1
0
Fork 0

Merge branch 'use-molgenis-prod-in-helm' of p281392/molgenis-ops-docker-helm into master

This commit is contained in:
Fleur Kelpin 2018-09-26 18:05:06 +02:00 committed by Gogs
commit 5760171c4b
21 changed files with 208 additions and 1493 deletions

View File

@ -104,6 +104,7 @@ This repository is serves also as a catalogue for Rancher. We have serveral apps
- [Jenkins](molgenis-jenkins/README.md)
- [NEXUS](molgenis-nexus/README.md)
- [HTTPD](molgenis-httpd/README.md)
- [MOLGENIS](molgenis/README.md)
- [MOLGENIS preview](molgenis-preview/README.md)
- [MOLGENIS vault](molgenis-vault/README.md)
@ -122,6 +123,26 @@ You can you need to know to easily develop and deploy helm-charts
Do it in the root of the project where the Chart.yaml is located
It installs a release of a kubernetes stack. You also store this as an artifact in a kubernetes repository
- ```helm package .```
You can create a package which can be uploaded in the molgenis helm repository
- ```helm publish```
You still have to create an ```index.yaml``` for the chart. You can do this by executing this command: ```helm repo index #directory name of helm chart#```
Then you can upload it by executing:
- ```curl -v --user #username#:#password# --upload-file index.yaml https://registry.molgenis.org/repository/helm/#chart name#/index.yml```
- ```curl -v --user #username#:#password# --upload-file #chart name#-#version#.tgz https://registry.molgenis.org/repository/helm/#chart name#/#chart name#-#version#.tgz```
Now you have to add the repository locally to use in your ```requirements.yaml```.
- ```helm repo add #repository name# https://registry.molgenis.org/repository/helm/molgenis```
- ```helm dep build```
You can build your dependencies (create a ```charts``` directory and install the chart in it) of the helm-chart.
- ```helm list```
Lists all installed releases

View File

@ -8,7 +8,7 @@ questions:
description: "Enable ingress"
type: boolean
required: true
group: "Loadbalancing"
group: "Load balancing"
- variable: opencpu.image.repository
label: Registry
default: "registry.hub.docker.com"

View File

@ -1,21 +0,0 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj

View File

@ -1,8 +0,0 @@
apiVersion: v1
appVersion: "1.0"
description: MOLGENIS - helm stack for testing purposes
name: molgenis-preview
version: 0.2.0
sources:
- https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm.git
icon: https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm/raw/master/molgenis-preview/catalogIcon-molgenis.svg

View File

@ -1,16 +0,0 @@
# MOLGENIS preview
This chart is used for testing purposes. It can be used by data managers or developers to test MOLGENIS (e.g. integration testing).
## Containers
This chart spins up a complete stack to run MOLGENIS. The created containers are:
- MOLGENIS
- PostgreSQL
- Elasticsearch
- OpenCPU
## Rancher
You can spin up a test instance by navigating to https://rancher.molgenis.org:7777 and login with your LDAP-account.
Go to the test-environment and click on "Launch". Search for MOLGENIS.

File diff suppressed because it is too large Load Diff

Before

Width:  |  Height:  |  Size: 77 KiB

View File

@ -1,61 +0,0 @@
categories:
- MOLGENIS
questions:
- variable: ingress.hosts[0].name
default: "test.molgenis.org"
description: "Hostname for your stack"
type: hostname
required: true
group: "Services and Load Balancing"
label: Hostname
- variable: molgenis.image.repository
default: "registry.hub.docker.com"
description: "Select a registry to pull from"
type: enum
options:
- "registry.hub.docker.com"
- "registry.molgenis.org"
required: true
group: "MOLGENIS - Version"
label: Registry
- variable: molgenis.image.tag
default: "stable"
description: "Select a MOLGENIS version (check the registry.molgenis.org or hub.docker.com for other tags)"
type: string
required: true
group: "MOLGENIS - Version"
label: Version
- variable: molgenis.resources.limits.cpu
default: 1
description: "CPU limit for this MOLGENIS instance"
type: enum
options:
- "1"
- "2"
- "3"
- "4"
required: true
group: "MOLGENIS - Resource limits"
label: CPU limit
- variable: molgenis.resources.limits.memory
default: 1250Mi
description: "Memory limit for this MOLGENIS instance"
type: enum
options:
- "1250Mi"
- "1500Mi"
- "2000Mi"
- "2500Mi"
required: true
group: "MOLGENIS - Resource limits"
label: Memory limit
- variable: molgenis.javaOpts
default: "-Xmx1g -XX:+UseConcMarkSweepGC -XX:+CMSClassUnloadingEnabled"
description: "Java runtime options for the MOLGENIS instance"
type: enum
options:
- "-Xmx1g -XX:+UseConcMarkSweepGC -XX:+CMSClassUnloadingEnabled"
- "-Xmx2g -XX:+UseConcMarkSweepGC -XX:+CMSClassUnloadingEnabled"
group: "MOLGENIS - Resource limits"
label: Java memory options

View File

@ -1,19 +0,0 @@
1. Get the application URL by running these commands:
{{- if .Values.ingress.enabled }}
{{- range .Values.ingress.hosts }}
http{{ if $.Values.ingress.tls }}s{{ end }}://{{ . }}{{ $.Values.ingress.path }}
{{- end }}
{{- else if contains "NodePort" .Values.service.type }}
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "molgenis.fullname" . }})
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
{{- else if contains "LoadBalancer" .Values.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status of by running 'kubectl get svc -w {{ template "molgenis.fullname" . }}'
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "molgenis.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
echo http://$SERVICE_IP:{{ .Values.service.port }}
{{- else if contains "ClusterIP" .Values.service.type }}
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "molgenis.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
echo "Visit http://127.0.0.1:8080 to use your application"
kubectl port-forward $POD_NAME 8080:80
{{- end }}

View File

@ -1,32 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "molgenis.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "molgenis.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "molgenis.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}

View File

@ -1,124 +0,0 @@
apiVersion: apps/v1beta2
kind: Deployment
metadata:
{{- with .Values.ingress.annotations }}
annotations:
{{ toYaml . | indent 4 }}
{{- end }}
name: {{ template "molgenis.fullname" . }}
labels:
app: {{ template "molgenis.name" . }}
chart: {{ template "molgenis.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
app: {{ template "molgenis.name" . }}
release: {{ .Release.Name }}
template:
metadata:
labels:
app: {{ template "molgenis.name" . }}
release: {{ .Release.Name }}
spec:
containers:
- name: molgenis
{{- with .Values.molgenis }}
image: "{{ .image.repository }}/{{ .image.name }}:{{ .image.tag }}"
imagePullPolicy: {{ .image.pullPolicy }}
env:
- name: molgenis.home
value: /home/molgenis
- name: opencpu.uri.host
value: localhost
- name: elasticsearch.transport.addresses
value: localhost:9300
- name: elasticsearch.cluster.name
value: {{ $.Values.elasticsearch.clusterName }}
- name: db_uri
value: "jdbc:postgresql://localhost/{{ $.Values.postgres.db }}"
- name: db_user
value: {{ $.Values.postgres.user }}
- name: db_password
value: {{ $.Values.postgres.password }}
- name: admin.password
value: {{ .adminPassword }}
- name: CATALINA_OPTS
value: "{{ .javaOpts }}"
ports:
- containerPort: 8080
# livenessProbe:
# httpGet:
# path: /
# port: 8080
# readinessProbe:
# httpGet:
# path: /api/v2/version
# port: 8080
resources:
{{ toYaml .resources | indent 12 }}
{{- end }}
- name: elasticsearch
{{- with .Values.elasticsearch }}
image: "{{ .image.repository }}:{{ .image.tag }}"
imagePullPolicy: {{ .image.pullPolicy }}
env:
- name: cluster.name
value: {{ .clusterName }}
- name: bootstrap.memory_lock
value: "true"
- name: ES_JAVA_OPTS
value: "{{ .javaOpts }}"
- name: xpack.security.enabled
value: "false"
- name: discovery.type
value: single-node
ports:
- containerPort: 9200
- containerPort: 9300
resources:
{{ toYaml .resources | indent 12 }}
{{- end }}
- name: postgres
{{- with .Values.postgres }}
image: "{{ .image.repository }}:{{ .image.tag }}"
imagePullPolicy: {{ .image.pullPolicy }}
env:
- name: POSTGRES_USER
value: {{ .user }}
- name: POSTGRES_PASSWORD
value: {{ .password }}
- name: POSTGRES_DB
value: {{ .db }}
ports:
- containerPort: 5432
resources:
{{ toYaml .resources | indent 12 }}
{{- end }}
- name: opencpu
{{- with .Values.opencpu }}
image: "{{ .image.repository }}:{{ .image.tag }}"
imagePullPolicy: {{ .image.pullPolicy }}
ports:
- containerPort: 8004
resources:
{{ toYaml .resources | indent 12 }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{ toYaml . | indent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}

View File

@ -1,38 +0,0 @@
{{- if .Values.ingress.enabled -}}
{{- $fullName := include "molgenis.fullname" . -}}
{{- $ingressPath := .Values.ingress.path -}}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ $fullName }}
labels:
app: {{ template "molgenis.name" . }}
chart: {{ template "molgenis.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
{{- with .Values.ingress.annotations }}
annotations:
{{ toYaml . | indent 4 }}
{{- end }}
spec:
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.ingress.hosts }}
- host: {{ .name }}
http:
paths:
- path: {{ $ingressPath }}
backend:
serviceName: {{ $fullName }}
servicePort: 8080
{{- end }}
{{- end }}

View File

@ -1,17 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ template "molgenis.fullname" . }}
labels:
app: {{ template "molgenis.name" . }}
chart: {{ template "molgenis.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
type: {{ .Values.service.type }}
ports:
- name: molgenis
port: {{ .Values.service.port }}
selector:
app: {{ template "molgenis.name" . }}
release: {{ .Release.Name }}

View File

@ -1,82 +0,0 @@
# Default values for molgenis.
replicaCount: 1
service:
type: LoadBalancer
port: 8080
ingress:
enabled: true
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: "0"
path: /
hosts:
- name: test.molgenis.org
tls: []
molgenis:
image:
repository: registry.molgenis.org
name: molgenis/molgenis-app
tag: 7.0.0-SNAPSHOT
pullPolicy: Always
adminPassword: admin
javaOpts: "-Xmx1g -XX:+UseConcMarkSweepGC -XX:+CMSClassUnloadingEnabled"
resources:
limits:
cpu: 1
memory: 1250Mi
requests:
cpu: 200m
memory: 1Gi
postgres:
image:
repository: postgres
tag: 9.6-alpine
pullPolicy: IfNotPresent
user: molgenis
password: molgenis
db: molgenis
resources:
limits:
cpu: 1
memory: 250Mi
requests:
cpu: 100m
memory: 250Mi
elasticsearch:
image:
repository: docker.elastic.co/elasticsearch/elasticsearch
tag: 5.5.3
pullPolicy: IfNotPresent
javaOpts: "-Xms512m -Xmx512m"
clusterName: molgenis
resources:
limits:
cpu: 1
memory: 1500Mi
requests:
cpu: 100m
memory: 1Gi
opencpu:
image:
repository: molgenis/opencpu
tag: latest
pullPolicy: Always
resources:
limits:
cpu: 1
memory: 512Mi
requests:
cpu: 100m
memory: 256Mi
nodeSelector: {}
tolerations: []
affinity: {}

View File

@ -1,8 +1,8 @@
apiVersion: v1
appVersion: "1.0"
description: MOLGENIS - helm stack (in BETA)
name: molgenis-beta
version: 0.3.0
name: molgenis
version: 0.4.2
sources:
- https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm.git
icon: https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm/raw/master/molgenis/catalogIcon-molgenis.svg

View File

@ -5,6 +5,8 @@ This chart is used for acceptance and production use cases.
This chart spins up a MOLGENIS instance with HTTPD. The created containers are:
- MOLGENIS
- ElasticSearch
- PostgreSQL **(optional)**
## Provisioning
You can choose from which registry you want to pull. There are 2 registries:
@ -21,6 +23,19 @@ The three properties you need to specify are:
Besides determining which image you want to pull, you also have to set an administrator password. You can do this by specifying the following property.
- ```molgenis.adminPassword```
### Firewall
Is defined at service level you can specify this attribute in the values:
- ```molgenis.firewall.enabled``` default 'false'
If set to 'true' the following options are available. One of the options below has to be set.
- ```molgenis.firewall.umcg.enabled``` default 'false'
- ```molgenis.firewall.cluster.enabled``` default 'false'
UMCG = only available within the UMCG.
Cluster = only available within the GCC cluster environment.
## Services
When you start MOLGENIS you need:
- an elasticsearch instance (5.5.6)
@ -82,15 +97,16 @@ Select the resources you need dependant on the customer you need to serve.
## Persistence
You can enable persistence on your MOLGENIS stack by specifying the following property.
- ```persistence.enabled```
- ```persistence.enabled``` default 'true'
You can also choose to retain the volume of the NFS.
- ```persistence.retain```
- ```persistence.retain``` default 'false'
The size and claim name can be specified per service. There are now two services that can be persist.
- MOLGENIS
- ElasticSearch
- PostgreSQL **(optional)**
MOLGENIS persistent properties.
- ```molgenis.persistence.claim```
@ -100,6 +116,9 @@ ElasticSearch persistent properties.
- ```elasticsearch.persistence.claim```
- ```elasticsearch.persistence.size```
PostgreSQL persistent properties.
- ```postgres.persistence.claim```
- ```postgres.persistence.size```
### Resolve you persistent volume
You do not know which volume is attached to your MOLGENIS instance. You can resolve this by executing:
@ -116,7 +135,4 @@ You can now view the persistent volume claims and the attached volumes.
| pvc-3984723d-220f-14e8-a98a-skjhf88823kk | 30G | RWO | | Delete | Bound | molgenis-test/molgenis-nfs-claim | nfs-provisioner | | | 33d |
You see the ```molgenis-test/molgenis-nfs-claim``` is bound to the volume: ```pvc-3984723d-220f-14e8-a98a-skjhf88823kk```.
When you want to view the data in the this volume you can go to the nfs-provisioning pod and execute the shell. Go to the directory ```export``` and lookup the directory ```pvc-3984723d-220f-14e8-a98a-skjhf88823kk```.
## Firewall
Is defined at cluster level. This chart does not facilitate firewall configuration.
When you want to view the data in the this volume you can go to the nfs-provisioning pod and execute the shell. Go to the directory ```export``` and lookup the directory ```pvc-3984723d-220f-14e8-a98a-skjhf88823kk```.

View File

@ -8,7 +8,7 @@ questions:
description: "Hostname for your stack"
type: hostname
required: true
group: "Load Balancing"
group: "Load balancing"
- variable: molgenis.image.repository
label: Registry
default: "registry.hub.docker.com"
@ -33,6 +33,24 @@ questions:
type: password
required: true
group: "Provisioning"
- variable: service.firewall.enabled
label: Firewall enabled
default: false
description: "Firewall enabled (can be cluster or UMCG scoped)"
type: boolean
required: true
group: "Provisioning"
show_subquestion_if: true
subquestions:
- variable: service.firewall.kind
default: "umcg"
description: "Firewall kind. This can be 'umcg' or 'cluster' environment"
type: enum
required: true
options:
- umcg
- cluster
label: Firewall kind
- variable: molgenis.services.opencpu.host
label: OpenCPU cluster
default: "localhost"
@ -40,34 +58,43 @@ questions:
type: string
required: true
group: "Services"
- variable: molgenis.services.postgres.host
label: Postgres cluster location
default: "postgresql.molgenis-postgresql.svc"
description: "Set the location of the postgres cluster"
type: string
required: true
group: "Services"
- variable: molgenis.services.postgres.scheme
label: Database scheme
default: "molgenis"
description: "Set the database scheme"
type: string
required: true
group: "Services"
- variable: molgenis.services.postgres.user
label: Database username
default: "molgenis"
description: "Set user of the database scheme"
type: string
required: true
group: "Services"
- variable: molgenis.services.postgres.password
label: Database password
default: "molgenis"
description: "Set the password of the database scheme"
type: string
- variable: molgenis.services.postgres.embedded
label: Postgres embedded
default: false
description: "Do you want an embedded postgres"
type: boolean
required: true
group: "Services"
show_subquestion_if: false
subquestions:
- variable: molgenis.services.postgres.host
label: Postgres cluster location
default: ""
description: "Set the location of the postgres cluster. This can be localhost when the postgres is enabled else you need to specify a cluster location if you do not want a embedded postgres instance)"
type: string
required: true
group: "Services"
- variable: molgenis.services.postgres.scheme
label: Database scheme
default: "molgenis"
description: "Set the database scheme"
type: string
required: true
group: "Services"
- variable: molgenis.services.postgres.user
label: Database username
default: "molgenis"
description: "Set user of the database scheme"
type: string
required: true
group: "Services"
- variable: molgenis.services.postgres.password
label: Database password
default: "molgenis"
description: "Set the password of the database scheme"
type: string
required: true
group: "Services"
- variable: molgenis.resources.limits.memory
label: Container memory limit
default: 1250Mi
@ -98,7 +125,7 @@ questions:
- "2g"
group: "Resources"
- variable: persistence.enabled
default: false
default: true
description: "Do you want to use persistence"
type: boolean
required: true
@ -112,20 +139,29 @@ questions:
type: boolean
label: Retain volume
- variable: molgenis.persistence.size
default: "30Gi"
default: "5Gi"
description: "Size of MOLGENIS filestore (PostgreSQL and ElasticSearch excluded)"
type: enum
options:
- "30Gi"
- "50Gi"
- "100Gi"
- "5Gi"
- "10Gi"
- "20Gi"
label: Size MOLGENIS filestore
- variable: elasticsearch.persistence.size
default: "50Gi"
default: "5Gi"
description: "Size of ElasticSearch data (directory that is persist: /usr/share/elasticsearch/data)"
type: enum
options:
- "5Gi"
- "10Gi"
- "50Gi"
- "100Gi"
- "200Gi"
label: Size for ElasticSearch data
label: Size for ElasticSearch data
- variable: postgres.persistence.size
default: "5Gi"
description: "Size of PostgreSQL data (directory that is persist: /var/lib/postgresql/data/pgdata)"
type: enum
options:
- "5Gi"
- "10Gi"
- "50Gi"
label: Size for PostgreSQL data

View File

@ -97,11 +97,33 @@ spec:
- name: elasticsearch-nfs
mountPath: /usr/share/elasticsearch/data
{{- end }}
resources:
{{ toYaml .resources | indent 12 }}
{{- end }}
- name: postgres
{{- with .Values.postgres }}
image: "{{ .image.repository }}:{{ .image.tag }}"
imagePullPolicy: {{ .image.pullPolicy }}
env:
- name: POSTGRES_USER
value: {{ $.Values.molgenis.services.postgres.user }}
- name: POSTGRES_PASSWORD
value: {{ $.Values.molgenis.services.postgres.password }}
- name: POSTGRES_DB
value: {{ $.Values.molgenis.services.postgres.scheme }}
ports:
- containerPort: 5432
resources:
{{ toYaml .resources | indent 12 }}
{{- if $.Values.persistence.enabled }}
volumeMounts:
- name: postgres-nfs
mountPath: /var/lib/postgresql/data
{{- end }}
{{- end }}
{{- if .Values.persistence.enabled }}
volumes:
- name: molgenis-nfs
@ -110,6 +132,9 @@ spec:
- name: elasticsearch-nfs
persistentVolumeClaim:
claimName: {{ .Values.elasticsearch.persistence.claim }}
- name: postgres-nfs
persistentVolumeClaim:
claimName: {{ .Values.postgres.persistence.claim }}
{{- end }}
{{- with .Values.nodeSelector }}

View File

@ -4,7 +4,7 @@
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ $fullName }}
name: "{{ $.Release.Name }}-ingress"
labels:
app: {{ template "molgenis.name" . }}
chart: {{ template "molgenis.chart" . }}
@ -33,6 +33,6 @@ spec:
- path: {{ $ingressPath }}
backend:
serviceName: {{ $fullName }}
servicePort: 8080
servicePort: {{ $.Values.service.port }}
{{- end }}
{{- end }}

View File

@ -0,0 +1,21 @@
{{- if .Values.molgenis.services.postgres.embedded }}
{{- if .Values.persistence.enabled }}
apiVersion: extensions/v1beta1
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ .Values.postgres.persistence.claim }}
annotations:
{{- if .Values.persistence.retain }}
volume.beta.kubernetes.io/storage-class: "nfs-provisioner-retain"
{{- else }}
volume.beta.kubernetes.io/storage-class: "nfs-provisioner"
{{- end }}
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: {{ .Values.postgres.persistence.size }}
{{- end }}
{{- end }}

View File

@ -9,6 +9,18 @@ metadata:
heritage: {{ .Release.Service }}
spec:
type: {{ .Values.service.type }}
{{- if .Values.service.firewall.enabled }}
loadBalancerSourceRanges:
{{- if .Values.service.firewall.kind eq "umcg" }}
{{- range $index, $rule := .Values.service.firewall.umcg.rules }}
- {{ $rule }}
{{- end }}
{{- else }}
{{- range $index, $rule := .Values.service.firewall.cluster.rules }}
- {{ $rule }}
{{- end }}
{{- end }}
{{- end }}
ports:
- name: molgenis
port: {{ .Values.service.port }}

View File

@ -4,6 +4,15 @@ replicaCount: 1
service:
type: LoadBalancer
firewall:
enabled: false
kind: "umcg"
umcg:
rules:
- 127.0.0.1/32
cluster:
rules:
- 127.0.0.1/32
port: 8080
ingress:
@ -33,7 +42,7 @@ molgenis:
memory: 1250Mi
persistence:
claim: molgenis-nfs-claim
size: 30Gi
size: 5Gi
services:
opencpu:
host: localhost
@ -41,6 +50,7 @@ molgenis:
transportAddresses: localhost:9300
clusterName: molgenis
postgres:
embedded: false
host: localhost
scheme: molgenis
user: molgenis
@ -62,10 +72,26 @@ elasticsearch:
memory: 1Gi
persistence:
claim: elasticsearch-nfs-claim
size: 50Gi
size: 5Gi
postgres:
image:
repository: postgres
tag: 9.6-alpine
pullPolicy: IfNotPresent
resources:
limits:
cpu: 1
memory: 250Mi
requests:
cpu: 100m
memory: 250Mi
persistence:
claim: postgres-nfs-claim
size: 5Gi
persistence:
enabled: false
enabled: true
retain: false
nodeSelector: {