From 29bd7f1fa424830901514f05a64d9955d07980ab Mon Sep 17 00:00:00 2001 From: iamvigneshwars Date: Thu, 28 Mar 2024 14:06:45 +0000 Subject: [PATCH] K8s deployment helm chart --- .devcontainer/docker-compose.yml | 20 ----- .devcontainer/opa.yml | 14 ---- charts/.gitignore | 2 + charts/data-processing/Chart.lock | 6 ++ charts/data-processing/Chart.yaml | 11 +++ .../charts/datasets/Chart.yaml | 8 ++ .../charts/datasets/templates/_helpers.tpl | 73 +++++++++++++++++++ .../charts/datasets/templates/deployment.yaml | 65 +++++++++++++++++ .../charts/datasets/templates/service.yaml | 15 ++++ .../datasets/templates/serviceaccount.yaml | 12 +++ .../charts/datasets/values.yaml | 47 ++++++++++++ charts/data-processing/values.yaml | 10 +++ 12 files changed, 249 insertions(+), 34 deletions(-) delete mode 100644 .devcontainer/opa.yml create mode 100644 charts/.gitignore create mode 100644 charts/data-processing/Chart.lock create mode 100644 charts/data-processing/Chart.yaml create mode 100644 charts/data-processing/charts/datasets/Chart.yaml create mode 100644 charts/data-processing/charts/datasets/templates/_helpers.tpl create mode 100644 charts/data-processing/charts/datasets/templates/deployment.yaml create mode 100644 charts/data-processing/charts/datasets/templates/service.yaml create mode 100644 charts/data-processing/charts/datasets/templates/serviceaccount.yaml create mode 100644 charts/data-processing/charts/datasets/values.yaml create mode 100644 charts/data-processing/values.yaml diff --git a/.devcontainer/docker-compose.yml b/.devcontainer/docker-compose.yml index 4a5dadf..9d7cd13 100644 --- a/.devcontainer/docker-compose.yml +++ b/.devcontainer/docker-compose.yml @@ -11,23 +11,3 @@ services: environment: DATABASE_URL: mysql://root:rootpassword@ispyb/ispyb_build LOG_LEVEL: DEBUG - - opa: - image: docker.io/openpolicyagent/opa:0.59.0 - restart: unless-stopped - command: > - run - --server - --config-file /config.yml - --watch - /policy - volumes: - - ./opa.yml:/config.yml:cached,z - - ../policy/:/policy:cached,z - env_file: opa.env - - ispyb: - image: ghcr.io/diamondlightsource/ispyb-database:v3.0.0 - restart: unless-stopped - environment: - MARIADB_ROOT_PASSWORD: rootpassword diff --git a/.devcontainer/opa.yml b/.devcontainer/opa.yml deleted file mode 100644 index 6df268d..0000000 --- a/.devcontainer/opa.yml +++ /dev/null @@ -1,14 +0,0 @@ -services: - bundler: - url: http://authz.diamond.ac.uk - credentials: - bearer: - token: ${BUNDLER_TOKEN} - -bundles: - permissionables: - service: bundler - resource: bundle.tar.gz - polling: - min_delay_seconds: 10 - max_delay_seconds: 60 diff --git a/charts/.gitignore b/charts/.gitignore new file mode 100644 index 0000000..cc7994c --- /dev/null +++ b/charts/.gitignore @@ -0,0 +1,2 @@ +# Chart Bundles +*.tgz diff --git a/charts/data-processing/Chart.lock b/charts/data-processing/Chart.lock new file mode 100644 index 0000000..88c6e97 --- /dev/null +++ b/charts/data-processing/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: data-processing + repository: "" + version: 0.1.0 +digest: sha256:bac0b96b8e2519051015ea74ef616cbc76de21a1803714ef9fa25ab896a10f93 +generated: "2024-03-28T11:43:46.834271769Z" diff --git a/charts/data-processing/Chart.yaml b/charts/data-processing/Chart.yaml new file mode 100644 index 0000000..577b5bc --- /dev/null +++ b/charts/data-processing/Chart.yaml @@ -0,0 +1,11 @@ +apiVersion: v2 +name: data-processing +description: A deployment providing processed data collected during beamline session as part of the graph federation +type: application + +version: 0.1.0 + +dependencies: + - name: data-processing + version: 0.1.0 + condition: data-processing.enabled diff --git a/charts/data-processing/charts/datasets/Chart.yaml b/charts/data-processing/charts/datasets/Chart.yaml new file mode 100644 index 0000000..41bff5c --- /dev/null +++ b/charts/data-processing/charts/datasets/Chart.yaml @@ -0,0 +1,8 @@ +apiVersion: v2 +name: data-processing +description: A service providing processed data collected during beamline sessions as part of the graph federation +type: application + +version: 0.1.0 + +appVersion: 0.1.0-rc1 diff --git a/charts/data-processing/charts/datasets/templates/_helpers.tpl b/charts/data-processing/charts/datasets/templates/_helpers.tpl new file mode 100644 index 0000000..8986145 --- /dev/null +++ b/charts/data-processing/charts/datasets/templates/_helpers.tpl @@ -0,0 +1,73 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "datasets.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "datasets.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "datasets.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "datasets.labels" -}} +helm.sh/chart: {{ include "datasets.chart" . }} +{{ include "datasets.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "datasets.selectorLabels" -}} +app.kubernetes.io/name: {{ include "datasets.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "datasets.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "datasets.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +Create the database URL string +*/}} +{{- define "datasets.databaseURL" -}} +{{- $host_parts := urlParse .Values.database.host }} +{{- $raw_user_info := printf "%s:$DATABASE_PASSWORD" .Values.database.user }} +{{- $url_parts := set $host_parts "userinfo" $raw_user_info }} +{{- $raw_database_url := urlJoin $url_parts }} +{{- replace "$DATABASE_PASSWORD" "$(DATABASE_PASSWORD)" $raw_database_url }} +{{- end }} diff --git a/charts/data-processing/charts/datasets/templates/deployment.yaml b/charts/data-processing/charts/datasets/templates/deployment.yaml new file mode 100644 index 0000000..fe9a6a2 --- /dev/null +++ b/charts/data-processing/charts/datasets/templates/deployment.yaml @@ -0,0 +1,65 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "data-processing.fullname" . }} + labels: + {{- include "data-processing.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + {{- include "data-processing.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "data-processing.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "data-processing.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + args: + - serve + env: + - name: DATABASE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.database.password.secretName }} + key: {{ .Values.database.password.secretKey }} + - name: DATABASE_URL + value: {{ include "data-processing.databaseURL" . }} + - name: LOG_LEVEL + value: {{ .Values.logLevel }} + - name: OTEL_COLLECTOR_URL + value: {{ tpl .Values.otelCollectorUrl . }} + ports: + - name: http + containerPort: {{ .Values.service.port }} + protocol: TCP + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/data-processing/charts/datasets/templates/service.yaml b/charts/data-processing/charts/datasets/templates/service.yaml new file mode 100644 index 0000000..04dfb30 --- /dev/null +++ b/charts/data-processing/charts/datasets/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "data-processing.fullname" . }} + labels: + {{- include "data-processing.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "data-processing.selectorLabels" . | nindent 4 }} diff --git a/charts/data-processing/charts/datasets/templates/serviceaccount.yaml b/charts/data-processing/charts/datasets/templates/serviceaccount.yaml new file mode 100644 index 0000000..cc73d4e --- /dev/null +++ b/charts/data-processing/charts/datasets/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "dataprocessing.serviceAccountName" . }} + labels: + {{- include "dataprocessing.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/data-processing/charts/datasets/values.yaml b/charts/data-processing/charts/datasets/values.yaml new file mode 100644 index 0000000..6f38c9a --- /dev/null +++ b/charts/data-processing/charts/datasets/values.yaml @@ -0,0 +1,47 @@ +nameOverride: "" +fullnameOverride: "" + +image: + repository: ghcr.io/diamondlightsource/graph-data-processing + pullPolicy: Always + tag: "" + +imagePullSecrets: [] + +logLevel: Warn +otelCollectorUrl: "" + +database: + host: "" + user: "" + password: + secretName: "" + secretKey: "" + +opa: + url: "" + +replicaCount: 1 + +service: + type: ClusterIP + port: 80 + +serviceAccount: + create: true + annotations: {} + name: "" + +podAnnotations: {} + +podSecurityContext: {} + +securityContext: {} + +resources: {} + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/charts/data-processing/values.yaml b/charts/data-processing/values.yaml new file mode 100644 index 0000000..650ba6f --- /dev/null +++ b/charts/data-processing/values.yaml @@ -0,0 +1,10 @@ +data-processing: + enabled: true + logLevel: Debug + database: + host: mysql://ispyb-mariadb-galera-headless + user: ispyb_ro + password: + secretName: ispyb + secretKey: password + otelCollectorUrl: http://federation-opentelemetry-collector:4317