Create cloudinary-staging (formerly dev-cloudinary) Helm chart (#10)

indiegogo · Aug 20, 2021 · 34b0769 · 34b0769
1 parent bb76789
commit 34b0769
Show file tree

Hide file tree

Showing 8 changed files with 491 additions and 0 deletions.
diff --git a/charts/cloudinary-staging/.helmignore b/charts/cloudinary-staging/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/charts/cloudinary-staging/Chart.yaml b/charts/cloudinary-staging/Chart.yaml
@@ -0,0 +1,22 @@
+apiVersion: v2
+name: cloudinary-staging
+version: 0.1.0
+description: A Helm chart for Cloudinary
+type: application
+keywords:
+  - cloudinary
+  - proxy
+  - images
+  - image-proxy
+sources:
+  - https://github.com/indiegogo/ops_tools/tree/main/docker/nginx-cloudinary
+dependencies:
+  - name: common
+    version: "0.1.2"
+    repository: https://charts.indiegogo.com/
+    tags:
+      - indiegogo-common
+maintainers:
+  - name: DevOps
+    email: [email protected]
+appVersion: "1.0"
diff --git a/charts/cloudinary-staging/README.md b/charts/cloudinary-staging/README.md
@@ -0,0 +1,122 @@
+# Cloudinary-staging Chart packaged by Indiegogo
+
+The Cloudinary-staging application is responsible for proxying the Cloudinary images in our Staging environment.
+
+## TL;DR
+
+```bash
+$ helm repo add indiegogo https://charts.indiegogo.com
+$ helm install my-release indiegogo/cloudinary-staging
+```
+
+## Introduction
+
+This chart bootstraps a Cloudinary-staging deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
+
+## Prerequisites
+
+- Kubernetes 1.12+
+- Helm 3.6.2
+
+## Installing the Chart
+
+To install the chart with the release name `my-release`:
+
+```bash
+$ helm install my-release indiegogo/cloudinary-staging
+```
+
+The command deploys Cloudinary-staging on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation.
+
+> **Tip**: List all releases using `helm list`
+
+## Uninstalling the Chart
+
+To uninstall/delete the `my-release` deployment:
+
+```bash
+$ helm uninstall my-release
+```
+
+> NOTE: If you used `-n namespace` when you installed the chart, be sure to use it again when you uninstall the chart, otherwise the associated dependency Kubernetes resources will not be deleted:
+
+```bash
+$ helm uninstall -n namespace my-release
+```
+
+The command removes all the Kubernetes components associated with the chart and deletes the release.
+
+## Parameters
+
+
+### Common parameters
+
+| Name                | Type   | Description                                                                | Default |
+| ------------------- | ------ | -------------------------------------------------------------------------- | ------- |
+| `kubeVersion`       | string | Override Kubernetes version                                                | `nil`   |
+| `nameOverride`      | string | Partially override names.fullname                                          | `nil`   |
+| `fullnameOverride`  | string | Fully override names.fullname                                              | `nil`   |
+| `commonLabels`      | object | Labels to add to all deployed objects                                      | `{}`    |
+| `commonAnnotations` | object | Annotations to add to all deployed objects                                 | `{}`    |
+| `networkPort`       | int    | Deployment container, Deployment readinessProbe, Ingress, and Service port | `80`    |
+
+
+### Deployment parameters
+
+| Name                                 | Type    | Description                                                   | Default                     |
+| ------------------------------------ | ------- | ------------------------------------------------------------- | --------------------------- |
+| `image.registry`                     | string  | The Docker image registry                                     | `"gcr.io"`                  |
+| `image.repository`                   | string  | The Docker image repository                                   | `"indiegogo-staging/nginx"` |
+| `image.tag`                          | string  | The Docker image tag                                          | `'latest'`                  |
+| `image.pullPolicy`                   | string  | The Docker image pull policy                                  | `"IfNotPresent"`            |
+| `containerPort`                      | int     | Cloudinary container port (overrides `networkPort`)           | `nil`                       |
+| `replicaCount`                       | int     | Number of Cloudinary replicas to deploy                       | `3`                         |
+| `strategy.type`                      | string  | Deployment strategy type                                      | `"RollingUpdate"`           |
+| `resources.requests`                 | object  | CPU/memory resource requests                                  | `{}`                        |
+| `resources.limits`                   | object  | CPU/memory resource limits                                    | `{}`                        |
+| `readinessProbe.enabled`             | boolean | Enable/Disable the default httpGet readinessProbe             | `true`                      |
+| `readinessProbe.port`                | int     | Default readinessProbe httpGet port (overrides `networkPort`) | `nil`                       |
+| `readinessProbe.initialDelaySeconds` | int     | Initial delay seconds for readinessProbe                      | `5`                         |
+| `readinessProbe.periodSeconds`       | int     | Period seconds for readinessProbe                             | `5`                         |
+| `readinessProbe.timeoutSeconds`      | int     | Timeout seconds for readinessProbe                            | `nil`                       |
+| `readinessProbe.successThreshold`    | int     | Success threshold for readinessProbe                          | `nil`                       |
+| `readinessProbe.failureThreshold`    | int     | Failure threshold for readinessProbe                          | `nil`                       |
+| `customReadinessProbe`               | object  | Custom readinessProbe that overrides the default one          | `{}`                        |
+| `livenessProbeEnabled`               | boolean | Enable the custom livenessProbe                               | `false`                     |
+| `livenessProbe`                      | object  | Write your custom liveness probe here                         | `{}`                        |
+
+
+### Service parameters
+
+| Name           | Type    | Description                                         | Default      |
+| ---------------| ------- | --------------------------------------------------- | ------------ |
+| `service.name` | string  | Cloudinary Service port (overrides `.Release.Name`) | `"http"`     |
+| `service.port` | int     | Cloudinary Service port (overrides `networkPort`)   | `80`         |
+| `service.type` | string  | Cloudinary Service Type                             | `"NodePort"` |
+
+
+### Ingress parameters
+
+| Name                          | Type    | Description                                          | Default |
+| ----------------------------- | ------- | ---------------------------------------------------- | ------- |
+| `ingress.enabled`             | boolean | Enable/Disable Ingress                               | `true`  |
+| `ingress.backend.serviceName` | string  | Ingress rules service name                           | `nil`   |
+| `ingress.backend.servicePort` | int     | Ingress rules service port (overrides `networkPort`) | `nil`   |
+| `ingress.customAnnotations`   | object  | Ingress custom annotations                           | `{}`    |
+
+
+Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
+
+```bash
+$ helm install my-release \
+  --set replicaCount=1 \
+    indiegogo/cloudinary-staging
+```
+
+Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
+
+```bash
+$ helm install my-release -f values.yaml indiegogo/cloudinary-staging
+```
+
+> **Tip**: You can use the default [values.yaml](values.yaml)
diff --git a/charts/cloudinary-staging/templates/configmap.yaml b/charts/cloudinary-staging/templates/configmap.yaml
@@ -0,0 +1,80 @@
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: {{ include "common.names.fullname" . }}
+  namespace: {{ .Release.Namespace | quote }}
+  labels: {{- include "common.labels.standard" . | nindent 4 }}
+    {{- if .Values.commonLabels }}
+    {{- include "tplValues.render" ( dict "value" .Values.commonLabels "scope" $ ) | nindent 4 }}
+    {{- end }}
+data:
+  nginx.conf: |
+    user nginx nginx;
+    worker_processes auto;
+    worker_cpu_affinity auto;
+    worker_rlimit_nofile 65536;
+    pid /run/nginx.pid;
+    include /etc/nginx/modules-enabled/*.conf;
+    daemon off;
+    pcre_jit on;
+    error_log stderr warn;
+
+    events {
+            worker_connections 4096;
+            multi_accept on;
+    }
+
+    http {
+      sendfile on;
+      tcp_nopush on;
+      tcp_nodelay on;
+      keepalive_timeout 65;
+      types_hash_max_size 2048;
+      include /etc/nginx/mime.types;
+      default_type application/octet-stream;
+      error_log /dev/stderr debug;
+      access_log /dev/stdout combined;
+
+      map "$http_accept" $f_auto_setting {
+        default           "f_auto";
+        "~.*image/webp.*" "f_webp,fl_awebp";
+        "~.*image/jxr.*"  "f_wdp";
+      }
+
+      server {
+        listen 80;
+        server_name dev.iggcdn.com;
+        resolver kube-dns.kube-system.svc.cluster.local ipv6=off;
+        set $cloudinary_upstream_url https://indiegogo-dev-res.cloudinary.com;
+
+        location = /healthcheck {
+          return 200;
+        }
+
+        location ^~ /indiegogo-dev {
+          # Strip the indiegogo-dev/ prefix
+          rewrite ^/indiegogo-dev/(.*)$ /$1 last;
+        }
+
+        location ~ f_auto {
+          # Replace f_auto with appropriate setting based on Accept headers.
+          # Of interesting note, you can't mix mapped variables with default capture
+          # variables ($1, $2, etc.) which is why these captures are named.
+          rewrite ^(?<prefix>.*)f_auto(?<postfix>.*)$ "${prefix}${f_auto_setting}${postfix}" break;
+          try_files /nonexistent @proxy;
+        }
+
+        location / {
+          try_files /nonexistent @proxy;
+        }
+
+        location @proxy {
+          add_header Vary Accept;
+          expires 7d;
+          add_header Cache-Control public;
+          proxy_pass $cloudinary_upstream_url;
+          proxy_intercept_errors on;
+          error_page 501 =405 /nonexistent;
+        }
+      }
+    }
diff --git a/charts/cloudinary-staging/templates/deployment.yaml b/charts/cloudinary-staging/templates/deployment.yaml
@@ -0,0 +1,71 @@
+kind: Deployment
+apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }}
+metadata:
+  name: {{ include "common.names.fullname" . }}
+  namespace: {{ .Release.Namespace | quote }}
+  labels: {{- include "common.labels.standard" . | nindent 4 }}
+    {{- if .Values.commonLabels }}
+    {{- include "common.tplValues.render" ( dict "value" .Values.commonLabels "scope" $ ) | nindent 4 }}
+    {{- end }}
+spec:
+  selector:
+    matchLabels:
+      app: {{ include "common.names.fullname" . }}
+  replicas: {{ .Values.replicaCount }}
+  {{- if .Values.strategy }}
+  strategy: {{- toYaml .Values.strategy | nindent 4 }}
+  {{- end }}
+  template:
+    metadata:
+      labels:
+        app: {{ include "common.names.fullname" . }}
+    spec:
+      volumes:
+      - name: tz-config
+        hostPath:
+          path: /usr/share/zoneinfo/America/Los_Angeles
+      - name: {{ printf "%s-config" (include "common.names.fullname" .) }}
+        configMap:
+          name: {{ include "common.names.fullname" . }}
+      containers:
+      - name: {{ include "common.names.fullname" . }}
+        {{- with .Values.image }}
+        image: "{{- if contains ":" .repository -}}{{ .repository }}{{- else -}}{{- if .registry -}}{{ .registry }}/{{- end -}}{{ .repository }}:{{ default $.Chart.AppVersion .tag }}{{- end -}}"
+        {{- end }}
+        imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
+        ports:
+        - containerPort: {{ default .Values.networkPort .Values.containerPort }}
+        command: [{{ default "/usr/sbin/nginx" | quote }}]
+        args:
+          - {{ "-c" | quote }}
+          - {{ "/etc/nginx/nginx.conf" | quote }}
+        {{- if .Values.resources }}
+        resources: {{- toYaml .Values.resources | nindent 10 }}
+        {{- end }}
+        {{- if .Values.readinessProbe.enabled }}
+        readinessProbe:
+          httpGet:
+            path: /healthcheck
+            port: {{ default .Values.networkPort .Values.readinessProbe.port }}
+            httpHeaders:
+            - name: Host
+              value: dev.iggcdn.com
+          initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
+          periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
+          timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
+          successThreshold: {{ .Values.readinessProbe.successThreshold }}
+          failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
+        {{- else if .Values.customReadinessProbe }}
+        readinessProbe: {{- toYaml .Values.customReadinessProbe | nindent 10 }}
+        {{- end }}
+        {{- if .Values.livenessProbeEnabled }}
+        livenessProbe: {{- toYaml .Values.livenessProbe | nindent 10 }}
+        {{- end }}
+        volumeMounts:
+        - name: tz-config
+          mountPath: /etc/localtime
+          readOnly: true
+        - name: {{ printf "%s-config" (include "common.names.fullname" .) }}
+          mountPath: /etc/nginx/nginx.conf
+          readOnly: true
+          subPath: nginx.conf
diff --git a/charts/cloudinary-staging/templates/ingress.yaml b/charts/cloudinary-staging/templates/ingress.yaml
@@ -0,0 +1,20 @@
+{{- if .Values.ingress.enabled }}
+kind: Ingress
+apiVersion: {{ include "common.capabilities.ingress.apiVersion" . }}
+metadata:
+  name: {{ include "common.names.fullname" . }}
+  namespace: {{ .Release.Namespace | quote }}
+  labels: {{- include "common.labels.standard" . | nindent 4 }}
+    {{- if .Values.commonLabels }}
+    {{- include "common.tplValues.render" ( dict "value" .Values.commonLabels "scope" $ ) | nindent 4 }}
+    {{- end }}
+  {{- if .Values.ingress.customAnnotations }}
+  annotations: {{- toYaml .Values.ingress.customAnnotations | nindent 4 }}
+  {{- end }}
+spec:
+  defaultBackend:
+    service:
+      name: {{ default (include "common.names.fullname" .) .Values.ingress.backend.serviceName }}
+      port:
+        number: {{ default .Values.networkPort .Values.ingress.backend.servicePort }}
+{{- end }}
diff --git a/charts/cloudinary-staging/templates/service.yaml b/charts/cloudinary-staging/templates/service.yaml
@@ -0,0 +1,17 @@
+kind: Service
+apiVersion: v1
+metadata:
+  name: {{ include "common.names.fullname" . }}
+  namespace: {{ .Release.Namespace | quote }}
+  labels: {{- include "common.labels.standard" . | nindent 4 }}
+    {{- if .Values.commonLabels }}
+    {{- include "common.tplValues.render" ( dict "value" .Values.commonLabels "scope" $ ) | nindent 4 }}
+    {{- end }}
+spec:
+  ports:
+  - name: {{ default "common.names.fullname" .Values.service.name }}
+    port: {{ default .Values.networkPort .Values.service.port }}
+    protocol: TCP
+  selector:
+    app: {{ include "common.names.fullname" . }}
+  type: {{ .Values.service.type }}