Skip to content

Commit

Permalink
helm
Browse files Browse the repository at this point in the history
  • Loading branch information
@james-otten
james-otten committed Apr 28, 2024
1 parent aa797a2 commit a4a5c3b
Show file tree
Hide file tree
Showing 16 changed files with 851 additions and 3 deletions.
10 changes: 7 additions & 3 deletions infra/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ echo "disable: servicelb" >> /etc/rancher/k3s/config.yaml
7. Install metallb on master node

```
IP_RANGE="10.70.90.71/32"
IP_RANGE="10.70.90.80/29"
cat <<EOF > /var/lib/rancher/k3s/server/manifests/metallb.yaml
apiVersion: v1
kind: Namespace
Expand Down Expand Up @@ -68,7 +68,11 @@ NODE_TOKEN="$(cat /var/lib/rancher/k3s/server/node-token)"
target_host="$1"
ssh -t ubuntu@$target_host "curl -sfL https://get.k3s.io>k3s; sudo bash k3s --server https://${MASTER_IP}:6443 --token $NODE_TOKEN"
ssh -t ubuntu@$target_host "curl -sfL https://get.k3s.io>k3s; sudo bash k3s --server https://${MASTER_IP}:6443 --token $NODE_TOKEN;sudo apt-get update && sudo apt-get install nfs-common -y"
```

9. Install helm chart...
9. Install longhorn `kubectl apply -f https://raw.githubusercontent.com/longhorn/longhorn/v1.6.0/deploy/longhorn.yaml`

10. `kubectl create namespace meshdbdev0 && helm template . -f values.yaml -f secret.values.yaml | kubectl apply -f -`

11. If you need a superuser: `kubectl exec -it -n meshdbdev0 service/meshdb-meshweb bash` and `python manage.py createsuperuser`
24 changes: 24 additions & 0 deletions infra/helm/meshdb/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
apiVersion: v2
name: meshdb
description: A Helm chart for Kubernetes

# A chart can be either an 'application' or a 'library' chart.
#
# Application charts are a collection of templates that can be packaged into versioned archives
# to be deployed.
#
# Library charts provide useful utilities or functions for the chart developer. They're included as
# a dependency of application charts to inject those utilities and functions into the rendering
# pipeline. Library charts do not define any templates and therefore cannot be deployed.
type: application

# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.1.0

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes.
appVersion: "1.16.0"
15 changes: 15 additions & 0 deletions infra/helm/meshdb/secret.values.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
pg:
password: the_real_value

aws:
access_key_id: the_real_value
secret_access_key: the_real_value

meshweb:
django_secret_key: the_real_value
nn_assign_psk: the_real_value
query_psk: the_real_value
pano_github_token: the_real_value

uisp:
psk: the_real_value
62 changes: 62 additions & 0 deletions infra/helm/meshdb/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "meshdb.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}

{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "meshdb.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}

{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "meshdb.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}

{{/*
Common labels
*/}}
{{- define "meshdb.labels" -}}
helm.sh/chart: {{ include "meshdb.chart" . }}
{{ include "meshdb.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}

{{/*
Selector labels
*/}}
{{- define "meshdb.selectorLabels" -}}
app.kubernetes.io/name: {{ include "meshdb.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}

{{/*
Create the name of the service account to use
*/}}
{{- define "meshdb.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "meshdb.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}
30 changes: 30 additions & 0 deletions infra/helm/meshdb/templates/configmap.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: meshdbconfig
namespace: {{ .Values.meshdb_app_namespace }}
data:
DB_NAME: {{ .Values.pg.dbname }}
DB_USER: {{ .Values.pg.user | quote }}
DB_HOST: {{ include "meshdb.fullname" . }}-postgres.{{ .Values.meshdb_app_namespace }}.svc.cluster.local
DB_PORT: {{ .Values.pg.port | quote }}
# Backups
BACKUP_S3_BUCKET_NAME: {{ .Values.meshweb.backup_s3_bucket_name | quote }}
BACKUP_S3_BASE_FOLDER: {{ .Values.meshweb.backup_s3_base_folder | quote }}

CELERY_BROKER: "redis://{{ include "meshdb.fullname" . }}-redis.{{ .Values.meshdb_app_namespace }}.svc.cluster.local:{{ .Values.redis.port }}/0"

# Change to pelias:3000 when using full docker-compose
PELIAS_ADDRESS_PARSER_URL: {{ include "meshdb.fullname" . }}-pelias.{{ .Values.meshdb_app_namespace }}.svc.cluster.local

# Comment this out to enter prod mode
DEBUG: {{ .Values.meshweb.enable_debug | quote }}
DISABLE_PROFILING: {{ .Values.meshweb.disable_profiling | quote }}

# Comment this out to allow edits to the panoramas in the admin panel
DISABLE_PANO_EDITS: {{ .Values.meshweb.disable_pano_edits | quote }}

UISP_URL: {{ .Values.uisp.url | quote }}
UISP_USER: {{ .Values.uisp.user | quote }}

ADMIN_MAP_BASE_URL: {{ .Values.map.base_url | quote }}
181 changes: 181 additions & 0 deletions infra/helm/meshdb/templates/meshweb.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,181 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "meshdb.fullname" . }}-meshweb
namespace: {{ .Values.meshdb_app_namespace }}
labels:
{{- include "meshdb.labels" . | nindent 4 }}
spec:
replicas: 1
selector:
matchLabels:
{{- include "meshdb.selectorLabels" . | nindent 6 }}
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
app: meshdb-meshweb-app
{{- include "meshdb.labels" . | nindent 8 }}
{{- with .Values.podLabels }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
- name: {{ .Chart.Name }}-meshweb
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.meshweb.image.repository }}:{{ .Values.meshweb.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
ports:
- name: http
containerPort: {{ .Values.meshweb.port }}
protocol: TCP
env:
- name: DB_NAME
valueFrom:
configMapKeyRef:
name: meshdbconfig
key: DB_NAME
- name: DB_USER
valueFrom:
configMapKeyRef:
name: meshdbconfig
key: DB_USER
- name: DB_HOST
valueFrom:
configMapKeyRef:
name: meshdbconfig
key: DB_HOST
- name: DB_PORT
valueFrom:
configMapKeyRef:
name: meshdbconfig
key: DB_PORT
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: meshdb-secrets
key: postgres-password
- name: AWS_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: meshdb-secrets
key: aws-access-key-id
- name: AWS_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: meshdb-secrets
key: aws-secret-access-key
- name: BACKUP_S3_BUCKET_NAME
valueFrom:
configMapKeyRef:
name: meshdbconfig
key: BACKUP_S3_BUCKET_NAME
- name: BACKUP_S3_BASE_FOLDER
valueFrom:
configMapKeyRef:
name: meshdbconfig
key: BACKUP_S3_BASE_FOLDER
- name: CELERY_BROKER
valueFrom:
configMapKeyRef:
name: meshdbconfig
key: CELERY_BROKER
- name: DJANGO_SECRET_KEY
valueFrom:
secretKeyRef:
name: meshdb-secrets
key: django-secret-key
- name: PELIAS_ADDRESS_PARSER_URL
valueFrom:
configMapKeyRef:
name: meshdbconfig
key: PELIAS_ADDRESS_PARSER_URL
- name: NN_ASSIGN_PSK
valueFrom:
secretKeyRef:
name: meshdb-secrets
key: nn-assign-psk
- name: QUERY_PSK
valueFrom:
secretKeyRef:
name: meshdb-secrets
key: query-psk
- name: DEBUG
valueFrom:
configMapKeyRef:
name: meshdbconfig
key: DEBUG
- name: DISABLE_PROFILING
valueFrom:
configMapKeyRef:
name: meshdbconfig
key: DISABLE_PROFILING
- name: DISABLE_PANO_EDITS
valueFrom:
configMapKeyRef:
name: meshdbconfig
key: DISABLE_PANO_EDITS
- name: PANO_GITHUB_TOKEN
valueFrom:
secretKeyRef:
name: meshdb-secrets
key: pano-github-token
- name: UISP_URL
valueFrom:
configMapKeyRef:
name: meshdbconfig
key: UISP_URL
- name: UISP_USER
valueFrom:
configMapKeyRef:
name: meshdbconfig
key: UISP_USER
- name: UISP_PASS
valueFrom:
secretKeyRef:
name: meshdb-secrets
key: uisp-pass
- name: ADMIN_MAP_BASE_URL
valueFrom:
configMapKeyRef:
name: meshdbconfig
key: ADMIN_MAP_BASE_URL
volumeMounts:
- name: static-content-vol
mountPath: /opt/meshdb/static
{{ if eq .Values.meshweb.liveness_probe "true" }}
livenessProbe:
exec:
command:
- curl
- http://127.0.0.1:{{ .Values.meshweb.port }}/api/v1
periodSeconds: 3
initialDelaySeconds: 4
timeoutSeconds: 3
{{ end }}
readinessProbe:
{{- toYaml .Values.readinessProbe | nindent 12 }}
resources:
{{- toYaml .Values.resources | nindent 12 }}
volumes:
- name: static-content-vol
persistentVolumeClaim:
claimName: {{ .Values.meshweb.static_pvc_name }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
12 changes: 12 additions & 0 deletions infra/helm/meshdb/templates/meshweb_static_pvc.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ .Values.meshweb.static_pvc_name }}
namespace: {{ .Values.meshdb_app_namespace }}
spec:
accessModes:
- ReadWriteMany
storageClassName: longhorn
resources:
requests:
storage: 1Gi
Loading

0 comments on commit a4a5c3b

Please sign in to comment.