diff --git a/deployment/Chart.yaml b/deployment/Chart.yaml index 00e8a6c..a6357cb 100644 --- a/deployment/Chart.yaml +++ b/deployment/Chart.yaml @@ -2,5 +2,5 @@ apiVersion: v2 name: protes description: A proTES Helm chart for Kubernetes type: application -version: 0.1.0 -appVersion: 1.16.0 +version: 2.0.0 +appVersion: 2.0.0 diff --git a/deployment/templates/NOTES.txt b/deployment/templates/NOTES.txt new file mode 100644 index 0000000..2ac333d --- /dev/null +++ b/deployment/templates/NOTES.txt @@ -0,0 +1,11 @@ +Elixir Cloud proTES is being deployed! + +Once deployed: + + 1. Access the API via https://{{ .Values.protes.appName }}.{{ .Values.applicationDomain }}/ga4gh/tes/v1/ + + To test the connection, you can run: + + curl -X GET "https://{{ .Values.protes.appName }}.{{ .Values.applicationDomain }}/ga4gh/tes/v1/service-info" -H "Accept: application/json" + + 2. Access the Swagger UI via https://{{ .Values.protes.appName }}.{{ .Values.applicationDomain }}/ga4gh/tes/v1/ui diff --git a/deployment/templates/flower/flower-deployment.yaml b/deployment/templates/flower/flower-deployment.yaml index 867577a..4e1cb64 100644 --- a/deployment/templates/flower/flower-deployment.yaml +++ b/deployment/templates/flower/flower-deployment.yaml @@ -18,4 +18,5 @@ spec: - image: {{ .Values.flower.image }} command: ['flower'] args: ['--broker=amqp://guest:guest@rabbitmq:5672//', '--port=5555', '--basic_auth={{ .Values.flower.basicAuth }}'] - name: flower \ No newline at end of file + name: flower + resources: {{- toYaml .Values.flower.resources | nindent 10 }} diff --git a/deployment/templates/mongodb/mongo-init-script.yaml b/deployment/templates/mongodb/mongo-init-script.yaml new file mode 100644 index 0000000..8353ee5 --- /dev/null +++ b/deployment/templates/mongodb/mongo-init-script.yaml @@ -0,0 +1,41 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: mongo-init-script +data: + init-script.js: | + db = db.getSiblingDB('taskStore'); + dbproTES = db.getSiblingDB('{{ tpl .Values.mongodb.secret.databaseName . }}') + + dbproTES.createUser({ + user: "{{ tpl .Values.mongodb.secret.databaseUser . }}", + pwd: "{{ tpl .Values.mongodb.secret.databasePassword . }}", + roles: [ + { + role: "readWrite", + db: "{{ tpl .Values.mongodb.secret.databaseName . }}" + } + ] + }); + + // Create the 'tasks' and 'service_info' collections + // Database configuration from https://github.com/elixir-cloud-aai/proTES/blob/2f2d88915d9948b0d2ffbe6799af01bbc413b00a/pro_tes/config.yaml#L30 + db.createCollection('tasks'); + db.tasks.createIndex( + { task_id: 1, worker_id: 1 }, + { unique: true, sparse: true } + ); + db.createCollection('service_info'); + db.service_info.createIndex( + { id: 1 } + ); + + dbproTES.createCollection('runs'); + dbproTES.runs.createIndex( + { run_id: 1, task_id: 1 }, + { unique: true, sparse: true } + ); + dbproTES.createCollection('service_info'); + dbproTES.service_info.createIndex( + { id: 1} + ); diff --git a/deployment/templates/mongodb/mongodb-deployment.yaml b/deployment/templates/mongodb/mongodb-deployment.yaml index 22261d7..3cfd44f 100644 --- a/deployment/templates/mongodb/mongodb-deployment.yaml +++ b/deployment/templates/mongodb/mongodb-deployment.yaml @@ -16,25 +16,30 @@ spec: spec: containers: - env: - - name: MONGODB_USER + - name: MONGO_INITDB_ROOT_USERNAME valueFrom: secretKeyRef: - key: database-user + key: databaseRootUsername name: {{ .Values.mongodb.appName }} - - name: MONGODB_PASSWORD + - name: MONGO_INITDB_ROOT_PASSWORD valueFrom: secretKeyRef: - key: database-password + key: databaseRootPassword name: {{ .Values.mongodb.appName }} - - name: MONGODB_ADMIN_PASSWORD + - name: MONGO_INITDB_DATABASE valueFrom: secretKeyRef: - key: database-admin-password + key: databaseName name: {{ .Values.mongodb.appName }} - - name: MONGODB_DATABASE + - name: MONGO_APP_USERNAME valueFrom: secretKeyRef: - key: database-name + key: databaseUser + name: {{ .Values.mongodb.appName }} + - name: MONGO_APP_PASSWORD + valueFrom: + secretKeyRef: + key: databasePassword name: {{ .Values.mongodb.appName }} image: {{ .Values.mongodb.image }} imagePullPolicy: IfNotPresent @@ -57,20 +62,23 @@ spec: - '-i' - '-c' - >- - mongo 127.0.0.1:27017/$MONGODB_DATABASE -u $MONGODB_USER -p - $MONGODB_PASSWORD --eval="quit()" + mongosh --host 127.0.0.1:27017 -u $MONGO_INITDB_ROOT_USERNAME -p $MONGO_INITDB_ROOT_PASSWORD --authenticationDatabase admin $MONGO_INITDB_DATABASE --eval="quit()" failureThreshold: 3 - initialDelaySeconds: 3 + initialDelaySeconds: 30 periodSeconds: 10 successThreshold: 1 - timeoutSeconds: 1 - resources: - limits: - memory: 512Mi + timeoutSeconds: 50 + resources: {{- toYaml .Values.mongodb.resources | nindent 12 }} volumeMounts: - - mountPath: /var/lib/mongodb/data + - mountPath: /data/db name: mongodb-data + - name: init-script + mountPath: /docker-entrypoint-initdb.d/init-script.js + subPath: init-script.js volumes: - name: mongodb-data persistentVolumeClaim: claimName: {{ .Values.mongodb.appName }}-volume + - name: init-script + configMap: + name: mongo-init-script diff --git a/deployment/templates/mongodb/mongodb-pvc.yaml b/deployment/templates/mongodb/mongodb-pvc.yaml index 70fc970..dede4b5 100644 --- a/deployment/templates/mongodb/mongodb-pvc.yaml +++ b/deployment/templates/mongodb/mongodb-pvc.yaml @@ -4,7 +4,7 @@ metadata: name: {{ .Values.mongodb.appName }}-volume spec: accessModes: - - ReadWriteMany + - {{ .Values.storageAccessMode }} resources: requests: storage: {{ .Values.mongodb.volumeSize }} \ No newline at end of file diff --git a/deployment/templates/mongodb/mongodb-secret.yaml b/deployment/templates/mongodb/mongodb-secret.yaml index 57949b7..e634e49 100644 --- a/deployment/templates/mongodb/mongodb-secret.yaml +++ b/deployment/templates/mongodb/mongodb-secret.yaml @@ -4,7 +4,7 @@ type: Opaque metadata: name: {{ .Values.mongodb.appName }} data: - database-admin-password: {{ .Values.mongodb.databaseAdminPassword | b64enc }} - database-name: {{ .Values.mongodb.databaseName | b64enc }} - database-password: {{ .Values.mongodb.databasePassword | b64enc }} - database-user: {{ .Values.mongodb.databaseUser | b64enc }} + {{- range $key, $val := .Values.mongodb.secret }} + "{{ $key }}": "{{ tpl $val $ | b64enc }}" + {{- end }} + diff --git a/deployment/templates/protes/celery-deployment.yaml b/deployment/templates/protes/celery-deployment.yaml index ae28321..e23f0af 100644 --- a/deployment/templates/protes/celery-deployment.yaml +++ b/deployment/templates/protes/celery-deployment.yaml @@ -16,6 +16,7 @@ spec: image: busybox command: [ 'mkdir' ] args: [ '-p', '/data/db', '/data/output', '/data/tmp' ] + resources: {{- toYaml .Values.celeryWorker.initResources | nindent 10 }} volumeMounts: - mountPath: /data name: protes-volume @@ -34,29 +35,23 @@ spec: - name: MONGO_USERNAME valueFrom: secretKeyRef: - key: database-user + key: databaseUser name: {{ .Values.mongodb.appName }} - name: MONGO_PASSWORD valueFrom: secretKeyRef: - key: database-password + key: databasePassword name: {{ .Values.mongodb.appName }} - name: MONGO_DBNAME valueFrom: secretKeyRef: - key: database-name + key: databaseName name: {{ .Values.mongodb.appName }} - name: RABBIT_HOST value: {{ .Values.rabbitmq.appName }} - name: RABBIT_PORT value: "5672" - resources: - requests: - memory: "512Mi" - cpu: "300m" - limits: - memory: "8Gi" - cpu: "1" + resources: {{- toYaml .Values.celeryWorker.resources | nindent 10 }} volumeMounts: - mountPath: /data name: protes-volume diff --git a/deployment/templates/protes/protes-deployment.yaml b/deployment/templates/protes/protes-deployment.yaml index 4dd42d7..a9d708b 100644 --- a/deployment/templates/protes/protes-deployment.yaml +++ b/deployment/templates/protes/protes-deployment.yaml @@ -12,11 +12,24 @@ spec: labels: app: {{ .Values.protes.appName }} spec: + {{- if eq .Values.storageAccessMode "ReadWriteOnce" }} + affinity: + podAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app + operator: In + values: + - {{ .Values.celeryWorker.appName }} + topologyKey: "kubernetes.io/hostname" + {{- end }} initContainers: - name: vol-init image: busybox command: [ 'mkdir' ] args: [ '-p', '/data/db', '/data/specs' ] + resources: {{- toYaml .Values.protes.initResources | nindent 10 }} volumeMounts: - mountPath: /data name: protes-volume @@ -35,22 +48,23 @@ spec: - name: MONGO_USERNAME valueFrom: secretKeyRef: - key: database-user + key: databaseUser name: {{ .Values.mongodb.appName }} - name: MONGO_PASSWORD valueFrom: secretKeyRef: - key: database-password + key: databasePassword name: {{ .Values.mongodb.appName }} - name: MONGO_DBNAME valueFrom: secretKeyRef: - key: database-name + key: databaseName name: {{ .Values.mongodb.appName }} - name: RABBIT_HOST value: {{ .Values.rabbitmq.appName }} - name: RABBIT_PORT value: "5672" + resources: {{- toYaml .Values.protes.resources | nindent 10 }} livenessProbe: tcpSocket: port: protes-port diff --git a/deployment/templates/protes/protes-volume.yaml b/deployment/templates/protes/protes-volume.yaml index 3a48246..95de9ba 100644 --- a/deployment/templates/protes/protes-volume.yaml +++ b/deployment/templates/protes/protes-volume.yaml @@ -5,7 +5,7 @@ metadata: name: {{ .Values.protes.appName}}-volume spec: accessModes: - - ReadWriteMany + - {{ .Values.storageAccessMode }} resources: requests: - storage: '1Gi' \ No newline at end of file + storage: '1Gi' diff --git a/deployment/templates/rabbitmq/rabbitmq-deployment.yaml b/deployment/templates/rabbitmq/rabbitmq-deployment.yaml index 7b8926f..212cfbe 100644 --- a/deployment/templates/rabbitmq/rabbitmq-deployment.yaml +++ b/deployment/templates/rabbitmq/rabbitmq-deployment.yaml @@ -17,10 +17,11 @@ spec: containers: - name: rabbitmq image: {{ .Values.rabbitmq.image }} + resources: {{- toYaml .Values.rabbitmq.resources | nindent 10 }} volumeMounts: - mountPath: /var/lib/rabbitmq name: rabbitmq-volume volumes: - name: rabbitmq-volume persistentVolumeClaim: - claimName: {{ .Values.rabbitmq.appName }}-volume \ No newline at end of file + claimName: {{ .Values.rabbitmq.appName }}-volume diff --git a/deployment/templates/rabbitmq/rabbitmq-pvc.yaml b/deployment/templates/rabbitmq/rabbitmq-pvc.yaml index 544e239..a5cbb88 100644 --- a/deployment/templates/rabbitmq/rabbitmq-pvc.yaml +++ b/deployment/templates/rabbitmq/rabbitmq-pvc.yaml @@ -5,7 +5,7 @@ metadata: name: {{ .Values.rabbitmq.appName }}-volume spec: accessModes: - - ReadWriteMany + - {{ .Values.storageAccessMode }} resources: requests: storage: {{ .Values.rabbitmq.volumeSize }} \ No newline at end of file diff --git a/deployment/values.yaml b/deployment/values.yaml index 1a3f005..732687f 100644 --- a/deployment/values.yaml +++ b/deployment/values.yaml @@ -2,35 +2,88 @@ # This is a YAML-formatted file. # Declare variables to be passed into your templates. -applicationDomain: rahtiapp.fi +applicationDomain: "" # which cluster type proTES is going to be deployed on # it can be either 'kubernetes' or 'openshift' -clusterType: openshift +clusterType: kubernetes + +# mongodb-pvc.yaml/rabbitmq-pvc.yaml, change to ReadWriteMany if storageClass can do RWX +storageAccessMode: ReadWriteOnce flower: appName: protes-flower basicAuth: admin:admin image: endocode/flower + resources: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 200m + memory: 500Mi protes: appName: protes image: elixircloud/protes:latest + initResources: + limits: + memory: 16Mi + cpu: 50m + requests: + memory: 16Mi + resources: + limits: + memory: 256Mi + cpu: 100m + requests: + memory: 256Mi + cpu: 100m celeryWorker: appName: celery-worker image: elixircloud/protes:latest + initResources: + limits: + memory: 16Mi + cpu: 50m + requests: + memory: 16Mi + cpu: 50m + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 256Mi mongodb: appName: mongodb - databaseAdminPassword: adminpasswd - databaseName: protes-db - databasePassword: protes-db-passwd - databaseUser: protes-user + secret: + databaseRootUsername: "" + databaseRootPassword: "" + databaseUser: "" + databasePassword: "" + databaseName: "" volumeSize: 1Gi - image: centos/mongodb-36-centos7 + image: docker.io/library/mongo:noble + resources: + limits: + cpu: 200m + memory: 512Mi + requests: + cpu: 200m + memory: 512Mi rabbitmq: appName: rabbitmq volumeSize: 1Gi - image: rabbitmq:3-management + image: rabbitmq:4.1.4-management + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 200m + memory: 256Mi