From 02eedbe696b6bf579cc26f630e94693de3bb1e80 Mon Sep 17 00:00:00 2001 From: Lukas Haeusermann Date: Thu, 21 Dec 2023 09:49:04 +0100 Subject: [PATCH 1/2] feat(emeis-alexandria): initial addition of alexandria and emeis service --- .../templates/alexandria-deployment.yaml | 60 +++++++++++++++++ .../caluma/templates/alexandria-service.yaml | 18 +++++ charts/caluma/templates/emeis-deployment.yaml | 60 +++++++++++++++++ charts/caluma/templates/emeis-service.yaml | 18 +++++ charts/caluma/templates/ingress.yaml | 14 ++++ charts/caluma/values.yaml | 65 +++++++++++++++++++ 6 files changed, 235 insertions(+) create mode 100644 charts/caluma/templates/alexandria-deployment.yaml create mode 100644 charts/caluma/templates/alexandria-service.yaml create mode 100644 charts/caluma/templates/emeis-deployment.yaml create mode 100644 charts/caluma/templates/emeis-service.yaml diff --git a/charts/caluma/templates/alexandria-deployment.yaml b/charts/caluma/templates/alexandria-deployment.yaml new file mode 100644 index 0000000..8dbaa04 --- /dev/null +++ b/charts/caluma/templates/alexandria-deployment.yaml @@ -0,0 +1,60 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "caluma.fullname" . }}-alexandria + labels: + {{- include "caluma.labels" . | nindent 4 }} + app.kubernetes.io/component: alexandria +spec: + replicas: {{ .Values.alexandria.replicaCount }} + selector: + matchLabels: + app.kubernetes.io/name: {{ include "caluma.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: alexandria + template: + metadata: + labels: + app.kubernetes.io/name: {{ include "caluma.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: alexandria + spec: + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.alexandria.image.repository }}:{{ .Values.alexandria.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.alexandria.image.pullPolicy }} + env: + - name: DATABASE_HOST + {{- if and .Values.postgresql.enabled .Values.backend.postgresql.existingHost }} + {{ fail "postgresql.enabled and backend.postgresql.existingHost are mutually exclusive, please pick one" }} + {{- end }} + {{- if .Values.postgresql.enabled }} + value: "{{ template "caluma.fullname" . }}-postgresql" + {{- else if .Values.backend.postgresql.existingHost }} + value: {{ .Values.backend.postgresql.existingHost | quote }} + {{- else }} + {{ fail "neither postgresql.enabled or backend.postgresql.existingHost are set, please pick one" }} + {{- end }} + - name: DATABASE_USER + {{- if .Values.postgresql.enabled }} + value: "{{ .Values.postgresql.global.postgresql.auth.username }}" + {{- else }} + value: "{{ .Values.alexandria.postgresql.username }}" + {{- end }} + - name: DATABASE_PASSWORD + valueFrom: + secretKeyRef: + {{- if .Values.postgresql.enabled }} + name: "{{ template "caluma.fullname" . }}-postgresql" + key: password + {{- else }} + name: "{{ .Values.alexandria.postgresql.existingSecret }}" + key: "{{ .Values.alexandria.postgresql.existingSecretKey }}" + {{- end }} +{{- if .Values.alexandria.additionalEnvironment }} +{{ toYaml .Values.alexandria.additionalEnvironment | indent 12 }} +{{- end }} + ports: + - name: alexandria + containerPort: 8000 + protocol: TCP diff --git a/charts/caluma/templates/alexandria-service.yaml b/charts/caluma/templates/alexandria-service.yaml new file mode 100644 index 0000000..6d12fa9 --- /dev/null +++ b/charts/caluma/templates/alexandria-service.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "caluma.fullname" . }}-alexandria + labels: +{{ include "caluma.labels" . | indent 4 }} + app.kubernetes.io/component: alexandria +spec: + type: {{ .Values.alexandria.service.type }} + ports: + - port: 8000 + targetPort: alexandria + protocol: TCP + name: alexandria + selector: + app.kubernetes.io/name: {{ include "caluma.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: alexandria diff --git a/charts/caluma/templates/emeis-deployment.yaml b/charts/caluma/templates/emeis-deployment.yaml new file mode 100644 index 0000000..b59960a --- /dev/null +++ b/charts/caluma/templates/emeis-deployment.yaml @@ -0,0 +1,60 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "caluma.fullname" . }}-emeis + labels: + {{- include "caluma.labels" . | nindent 4 }} + app.kubernetes.io/component: emeis +spec: + replicas: {{ .Values.emeis.replicaCount }} + selector: + matchLabels: + app.kubernetes.io/name: {{ include "caluma.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: emeis + template: + metadata: + labels: + app.kubernetes.io/name: {{ include "caluma.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: emeis + spec: + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.emeis.image.repository }}:{{ .Values.emeis.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.emeis.image.pullPolicy }} + env: + - name: DATABASE_HOST + {{- if and .Values.postgresql.enabled .Values.backend.postgresql.existingHost }} + {{ fail "postgresql.enabled and backend.postgresql.existingHost are mutually exclusive, please pick one" }} + {{- end }} + {{- if .Values.postgresql.enabled }} + value: "{{ template "caluma.fullname" . }}-postgresql" + {{- else if .Values.backend.postgresql.existingHost }} + value: {{ .Values.backend.postgresql.existingHost | quote }} + {{- else }} + {{ fail "neither postgresql.enabled or backend.postgresql.existingHost are set, please pick one" }} + {{- end }} + - name: DATABASE_USER + {{- if .Values.postgresql.enabled }} + value: "{{ .Values.postgresql.global.postgresql.auth.username }}" + {{- else }} + value: "{{ .Values.emeis.postgresql.username }}" + {{- end }} + - name: DATABASE_PASSWORD + valueFrom: + secretKeyRef: + {{- if .Values.postgresql.enabled }} + name: "{{ template "caluma.fullname" . }}-postgresql" + key: password + {{- else }} + name: "{{ .Values.emeis.postgresql.existingSecret }}" + key: "{{ .Values.emeis.postgresql.existingSecretKey }}" + {{- end }} +{{- if .Values.emeis.additionalEnvironment }} +{{ toYaml .Values.emeis.additionalEnvironment | indent 12 }} +{{- end }} + ports: + - name: emeis + containerPort: 8000 + protocol: TCP diff --git a/charts/caluma/templates/emeis-service.yaml b/charts/caluma/templates/emeis-service.yaml new file mode 100644 index 0000000..659cdba --- /dev/null +++ b/charts/caluma/templates/emeis-service.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "caluma.fullname" . }}-emeis + labels: +{{ include "caluma.labels" . | indent 4 }} + app.kubernetes.io/component: emeis +spec: + type: {{ .Values.emeis.service.type }} + ports: + - port: 8000 + targetPort: emeis + protocol: TCP + name: emeis + selector: + app.kubernetes.io/name: {{ include "caluma.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: emeis diff --git a/charts/caluma/templates/ingress.yaml b/charts/caluma/templates/ingress.yaml index 5e28a59..e3083a0 100644 --- a/charts/caluma/templates/ingress.yaml +++ b/charts/caluma/templates/ingress.yaml @@ -40,5 +40,19 @@ spec: name: {{ $fullName }}-backend port: number: 8000 + - path: /alexandria/api + pathType: Prefix + backend: + service: + name: {{ $fullName }}-alexandria + port: + number: 8000 + - path: /emeis/api + pathType: Prefix + backend: + service: + name: {{ $fullName }}-emeis + port: + number: 8000 {{- end }} {{- end }} diff --git a/charts/caluma/values.yaml b/charts/caluma/values.yaml index bc749ea..62eb25f 100644 --- a/charts/caluma/values.yaml +++ b/charts/caluma/values.yaml @@ -64,6 +64,71 @@ backend: ## this can only be used if postgresql.enabled is set to false existingHost: "" +alexandria: + additionalEnvironment: + - name: SECRET_KEY + value: demo + - name: ALLOWED_HOSTS + value: "*" + - name: ENV + value: production + - name: ALLOW_ANONYMOUS_WRITE + value: "true" + - name: LANGUAGES + value: "de,en" + - name: VISIBILITY_CLASSES + value: "" + - name: PERMISSION_CLASSES + value: "" + ## Specify additional environment variables for the backend deployment just + ## like you would define them directly on the container spec. + ## ref: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/ + # - name: EXAMPLE + # value: example + image: + repository: ghcr.io/projectcaluma/alexandria + tag: 2.2.0 + pullPolicy: IfNotPresent + replicaCount: 1 + postgresql: + username: "" + existingSecret: "" + existingSecretKey: "" + service: + type: ClusterIP + +emeis: + additionalEnvironment: + - name: SECRET_KEY + value: demo + - name: ALLOWED_HOSTS + value: "*" + - name: ENV + value: production + - name: ALLOW_ANONYMOUS_WRITE + value: "true" + - name: LANGUAGES + value: "de,en" + - name: VISIBILITY_CLASSES + value: "" + - name: PERMISSION_CLASSES + value: "" + ## Specify additional environment variables for the backend deployment just + ## like you would define them directly on the container spec. + ## ref: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/ + # - name: EXAMPLE + # value: example + image: + repository: ghcr.io/projectcaluma/emeis + tag: 1.2.2 + pullPolicy: IfNotPresent + replicaCount: 1 + postgresql: + username: "" + existingSecret: "" + existingSecretKey: "" + service: + type: ClusterIP ingress: enabled: false From c97d8ab8f79efeef1d334270d1f9a6542ec82b2d Mon Sep 17 00:00:00 2001 From: Lukas Haeusermann Date: Fri, 22 Dec 2023 11:02:44 +0100 Subject: [PATCH 2/2] feat(caluma-chart): ingress split for proxy rules --- .../caluma/templates/ingress-alexandria.yaml | 45 +++++++++++++++++++ charts/caluma/templates/ingress-emeis.yaml | 45 +++++++++++++++++++ .../{ingress.yaml => ingress-frontend.yaml} | 14 ------ charts/caluma/values.yaml | 16 ++++--- 4 files changed, 100 insertions(+), 20 deletions(-) create mode 100644 charts/caluma/templates/ingress-alexandria.yaml create mode 100644 charts/caluma/templates/ingress-emeis.yaml rename charts/caluma/templates/{ingress.yaml => ingress-frontend.yaml} (72%) diff --git a/charts/caluma/templates/ingress-alexandria.yaml b/charts/caluma/templates/ingress-alexandria.yaml new file mode 100644 index 0000000..c52cf11 --- /dev/null +++ b/charts/caluma/templates/ingress-alexandria.yaml @@ -0,0 +1,45 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "caluma.fullname" . -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ $fullName }}-alexandria + labels: +{{ include "caluma.labels" . | indent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + nginx.ingress.kubernetes.io/rewrite-target: "/$2" + {{- end }} +spec: +{{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} +{{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + - path: /alexandria/api + pathType: Prefix + backend: + service: + name: {{ $fullName }}-alexandria + port: + number: 8000 + - path: /alexandria(/|$)(.*) + pathType: ImplementationSpecific + backend: + service: + name: {{ $fullName }}-alexandria + port: + number: 8000 + {{- end }} +{{- end }} diff --git a/charts/caluma/templates/ingress-emeis.yaml b/charts/caluma/templates/ingress-emeis.yaml new file mode 100644 index 0000000..81c92ed --- /dev/null +++ b/charts/caluma/templates/ingress-emeis.yaml @@ -0,0 +1,45 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "caluma.fullname" . -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ $fullName }}-emeis + labels: +{{ include "caluma.labels" . | indent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + nginx.ingress.kubernetes.io/rewrite-target: "/$2" + {{- end }} +spec: +{{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} +{{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + - path: /emeis/api + pathType: Prefix + backend: + service: + name: {{ $fullName }}-emeis + port: + number: 8000 + - path: /emeis(/|$)(.*) + pathType: ImplementationSpecific + backend: + service: + name: {{ $fullName }}-emeis + port: + number: 8000 + {{- end }} +{{- end }} diff --git a/charts/caluma/templates/ingress.yaml b/charts/caluma/templates/ingress-frontend.yaml similarity index 72% rename from charts/caluma/templates/ingress.yaml rename to charts/caluma/templates/ingress-frontend.yaml index e3083a0..5e28a59 100644 --- a/charts/caluma/templates/ingress.yaml +++ b/charts/caluma/templates/ingress-frontend.yaml @@ -40,19 +40,5 @@ spec: name: {{ $fullName }}-backend port: number: 8000 - - path: /alexandria/api - pathType: Prefix - backend: - service: - name: {{ $fullName }}-alexandria - port: - number: 8000 - - path: /emeis/api - pathType: Prefix - backend: - service: - name: {{ $fullName }}-emeis - port: - number: 8000 {{- end }} {{- end }} diff --git a/charts/caluma/values.yaml b/charts/caluma/values.yaml index 62eb25f..25ea87c 100644 --- a/charts/caluma/values.yaml +++ b/charts/caluma/values.yaml @@ -132,16 +132,20 @@ emeis: ingress: enabled: false - annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" + annotations: + #cert-manager.io/cluster-issuer: letsencrypt-prod + #nginx.ingress.kubernetes.io/backend-protocol: HTTP + #nginx.ingress.kubernetes.io/force-ssl-redirect: "true" + #nginx.ingress.kubernetes.io/ssl-passthrough: "false" + #kubernetes.io/tls-acme: "true" + hosts: - host: caluma.chart-example.local tls: [] - # - secretName: chart-example-tls - # hosts: - # - chart-example.local + #- secretName: chart-example-tls + # hosts: + # - chart-example.local resources: {} ## We usually recommend not to specify default resources and to leave this as a conscious