014a2 --- /dev/null +++ b/charts/grpc-service/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: grpc-service +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.3.4 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/charts/grpc-service/templates/NOTES.txt b/charts/grpc-service/templates/NOTES.txt new file mode 100644 index 0000000..3b7efe1 --- /dev/null +++ b/charts/grpc-service/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "grpc-service.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "grpc-service.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "grpc-service.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "grpc-service.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/charts/grpc-service/templates/_helpers.tpl b/charts/grpc-service/templates/_helpers.tpl new file mode 100644 index 0000000..20b3779 --- /dev/null +++ b/charts/grpc-service/templates/_helpers.tpl @@ -0,0 +1,84 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "grpc-service.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "grpc-service.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "grpc-service.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "grpc-service.labels" -}} +helm.sh/chart: {{ include "grpc-service.chart" . }} +{{ include "grpc-service.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "grpc-service.selectorLabels" -}} +app.kubernetes.io/name: {{ include "grpc-service.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "grpc-service.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "grpc-service.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +Create the name of the service port to use +*/}} +{{- define "grpc-service.portName" -}} +{{- if .Values.tls.enabled }} +{{- printf "%s" "grpcs" }} +{{- else }} +{{- printf "%s" "grpc" }} +{{- end }} +{{- end }} + +{{/* +Create the name of the service port to use +*/}} +{{- define "grpc-service.appProtocol" -}} +{{- if .Values.tls.enabled }} +{{- printf "%s" "https" }} +{{- else }} +{{- printf "%s" "http" }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/grpc-service/templates/deployment.yaml b/charts/grpc-service/templates/deployment.yaml new file mode 100644 index 0000000..8bc9385 --- /dev/null +++ b/charts/grpc-service/templates/deployment.yaml @@ -0,0 +1,185 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "grpc-service.fullname" . }} + annotations: + {{- if .Values.grpcs.enabled }} + secret.reloader.stakater.com/reload: "{{ .Values.grpcs.tlsSecret }}" + {{- end }} + {{- if .Values.grpc.enabled }} + appProtocol.grpc: "true" + {{- end }} + {{- if .Values.grpcs.enabled }} + appProtocol.grpcs: "true" + {{- end }} + {{- if .Values.http.enabled }} + appProtocol.http: "true" + {{- end }} + {{- if .Values.metric.enabled }} + appProtocol.metric: "true" + {{- end }} + {{- with .Values.deploymentAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "grpc-service.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "grpc-service.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + {{- with .Values.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + checksum/secret: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }} + labels: + {{- include "grpc-service.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "grpc-service.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + {{- if .Values.grpcs.enabled }} + initContainers: + - name: init-tls + image: docker.io/nginx + imagePullPolicy: IfNotPresent + command: + - "bash" + args: + - -c + - "openssl pkcs8 -in /tls/tls.key -topk8 -out /config/tls.pkcs8 -nocrypt && cp /tls/tls.crt /config/tls.crt" + volumeMounts: + - name: config + mountPath: /config + - name: secret + mountPath: /tls + readOnly: true + {{- end }} + containers: + - name: "service" + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- with .Values.args }} + args: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.command }} + args: + {{- toYaml . | nindent 12 }} + {{- end }} + env: + {{- range $key, $value := .Values.env }} + - name: {{ $key}} + value: {{ $value | quote}} + {{- end }} + {{- range $key, $value := .Values.secretenv }} + - name: {{ $key }} + valueFrom: + secretKeyRef: + name: {{ $.Release.Name }}-secrets + key: {{ $key }} + {{- end }} + {{- if .Values.grpcs.enabled }} + - name: TLS_ENABLED + value: "true" + - name: TLS_CERT + value: /config/tls.crt + - name: TLS_KEY + value: /config/tls.pkcs8 + {{- end }} + ports: + {{- if .Values.http.enabled }} + - protocol: TCP + name: http + containerPort: {{ .Values.http.port }} + {{- end }} + {{- if .Values.grpc.enabled }} + - protocol: TCP + name: grpc + containerPort: {{ .Values.grpc.port }} + {{- end }} + {{- if .Values.grpcs.enabled }} + - protocol: TCP + name: grpcs + containerPort: {{ .Values.grpcs.port }} + {{- end }} + {{- if .Values.metric.enabled }} + - protocol: TCP + name: metric + containerPort: {{ .Values.metric.port }} + {{- end }} + volumeMounts: + - name: config + mountPath: /config + readOnly: true + {{- with .Values.volumeMounts }} + {{- toYaml . | nindent 12 }} + {{- end}} + {{- if .Values.liveness.enabled }} + livenessProbe: + {{- with .Values.liveness.command }} + exec: + command: + {{- toYaml . | nindent 16 }} + {{- end }} + {{- if .Values.liveness.path }} + httpGet: + path: {{ .Values.liveness.path }} + port: {{ .Values.http.port }} + {{- end }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} + {{- end }} + {{- if .Values.readiness.enabled }} + readinessProbe: + {{- with .Values.readiness.command }} + exec: + command: + {{- toYaml . | nindent 16 }} + {{- end }} + {{- if .Values.readiness.path }} + httpGet: + path: {{ .Values.readiness.path }} + port: {{ .Values.http.port }} + {{- end }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} + {{- end }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + volumes: + - name: config + emptyDir: {} + {{- if .Values.grpcs.enabled }} + - name: secret + secret: + secretName: {{ .Values.grpcs.tlsSecret }} + {{- end }} + {{- with .Values.volumes }} + {{- toYaml . | nindent 8 }} + {{- end}} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/grpc-service/templates/grpcRoute.yaml b/charts/grpc-service/templates/grpcRoute.yaml new file mode 100644 index 0000000..a464a80 --- /dev/null +++ b/charts/grpc-service/templates/grpcRoute.yaml @@ -0,0 +1,34 @@ +{{- if .Values.grpcRoute.enabled -}} +apiVersion: gateway.networking.k8s.io/v1 +kind: GRPCRoute +metadata: + name: {{ include "grpc-service.fullname" . }} + labels: + {{- include "grpc-service.labels" . | nindent 4 }} +spec: + parentRefs: + {{- range .Values.grpcRoute.parentRefs }} + - name: {{ .name }} + kind: {{ .kind }} + {{- if .namespace }} + namespace: {{ .namespace }} + {{- end }} + {{- end }} + + hostnames: + {{- range .Values.grpcRoute.hostnames }} + - "{{ . }}" + {{- end }} + + rules: + {{- range .Values.grpcRoute.rules }} + - backendRefs: + {{- range .backendRefs }} + - group: {{ .group }} + kind: {{ .kind }} + name: {{ .name }} + port: {{ .port }} + weight: {{ .weight | default 1 }} + {{- end }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/grpc-service/templates/hpa.yaml b/charts/grpc-service/templates/hpa.yaml new file mode 100644 index 0000000..f9caec0 --- /dev/null +++ b/charts/grpc-service/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "grpc-service.fullname" . }} + labels: + {{- include "grpc-service.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "grpc-service.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/charts/grpc-service/templates/httpRoute.yaml b/charts/grpc-service/templates/httpRoute.yaml new file mode 100644 index 0000000..19d1501 --- /dev/null +++ b/charts/grpc-service/templates/httpRoute.yaml @@ -0,0 +1,40 @@ +{{- if .Values.httpRoute.enabled -}} +apiVersion: gateway.networking.k8s.io/v1 +kind: HTTPRoute +metadata: + name: {{ include "grpc-service.fullname" . }} + labels: + {{- include "grpc-service.labels" . | nindent 4 }} +spec: + parentRefs: + {{- range .Values.httpRoute.parentRefs }} + - name: {{ .name }} + kind: {{ .kind }} + {{- if .namespace }} + namespace: {{ .namespace }} + {{- end }} + {{- end }} + + hostnames: + {{- range .Values.httpRoute.hostnames }} + - "{{ . }}" + {{- end }} + + rules: + {{- range .Values.httpRoute.rules }} + - backendRefs: + {{- range .backendRefs }} + - group: {{ .group }} + kind: {{ .kind }} + name: {{ .name }} + port: {{ .port }} + weight: {{ .weight | default 1 }} + {{- end }} + matches: + {{- range .matches }} + - path: + type: {{ .path.type }} + value: {{ .path.value }} + {{- end }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/grpc-service/templates/ingress.yaml b/charts/grpc-service/templates/ingress.yaml new file mode 100644 index 0000000..a334f01 --- /dev/null +++ b/charts/grpc-service/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "grpc-service.fullname" . -}} +{{- $svcPort := .Values.http.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "grpc-service.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/grpc-service/templates/secrets.yaml b/charts/grpc-service/templates/secrets.yaml new file mode 100644 index 0000000..32ebe85 --- /dev/null +++ b/charts/grpc-service/templates/secrets.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Release.Name }}-secrets +type: Opaque +data: + {{- range $key, $value := .Values.secretenv }} + {{ $key | quote }}: {{ $value | toString | b64enc | quote }} + {{- end }} \ No newline at end of file diff --git a/charts/grpc-service/templates/securityPolicy.yaml b/charts/grpc-service/templates/securityPolicy.yaml new file mode 100644 index 0000000..eb1cf71 --- /dev/null +++ b/charts/grpc-service/templates/securityPolicy.yaml @@ -0,0 +1,27 @@ +{{- if and .Values.grpcRoute.enabled .Values.securityPolicy.enabled -}} +apiVersion: gateway.envoyproxy.io/v1alpha1 +kind: SecurityPolicy +metadata: + name: {{ include "grpc-service.fullname" . }} + {{- with .Values.securityPolicy.metadata.labels }} + labels: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- with .Values.securityPolicy.spec.targetRefs }} + targetRefs: + {{- toYaml . | nindent 4 }} + {{- else }} + targetRefs: + - group: gateway.networking.k8s.io + kind: GRPCRoute + name: {{ include "grpc-service.fullname" . }} + {{- end }} + {{- if .Values.securityPolicy.spec.cors }} + cors: + {{- toYaml .Values.securityPolicy.spec.cors | nindent 4 }} + {{- end }} + {{- with .Values.securityPolicy.spec.additionalConfig }} + {{- toYaml . | nindent 2 }} + {{- end }} +{{- end }} diff --git a/charts/grpc-service/templates/service.yaml b/charts/grpc-service/templates/service.yaml new file mode 100644 index 0000000..14a5a9f --- /dev/null +++ b/charts/grpc-service/templates/service.yaml @@ -0,0 +1,39 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "grpc-service.fullname" . }} + labels: + {{- include "grpc-service.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + {{- if .Values.http.enabled }} + - port: {{ .Values.http.port }} + protocol: TCP + targetPort: http + name: http + appProtocol: http + {{- end }} + {{- if .Values.grpc.enabled }} + - port: {{ .Values.grpc.port }} + protocol: TCP + targetPort: grpc + name: grpc + appProtocol: http + {{- end }} + {{- if .Values.grpcs.enabled }} + - port: {{ .Values.grpcs.port }} + protocol: TCP + targetPort: grpcs + name: grpcs + appProtocol: https + {{- end }} + {{- if .Values.metric.enabled }} + - port: {{ .Values.metric.port }} + protocol: TCP + targetPort: metric + name: metric + appProtocol: http + {{- end }} + selector: + {{- include "grpc-service.selectorLabels" . | nindent 4 }} diff --git a/charts/grpc-service/templates/serviceaccount.yaml b/charts/grpc-service/templates/serviceaccount.yaml new file mode 100644 index 0000000..9e04119 --- /dev/null +++ b/charts/grpc-service/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "grpc-service.serviceAccountName" . }} + labels: + {{- include "grpc-service.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/grpc-service/templates/servicemonitor.yaml b/charts/grpc-service/templates/servicemonitor.yaml new file mode 100644 index 0000000..215b479 --- /dev/null +++ b/charts/grpc-service/templates/servicemonitor.yaml @@ -0,0 +1,24 @@ +{{- if .Values.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: "{{ include "grpc-service.fullname" . }}" + labels: + app.kubernetes.io/name: {{ template "grpc-service.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + {{- if .Values.metrics.serviceMonitor.additionalLabels }} + # {{ toYaml .Values.metrics.serviceMonitor.additionalLabels | indent 4 }} + {{- end }} + namespace: {{ .Release.Namespace }} +spec: + jobLabel: "{{ include "grpc-service.fullname" . }}" + selector: + matchLabels: + {{- include "grpc-service.selectorLabels" . | nindent 6 }} + endpoints: + - port: http + interval: 10s + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} +{{- end }} \ No newline at end of file diff --git a/charts/grpc-service/templates/tests/test-connection.yaml b/charts/grpc-service/templates/tests/test-connection.yaml new file mode 100644 index 0000000..f6810c0 --- /dev/null +++ b/charts/grpc-service/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "grpc-service.fullname" . }}-test-connection" + labels: + {{- include "grpc-service.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "grpc-service.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/charts/grpc-service/templates/tlsroute.yaml b/charts/grpc-service/templates/tlsroute.yaml new file mode 100644 index 0000000..93e57d2 --- /dev/null +++ b/charts/grpc-service/templates/tlsroute.yaml @@ -0,0 +1,27 @@ +{{- if .Values.tlsroute.enabled -}} +{{- $fullName := include "grpc-service.fullname" . -}} +kind: TLSRoute +apiVersion: networking.x-k8s.io/v1alpha1 +metadata: + name: {{ $fullName }} + labels: + {{- include "grpc-service.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + gateways: + allow: All + hostnames: + rules: + - + matches: + - snis: + {{- with .Values.tlsroute.snis }} + {{- toYaml . | nindent 10 }} + {{- end }} + forwardTo: + - serviceName: {{ $fullName }} + port: {{ .Values.grpcs.port }} +{{- end }} diff --git a/charts/grpc-service/values.yaml b/charts/grpc-service/values.yaml new file mode 100644 index 0000000..8b2d390 --- /dev/null +++ b/charts/grpc-service/values.yaml @@ -0,0 +1,201 @@ +# Default values for web-service. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: nginx + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +args: [] +command: [] +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +deploymentAnnotations: [] + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 +http: + enabled: false + port: 8080 +grpc: + enabled: false + port: 50051 +metric: + enabled: false + port: 9004 +grpcs: + enabled: false + port: 50052 + tlsSecret: "" +tlsroute: + enabled: false + snis: [] +liveness: + enabled: true + path: "" + command: [] + timeoutSeconds: 1 + periodSeconds: 30 + initialDelaySeconds: 30 +readiness: + enabled: true + path: "" + command: [] + periodSeconds: 30 + initialDelaySeconds: 30 + timeoutSeconds: 1 +service: + type: ClusterIP + port: 80 + targetPort: 80 + +metrics: + serviceMonitor: + enabled: false + additionalLabel: {} +volumes: [] +volumeMounts: [] +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + # targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {} + +httpRoute: + enabled: false + parentRefs: + - name: envoygateway + kind: Gateway + namespace: default + hostnames: + - "grpc-service.example.com" + rules: + - backendRefs: + - group: "" + kind: "Service" + weight: 1 + name: grpc-service + port: 80 + matches: + - path: + type: PathPrefix + value: / + +grpcRoute: + enabled: false + parentRefs: + - name: envoygateway + kind: Gateway + namespace: default + hostnames: + - "grpc-service.example.com" + rules: + - backendRefs: + - group: "" + kind: "Service" + name: grpc-service + port: 50051 + weight: 1 + +securityPolicy: + enabled: false + metadata: {} + spec: + targetRefs: [] + cors: + allowCredentials: true + allowOrigins: + - "*" + allowMethods: + - GET + - POST + - OPTIONS + - HEAD + - PUT + allowHeaders: + - api-key + - app-key + - app-id + - web-api-key + - Authorization + - Grpc-Metadata-api-key + - Grpc-Metadata-app-key + - Grpc-Metadata-app-id + - Grpc-Metadata-web-api-key + - Grpc-Metadata-Authorization + - keep-alive + - user-agent + - cache-control + - content-type + - content-transfer-encoding + - custom-header-1 + - x-accept-content-transfer-encoding + - x-accept-response-streaming + - x-user-agent + - x-grpc-web + - grpc-timeout + exposeHeaders: + - grpc-status + - grpc-message + - Grpc-Trailer-App-Id + maxAge: "10m" \ No newline at end of file diff --git a/charts/micronaut-service/.helmignore b/charts/micronaut-service/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/charts/micronaut-service/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/micronaut-service/Chart.yaml b/charts/micronaut-service/Chart.yaml new file mode 100644 index 0000000..d15e088 --- /dev/null +++ b/charts/micronaut-service/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: micronaut-service +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.3.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/charts/micronaut-service/templates/NOTES.txt b/charts/micronaut-service/templates/NOTES.txt new file mode 100644 index 0000000..a4b8465 --- /dev/null +++ b/charts/micronaut-service/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "micronaut-service.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "micronaut-service.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "micronaut-service.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "micronaut-service.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/charts/micronaut-service/templates/_helpers.tpl b/charts/micronaut-service/templates/_helpers.tpl new file mode 100644 index 0000000..f91ea84 --- /dev/null +++ b/charts/micronaut-service/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "micronaut-service.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "micronaut-service.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "micronaut-service.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "micronaut-service.labels" -}} +helm.sh/chart: {{ include "micronaut-service.chart" . }} +{{ include "micronaut-service.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "micronaut-service.selectorLabels" -}} +app.kubernetes.io/name: {{ include "micronaut-service.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "micronaut-service.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "micronaut-service.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/charts/micronaut-service/templates/deployment.yaml b/charts/micronaut-service/templates/deployment.yaml new file mode 100644 index 0000000..f306358 --- /dev/null +++ b/charts/micronaut-service/templates/deployment.yaml @@ -0,0 +1,70 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "micronaut-service.fullname" . }} + {{- with .Values.deploymentAnnotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "micronaut-service.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "micronaut-service.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "micronaut-service.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "micronaut-service.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: 8080 + protocol: TCP + env: + {{- range $key, $value := .Values.env }} + - name: {{ $key}} + value: {{ $value | quote}} + {{- end }} + livenessProbe: + httpGet: + path: /health/liveness + port: http + readinessProbe: + httpGet: + path: /health/readiness + port: http + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/micronaut-service/templates/hpa.yaml b/charts/micronaut-service/templates/hpa.yaml new file mode 100644 index 0000000..f64470f --- /dev/null +++ b/charts/micronaut-service/templates/hpa.yaml @@ -0,0 +1,28 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2beta1 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "micronaut-service.fullname" . }} + labels: + {{- include "micronaut-service.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "micronaut-service.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/charts/micronaut-service/templates/ingress.yaml b/charts/micronaut-service/templates/ingress.yaml new file mode 100644 index 0000000..4865002 --- /dev/null +++ b/charts/micronaut-service/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "micronaut-service.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "micronaut-service.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/micronaut-service/templates/service.yaml b/charts/micronaut-service/templates/service.yaml new file mode 100644 index 0000000..4acc89b --- /dev/null +++ b/charts/micronaut-service/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "micronaut-service.fullname" . }} + labels: + {{- include "micronaut-service.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "micronaut-service.selectorLabels" . | nindent 4 }} diff --git a/charts/micronaut-service/templates/serviceaccount.yaml b/charts/micronaut-service/templates/serviceaccount.yaml new file mode 100644 index 0000000..3f14029 --- /dev/null +++ b/charts/micronaut-service/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "micronaut-service.serviceAccountName" . }} + labels: + {{- include "micronaut-service.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/micronaut-service/templates/servicemonitor.yaml b/charts/micronaut-service/templates/servicemonitor.yaml new file mode 100644 index 0000000..c3d7ecd --- /dev/null +++ b/charts/micronaut-service/templates/servicemonitor.yaml @@ -0,0 +1,25 @@ +{{- if .Values.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: "{{ include "micronaut-service.fullname" . }}" + labels: + app.kubernetes.io/name: {{ template "micronaut-service.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + {{- if .Values.metrics.serviceMonitor.additionalLabels }} + # {{ toYaml .Values.metrics.serviceMonitor.additionalLabels | indent 4 }} + {{- end }} + namespace: {{ .Release.Namespace }} +spec: + jobLabel: "{{ include "micronaut-service.fullname" . }}" + selector: + matchLabels: + {{- include "micronaut-service.selectorLabels" . | nindent 6 }} + endpoints: + - port: http + path: /prometheus + interval: 10s + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} +{{- end }} \ No newline at end of file diff --git a/charts/micronaut-service/templates/tests/test-connection.yaml b/charts/micronaut-service/templates/tests/test-connection.yaml new file mode 100644 index 0000000..ae5919f --- /dev/null +++ b/charts/micronaut-service/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "micronaut-service.fullname" . }}-test-connection" + labels: + {{- include "micronaut-service.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "micronaut-service.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/charts/micronaut-service/values.yaml b/charts/micronaut-service/values.yaml new file mode 100644 index 0000000..ad6db01 --- /dev/null +++ b/charts/micronaut-service/values.yaml @@ -0,0 +1,87 @@ +# Default values for micronaut-service. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: nginx + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +env: [] +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 80 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +metrics: + serviceMonitor: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/charts/msg-service/.helmignore b/charts/msg-service/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/charts/msg-service/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/msg-service/Chart.yaml b/charts/msg-service/Chart.yaml new file mode 100644 index 0000000..6800ded --- /dev/null +++ b/charts/msg-service/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: msg-service +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.3.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/charts/msg-service/templates/NOTES.txt b/charts/msg-service/templates/NOTES.txt new file mode 100644 index 0000000..6919a94 --- /dev/null +++ b/charts/msg-service/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "msg-service.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "msg-service.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "msg-service.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "msg-service.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/charts/msg-service/templates/_helpers.tpl b/charts/msg-service/templates/_helpers.tpl new file mode 100644 index 0000000..9d8c0c1 --- /dev/null +++ b/charts/msg-service/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "msg-service.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "msg-service.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "msg-service.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "msg-service.labels" -}} +helm.sh/chart: {{ include "msg-service.chart" . }} +{{ include "msg-service.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "msg-service.selectorLabels" -}} +app.kubernetes.io/name: {{ include "msg-service.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "msg-service.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "msg-service.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/charts/msg-service/templates/configmap.yaml b/charts/msg-service/templates/configmap.yaml new file mode 100644 index 0000000..e69de29 diff --git a/charts/msg-service/templates/deployment.yaml b/charts/msg-service/templates/deployment.yaml new file mode 100644 index 0000000..c94c8ea --- /dev/null +++ b/charts/msg-service/templates/deployment.yaml @@ -0,0 +1,102 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "msg-service.fullname" . }} + labels: + {{- include "msg-service.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "msg-service.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "msg-service.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "msg-service.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + volumeMounts: + - mountPath: /var/logs/hamropatro + name: log-volume + - mountPath: /opt/hamropatro/config + name: config-volume + - mountPath: /opt/hamropatro/certs + name: cert-volume + ports: + - name: http + containerPort: {{ default 80 .Values.container.port }} + protocol: TCP + livenessProbe: + httpGet: + path: {{ .Values.liveness.endpoint | quote }} + port: http + initialDelaySeconds: 30 + periodSeconds: 30 + readinessProbe: + httpGet: + path: {{ .Values.readiness.endpoint | quote }} + port: http + initialDelaySeconds: 30 + periodSeconds: 30 + resources: + {{- toYaml .Values.resources | nindent 12 }} + env: + - name: "REDIS_HOST" + value: {{ .Values.redis.host }} + - name: "REDIS_PASSWORD" + value: {{ .Values.redis.password }} + volumes: + - name: log-volume + emptyDir: { } + - name: config-volume + projected: + sources: + - configMap: + name: msg-gateway-service-config + - configMap: + name: msg-contact-service-config + - configMap: + name: msg-media-service-config + - configMap: + name: msg-notification-service-config + - configMap: + name: msg-user-service-config + - configMap: + name: msg-xmpp-service-config + - name: cert-volume + projected: + sources: + - secret: + name: {{ .Values.cert.apns_secret_name | quote }} + - secret: + name: {{ .Values.cert.voip_secret_name | quote }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/msg-service/templates/hpa.yaml b/charts/msg-service/templates/hpa.yaml new file mode 100644 index 0000000..0316f95 --- /dev/null +++ b/charts/msg-service/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "msg-service.fullname" . }} + labels: + {{- include "msg-service.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "msg-service.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/charts/msg-service/templates/ingress.yaml b/charts/msg-service/templates/ingress.yaml new file mode 100644 index 0000000..4be9700 --- /dev/null +++ b/charts/msg-service/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "msg-service.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "msg-service.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/msg-service/templates/service.yaml b/charts/msg-service/templates/service.yaml new file mode 100644 index 0000000..8f61fd8 --- /dev/null +++ b/charts/msg-service/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "msg-service.fullname" . }} + labels: + {{- include "msg-service.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "msg-service.selectorLabels" . | nindent 4 }} diff --git a/charts/msg-service/templates/serviceaccount.yaml b/charts/msg-service/templates/serviceaccount.yaml new file mode 100644 index 0000000..2073743 --- /dev/null +++ b/charts/msg-service/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "msg-service.serviceAccountName" . }} + labels: + {{- include "msg-service.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/msg-service/templates/tests/test-connection.yaml b/charts/msg-service/templates/tests/test-connection.yaml new file mode 100644 index 0000000..151e929 --- /dev/null +++ b/charts/msg-service/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "msg-service.fullname" . }}-test-connection" + labels: + {{- include "msg-service.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "msg-service.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/charts/msg-service/values.yaml b/charts/msg-service/values.yaml new file mode 100644 index 0000000..00c8e23 --- /dev/null +++ b/charts/msg-service/values.yaml @@ -0,0 +1,102 @@ +# Default values for msg-service. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: nginx + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +cert: + voip_secret_name: "name" + apns_secret_name: "name" + +container: + port: 80 + +liveness: + endpoint: /live +readiness: + endpoint: /ready + +redis: + host: redis + password: placeholder_password + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podSecurityContext: + {} + # fsGroup: 2000 + +securityContext: + {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 80 + +ingress: + enabled: false + className: "" + annotations: + {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: + {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/charts/parewa-api/.helmignore b/charts/parewa-api/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/charts/parewa-api/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/parewa-api/Chart.yaml b/charts/parewa-api/Chart.yaml new file mode 100644 index 0000000..9407f9e --- /dev/null +++ b/charts/parewa-api/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: parewa-api +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.3.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/charts/parewa-api/templates/NOTES.txt b/charts/parewa-api/templates/NOTES.txt new file mode 100644 index 0000000..3ba198d --- /dev/null +++ b/charts/parewa-api/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "parewa-api.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "parewa-api.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "parewa-api.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "parewa-api.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/charts/parewa-api/templates/_helpers.tpl b/charts/parewa-api/templates/_helpers.tpl new file mode 100644 index 0000000..ee65b81 --- /dev/null +++ b/charts/parewa-api/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "parewa-api.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "parewa-api.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "parewa-api.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "parewa-api.labels" -}} +helm.sh/chart: {{ include "parewa-api.chart" . }} +{{ include "parewa-api.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "parewa-api.selectorLabels" -}} +app.kubernetes.io/name: {{ include "parewa-api.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "parewa-api.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "parewa-api.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/charts/parewa-api/templates/deployment.yaml b/charts/parewa-api/templates/deployment.yaml new file mode 100644 index 0000000..7ff0868 --- /dev/null +++ b/charts/parewa-api/templates/deployment.yaml @@ -0,0 +1,81 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "parewa-api.fullname" . }} + labels: + {{- include "parewa-api.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "parewa-api.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "parewa-api.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "parewa-api.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: + {{- range $key, $value := .Values.env }} + - name: {{ $key}} + value: {{ $value | quote}} + {{- end }} + ports: + - name: http + containerPort: 8080 + protocol: TCP + volumeMounts: + {{- if .Values.configName }} + - name: config + mountPath: /mnt/config + {{- end }} + - name: var-log + mountPath: /var/log + livenessProbe: + httpGet: + path: /actuator/health + port: http + readinessProbe: + httpGet: + path: /actuator/health + port: http + resources: + {{- toYaml .Values.resources | nindent 12 }} + volumes: + {{- if .Values.configName }} + - name: config + configMap: + name: {{ .Values.configName }} + {{- end }} + - name: var-log + emptyDir: {} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/parewa-api/templates/hpa.yaml b/charts/parewa-api/templates/hpa.yaml new file mode 100644 index 0000000..d02333e --- /dev/null +++ b/charts/parewa-api/templates/hpa.yaml @@ -0,0 +1,28 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2beta1 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "parewa-api.fullname" . }} + labels: + {{- include "parewa-api.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "parewa-api.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/charts/parewa-api/templates/ingress.yaml b/charts/parewa-api/templates/ingress.yaml new file mode 100644 index 0000000..cf3ab8e --- /dev/null +++ b/charts/parewa-api/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "parewa-api.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "parewa-api.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/parewa-api/templates/service.yaml b/charts/parewa-api/templates/service.yaml new file mode 100644 index 0000000..179f804 --- /dev/null +++ b/charts/parewa-api/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "parewa-api.fullname" . }} + labels: + {{- include "parewa-api.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "parewa-api.selectorLabels" . | nindent 4 }} diff --git a/charts/parewa-api/templates/serviceaccount.yaml b/charts/parewa-api/templates/serviceaccount.yaml new file mode 100644 index 0000000..6ec0629 --- /dev/null +++ b/charts/parewa-api/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "parewa-api.serviceAccountName" . }} + labels: + {{- include "parewa-api.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/parewa-api/templates/tests/test-connection.yaml b/charts/parewa-api/templates/tests/test-connection.yaml new file mode 100644 index 0000000..772a66f --- /dev/null +++ b/charts/parewa-api/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "parewa-api.fullname" . }}-test-connection" + labels: + {{- include "parewa-api.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "parewa-api.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/charts/parewa-api/values.yaml b/charts/parewa-api/values.yaml new file mode 100644 index 0000000..2652ded --- /dev/null +++ b/charts/parewa-api/values.yaml @@ -0,0 +1,84 @@ +# Default values for parewa-api. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: nginx + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +env: [] + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 80 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/charts/quarkus-service/.helmignore b/charts/quarkus-service/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/charts/quarkus-service/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/quarkus-service/Chart.yaml b/charts/quarkus-service/Chart.yaml new file mode 100644 index 0000000..0c87657 --- /dev/null +++ b/charts/quarkus-service/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: quarkus-service +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.3.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/charts/quarkus-service/templates/NOTES.txt b/charts/quarkus-service/templates/NOTES.txt new file mode 100644 index 0000000..0c53bf4 --- /dev/null +++ b/charts/quarkus-service/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "quarkus-service.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "quarkus-service.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "quarkus-service.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "quarkus-service.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/charts/quarkus-service/templates/_helpers.tpl b/charts/quarkus-service/templates/_helpers.tpl new file mode 100644 index 0000000..3fecfaf --- /dev/null +++ b/charts/quarkus-service/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "quarkus-service.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "quarkus-service.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "quarkus-service.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "quarkus-service.labels" -}} +helm.sh/chart: {{ include "quarkus-service.chart" . }} +{{ include "quarkus-service.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "quarkus-service.selectorLabels" -}} +app.kubernetes.io/name: {{ include "quarkus-service.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "quarkus-service.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "quarkus-service.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/charts/quarkus-service/templates/deployment.yaml b/charts/quarkus-service/templates/deployment.yaml new file mode 100644 index 0000000..fc7a6fc --- /dev/null +++ b/charts/quarkus-service/templates/deployment.yaml @@ -0,0 +1,74 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "quarkus-service.fullname" . }} + {{- with .Values.deploymentAnnotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "quarkus-service.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "quarkus-service.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "quarkus-service.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "quarkus-service.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: + - name: QUARKUS_HTTP_PORT + value: "80" + - name: QUARKUS_JAEGER_SERVICE_NAME + value: "{{ .Release.Name }}" + {{- range $key, $value := .Values.env }} + - name: {{ $key}} + value: {{ $value | quote}} + {{- end }} + ports: + - name: http + containerPort: 80 + protocol: TCP + livenessProbe: + httpGet: + path: /q/health/live + port: http + readinessProbe: + httpGet: + path: /q/health/ready + port: http + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/quarkus-service/templates/hpa.yaml b/charts/quarkus-service/templates/hpa.yaml new file mode 100644 index 0000000..25a1819 --- /dev/null +++ b/charts/quarkus-service/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "quarkus-service.fullname" . }} + labels: + {{- include "quarkus-service.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "quarkus-service.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/quarkus-service/templates/ingress.yaml b/charts/quarkus-service/templates/ingress.yaml new file mode 100644 index 0000000..fa6d176 --- /dev/null +++ b/charts/quarkus-service/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "quarkus-service.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "quarkus-service.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/quarkus-service/templates/service.yaml b/charts/quarkus-service/templates/service.yaml new file mode 100644 index 0000000..c554fe7 --- /dev/null +++ b/charts/quarkus-service/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "quarkus-service.fullname" . }} + labels: + {{- include "quarkus-service.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "quarkus-service.selectorLabels" . | nindent 4 }} diff --git a/charts/quarkus-service/templates/serviceaccount.yaml b/charts/quarkus-service/templates/serviceaccount.yaml new file mode 100644 index 0000000..4eca111 --- /dev/null +++ b/charts/quarkus-service/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "quarkus-service.serviceAccountName" . }} + labels: + {{- include "quarkus-service.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/quarkus-service/templates/servicemonitor.yaml b/charts/quarkus-service/templates/servicemonitor.yaml new file mode 100644 index 0000000..04c09ce --- /dev/null +++ b/charts/quarkus-service/templates/servicemonitor.yaml @@ -0,0 +1,25 @@ +{{- if .Values.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: "{{ include "quarkus-service.fullname" . }}" + labels: + app.kubernetes.io/name: {{ template "quarkus-service.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + {{- if .Values.metrics.serviceMonitor.additionalLabels }} + # {{ toYaml .Values.metrics.serviceMonitor.additionalLabels | indent 4 }} + {{- end }} + namespace: {{ .Release.Namespace }} +spec: + jobLabel: "{{ include "quarkus-service.fullname" . }}" + selector: + matchLabels: + {{- include "quarkus-service.selectorLabels" . | nindent 6 }} + endpoints: + - port: http + path: /q/metrics + interval: 10s + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} +{{- end }} \ No newline at end of file diff --git a/charts/quarkus-service/templates/tests/test-connection.yaml b/charts/quarkus-service/templates/tests/test-connection.yaml new file mode 100644 index 0000000..b1a618b --- /dev/null +++ b/charts/quarkus-service/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "quarkus-service.fullname" . }}-test-connection" + labels: + {{- include "quarkus-service.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "quarkus-service.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/charts/quarkus-service/values.yaml b/charts/quarkus-service/values.yaml new file mode 100644 index 0000000..90374a2 --- /dev/null +++ b/charts/quarkus-service/values.yaml @@ -0,0 +1,86 @@ +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: nginx + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 80 + +metrics: + serviceMonitor: + enabled: false + additionalLabel: {} + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + # targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/charts/service/.helmignore b/charts/service/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/charts/service/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/service/Chart.yaml b/charts/service/Chart.yaml new file mode 100644 index 0000000..738a7c2 --- /dev/null +++ b/charts/service/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: service +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.3.6 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/charts/service/templates/NOTES.txt b/charts/service/templates/NOTES.txt new file mode 100644 index 0000000..6ed99a2 --- /dev/null +++ b/charts/service/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "service.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "service.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "service.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "service.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/charts/service/templates/_helpers.tpl b/charts/service/templates/_helpers.tpl new file mode 100644 index 0000000..a0412cc --- /dev/null +++ b/charts/service/templates/_helpers.tpl @@ -0,0 +1,84 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "service.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "service.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "service.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "service.labels" -}} +helm.sh/chart: {{ include "service.chart" . }} +{{ include "service.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "service.selectorLabels" -}} +app.kubernetes.io/name: {{ include "service.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "service.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "service.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +Create the name of the service port to use +*/}} +{{- define "service.portName" -}} +{{- if .Values.tls.enabled }} +{{- printf "%s" "grpcs" }} +{{- else }} +{{- printf "%s" "grpc" }} +{{- end }} +{{- end }} + +{{/* +Create the name of the service port to use +*/}} +{{- define "service.appProtocol" -}} +{{- if .Values.tls.enabled }} +{{- printf "%s" "https" }} +{{- else }} +{{- printf "%s" "http" }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/service/templates/deployment.yaml b/charts/service/templates/deployment.yaml new file mode 100644 index 0000000..f71c1b3 --- /dev/null +++ b/charts/service/templates/deployment.yaml @@ -0,0 +1,193 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "service.fullname" . }} + annotations: + {{- if .Values.grpcs.enabled }} + secret.reloader.stakater.com/reload: "{{ .Values.grpcs.tlsSecret }}" + {{- end }} + {{- if .Values.grpc.enabled }} + appProtocol.grpc: "true" + {{- end }} + {{- if .Values.grpcs.enabled }} + appProtocol.grpcs: "true" + {{- end }} + {{- if .Values.http.enabled }} + appProtocol.http: "true" + {{- end }} + {{- if .Values.metric.enabled }} + appProtocol.metric: "true" + {{- end }} + {{- with .Values.deploymentAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "service.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "service.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + {{- with .Values.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + checksum/secret: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }} + labels: + {{- include "service.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "service.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + initContainers: + {{- if .Values.grpcs.enabled }} + - name: init-tls + image: docker.io/nginx + imagePullPolicy: IfNotPresent + command: + - "bash" + args: + - -c + - "openssl pkcs8 -in /tls/tls.key -topk8 -out /config/tls.pkcs8 -nocrypt && cp /tls/tls.crt /config/tls.crt" + volumeMounts: + - name: config + mountPath: /config + - name: secret + mountPath: /tls + readOnly: true + {{- end }} + {{- with .Values.initContainers }} + {{- toYaml . | nindent 8 }} + {{- end }} + containers: + - name: "service" + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- with .Values.args }} + args: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.command }} + args: + {{- toYaml . | nindent 12 }} + {{- end }} + env: + {{- range $key, $value := .Values.env }} + - name: {{ $key}} + value: {{ $value | quote}} + {{- end }} + {{- range $key, $value := .Values.secretenv }} + - name: {{ $key }} + valueFrom: + secretKeyRef: + name: {{ $.Release.Name }}-secrets + key: {{ $key }} + {{- end }} + {{- if .Values.envConfigMap }} + envFrom: + - configMapRef: + name: {{ .Values.envConfigMap }} + {{- end }} + {{- if .Values.grpcs.enabled }} + - name: TLS_ENABLED + value: "true" + - name: TLS_CERT + value: /config/tls.crt + - name: TLS_KEY + value: /config/tls.pkcs8 + {{- end }} + ports: + {{- if .Values.http.enabled }} + - protocol: TCP + name: http + containerPort: {{ .Values.http.port }} + {{- end }} + {{- if .Values.grpc.enabled }} + - protocol: TCP + name: grpc + containerPort: {{ .Values.grpc.port }} + {{- end }} + {{- if .Values.grpcs.enabled }} + - protocol: TCP + name: grpcs + containerPort: {{ .Values.grpcs.port }} + {{- end }} + {{- if .Values.metric.enabled }} + - protocol: TCP + name: metric + containerPort: {{ .Values.metric.port }} + {{- end }} + volumeMounts: + - name: config + mountPath: /config + readOnly: true + {{- with .Values.volumeMounts }} + {{- toYaml . | nindent 12 }} + {{- end}} + {{- if .Values.liveness.enabled }} + livenessProbe: + {{- with .Values.liveness.command }} + exec: + command: + {{- toYaml . | nindent 16 }} + {{- end }} + {{- if .Values.liveness.path }} + httpGet: + path: {{ .Values.liveness.path }} + port: {{ .Values.http.port }} + {{- end }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} + {{- end }} + {{- if .Values.readiness.enabled }} + readinessProbe: + {{- with .Values.readiness.command }} + exec: + command: + {{- toYaml . | nindent 16 }} + {{- end }} + {{- if .Values.readiness.path }} + httpGet: + path: {{ .Values.readiness.path }} + port: {{ .Values.http.port }} + {{- end }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} + {{- end }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + volumes: + - name: config + emptyDir: {} + {{- if .Values.grpcs.enabled }} + - name: secret + secret: + secretName: {{ .Values.grpcs.tlsSecret }} + {{- end }} + {{- with .Values.volumes }} + {{- toYaml . | nindent 8 }} + {{- end}} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/service/templates/grpcRoute.yaml b/charts/service/templates/grpcRoute.yaml new file mode 100644 index 0000000..8f3ccea --- /dev/null +++ b/charts/service/templates/grpcRoute.yaml @@ -0,0 +1,34 @@ +{{- if .Values.grpcRoute.enabled -}} +apiVersion: gateway.networking.k8s.io/v1 +kind: GRPCRoute +metadata: + name: {{ include "service.fullname" . }} + labels: + {{- include "service.labels" . | nindent 4 }} +spec: + parentRefs: + {{- range .Values.grpcRoute.parentRefs }} + - name: {{ .name }} + kind: {{ .kind }} + {{- if .namespace }} + namespace: {{ .namespace }} + {{- end }} + {{- end }} + + hostnames: + {{- range .Values.grpcRoute.hostnames }} + - "{{ . }}" + {{- end }} + + rules: + {{- range .Values.grpcRoute.rules }} + - backendRefs: + {{- range .backendRefs }} + - group: {{ .group }} + kind: {{ .kind }} + name: {{ .name }} + port: {{ .port }} + weight: {{ .weight | default 1 }} + {{- end }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/service/templates/hpa.yaml b/charts/service/templates/hpa.yaml new file mode 100644 index 0000000..5fbe8b2 --- /dev/null +++ b/charts/service/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "service.fullname" . }} + labels: + {{- include "service.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "service.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/service/templates/httpRoute.yaml b/charts/service/templates/httpRoute.yaml new file mode 100644 index 0000000..740dc03 --- /dev/null +++ b/charts/service/templates/httpRoute.yaml @@ -0,0 +1,40 @@ +{{- if .Values.httpRoute.enabled -}} +apiVersion: gateway.networking.k8s.io/v1 +kind: HTTPRoute +metadata: + name: {{ include "service.fullname" . }} + labels: + {{- include "service.labels" . | nindent 4 }} +spec: + parentRefs: + {{- range .Values.httpRoute.parentRefs }} + - name: {{ .name }} + kind: {{ .kind }} + {{- if .namespace }} + namespace: {{ .namespace }} + {{- end }} + {{- end }} + + hostnames: + {{- range .Values.httpRoute.hostnames }} + - "{{ . }}" + {{- end }} + + rules: + {{- range .Values.httpRoute.rules }} + - backendRefs: + {{- range .backendRefs }} + - group: {{ .group }} + kind: {{ .kind }} + name: {{ .name }} + port: {{ .port }} + weight: {{ .weight | default 1 }} + {{- end }} + matches: + {{- range .matches }} + - path: + type: {{ .path.type }} + value: {{ .path.value }} + {{- end }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/service/templates/httproute.yaml b/charts/service/templates/httproute.yaml new file mode 100644 index 0000000..00317ff --- /dev/null +++ b/charts/service/templates/httproute.yaml @@ -0,0 +1,34 @@ + +{{- if .Values.httproute.enabled -}} +{{- $fullName := include "service.fullname" . -}} +{{- $svcPort := .Values.http.port -}} +kind: HTTPRoute +apiVersion: gateway.networking.k8s.io/v1alpha2 +metadata: + name: {{ $fullName }} + labels: + {{- include "service.labels" . | nindent 4 }} + {{- with .Values.httproute.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + parentRefs: + {{- with .Values.httproute.gateways }} + {{- toYaml . | nindent 4 }} + {{- end }} + hostnames: + {{- with .Values.httproute.hosts }} + {{- toYaml . | nindent 4 }} + {{- end }} + rules: + - matches: + {{- range .Values.httproute.paths }} + - path: + type: PathPrefix + value: {{ .path }} + {{- end }} + backendRefs: + - name: {{ $fullName }} + port: {{ $svcPort }} +{{- end }} diff --git a/charts/service/templates/ingress.yaml b/charts/service/templates/ingress.yaml new file mode 100644 index 0000000..462856f --- /dev/null +++ b/charts/service/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "service.fullname" . -}} +{{- $svcPort := .Values.http.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "service.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/service/templates/secrets.yaml b/charts/service/templates/secrets.yaml new file mode 100644 index 0000000..32ebe85 --- /dev/null +++ b/charts/service/templates/secrets.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Release.Name }}-secrets +type: Opaque +data: + {{- range $key, $value := .Values.secretenv }} + {{ $key | quote }}: {{ $value | toString | b64enc | quote }} + {{- end }} \ No newline at end of file diff --git a/charts/service/templates/securityPolicy.yaml b/charts/service/templates/securityPolicy.yaml new file mode 100644 index 0000000..5ff5443 --- /dev/null +++ b/charts/service/templates/securityPolicy.yaml @@ -0,0 +1,27 @@ +{{- if and .Values.grpcRoute.enabled .Values.securityPolicy.enabled -}} +apiVersion: gateway.envoyproxy.io/v1alpha1 +kind: SecurityPolicy +metadata: + name: {{ include "service.fullname" . }} + {{- with .Values.securityPolicy.metadata.labels }} + labels: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- with .Values.securityPolicy.spec.targetRefs }} + targetRefs: + {{- toYaml . | nindent 4 }} + {{- else }} + targetRefs: + - group: gateway.networking.k8s.io + kind: GRPCRoute + name: {{ include "service.fullname" . }} + {{- end }} + {{- if .Values.securityPolicy.spec.cors }} + cors: + {{- toYaml .Values.securityPolicy.spec.cors | nindent 4 }} + {{- end }} + {{- with .Values.securityPolicy.spec.additionalConfig }} + {{- toYaml . | nindent 2 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/service/templates/service.yaml b/charts/service/templates/service.yaml new file mode 100644 index 0000000..845d516 --- /dev/null +++ b/charts/service/templates/service.yaml @@ -0,0 +1,39 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "service.fullname" . }} + labels: + {{- include "service.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + {{- if .Values.http.enabled }} + - port: {{ .Values.http.port }} + protocol: TCP + targetPort: http + name: http + appProtocol: http + {{- end }} + {{- if .Values.grpc.enabled }} + - port: {{ .Values.grpc.port }} + protocol: TCP + targetPort: grpc + name: grpc + appProtocol: http + {{- end }} + {{- if .Values.grpcs.enabled }} + - port: {{ .Values.grpcs.port }} + protocol: TCP + targetPort: grpcs + name: grpcs + appProtocol: https + {{- end }} + {{- if .Values.metric.enabled }} + - port: {{ .Values.metric.port }} + protocol: TCP + targetPort: metric + name: metric + appProtocol: http + {{- end }} + selector: + {{- include "service.selectorLabels" . | nindent 4 }} diff --git a/charts/service/templates/serviceaccount.yaml b/charts/service/templates/serviceaccount.yaml new file mode 100644 index 0000000..32507a8 --- /dev/null +++ b/charts/service/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "service.serviceAccountName" . }} + labels: + {{- include "service.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/service/templates/servicemonitor.yaml b/charts/service/templates/servicemonitor.yaml new file mode 100644 index 0000000..3d4dccc --- /dev/null +++ b/charts/service/templates/servicemonitor.yaml @@ -0,0 +1,24 @@ +{{- if .Values.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: "{{ include "service.fullname" . }}" + labels: + app.kubernetes.io/name: {{ template "service.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + {{- if .Values.metrics.serviceMonitor.additionalLabels }} + # {{ toYaml .Values.metrics.serviceMonitor.additionalLabels | indent 4 }} + {{- end }} + namespace: {{ .Release.Namespace }} +spec: + jobLabel: "{{ include "service.fullname" . }}" + selector: + matchLabels: + {{- include "service.selectorLabels" . | nindent 6 }} + endpoints: + - port: http + interval: 10s + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} +{{- end }} \ No newline at end of file diff --git a/charts/service/templates/tests/test-connection.yaml b/charts/service/templates/tests/test-connection.yaml new file mode 100644 index 0000000..e626c8e --- /dev/null +++ b/charts/service/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "service.fullname" . }}-test-connection" + labels: + {{- include "service.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "service.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/charts/service/templates/tlsroute.yaml b/charts/service/templates/tlsroute.yaml new file mode 100644 index 0000000..fd5eac7 --- /dev/null +++ b/charts/service/templates/tlsroute.yaml @@ -0,0 +1,27 @@ +{{- if .Values.tlsroute.enabled -}} +{{- $fullName := include "service.fullname" . -}} +kind: TLSRoute +apiVersion: networking.x-k8s.io/v1alpha1 +metadata: + name: {{ $fullName }} + labels: + {{- include "service.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + gateways: + allow: All + hostnames: + rules: + - + matches: + - snis: + {{- with .Values.tlsroute.snis }} + {{- toYaml . | nindent 10 }} + {{- end }} + forwardTo: + - serviceName: {{ $fullName }} + port: {{ .Values.grpcs.port }} +{{- end }} diff --git a/charts/service/values.yaml b/charts/service/values.yaml new file mode 100644 index 0000000..37d8916 --- /dev/null +++ b/charts/service/values.yaml @@ -0,0 +1,209 @@ +# Default values for web-service. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: nginx + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +args: [] +command: [] +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +deploymentAnnotations: [] + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 +initContainers: [] +http: + enabled: false + port: 8080 +grpc: + enabled: false + port: 50051 +grpcs: + enabled: false + port: 50052 + tlsSecret: "" +tlsroute: + enabled: false + snis: + - example.com +httproute: + enabled: false + gateways: [] + hosts: + - example.com + paths: + - path: / + +liveness: + enabled: true + path: "" + command: [] + timeoutSeconds: 1 + periodSeconds: 30 + initialDelaySeconds: 30 +readiness: + enabled: true + path: "" + command: [] + periodSeconds: 30 + initialDelaySeconds: 30 + timeoutSeconds: 1 +service: + type: ClusterIP + port: 80 + targetPort: 80 +metric: + enabled: false + port: 9004 +metrics: + serviceMonitor: + enabled: false + additionalLabel: {} +volumes: [] +volumeMounts: [] +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + # targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {} + +httpRoute: + enabled: false + parentRefs: + - name: envoygateway + kind: Gateway + namespace: default + hostnames: + - "service.example.com" + rules: + - backendRefs: + - group: "" + kind: "Service" + weight: 1 + name: service + port: 80 + matches: + - path: + type: PathPrefix + value: / + +grpcRoute: + enabled: false + parentRefs: + - name: envoygateway + kind: Gateway + namespace: default + hostnames: + - "service.example.com" + rules: + - backendRefs: + - group: "" + kind: "Service" + name: service + port: 50051 + weight: 1 +securityPolicy: + enabled: false + metadata: {} + spec: + targetRefs: [] + cors: + allowCredentials: true + allowOrigins: + - "*" + allowMethods: + - GET + - POST + - OPTIONS + - HEAD + - PUT + allowHeaders: + - api-key + - app-key + - app-id + - web-api-key + - Authorization + - Grpc-Metadata-api-key + - Grpc-Metadata-app-key + - Grpc-Metadata-app-id + - Grpc-Metadata-web-api-key + - Grpc-Metadata-Authorization + - keep-alive + - user-agent + - cache-control + - content-type + - content-transfer-encoding + - custom-header-1 + - x-accept-content-transfer-encoding + - x-accept-response-streaming + - x-user-agent + - x-grpc-web + - grpc-timeout + exposeHeaders: + - grpc-status + - grpc-message + - Grpc-Trailer-App-Id + maxAge: "10m" \ No newline at end of file diff --git a/charts/squid/.helmignore b/charts/squid/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/charts/squid/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/squid/Chart.yaml b/charts/squid/Chart.yaml new file mode 100644 index 0000000..ac1682d --- /dev/null +++ b/charts/squid/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: squid +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.3.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/charts/squid/templates/NOTES.txt b/charts/squid/templates/NOTES.txt new file mode 100644 index 0000000..a7483d0 --- /dev/null +++ b/charts/squid/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "squid.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "squid.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "squid.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "squid.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/charts/squid/templates/_helpers.tpl b/charts/squid/templates/_helpers.tpl new file mode 100644 index 0000000..2087785 --- /dev/null +++ b/charts/squid/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "squid.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "squid.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "squid.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "squid.labels" -}} +helm.sh/chart: {{ include "squid.chart" . }} +{{ include "squid.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "squid.selectorLabels" -}} +app.kubernetes.io/name: {{ include "squid.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "squid.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "squid.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/charts/squid/templates/configmap.yaml b/charts/squid/templates/configmap.yaml new file mode 100644 index 0000000..1a51ab7 --- /dev/null +++ b/charts/squid/templates/configmap.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "squid.fullname" . }}-conf + labels: + app: {{ template "squid.name" . }} + chart: {{ template "squid.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: + squid.conf: | +{{- if .Values.metrics.enabled }} + acl prometheus src 127.0.0.1/32 + http_access allow manager prometheus +{{- end }} +{{ .Values.config | indent 4 }} \ No newline at end of file diff --git a/charts/squid/templates/deployment.yaml b/charts/squid/templates/deployment.yaml new file mode 100644 index 0000000..ad0d135 --- /dev/null +++ b/charts/squid/templates/deployment.yaml @@ -0,0 +1,83 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "squid.fullname" . }} + labels: + {{- include "squid.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "squid.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "squid.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "squid.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: + - name: TZ + value: UTC + ports: + - name: http + containerPort: 3128 + protocol: TCP + livenessProbe: + tcpSocket: + port: 3128 + initialDelaySeconds: 5 + periodSeconds: 10 + readinessProbe: + tcpSocket: + port: 3128 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + {{- toYaml .Values.resources | nindent 12 }} + volumeMounts: + - name: {{ template "squid.fullname" . }}-conf + mountPath: /etc/squid/squid.conf + subPath: squid.conf + - name: cache + mountPath: /var/cache/squid + volumes: + - name: {{ template "squid.fullname" . }}-conf + configMap: + name: {{ template "squid.fullname" . }}-conf + - emptyDir: {} + name: cache + {{- if .Values.configSecret }} + - name: config-secret + secret: + secretName: {{ .Values.configSecret }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/squid/templates/hpa.yaml b/charts/squid/templates/hpa.yaml new file mode 100644 index 0000000..04bfc18 --- /dev/null +++ b/charts/squid/templates/hpa.yaml @@ -0,0 +1,28 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2beta1 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "squid.fullname" . }} + labels: + {{- include "squid.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "squid.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/charts/squid/templates/ingress.yaml b/charts/squid/templates/ingress.yaml new file mode 100644 index 0000000..a7983bc --- /dev/null +++ b/charts/squid/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "squid.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "squid.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/squid/templates/service.yaml b/charts/squid/templates/service.yaml new file mode 100644 index 0000000..ca2ae64 --- /dev/null +++ b/charts/squid/templates/service.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "squid.fullname" . }} + labels: + {{- include "squid.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + {{- if .Values.metrics.enabled }} + - port: {{ .Values.metrics.exporter.port }} + targetPort: metrics + protocol: TCP + name: metrics + {{- end }} + selector: + {{- include "squid.selectorLabels" . | nindent 4 }} diff --git a/charts/squid/templates/serviceMonitor.yaml b/charts/squid/templates/serviceMonitor.yaml new file mode 100644 index 0000000..8aebcc4 --- /dev/null +++ b/charts/squid/templates/serviceMonitor.yaml @@ -0,0 +1,25 @@ +{{- if .Values.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: "{{ include "squid.fullname" . }}" + labels: + app.kubernetes.io/name: {{ template "squid.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + {{- if .Values.metrics.serviceMonitor.additionalLabels }} + # {{ toYaml .Values.metrics.serviceMonitor.additionalLabels | indent 4 }} + {{- end }} + namespace: {{ .Release.Namespace }} +spec: + jobLabel: "{{ include "squid.fullname" . }}" + selector: + matchLabels: + {{- include "squid.selectorLabels" . | nindent 6 }} + endpoints: + - port: http + path: /q/metrics + interval: 10s + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} +{{- end }} \ No newline at end of file diff --git a/charts/squid/templates/serviceaccount.yaml b/charts/squid/templates/serviceaccount.yaml new file mode 100644 index 0000000..2912e2b --- /dev/null +++ b/charts/squid/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "squid.serviceAccountName" . }} + labels: + {{- include "squid.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/squid/templates/tests/test-connection.yaml b/charts/squid/templates/tests/test-connection.yaml new file mode 100644 index 0000000..12ad61f --- /dev/null +++ b/charts/squid/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "squid.fullname" . }}-test-connection" + labels: + {{- include "squid.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "squid.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/charts/squid/values.yaml b/charts/squid/values.yaml new file mode 100644 index 0000000..ab47f67 --- /dev/null +++ b/charts/squid/values.yaml @@ -0,0 +1,135 @@ +# Default values for squid. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: "docker.io/ubuntu/squid" + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "edge" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 80 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {} + +config: | + acl SSL_ports port 443 + acl Safe_ports port 80 # http + acl Safe_ports port 21 # ftp + acl Safe_ports port 443 # https + acl Safe_ports port 70 # gopher + acl Safe_ports port 210 # wais + acl Safe_ports port 1025-65535 # unregistered ports + acl Safe_ports port 280 # http-mgmt + acl Safe_ports port 488 # gss-http + acl Safe_ports port 591 # filemaker + acl Safe_ports port 777 # multiling http + acl CONNECT method CONNECT + # Recommended minimum Access Permission configuration: + # + # Deny requests to certain unsafe ports + http_access deny !Safe_ports + # Only allow cachemgr access from localhost + http_access allow localhost manager + http_access deny manager + # Squid normally listens to port 3128 + http_port 3128 + # Uncomment and adjust the following to add a disk cache directory. + cache_dir ufs /var/cache/squid 100 16 256 + # Leave coredumps in the first cache dir + coredump_dir /var/cache/squid + # + # Add any of your own refresh_pattern entries above these. + # + refresh_pattern ^ftp: 1440 20% 10080 + refresh_pattern ^gopher: 1440 0% 1440 + refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 + refresh_pattern . 0 20% 4320 + # Do not display squid version + httpd_suppress_version_string on + + refresh_pattern ^ftp: 1440 20% 10080 + refresh_pattern ^gopher: 1440 0% 1440 + refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 + refresh_pattern \/(Packages|Sources)(|\.bz2|\.gz|\.xz)$ 0 0% 0 refresh-ims + refresh_pattern \/Release(|\.gpg)$ 0 0% 0 refresh-ims + refresh_pattern \/InRelease$ 0 0% 0 refresh-ims + refresh_pattern \/(Translation-.*)(|\.bz2|\.gz|\.xz)$ 0 0% 0 refresh-ims + refresh_pattern -i .(gif|png|jpg|jpeg|ico)$ 10080 90% 43200 override-expire ignore-no-cache ignore-no-store ignore-private + refresh_pattern -i .(iso|avi|wav|mp3|mp4|mpeg|swf|flv|x-flv)$ 43200 90% 432000 override-expire ignore-no-cache ignore-no-store ignore-private + refresh_pattern . 0 20% 4320 + logfile_rotate 0 + +metrics: + enabled: false + serviceMonitor: + enabled: false \ No newline at end of file diff --git a/charts/trino/Chart.yaml b/charts/trino/Chart.yaml new file mode 100644 index 0000000..92bc6cb --- /dev/null +++ b/charts/trino/Chart.yaml @@ -0,0 +1,23 @@ +apiVersion: v2 +name: trino +description: Fast distributed SQL query engine for big data analytics that helps you explore your data universe + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.3.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +appVersion: "375" diff --git a/charts/trino/ci/custom-values.yaml b/charts/trino/ci/custom-values.yaml new file mode 100644 index 0000000..2a83c54 --- /dev/null +++ b/charts/trino/ci/custom-values.yaml @@ -0,0 +1,19 @@ +# All custom values belong here during testing. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +coordinator: + jvm: + maxHeapSize: "8G" + gcMethod: + type: "UseG1GC" + g1: + heapRegionSize: "32M" + +worker: + jvm: + maxHeapSize: "8G" + gcMethod: + type: "UseG1GC" + g1: + heapRegionSize: "32M" diff --git a/charts/trino/templates/NOTES.txt b/charts/trino/templates/NOTES.txt new file mode 100644 index 0000000..251ff87 --- /dev/null +++ b/charts/trino/templates/NOTES.txt @@ -0,0 +1,10 @@ +Get the application URL by running these commands: +{{- if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "trino.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "trino.name" . }},release={{ .Release.Name }},component=coordinator" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:8080 +{{- end }} diff --git a/charts/trino/templates/_helpers.tpl b/charts/trino/templates/_helpers.tpl new file mode 100644 index 0000000..ade06df --- /dev/null +++ b/charts/trino/templates/_helpers.tpl @@ -0,0 +1,94 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "trino.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "trino.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "trino.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{- define "trino.coordinator" -}} +{{- if .Values.coordinatorNameOverride }} +{{- .Values.coordinatorNameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }}-coordinator +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}-coordinator +{{- end }} +{{- end }} +{{- end }} + +{{- define "trino.worker" -}} +{{- if .Values.workerNameOverride }} +{{- .Values.workerNameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }}-worker +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}-worker +{{- end }} +{{- end }} +{{- end }} + + +{{- define "trino.catalog" -}} +{{ template "trino.fullname" . }}-catalog +{{- end -}} + +{{/* +Common labels +*/}} +{{- define "trino.labels" -}} +helm.sh/chart: {{ include "trino.chart" . }} +{{ include "trino.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "trino.selectorLabels" -}} +app.kubernetes.io/name: {{ include "trino.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "trino.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "trino.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/charts/trino/templates/autoscaler.yaml b/charts/trino/templates/autoscaler.yaml new file mode 100644 index 0000000..7907d1d --- /dev/null +++ b/charts/trino/templates/autoscaler.yaml @@ -0,0 +1,14 @@ +{{- if .Values.server.autoscaling.enabled -}} +apiVersion: autoscaling/v1 +kind: HorizontalPodAutoscaler +metadata: + name: {{ template "trino.worker" . }} +spec: + maxReplicas: {{ .Values.server.autoscaling.maxReplicas }} + minReplicas: {{ .Values.server.workers }} + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ template "trino.worker" . }} + targetCPUUtilizationPercentage: {{ .Values.server.autoscaling.targetCPUUtilizationPercentage }} +{{- end }} diff --git a/charts/trino/templates/configmap-catalog.yaml b/charts/trino/templates/configmap-catalog.yaml new file mode 100644 index 0000000..b325569 --- /dev/null +++ b/charts/trino/templates/configmap-catalog.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "trino.catalog" . }} + labels: + app: {{ template "trino.name" . }} + chart: {{ template "trino.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + role: catalogs +data: + tpch.properties: | + connector.name=tpch + tpch.splits-per-node=4 + tpcds.properties: | + connector.name=tpcds + tpcds.splits-per-node=4 +{{- range $catalogName, $catalogProperties := .Values.additionalCatalogs }} + {{ $catalogName }}.properties: | + {{- $catalogProperties | nindent 4 }} +{{- end }} + + diff --git a/charts/trino/templates/configmap-coordinator.yaml b/charts/trino/templates/configmap-coordinator.yaml new file mode 100644 index 0000000..e4d77e4 --- /dev/null +++ b/charts/trino/templates/configmap-coordinator.yaml @@ -0,0 +1,141 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "trino.coordinator" . }} + labels: + app: {{ template "trino.name" . }} + chart: {{ template "trino.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + component: coordinator +data: + node.properties: | + node.environment={{ .Values.server.node.environment }} + node.data-dir={{ .Values.server.node.dataDir }} + plugin.dir={{ .Values.server.node.pluginDir }} + {{- range $configValue := .Values.additionalNodeProperties }} + {{ $configValue }} + {{- end }} + + jvm.config: | + -server + -Xmx{{ .Values.coordinator.jvm.maxHeapSize }} + -XX:+{{ .Values.coordinator.jvm.gcMethod.type }} + -XX:G1HeapRegionSize={{ .Values.coordinator.jvm.gcMethod.g1.heapRegionSize }} + -XX:+UseGCOverheadLimit + -XX:+ExplicitGCInvokesConcurrent + -XX:+HeapDumpOnOutOfMemoryError + -XX:+ExitOnOutOfMemoryError + -Djdk.attach.allowAttachSelf=true + -XX:-UseBiasedLocking + -XX:ReservedCodeCacheSize=512M + -XX:PerMethodRecompilationCutoff=10000 + -XX:PerBytecodeRecompilationCutoff=10000 + -Djdk.nio.maxCachedBufferSize=2000000 + -XX:+UnlockDiagnosticVMOptions + -XX:+UseAESCTRIntrinsics + {{- range $configValue := .Values.coordinator.additionalJVMConfig }} + {{ $configValue }} + {{- end }} + + config.properties: | + coordinator=true +{{- if gt (int .Values.server.workers) 0 }} + node-scheduler.include-coordinator=false +{{- else }} + node-scheduler.include-coordinator=true +{{- end }} + http-server.http.port={{ .Values.service.port }} + query.max-memory={{ .Values.server.config.query.maxMemory }} + query.max-memory-per-node={{ .Values.coordinator.config.query.maxMemoryPerNode }} +{{- if .Values.coordinator.config.memory.heapHeadroomPerNode }} + memory.heap-headroom-per-node={{ .Values.coordinator.config.memory.heapHeadroomPerNode }} +{{- end }} + discovery-server.enabled=true + discovery.uri=http://localhost:{{ .Values.service.port }} +{{- if .Values.server.config.authenticationType }} + http-server.authentication.type={{ .Values.server.config.authenticationType }} +{{- end }} + {{- range $configValue := .Values.additionalConfigProperties }} + {{ $configValue }} + {{- end }} + {{- if .Values.server.config.https.enabled }} + http-server.https.enabled=true + http-server.https.port={{ .Values.server.config.https.port }} + http-server.https.keystore.path={{ .Values.server.config.https.keystore.path }} + {{- end }} + {{ .Values.server.coordinatorExtraConfig | indent 4 }} + +{{- if .Values.accessControl }}{{- if eq .Values.accessControl.type "configmap" }} + access-control.properties: | + access-control.name=file + {{- if .Values.accessControl.refreshPeriod }} + security.refresh-period={{ .Values.accessControl.refreshPeriod }} + {{- end }} + security.config-file={{ .Values.server.config.path }}/access-control/{{ .Values.accessControl.configFile | default "rules.json" }} +{{- end }}{{- end }} + + exchange-manager.properties: | + exchange-manager.name={{ .Values.server.exchangeManager.name }} + {{ if eq .Values.server.exchangeManager.name "filesystem" }} + exchange.base-directory={{ .Values.server.exchangeManager.baseDir }} + {{- end }} + {{- range $configValue := .Values.additionalExchangeManagerProperties }} + {{ $configValue }} + {{- end }} + + log.properties: | + io.trino={{ .Values.server.log.trino.level }} + {{- range $configValue := .Values.additionalLogProperties }} + {{ $configValue }} + {{- end }} + + {{- if eq .Values.server.config.authenticationType "PASSWORD" }} + password-authenticator.properties: | + password-authenticator.name=file + file.password-file={{ .Values.server.config.path }}/auth/password.db + {{- end }} + +{{ if .Values.eventListenerProperties }} + event-listener.properties: | + {{- range $configValue := .Values.eventListenerProperties }} + {{ $configValue }} + {{- end }} +{{ end }} + +{{- range $fileName, $fileContent := .Values.coordinator.additionalConfigFiles }} + {{ $fileName }}: | + {{- $fileContent | nindent 4 }} +{{- end }} + +--- + +{{- if .Values.accessControl }}{{- if eq .Values.accessControl.type "configmap" }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: trino-access-control-volume-coordinator + labels: + {{- include "trino.labels" . | nindent 4 }} + app.kubernetes.io/component: coordinator +data: + {{- range $key, $val := .Values.accessControl.rules }} + {{ $key }}: {{ $val | quote }} + {{- end }} +{{- end }}{{- end }} + +--- + +apiVersion: v1 +kind: ConfigMap +metadata: + name: schemas-volume-coordinator + labels: + {{- include "trino.labels" . | nindent 4 }} + app.kubernetes.io/component: coordinator +data: + {{- range $key, $val := .Values.kafka.tableDescriptions }} + {{ $key }}: {{ $val | quote }} + {{- end }} + +--- diff --git a/charts/trino/templates/configmap-worker.yaml b/charts/trino/templates/configmap-worker.yaml new file mode 100644 index 0000000..f427efb --- /dev/null +++ b/charts/trino/templates/configmap-worker.yaml @@ -0,0 +1,96 @@ +{{- if gt (int .Values.server.workers) 0 }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "trino.worker" . }} + labels: + app: {{ template "trino.name" . }} + chart: {{ template "trino.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + component: worker +data: + node.properties: | + node.environment={{ .Values.server.node.environment }} + node.data-dir={{ .Values.server.node.dataDir }} + plugin.dir={{ .Values.server.node.pluginDir }} + {{- range $configValue := .Values.additionalNodeProperties }} + {{ $configValue }} + {{- end }} + + jvm.config: | + -server + -Xmx{{ .Values.worker.jvm.maxHeapSize }} + -XX:+{{ .Values.worker.jvm.gcMethod.type }} + -XX:G1HeapRegionSize={{ .Values.worker.jvm.gcMethod.g1.heapRegionSize }} + -XX:+UseGCOverheadLimit + -XX:+ExplicitGCInvokesConcurrent + -XX:+HeapDumpOnOutOfMemoryError + -XX:+ExitOnOutOfMemoryError + -Djdk.attach.allowAttachSelf=true + -XX:-UseBiasedLocking + -XX:ReservedCodeCacheSize=512M + -XX:PerMethodRecompilationCutoff=10000 + -XX:PerBytecodeRecompilationCutoff=10000 + -Djdk.nio.maxCachedBufferSize=2000000 + -XX:+UnlockDiagnosticVMOptions + -XX:+UseAESCTRIntrinsics + {{- range $configValue := .Values.worker.additionalJVMConfig }} + {{ $configValue }} + {{- end }} + + config.properties: | + coordinator=false + http-server.http.port={{ .Values.service.port }} + query.max-memory={{ .Values.server.config.query.maxMemory }} + query.max-memory-per-node={{ .Values.worker.config.query.maxMemoryPerNode }} + {{- if .Values.worker.config.memory.heapHeadroomPerNode }} + memory.heap-headroom-per-node={{ .Values.worker.config.memory.heapHeadroomPerNode }} + {{- end }} + discovery.uri=http://{{ template "trino.fullname" . }}:{{ .Values.service.port }} + {{- range $configValue := .Values.additionalConfigProperties }} + {{ $configValue }} + {{- end }} + {{ .Values.server.workerExtraConfig | indent 4 }} + + exchange-manager.properties: | + exchange-manager.name={{ .Values.server.exchangeManager.name }} + {{ if eq .Values.server.exchangeManager.name "filesystem" }} + exchange.base-directory={{ .Values.server.exchangeManager.baseDir }} + {{- end }} + {{- range $configValue := .Values.additionalExchangeManagerProperties }} + {{ $configValue }} + {{- end }} + + log.properties: | + io.trino={{ .Values.server.log.trino.level }} + {{- range $configValue := .Values.additionalLogProperties }} + {{ $configValue }} + {{- end }} + +{{ if .Values.eventListenerProperties }} + event-listener.properties: | + {{- range $configValue := .Values.eventListenerProperties }} + {{ $configValue }} + {{- end }} +{{ end }} + +{{- range $fileName, $fileContent := .Values.worker.additionalConfigFiles }} + {{ $fileName }}: | + {{- $fileContent | nindent 4 }} +{{- end }} + +--- + +apiVersion: v1 +kind: ConfigMap +metadata: + name: schemas-volume-worker + labels: + {{- include "trino.labels" . | nindent 4 }} + app.kubernetes.io/component: worker +data: + {{- range $key, $val := .Values.kafka.tableDescriptions }} + {{ $key }}: {{ $val | quote }} + {{- end }} +{{- end }} diff --git a/charts/trino/templates/deployment-coordinator.yaml b/charts/trino/templates/deployment-coordinator.yaml new file mode 100644 index 0000000..edd8125 --- /dev/null +++ b/charts/trino/templates/deployment-coordinator.yaml @@ -0,0 +1,126 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "trino.coordinator" . }} + labels: + app: {{ template "trino.name" . }} + chart: {{ template "trino.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + component: coordinator +spec: + selector: + matchLabels: + app: {{ template "trino.name" . }} + release: {{ .Release.Name }} + component: coordinator + template: + metadata: + labels: + app: {{ template "trino.name" . }} + release: {{ .Release.Name }} + component: coordinator + spec: + serviceAccountName: {{ include "trino.serviceAccountName" . }} + {{- with .Values.securityContext }} + securityContext: + runAsUser: {{ .runAsUser }} + runAsGroup: {{ .runAsGroup }} + {{- end }} + volumes: + - name: config-volume + configMap: + name: {{ template "trino.coordinator" . }} + - name: catalog-volume + configMap: + name: {{ template "trino.catalog" . }} + - name: schemas-volume + configMap: + name: schemas-volume-coordinator + {{- if .Values.accessControl }}{{- if eq .Values.accessControl.type "configmap" }} + - name: access-control-volume + configMap: + name: trino-access-control-volume-coordinator + {{- end }}{{- end }} + {{- if eq .Values.server.config.authenticationType "PASSWORD" }} + - name: password-volume + secret: + secretName: trino-password-authentication + {{- end }} + {{- if .Values.initContainers.coordinator }} + initContainers: + {{- tpl (toYaml .Values.initContainers.coordinator) . | nindent 6 }} + {{- end }} + {{- range .Values.secretMounts }} + - name: {{ .name }} + secret: + secretName: {{ .secretName }} + {{- end }} + imagePullSecrets: + {{- toYaml .Values.imagePullSecrets | nindent 8 }} + containers: + - name: {{ .Chart.Name }}-coordinator + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: + {{- toYaml .Values.env | nindent 12 }} + volumeMounts: + - mountPath: {{ .Values.server.config.path }} + name: config-volume + - mountPath: {{ .Values.server.config.path }}/catalog + name: catalog-volume + - mountPath: {{ .Values.kafka.mountPath }} + name: schemas-volume + {{- if .Values.accessControl }}{{- if eq .Values.accessControl.type "configmap" }} + - mountPath: {{ .Values.server.config.path }}/access-control + name: access-control-volume + {{- end }}{{- end }} + {{- range .Values.secretMounts }} + - name: {{ .name }} + mountPath: {{ .path }} + {{- end }} + {{- if eq .Values.server.config.authenticationType "PASSWORD" }} + - mountPath: {{ .Values.server.config.path }}/auth + name: password-volume + {{- end }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + {{- range $key, $value := .Values.coordinator.additionalExposedPorts }} + - name: {{ $value.name }} + containerPort: {{ $value.port }} + protocol: {{ $value.protocol }} + {{- end }} + livenessProbe: + httpGet: + path: /v1/info + port: http + initialDelaySeconds: {{ .Values.coordinator.livenessProbe.initialDelaySeconds | default 20 }} + periodSeconds: {{ .Values.coordinator.livenessProbe.periodSeconds | default 10 }} + timeoutSeconds: {{ .Values.coordinator.livenessProbe.timeoutSeconds | default 5 }} + failureThreshold: {{ .Values.coordinator.livenessProbe.failureThreshold | default 6 }} + successThreshold: {{ .Values.coordinator.livenessProbe.successThreshold | default 1 }} + readinessProbe: + httpGet: + path: /v1/info + port: http + initialDelaySeconds: {{ .Values.coordinator.readinessProbe.initialDelaySeconds | default 20 }} + periodSeconds: {{ .Values.coordinator.readinessProbe.periodSeconds | default 10 }} + timeoutSeconds: {{ .Values.coordinator.readinessProbe.timeoutSeconds | default 5 }} + failureThreshold: {{ .Values.coordinator.readinessProbe.failureThreshold | default 6 }} + successThreshold: {{ .Values.coordinator.readinessProbe.successThreshold | default 1 }} + resources: + {{- toYaml .Values.coordinator.resources | nindent 12 }} + {{- with .Values.coordinator.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.coordinator.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.coordinator.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/trino/templates/deployment-worker.yaml b/charts/trino/templates/deployment-worker.yaml new file mode 100644 index 0000000..98fb713 --- /dev/null +++ b/charts/trino/templates/deployment-worker.yaml @@ -0,0 +1,97 @@ +{{- if gt (int .Values.server.workers) 0 }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "trino.worker" . }} + labels: + app: {{ template "trino.name" . }} + chart: {{ template "trino.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + component: worker +spec: + replicas: {{ .Values.server.workers }} + selector: + matchLabels: + app: {{ template "trino.name" . }} + release: {{ .Release.Name }} + component: worker + template: + metadata: + labels: + app: {{ template "trino.name" . }} + release: {{ .Release.Name }} + component: worker + spec: + serviceAccountName: {{ include "trino.serviceAccountName" . }} + volumes: + - name: config-volume + configMap: + name: {{ template "trino.worker" . }} + - name: catalog-volume + configMap: + name: {{ template "trino.catalog" . }} + - name: schemas-volume + configMap: + name: schemas-volume-worker + {{- if .Values.initContainers.worker }} + initContainers: + {{- tpl (toYaml .Values.initContainers.worker) . | nindent 6 }} + {{- end }} + imagePullSecrets: + {{- toYaml .Values.imagePullSecrets | nindent 8 }} + containers: + - name: {{ .Chart.Name }}-worker + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: + {{- toYaml .Values.env | nindent 12 }} + volumeMounts: + - mountPath: {{ .Values.server.config.path }} + name: config-volume + - mountPath: {{ .Values.server.config.path }}/catalog + name: catalog-volume + - mountPath: {{ .Values.kafka.mountPath }} + name: schemas-volume + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + {{- range $key, $value := .Values.worker.additionalExposedPorts }} + - name: {{ $value.name }} + containerPort: {{ $value.port }} + protocol: {{ $value.protocol }} + {{- end }} + livenessProbe: + httpGet: + path: /v1/info + port: http + initialDelaySeconds: {{ .Values.worker.livenessProbe.initialDelaySeconds | default 20 }} + periodSeconds: {{ .Values.worker.livenessProbe.periodSeconds | default 10 }} + timeoutSeconds: {{ .Values.worker.livenessProbe.timeoutSeconds | default 5 }} + failureThreshold: {{ .Values.worker.livenessProbe.failureThreshold | default 6 }} + successThreshold: {{ .Values.worker.livenessProbe.successThreshold | default 1 }} + readinessProbe: + httpGet: + path: /v1/info + port: http + initialDelaySeconds: {{ .Values.worker.readinessProbe.initialDelaySeconds | default 20 }} + periodSeconds: {{ .Values.worker.readinessProbe.periodSeconds | default 10 }} + timeoutSeconds: {{ .Values.worker.readinessProbe.timeoutSeconds | default 5 }} + failureThreshold: {{ .Values.worker.readinessProbe.failureThreshold | default 6 }} + successThreshold: {{ .Values.worker.readinessProbe.successThreshold | default 1 }} + resources: + {{- toYaml .Values.worker.resources | nindent 12 }} + {{- with .Values.worker.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.worker.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.worker.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/charts/trino/templates/secret.yaml b/charts/trino/templates/secret.yaml new file mode 100644 index 0000000..868c229 --- /dev/null +++ b/charts/trino/templates/secret.yaml @@ -0,0 +1,10 @@ +{{- if eq .Values.server.config.authenticationType "PASSWORD" }} +apiVersion: v1 +kind: Secret +metadata: + name: trino-password-authentication + labels: + {{- include "trino.labels" . | nindent 4 }} +data: + password.db: {{ .Values.auth.passwordAuth | b64enc }} +{{- end }} diff --git a/charts/trino/templates/service.yaml b/charts/trino/templates/service.yaml new file mode 100644 index 0000000..cfb0b2f --- /dev/null +++ b/charts/trino/templates/service.yaml @@ -0,0 +1,26 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "trino.fullname" . }} + labels: + app: {{ template "trino.name" . }} + chart: {{ template "trino.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + {{- range $key, $value := .Values.coordinator.additionalExposedPorts }} + - port: {{ $value.servicePort }} + name: {{ $value.name }} + targetPort: {{ $value.port }} + protocol: {{ $value.protocol }} + {{- end }} + selector: + app: {{ template "trino.name" . }} + release: {{ .Release.Name }} + component: coordinator diff --git a/charts/trino/templates/serviceaccount.yaml b/charts/trino/templates/serviceaccount.yaml new file mode 100644 index 0000000..29dfdcc --- /dev/null +++ b/charts/trino/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "trino.serviceAccountName" . }} + labels: + {{- include "trino.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/trino/values.yaml b/charts/trino/values.yaml new file mode 100644 index 0000000..2d9c399 --- /dev/null +++ b/charts/trino/values.yaml @@ -0,0 +1,285 @@ +# Default values for trino. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +image: + repository: trinodb/trino + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart version. + tag: latest + +imagePullSecrets: + - name: registry-credentials + +server: + workers: 2 + node: + environment: production + dataDir: /data/trino + pluginDir: /usr/lib/trino/plugin + log: + trino: + level: INFO + config: + path: /etc/trino + http: + port: 8080 + https: + enabled: false + port: 8443 + keystore: + path: "" + # Trino supports multiple authentication types: PASSWORD, CERTIFICATE, OAUTH2, JWT, KERBEROS + # For more info: https://trino.io/docs/current/security/authentication-types.html + authenticationType: "" + query: + maxMemory: "4GB" + exchangeManager: + name: "filesystem" + baseDir: "/tmp/trino-local-file-system-exchange-manager" + workerExtraConfig: "" + coordinatorExtraConfig: "" + autoscaling: + enabled: false + maxReplicas: 5 + targetCPUUtilizationPercentage: 50 + +accessControl: {} + # type: configmap + # refreshPeriod: 60s + # # Rules file is mounted to /etc/trino/access-control + # configFile: "rules.json" + # rules: + # rules.json: |- + # { + # "catalogs": [ + # { + # "user": "admin", + # "catalog": "(mysql|system)", + # "allow": "all" + # }, + # { + # "group": "finance|human_resources", + # "catalog": "postgres", + # "allow": true + # }, + # { + # "catalog": "hive", + # "allow": "all" + # }, + # { + # "user": "alice", + # "catalog": "postgresql", + # "allow": "read-only" + # }, + # { + # "catalog": "system", + # "allow": "none" + # } + # ], + # "schemas": [ + # { + # "user": "admin", + # "schema": ".*", + # "owner": true + # }, + # { + # "user": "guest", + # "owner": false + # }, + # { + # "catalog": "default", + # "schema": "default", + # "owner": true + # } + # ] + # } + +additionalNodeProperties: {} + +additionalConfigProperties: {} + +additionalLogProperties: {} + +additionalExchangeManagerProperties: {} + +eventListenerProperties: {} + +additionalCatalogs: {} + +# Array of EnvVar (https://v1-18.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#envvar-v1-core) +env: [] + +initContainers: {} + # coordinator: + # - name: init-coordinator + # image: busybox:1.28 + # imagePullPolicy: IfNotPresent + # command: ['sh', '-c', "until nslookup myservice.$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace).svc.cluster.local; do echo waiting for myservice; sleep 2; done"] + # worker: + # - name: init-worker + # image: busybox:1.28 + # command: ['sh', '-c', 'echo The worker is running! && sleep 3600'] + +securityContext: + runAsUser: 1000 + runAsGroup: 1000 + +service: + type: ClusterIP + port: 8080 + +auth: {} + # Set username and password + # https://trino.io/docs/current/security/password-file.html#file-format + # passwordAuth: "username:encrypted-password-with-htpasswd" + +serviceAccount: + # Specifies whether a service account should be created + create: false + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + # Annotations to add to the service account + annotations: {} + +secretMounts: [] + +coordinator: + jvm: + maxHeapSize: "8G" + gcMethod: + type: "UseG1GC" + g1: + heapRegionSize: "32M" + + config: + memory: + heapHeadroomPerNode: "" + query: + maxMemoryPerNode: "1GB" + + additionalJVMConfig: {} + + additionalExposedPorts: {} + + resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + + livenessProbe: {} + # initialDelaySeconds: 20 + # periodSeconds: 10 + # timeoutSeconds: 5 + # failureThreshold: 6 + # successThreshold: 1 + readinessProbe: {} + # initialDelaySeconds: 20 + # periodSeconds: 10 + # timeoutSeconds: 5 + # failureThreshold: 6 + # successThreshold: 1 + + nodeSelector: {} + + tolerations: [] + + affinity: {} + + additionalConfigFiles: {} + +worker: + jvm: + maxHeapSize: "8G" + gcMethod: + type: "UseG1GC" + g1: + heapRegionSize: "32M" + + config: + memory: + heapHeadroomPerNode: "" + query: + maxMemoryPerNode: "1GB" + + additionalJVMConfig: {} + + additionalExposedPorts: {} + + resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + + livenessProbe: {} + # initialDelaySeconds: 20 + # periodSeconds: 10 + # timeoutSeconds: 5 + # failureThreshold: 6 + # successThreshold: 1 + readinessProbe: {} + # initialDelaySeconds: 20 + # periodSeconds: 10 + # timeoutSeconds: 5 + # failureThreshold: 6 + # successThreshold: 1 + + nodeSelector: {} + + tolerations: [] + + affinity: {} + + additionalConfigFiles: {} + +kafka: + mountPath: "/etc/trino/schemas" + tableDescriptions: {} + # Custom kafka table descriptions that will be mounted in mountPath + # testschema.json: |- + # { + # "tableName": "testtable", + # "schemaName": "testschema", + # "topicName": "testtopic", + # "key": { + # "dataFormat": "json", + # "fields": [ + # { + # "name": "_key", + # "dataFormat": "VARCHAR", + # "type": "VARCHAR", + # "hidden": "false" + # } + # ] + # }, + # "message": { + # "dataFormat": "json", + # "fields": [ + # { + # "name": "id", + # "mapping": "id", + # "type": "BIGINT" + # }, + # { + # "name": "test_field", + # "mapping": "test_field", + # "type": "VARCHAR" + # } + # ] + # } + # } diff --git a/charts/tusd/.helmignore b/charts/tusd/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/charts/tusd/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/tusd/Chart.yaml b/charts/tusd/Chart.yaml new file mode 100644 index 0000000..dbfe537 --- /dev/null +++ b/charts/tusd/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: tusd +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.3.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/charts/tusd/templates/NOTES.txt b/charts/tusd/templates/NOTES.txt new file mode 100644 index 0000000..3bc7fc7 --- /dev/null +++ b/charts/tusd/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "tusd.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "tusd.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "tusd.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "tusd.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/charts/tusd/templates/_helpers.tpl b/charts/tusd/templates/_helpers.tpl new file mode 100644 index 0000000..f6c0ca6 --- /dev/null +++ b/charts/tusd/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "tusd.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "tusd.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "tusd.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "tusd.labels" -}} +helm.sh/chart: {{ include "tusd.chart" . }} +{{ include "tusd.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "tusd.selectorLabels" -}} +app.kubernetes.io/name: {{ include "tusd.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "tusd.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "tusd.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/charts/tusd/templates/deployment.yaml b/charts/tusd/templates/deployment.yaml new file mode 100644 index 0000000..34db674 --- /dev/null +++ b/charts/tusd/templates/deployment.yaml @@ -0,0 +1,84 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "tusd.fullname" . }} + labels: + {{- include "tusd.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "tusd.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + backup.velero.io/backup-volumes: uploads-data + {{- with .Values.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "tusd.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "tusd.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + initContainers: + - name: change-permissions + image: alpine + command: + - chown + - -R + - 1000:1000 + - /srv/tusd-data/ + volumeMounts: + - name: uploads-data + mountPath: /srv/tusd-data/ + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + command: + - tusd + - -behind-proxy + volumeMounts: + - name: uploads-data + mountPath: /srv/tusd-data/ + ports: + - name: http + containerPort: 1080 + protocol: TCP + livenessProbe: + httpGet: + path: / + port: 1080 + readinessProbe: + httpGet: + path: / + port: 1080 + {{- end }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + volumes: + - name: uploads-data + persistentVolumeClaim: + claimName: {{ .Values.persistence.volumeClaim }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} \ No newline at end of file diff --git a/charts/tusd/templates/hpa.yaml b/charts/tusd/templates/hpa.yaml new file mode 100644 index 0000000..b332f5d --- /dev/null +++ b/charts/tusd/templates/hpa.yaml @@ -0,0 +1,28 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2beta1 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "tusd.fullname" . }} + labels: + {{- include "tusd.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "tusd.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/charts/tusd/templates/ingress.yaml b/charts/tusd/templates/ingress.yaml new file mode 100644 index 0000000..6854313 --- /dev/null +++ b/charts/tusd/templates/ingress.yaml @@ -0,0 +1,41 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "tusd.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "tusd.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + backend: + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} diff --git a/charts/tusd/templates/service.yaml b/charts/tusd/templates/service.yaml new file mode 100644 index 0000000..a0dadfa --- /dev/null +++ b/charts/tusd/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "tusd.fullname" . }} + labels: + {{- include "tusd.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "tusd.selectorLabels" . | nindent 4 }} diff --git a/charts/tusd/templates/serviceaccount.yaml b/charts/tusd/templates/serviceaccount.yaml new file mode 100644 index 0000000..c0c0e74 --- /dev/null +++ b/charts/tusd/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "tusd.serviceAccountName" . }} + labels: + {{- include "tusd.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/tusd/templates/tests/test-connection.yaml b/charts/tusd/templates/tests/test-connection.yaml new file mode 100644 index 0000000..a70a1ce --- /dev/null +++ b/charts/tusd/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "tusd.fullname" . }}-test-connection" + labels: + {{- include "tusd.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "tusd.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/charts/tusd/values.yaml b/charts/tusd/values.yaml new file mode 100644 index 0000000..b07eed6 --- /dev/null +++ b/charts/tusd/values.yaml @@ -0,0 +1,78 @@ +replicaCount: 1 + +image: + repository: tusproject/tusd + pullPolicy: IfNotPresent + tag: "latest" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +persistence: + enabled: false + size: 100M + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podSecurityContext: + fsGroup: 1000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 80 + +ingress: + enabled: false + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: [] + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + # targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {} \ No newline at end of file diff --git a/charts/web-service/.helmignore b/charts/web-service/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/charts/web-service/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/web-service/Chart.yaml b/charts/web-service/Chart.yaml new file mode 100644 index 0000000..26b1725 --- /dev/null +++ b/charts/web-service/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: web-service +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.3.3 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/charts/web-service/templates/NOTES.txt b/charts/web-service/templates/NOTES.txt new file mode 100644 index 0000000..da7a9da --- /dev/null +++ b/charts/web-service/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "web-service.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "web-service.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "web-service.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "web-service.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/charts/web-service/templates/_helpers.tpl b/charts/web-service/templates/_helpers.tpl new file mode 100644 index 0000000..6d713d4 --- /dev/null +++ b/charts/web-service/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "web-service.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "web-service.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "web-service.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "web-service.labels" -}} +helm.sh/chart: {{ include "web-service.chart" . }} +{{ include "web-service.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "web-service.selectorLabels" -}} +app.kubernetes.io/name: {{ include "web-service.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "web-service.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "web-service.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/charts/web-service/templates/deployment.yaml b/charts/web-service/templates/deployment.yaml new file mode 100644 index 0000000..de6a394 --- /dev/null +++ b/charts/web-service/templates/deployment.yaml @@ -0,0 +1,115 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "web-service.fullname" . }} + {{- with .Values.deploymentAnnotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "web-service.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "web-service.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + {{- with .Values.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + checksum/secret: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }} + labels: + {{- include "web-service.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "web-service.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- with .Values.args }} + args: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.command }} + args: + {{- toYaml . | nindent 12 }} + {{- end }} + env: + {{- range $key, $value := .Values.env }} + - name: {{ $key}} + value: {{ $value | quote}} + {{- end }} + {{- range $key, $value := .Values.secretenv }} + - name: {{ $key }} + valueFrom: + secretKeyRef: + name: {{ $.Release.Name }}-secrets + key: {{ $key }} + {{- end }} + ports: + - name: http + containerPort: {{ .Values.service.targetPort}} + protocol: TCP + {{- if .Values.metric.enabled }} + - protocol: TCP + name: metric + containerPort: {{ .Values.metric.port }} + {{- end }} + {{- if .Values.liveness.enabled }} + livenessProbe: + {{- with .Values.liveness.command }} + exec: + command: + {{- toYaml . | nindent 16 }} + {{- end }} + {{- if .Values.liveness.path }} + httpGet: + path: {{ .Values.liveness.path }} + port: {{ .Values.liveness.port }} + {{- end }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} + {{- end }} + {{- if .Values.readiness.enabled }} + readinessProbe: + {{- with .Values.readiness.command }} + exec: + command: + {{- toYaml . | nindent 16 }} + {{- end }} + {{- if .Values.readiness.path }} + httpGet: + path: {{ .Values.readiness.path }} + port: {{ .Values.readiness.port }} + {{- end }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} + {{- end }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/web-service/templates/hpa.yaml b/charts/web-service/templates/hpa.yaml new file mode 100644 index 0000000..d1b53d2 --- /dev/null +++ b/charts/web-service/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "web-service.fullname" . }} + labels: + {{- include "web-service.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "web-service.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/web-service/templates/httpRoute.yaml b/charts/web-service/templates/httpRoute.yaml new file mode 100644 index 0000000..9e93183 --- /dev/null +++ b/charts/web-service/templates/httpRoute.yaml @@ -0,0 +1,40 @@ +{{- if .Values.httpRoute.enabled -}} +apiVersion: gateway.networking.k8s.io/v1 +kind: HTTPRoute +metadata: + name: {{ include "web-service.fullname" . }} + labels: + {{- include "web-service.labels" . | nindent 4 }} +spec: + parentRefs: + {{- range .Values.httpRoute.parentRefs }} + - name: {{ .name }} + kind: {{ .kind }} + {{- if .namespace }} + namespace: {{ .namespace }} + {{- end }} + {{- end }} + + hostnames: + {{- range .Values.httpRoute.hostnames }} + - "{{ . }}" + {{- end }} + + rules: + {{- range .Values.httpRoute.rules }} + - backendRefs: + {{- range .backendRefs }} + - group: {{ .group }} + kind: {{ .kind }} + name: {{ .name }} + port: {{ .port }} + weight: {{ .weight | default 1 }} + {{- end }} + matches: + {{- range .matches }} + - path: + type: {{ .path.type }} + value: {{ .path.value }} + {{- end }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/web-service/templates/ingress.yaml b/charts/web-service/templates/ingress.yaml new file mode 100644 index 0000000..618fb55 --- /dev/null +++ b/charts/web-service/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "web-service.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "web-service.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/web-service/templates/secrets.yaml b/charts/web-service/templates/secrets.yaml new file mode 100644 index 0000000..32ebe85 --- /dev/null +++ b/charts/web-service/templates/secrets.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Release.Name }}-secrets +type: Opaque +data: + {{- range $key, $value := .Values.secretenv }} + {{ $key | quote }}: {{ $value | toString | b64enc | quote }} + {{- end }} \ No newline at end of file diff --git a/charts/web-service/templates/service.yaml b/charts/web-service/templates/service.yaml new file mode 100644 index 0000000..f518bda --- /dev/null +++ b/charts/web-service/templates/service.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "web-service.fullname" . }} + labels: + {{- include "web-service.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: {{ .Values.service.targetPort }} + protocol: TCP + name: http + {{- if .Values.metric.enabled }} + - port: {{ .Values.metric.port }} + protocol: TCP + targetPort: metric + name: metric + appProtocol: http + {{- end }} + selector: + {{- include "web-service.selectorLabels" . | nindent 4 }} diff --git a/charts/web-service/templates/serviceaccount.yaml b/charts/web-service/templates/serviceaccount.yaml new file mode 100644 index 0000000..31d4795 --- /dev/null +++ b/charts/web-service/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "web-service.serviceAccountName" . }} + labels: + {{- include "web-service.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/web-service/templates/servicemonitor.yaml b/charts/web-service/templates/servicemonitor.yaml new file mode 100644 index 0000000..b5aa425 --- /dev/null +++ b/charts/web-service/templates/servicemonitor.yaml @@ -0,0 +1,24 @@ +{{- if .Values.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: "{{ include "web-service.fullname" . }}" + labels: + app.kubernetes.io/name: {{ template "web-service.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + {{- if .Values.metrics.serviceMonitor.additionalLabels }} + # {{ toYaml .Values.metrics.serviceMonitor.additionalLabels | indent 4 }} + {{- end }} + namespace: {{ .Release.Namespace }} +spec: + jobLabel: "{{ include "web-service.fullname" . }}" + selector: + matchLabels: + {{- include "web-service.selectorLabels" . | nindent 6 }} + endpoints: + - port: http + interval: 10s + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} +{{- end }} \ No newline at end of file diff --git a/charts/web-service/templates/tests/test-connection.yaml b/charts/web-service/templates/tests/test-connection.yaml new file mode 100644 index 0000000..46481ce --- /dev/null +++ b/charts/web-service/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "web-service.fullname" . }}-test-connection" + labels: + {{- include "web-service.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "web-service.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/charts/web-service/values.yaml b/charts/web-service/values.yaml new file mode 100644 index 0000000..1e4d27b --- /dev/null +++ b/charts/web-service/values.yaml @@ -0,0 +1,131 @@ +# Default values for web-service. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: nginx + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +args: [] +command: [] +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +deploymentAnnotations: [] + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +liveness: + command: [] + enabled: true + path: / + port: http + periodSeconds: 30 + initialDelaySeconds: 30 + timeoutSeconds: 1 +readiness: + command: [] + enabled: true + port: http + path: / + periodSeconds: 30 + initialDelaySeconds: 30 + timeoutSeconds: 1 +service: + type: ClusterIP + port: 80 + targetPort: 80 + +metric: + enabled: false + port: 9400 +metrics: + serviceMonitor: + enabled: false + additionalLabel: {} + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + # targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {} + +httpRoute: + enabled: false + parentRefs: + - name: envoygateway + kind: Gateway + namespace: default + hostnames: + - "web-service.example.com" + rules: + - backendRefs: + - group: "" + kind: "Service" + weight: 1 + name: web-service + port: 80 + matches: + - path: + type: PathPrefix + value: / \ No newline at end of file diff --git a/index.yaml b/index.yaml new file mode 100644 index 0000000..b7a2ec8 --- /dev/null +++ b/index.yaml @@ -0,0 +1,286 @@ +apiVersion: v1 +entries: + coturn: + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-14T11:07:41.699119206Z" + description: A Helm chart for Kubernetes + digest: 79b9b3b390cf6019b81f21a11ee1fbba103e64cd7fdcab94b84edf8ea4c2bb6c + name: coturn + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/coturn-0.3.1/coturn-0.3.1.tgz + version: 0.3.1 + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-14T09:28:33.873017515Z" + description: A Helm chart for Kubernetes + digest: e8c87b014afd4b97d2b1d5b1ef27fbca83a2392ee03d3e5e4f5934795d626325 + name: coturn + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/coturn-0.3.0/coturn-0.3.0.tgz + version: 0.3.0 + ecommerce-web: + - apiVersion: v2 + appVersion: "2021-05-04" + created: "2024-11-14T09:28:33.993363709Z" + description: A Helm chart for Kubernetes + digest: a3c017bb1710b03df07e254fb7d0f1ab48c9995844d239885d950c683fccb588 + name: ecommerce-web + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/ecommerce-web-0.3.0/ecommerce-web-0.3.0.tgz + version: 0.3.0 + grpc-service: + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-12-16T08:46:57.136124692Z" + description: A Helm chart for Kubernetes + digest: 6fdae3f8992416589b07ab17300f91e4a266f0030c4ebd406cdc619f0f827976 + name: grpc-service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/grpc-service-0.3.4/grpc-service-0.3.4.tgz + version: 0.3.4 + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-12-13T10:51:19.152080822Z" + description: A Helm chart for Kubernetes + digest: e8687feeebd6fe1a19213c5cc13ebc9d85c86311bbdf81912376a57db0aca409 + name: grpc-service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/grpc-service-0.3.3/grpc-service-0.3.3.tgz + version: 0.3.3 + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-12-13T09:30:20.990877385Z" + description: A Helm chart for Kubernetes + digest: 099a7eadc9ff321b25da5096ba2809f14d41a6100e895fb8b22c5902623e6dda + name: grpc-service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/grpc-service-0.3.2/grpc-service-0.3.2.tgz + version: 0.3.2 + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-22T05:12:42.336624823Z" + description: A Helm chart for Kubernetes + digest: 4280294b61f665d2ef9035b8725d2ac450c6f68e0b47ec9158e8426f5c40774d + name: grpc-service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/grpc-service-0.3.1/grpc-service-0.3.1.tgz + version: 0.3.1 + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-14T09:28:34.156161289Z" + description: A Helm chart for Kubernetes + digest: 9778bc4d8bbcf706e477a340ed0ea225f9b7ff4328a0a5b5db88cb27db35195e + name: grpc-service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/grpc-service-0.3.0/grpc-service-0.3.0.tgz + version: 0.3.0 + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-14T09:22:17.772249162Z" + description: A Helm chart for Kubernetes + digest: 09cb11af94c331c8ec29994b05337c9e676d1eca791317e1e9dc753615b575f8 + name: grpc-service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/grpc-service-0.2.0/grpc-service-0.2.0.tgz + version: 0.2.0 + micronaut-service: + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-14T09:28:34.267542785Z" + description: A Helm chart for Kubernetes + digest: 59dd238d30b7c3faba6afadee0ea921c904bb9c2e1e66bedff9e046409561d62 + name: micronaut-service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/micronaut-service-0.3.0/micronaut-service-0.3.0.tgz + version: 0.3.0 + msg-service: + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-14T09:28:34.379241543Z" + description: A Helm chart for Kubernetes + digest: 37b44c03aea9af10f92248d447cc17260f9ab379fd3dc2af18c3bca6f946831c + name: msg-service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/msg-service-0.3.0/msg-service-0.3.0.tgz + version: 0.3.0 + parewa-api: + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-14T09:28:34.508585189Z" + description: A Helm chart for Kubernetes + digest: fa231b2e5c629002da3bc564b537389573ead6eb35adf128f8642e2f6a3adc11 + name: parewa-api + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/parewa-api-0.3.0/parewa-api-0.3.0.tgz + version: 0.3.0 + quarkus-service: + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-14T09:28:34.635714352Z" + description: A Helm chart for Kubernetes + digest: da65c9f219ad5bfe0c755273833716e3fc1c717f006efd1f2b6522d3bdf80e20 + name: quarkus-service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/quarkus-service-0.3.0/quarkus-service-0.3.0.tgz + version: 0.3.0 + service: + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-12-16T08:46:57.230600511Z" + description: A Helm chart for Kubernetes + digest: fc366650efa216c25191fcfa79ea18cb29799187d18d3fda8b012d58e927dea8 + name: service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/service-0.3.6/service-0.3.6.tgz + version: 0.3.6 + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-12-13T10:51:19.255961883Z" + description: A Helm chart for Kubernetes + digest: 344948b962744c521f59304b75bdefc7685ef6d31cba2b2cfdcbc862baf57708 + name: service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/service-0.3.5/service-0.3.5.tgz + version: 0.3.5 + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-12-13T09:18:40.476433015Z" + description: A Helm chart for Kubernetes + digest: cbba5dd470b36bcf9d3a04eb778d2f540c3423bfaba20dfb1adcf0e3437f9899 + name: service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/service-0.3.4/service-0.3.4.tgz + version: 0.3.4 + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-22T05:12:42.567406801Z" + description: A Helm chart for Kubernetes + digest: 8c521cdfb7b6355a432d31b053adc4632a5d22b4ae9a7cd2cbd50a37e78ac7d2 + name: service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/service-0.3.3/service-0.3.3.tgz + version: 0.3.3 + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-14T10:19:20.266465027Z" + description: A Helm chart for Kubernetes + digest: d6b866f3ec7bab975018525daec24174447a0ece7be4bb20e43487b1e47382f3 + name: service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/service-0.3.2/service-0.3.2.tgz + version: 0.3.2 + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-14T10:04:41.23497082Z" + description: A Helm chart for Kubernetes + digest: 838fe2ecc8f964823e6955632c51b29092612b2037b8e020c7c765efeccca695 + name: service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/service-0.3.1/service-0.3.1.tgz + version: 0.3.1 + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-14T09:28:34.754468243Z" + description: A Helm chart for Kubernetes + digest: b8a956264622858143270dbe2d7f603c8fcd1a428013faaa0e2b3ca40e1a7f62 + name: service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/service-0.3.0/service-0.3.0.tgz + version: 0.3.0 + squid: + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-14T09:28:34.84724996Z" + description: A Helm chart for Kubernetes + digest: 4bb161a3411179df6ebee0da5f6c70c2a98e313ab25c312b2ed8cc5c339d5e3c + name: squid + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/squid-0.3.0/squid-0.3.0.tgz + version: 0.3.0 + trino: + - apiVersion: v2 + appVersion: "375" + created: "2024-11-14T09:28:34.965084802Z" + description: Fast distributed SQL query engine for big data analytics that helps + you explore your data universe + digest: a27614a88bce6c4a2871c33d29ffc28b32ad00e108198d7b4810c8678d50ba3e + name: trino + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/trino-0.3.0/trino-0.3.0.tgz + version: 0.3.0 + tusd: + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-14T09:28:35.087460182Z" + description: A Helm chart for Kubernetes + digest: d128420bc7e4ba1b5d5931807f015caab928b1632d8160e5d925e0081079546d + name: tusd + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/tusd-0.3.0/tusd-0.3.0.tgz + version: 0.3.0 + web-service: + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-12-16T08:37:22.426251695Z" + description: A Helm chart for Kubernetes + digest: 6f720eaa5dfac0b856b2d897f9ac30c0745a6aecf75cae1091c72d044f67faca + name: web-service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/web-service-0.3.3/web-service-0.3.3.tgz + version: 0.3.3 + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-12-13T10:51:19.41383103Z" + description: A Helm chart for Kubernetes + digest: 57aa2ede460fa81e957c59ae7296d9a6419c7e2afb766353dea94878a36213da + name: web-service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/web-service-0.3.2/web-service-0.3.2.tgz + version: 0.3.2 + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-12-13T08:45:54.815256622Z" + description: A Helm chart for Kubernetes + digest: ae4ed0d58cff32a9aa7c8e95ac7412b1549ed37e884de7206b20b5930a2b5e9d + name: web-service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/web-service-0.3.1/web-service-0.3.1.tgz + version: 0.3.1 + - apiVersion: v2 + appVersion: 1.16.0 + created: "2024-11-14T09:28:35.223058908Z" + description: A Helm chart for Kubernetes + digest: 6c6887327334c8634f3af88a603173ac0469bc16f3147410b64eb7264b3b7a12 + name: web-service + type: application + urls: + - https://github.com/hamropatro/helm-charts/releases/download/web-service-0.3.0/web-service-0.3.0.tgz + version: 0.3.0 +generated: "2024-12-16T08:46:57.23066409Z"