From 56559539b7eb59599d82c8788ef99d621bf83fb6 Mon Sep 17 00:00:00 2001
From: Sergey Yakubov <sergey.yakubov@desy.de>
Date: Mon, 30 Mar 2020 14:48:59 +0200
Subject: [PATCH] add influxdb to chart, refactor
---
.gitignore | 5 +++
deploy/asapo_helm_chart/asapo/Chart.yaml | 8 ++++
...{authorizer.json => asapo-authorizer.json} | 3 +-
.../asapo/configs/asapo-broker.json | 9 ++++
.../asapo/templates/_config-map.tpl | 10 +++++
.../asapo/templates/_helpers.tpl | 0
.../asapo/templates/_ingress.tpl | 20 +++++++++
.../asapo/templates/_service.tpl | 14 +++++++
.../asapo/templates/authorizer-config.yaml | 6 ---
.../templates/authorizer-deployment.yaml | 18 ++++----
.../asapo/templates/authorizer-ingress.yaml | 19 +--------
.../asapo/templates/authorizer-service.yaml | 11 -----
.../asapo/templates/broker-deployment.yaml | 42 +++++++++++++++++++
.../asapo/templates/configs.yaml | 9 ++++
.../asapo/templates/services.yaml | 9 ++++
.../asapo/templates/storage.yaml | 4 +-
deploy/asapo_helm_chart/asapo/values.yaml | 27 ++++++++++--
17 files changed, 164 insertions(+), 50 deletions(-)
rename deploy/asapo_helm_chart/asapo/configs/{authorizer.json => asapo-authorizer.json} (92%)
create mode 100644 deploy/asapo_helm_chart/asapo/configs/asapo-broker.json
create mode 100644 deploy/asapo_helm_chart/asapo/templates/_config-map.tpl
delete mode 100644 deploy/asapo_helm_chart/asapo/templates/_helpers.tpl
create mode 100644 deploy/asapo_helm_chart/asapo/templates/_ingress.tpl
create mode 100644 deploy/asapo_helm_chart/asapo/templates/_service.tpl
delete mode 100644 deploy/asapo_helm_chart/asapo/templates/authorizer-config.yaml
delete mode 100644 deploy/asapo_helm_chart/asapo/templates/authorizer-service.yaml
create mode 100644 deploy/asapo_helm_chart/asapo/templates/broker-deployment.yaml
create mode 100644 deploy/asapo_helm_chart/asapo/templates/configs.yaml
create mode 100644 deploy/asapo_helm_chart/asapo/templates/services.yaml
diff --git a/.gitignore b/.gitignore
index 0b81b3f01..f7e7dd86d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -141,3 +141,8 @@ common/go/src/asapo_common/version/version_lib.go
.terraform
terraform.tfstate*
+
+
+#helm chart
+deploy/asapo_helm_chart/asapo/Chart.lock
+deploy/asapo_helm_chart/asapo/charts/
\ No newline at end of file
diff --git a/deploy/asapo_helm_chart/asapo/Chart.yaml b/deploy/asapo_helm_chart/asapo/Chart.yaml
index b73e5145f..032a6d45b 100644
--- a/deploy/asapo_helm_chart/asapo/Chart.yaml
+++ b/deploy/asapo_helm_chart/asapo/Chart.yaml
@@ -19,3 +19,11 @@ version: 0.1.0
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application.
appVersion: 1.16.0
+
+
+dependencies:
+ - name: influxdb
+ version: "~0.4.3"
+ repository: "https://charts.bitnami.com/bitnami"
+
+
diff --git a/deploy/asapo_helm_chart/asapo/configs/authorizer.json b/deploy/asapo_helm_chart/asapo/configs/asapo-authorizer.json
similarity index 92%
rename from deploy/asapo_helm_chart/asapo/configs/authorizer.json
rename to deploy/asapo_helm_chart/asapo/configs/asapo-authorizer.json
index 3a6784d5b..b3ad3fd52 100644
--- a/deploy/asapo_helm_chart/asapo/configs/authorizer.json
+++ b/deploy/asapo_helm_chart/asapo/configs/asapo-authorizer.json
@@ -1,5 +1,5 @@
{
- "Port": 5007,
+ "Port": {{ .Values.ownServices.authorizer.port }},
"LogLevel":"debug",
"AlwaysAllowedBeamtimes":[{"beamtimeId":"asapo_test","beamline":"test","core-path":"{{ .Values.common.offlineDir }}/test_facility/gpfs/test/2019/data/asapo_test"},
{"beamtimeId":"asapo_test1","beamline":"test1","core-path":"{{ .Values.common.offlineDir }}/test_facility/gpfs/test1/2019/data/asapo_test1"},
@@ -9,4 +9,3 @@
"SecretFile":"/etc/authorizer/auth_secret.key",
"TokenDurationMin":600
}
-
diff --git a/deploy/asapo_helm_chart/asapo/configs/asapo-broker.json b/deploy/asapo_helm_chart/asapo/configs/asapo-broker.json
new file mode 100644
index 000000000..10441cd9f
--- /dev/null
+++ b/deploy/asapo_helm_chart/asapo/configs/asapo-broker.json
@@ -0,0 +1,9 @@
+{
+ "DatabaseServer":"auto",
+ "DiscoveryServer": "discovery:{{ .Values.ownServices.discovery.port }}",
+ "PerformanceDbServer":"{{ .Chart.Name }}-influxdb:{{ .Values.influxdb.influxdb.service.port }}",
+ "PerformanceDbName": "asapo_brokers",
+ "Port": {{ .Values.ownServices.broker.port }},
+ "LogLevel":"debug",
+ "SecretFile":"/etc/broker/auth_secret.key"
+}
diff --git a/deploy/asapo_helm_chart/asapo/templates/_config-map.tpl b/deploy/asapo_helm_chart/asapo/templates/_config-map.tpl
new file mode 100644
index 000000000..14851a6c1
--- /dev/null
+++ b/deploy/asapo_helm_chart/asapo/templates/_config-map.tpl
@@ -0,0 +1,10 @@
+{{/* Generate configmaps */}}
+{{- define "asapo.configmap-fromfile" }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ .service.serviceName }}-config
+data:
+ {{ .service.serviceName }}.json: {{ tpl (.Files.Get (printf "configs/%s.json" .service.serviceName)) . | quote }}
+{{- end }}
+
diff --git a/deploy/asapo_helm_chart/asapo/templates/_helpers.tpl b/deploy/asapo_helm_chart/asapo/templates/_helpers.tpl
deleted file mode 100644
index e69de29bb..000000000
diff --git a/deploy/asapo_helm_chart/asapo/templates/_ingress.tpl b/deploy/asapo_helm_chart/asapo/templates/_ingress.tpl
new file mode 100644
index 000000000..2ef5a7eab
--- /dev/null
+++ b/deploy/asapo_helm_chart/asapo/templates/_ingress.tpl
@@ -0,0 +1,20 @@
+{{/* Generate ingres */}}
+{{- define "asapo.ingress" }}
+apiVersion: networking.k8s.io/v1beta1
+kind: Ingress
+metadata:
+ name: ingress-{{ .service.serviceName }}
+ annotations:
+ kubernetes.io/ingress.class: "nginx"
+ nginx.ingress.kubernetes.io/rewrite-target: /$2
+ nginx.ingress.kubernetes.io/whitelist-source-range: 131.169.0.0/16
+spec:
+ rules:
+ - host: "*.desy.de"
+ http:
+ paths:
+ - path: /{{ .Release.Namespace }}/{{ .service.serviceName }}(/|$)(.*)
+ backend:
+ serviceName: {{ .service.serviceName }}
+ servicePort: {{ .service.port }}
+{{- end }}
diff --git a/deploy/asapo_helm_chart/asapo/templates/_service.tpl b/deploy/asapo_helm_chart/asapo/templates/_service.tpl
new file mode 100644
index 000000000..c766111db
--- /dev/null
+++ b/deploy/asapo_helm_chart/asapo/templates/_service.tpl
@@ -0,0 +1,14 @@
+{{/* Generate service */}}
+{{- define "asapo.service" }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ .service.serviceName }}
+spec:
+ type: {{ if .service._exposeServiceExtrernally }}NodePort{{ else }}ClusterIP{{ end }}
+ ports:
+ - protocol: TCP
+ port: {{ .service.port }}
+ selector:
+ app: {{ .service.serviceName }}
+{{- end }}
diff --git a/deploy/asapo_helm_chart/asapo/templates/authorizer-config.yaml b/deploy/asapo_helm_chart/asapo/templates/authorizer-config.yaml
deleted file mode 100644
index a20024084..000000000
--- a/deploy/asapo_helm_chart/asapo/templates/authorizer-config.yaml
+++ /dev/null
@@ -1,6 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: authorizer-config
-data:
- authorizer.json: {{ tpl (.Files.Get "configs/authorizer.json") . | quote }}
diff --git a/deploy/asapo_helm_chart/asapo/templates/authorizer-deployment.yaml b/deploy/asapo_helm_chart/asapo/templates/authorizer-deployment.yaml
index 2d6afedcb..7ad1bd27e 100644
--- a/deploy/asapo_helm_chart/asapo/templates/authorizer-deployment.yaml
+++ b/deploy/asapo_helm_chart/asapo/templates/authorizer-deployment.yaml
@@ -1,20 +1,20 @@
apiVersion: apps/v1
kind: Deployment
metadata:
- name: authorizer-deployment
+ name: asapo-authorizer
labels:
- app: authorizer
+ app: asapo-authorizer
spec:
- replicas: {{ .Values.authorizer.replicaCount }}
+ replicas: {{ .Values.ownServices.authorizer.replicaCount }}
selector:
matchLabels:
- app: authorizer
+ app: asapo-authorizer
template:
metadata:
labels:
- app: authorizer
+ app: asapo-authorizer
annotations:
- checksum/config: {{ include (print $.Template.BasePath "/authorizer-config.yaml") . | sha256sum }}
+ checksum/config: {{ .Files.Get "configs/asapo-authorizer.json" | sha256sum }}
checksum/secret: {{ include (print $.Template.BasePath "/auth-secret.yaml") . | sha256sum }}
spec:
volumes:
@@ -22,7 +22,7 @@ spec:
projected:
sources:
- configMap:
- name: authorizer-config
+ name: asapo-authorizer-config
- secret:
name: auth-secret
- name: shared-volume-offline
@@ -35,9 +35,9 @@ spec:
- name: authorizer
image: "yakser/asapo-authorizer-dev:{{ .Values.common.asapoVersionTag }}"
command: ["/asapo-authorizer"]
- args: ["-config", "/etc/authorizer/authorizer.json"]
+ args: ["-config", "/etc/authorizer/asapo-authorizer.json"]
ports:
- - containerPort: 5007
+ - containerPort: {{ .Values.ownServices.authorizer.port }}
volumeMounts:
- mountPath: "/etc/authorizer"
name: all-in-one
diff --git a/deploy/asapo_helm_chart/asapo/templates/authorizer-ingress.yaml b/deploy/asapo_helm_chart/asapo/templates/authorizer-ingress.yaml
index e4bccfc53..08bc7107b 100644
--- a/deploy/asapo_helm_chart/asapo/templates/authorizer-ingress.yaml
+++ b/deploy/asapo_helm_chart/asapo/templates/authorizer-ingress.yaml
@@ -1,17 +1,2 @@
-apiVersion: networking.k8s.io/v1beta1
-kind: Ingress
-metadata:
- name: ingress-authorizer
- annotations:
- kubernetes.io/ingress.class: "nginx"
- nginx.ingress.kubernetes.io/rewrite-target: /$2
- nginx.ingress.kubernetes.io/whitelist-source-range: 131.169.0.0/16
-spec:
- rules:
- - host: "*.desy.de"
- http:
- paths:
- - path: /{{ .Release.Namespace }}/authorizer(/|$)(.*)
- backend:
- serviceName: authorizer
- servicePort: 5007
+{{ $data := dict "Release" .Release "Values" .Values "service" .Values.ownServices.authorizer }}
+{{- template "asapo.ingress" $data }}
diff --git a/deploy/asapo_helm_chart/asapo/templates/authorizer-service.yaml b/deploy/asapo_helm_chart/asapo/templates/authorizer-service.yaml
deleted file mode 100644
index a67faa7a1..000000000
--- a/deploy/asapo_helm_chart/asapo/templates/authorizer-service.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
- name: authorizer
-spec:
- type: ClusterIP
- ports:
- - protocol: TCP
- port: 5007
- selector:
- app: authorizer
diff --git a/deploy/asapo_helm_chart/asapo/templates/broker-deployment.yaml b/deploy/asapo_helm_chart/asapo/templates/broker-deployment.yaml
new file mode 100644
index 000000000..9552f0cc1
--- /dev/null
+++ b/deploy/asapo_helm_chart/asapo/templates/broker-deployment.yaml
@@ -0,0 +1,42 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: asapo-broker
+ labels:
+ app: asapo-broker
+spec:
+ replicas: {{ .Values.ownServices.broker.replicaCount }}
+ selector:
+ matchLabels:
+ app: broker
+ template:
+ metadata:
+ labels:
+ app: broker
+ annotations:
+ checksum/config: {{ .Files.Get "configs/asapo-broker.json" | sha256sum }}
+ checksum/secret: {{ include (print $.Template.BasePath "/auth-secret.yaml") . | sha256sum }}
+ spec:
+ volumes:
+ - name: all-in-one
+ projected:
+ sources:
+ - configMap:
+ name: asapo-broker-config
+ - secret:
+ name: auth-secret
+ initContainers:
+ - name: wait-databases
+ image: busybox:1.28
+ command: ['sh', '-c', "until wget asapo-influxdb:8086/ping; do echo waiting for influxdb; sleep 2; done"]
+ containers:
+ - name: broker
+ image: "yakser/asapo-broker-dev:{{ .Values.common.asapoVersionTag }}"
+ command: ["/asapo-broker"]
+ args: ["-config", "/etc/broker/asapo-broker.json"]
+ ports:
+ - containerPort: {{ .Values.ownServices.broker.port }}
+ volumeMounts:
+ - mountPath: "/etc/broker"
+ name: all-in-one
+
diff --git a/deploy/asapo_helm_chart/asapo/templates/configs.yaml b/deploy/asapo_helm_chart/asapo/templates/configs.yaml
new file mode 100644
index 000000000..4c6fcd30b
--- /dev/null
+++ b/deploy/asapo_helm_chart/asapo/templates/configs.yaml
@@ -0,0 +1,9 @@
+{{ $servicesToConfig := list .Values.ownServices.authorizer.serviceName .Values.ownServices.broker.serviceName }}
+
+{{- range .Values.ownServices }}
+ {{ $data := dict "Chart" $.Chart "Template" $.Template "Values" $.Values "Files" $.Files "service" . }}
+ {{- if has .serviceName $servicesToConfig }}
+ {{- template "asapo.configmap-fromfile" $data }}
+---
+ {{- end }}
+{{- end }}
diff --git a/deploy/asapo_helm_chart/asapo/templates/services.yaml b/deploy/asapo_helm_chart/asapo/templates/services.yaml
new file mode 100644
index 000000000..c40f4a530
--- /dev/null
+++ b/deploy/asapo_helm_chart/asapo/templates/services.yaml
@@ -0,0 +1,9 @@
+{{ $servicesToConfig := list .Values.ownServices.authorizer.serviceName .Values.ownServices.broker.serviceName }}
+
+{{- range .Values.ownServices }}
+ {{ $data := dict "Values" $.Values "service" . }}
+ {{- if has .serviceName $servicesToConfig }}
+ {{- template "asapo.service" $data }}
+---
+ {{- end }}
+{{- end }}
diff --git a/deploy/asapo_helm_chart/asapo/templates/storage.yaml b/deploy/asapo_helm_chart/asapo/templates/storage.yaml
index 391c2b4e9..3dcd96928 100644
--- a/deploy/asapo_helm_chart/asapo/templates/storage.yaml
+++ b/deploy/asapo_helm_chart/asapo/templates/storage.yaml
@@ -8,7 +8,7 @@ spec:
- ReadWriteMany
resources:
requests:
- storage: 5Gi
+ storage: 3Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
@@ -20,4 +20,4 @@ spec:
- ReadWriteMany
resources:
requests:
- storage: 5Gi
\ No newline at end of file
+ storage: 1Gi
\ No newline at end of file
diff --git a/deploy/asapo_helm_chart/asapo/values.yaml b/deploy/asapo_helm_chart/asapo/values.yaml
index acf26a0b2..bcd30a3cf 100644
--- a/deploy/asapo_helm_chart/asapo/values.yaml
+++ b/deploy/asapo_helm_chart/asapo/values.yaml
@@ -1,8 +1,29 @@
-authorizer:
- replicaCount: 1
+ownServices:
+ authorizer:
+ serviceName: asapo-authorizer
+ replicaCount: 1
+ port: 5006
+ _exposeServiceExtrernally: false
+ broker:
+ serviceName: asapo-broker
+ replicaCount: 1
+ port: 5007
+ _exposeServiceExtrernally: true
+ discovery:
+ serviceName: asapo-discovery
+ replicaCount: 1
+ port: 5008
+ _exposeServiceExtrernally: false
common:
authSecret: "12ljzgneasfd"
offlineDir: "/test_offline"
onlineDir: "/test_online"
- asapoVersionTag: "develop.20.03-10-g06dc0be"
\ No newline at end of file
+ asapoVersionTag: "develop.20.03-10-g06dc0be"
+
+influxdb:
+ authEnabled: false
+ influxdb:
+ updateStrategy: Recreate
+ service:
+ port: 8086
--
GitLab