Merge branch 'use-molgenis-prod-in-helm' of p281392/molgenis-ops-docker-helm into master
This commit is contained in:
		
							
								
								
									
										21
									
								
								README.md
									
									
									
									
									
								
							
							
						
						
									
										21
									
								
								README.md
									
									
									
									
									
								
							| @@ -104,6 +104,7 @@ This repository is serves also as a catalogue for Rancher. We have serveral apps | ||||
| - [Jenkins](molgenis-jenkins/README.md) | ||||
| - [NEXUS](molgenis-nexus/README.md) | ||||
| - [HTTPD](molgenis-httpd/README.md) | ||||
| - [MOLGENIS](molgenis/README.md) | ||||
| - [MOLGENIS preview](molgenis-preview/README.md) | ||||
| - [MOLGENIS vault](molgenis-vault/README.md) | ||||
|  | ||||
| @@ -122,6 +123,26 @@ You can you need to know to easily develop and deploy helm-charts | ||||
|    | ||||
|   Do it in the root of the project where the Chart.yaml is located | ||||
|   It installs a release of a kubernetes stack. You also store this as an artifact in a kubernetes repository | ||||
| - ```helm package .``` | ||||
|    | ||||
|   You can create a package which can be uploaded in the molgenis helm repository | ||||
|    | ||||
| - ```helm publish``` | ||||
|   You still have to create an ```index.yaml``` for the chart. You can do this by executing this command: ```helm repo index #directory name of helm chart#``` | ||||
|    | ||||
|   Then you can upload it by executing: | ||||
|    | ||||
|   - ```curl -v --user #username#:#password# --upload-file index.yaml  https://registry.molgenis.org/repository/helm/#chart name#/index.yml``` | ||||
|   - ```curl -v --user #username#:#password# --upload-file #chart name#-#version#.tgz https://registry.molgenis.org/repository/helm/#chart name#/#chart name#-#version#.tgz``` | ||||
|    | ||||
|   Now you have to add the repository locally to use in your ```requirements.yaml```. | ||||
|    | ||||
|   - ```helm repo add #repository name# https://registry.molgenis.org/repository/helm/molgenis``` | ||||
|  | ||||
| - ```helm dep build``` | ||||
|    | ||||
|   You can build your dependencies (create a ```charts``` directory and install the chart in it) of the helm-chart.  | ||||
|  | ||||
| - ```helm list``` | ||||
|    | ||||
|   Lists all installed releases | ||||
|   | ||||
| @@ -8,7 +8,7 @@ questions: | ||||
|   description: "Enable ingress" | ||||
|   type: boolean | ||||
|   required: true | ||||
|   group: "Loadbalancing" | ||||
|   group: "Load balancing" | ||||
| - variable: opencpu.image.repository | ||||
|   label: Registry | ||||
|   default: "registry.hub.docker.com" | ||||
|   | ||||
| @@ -1,21 +0,0 @@ | ||||
| # Patterns to ignore when building packages. | ||||
| # This supports shell glob matching, relative path matching, and | ||||
| # negation (prefixed with !). Only one pattern per line. | ||||
| .DS_Store | ||||
| # Common VCS dirs | ||||
| .git/ | ||||
| .gitignore | ||||
| .bzr/ | ||||
| .bzrignore | ||||
| .hg/ | ||||
| .hgignore | ||||
| .svn/ | ||||
| # Common backup files | ||||
| *.swp | ||||
| *.bak | ||||
| *.tmp | ||||
| *~ | ||||
| # Various IDEs | ||||
| .project | ||||
| .idea/ | ||||
| *.tmproj | ||||
| @@ -1,8 +0,0 @@ | ||||
| apiVersion: v1 | ||||
| appVersion: "1.0" | ||||
| description: MOLGENIS - helm stack for testing purposes | ||||
| name: molgenis-preview | ||||
| version: 0.2.0 | ||||
| sources: | ||||
| - https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm.git | ||||
| icon: https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm/raw/master/molgenis-preview/catalogIcon-molgenis.svg | ||||
| @@ -1,16 +0,0 @@ | ||||
| # MOLGENIS preview | ||||
| This chart is used for testing purposes. It can be used by data managers or developers to test MOLGENIS (e.g. integration testing). | ||||
|  | ||||
| ## Containers | ||||
| This chart spins up a complete stack to run MOLGENIS. The created containers are: | ||||
|  | ||||
| - MOLGENIS | ||||
| - PostgreSQL | ||||
| - Elasticsearch | ||||
| - OpenCPU | ||||
|  | ||||
| ## Rancher | ||||
| You can spin up a test instance by navigating to https://rancher.molgenis.org:7777 and login with your LDAP-account. | ||||
|  | ||||
| Go to the test-environment and click on "Launch". Search for MOLGENIS. | ||||
|  | ||||
										
											
												File diff suppressed because it is too large
												Load Diff
											
										
									
								
							| Before Width: | Height: | Size: 77 KiB | 
| @@ -1,61 +0,0 @@ | ||||
|  | ||||
| categories: | ||||
| - MOLGENIS | ||||
| questions: | ||||
| - variable: ingress.hosts[0].name | ||||
|   default: "test.molgenis.org" | ||||
|   description: "Hostname for your stack" | ||||
|   type: hostname | ||||
|   required: true | ||||
|   group: "Services and Load Balancing" | ||||
|   label: Hostname | ||||
| - variable: molgenis.image.repository | ||||
|   default: "registry.hub.docker.com" | ||||
|   description: "Select a registry to pull from" | ||||
|   type: enum | ||||
|   options: | ||||
|   - "registry.hub.docker.com" | ||||
|   - "registry.molgenis.org" | ||||
|   required: true | ||||
|   group: "MOLGENIS - Version" | ||||
|   label: Registry | ||||
| - variable: molgenis.image.tag | ||||
|   default: "stable" | ||||
|   description: "Select a MOLGENIS version (check the registry.molgenis.org or hub.docker.com for other tags)" | ||||
|   type: string | ||||
|   required: true | ||||
|   group: "MOLGENIS - Version" | ||||
|   label: Version | ||||
| - variable: molgenis.resources.limits.cpu | ||||
|   default: 1 | ||||
|   description: "CPU limit for this MOLGENIS instance" | ||||
|   type: enum | ||||
|   options: | ||||
|   - "1" | ||||
|   - "2" | ||||
|   - "3" | ||||
|   - "4" | ||||
|   required: true | ||||
|   group: "MOLGENIS - Resource limits" | ||||
|   label: CPU limit | ||||
| - variable: molgenis.resources.limits.memory | ||||
|   default: 1250Mi | ||||
|   description: "Memory limit for this MOLGENIS instance" | ||||
|   type: enum | ||||
|   options: | ||||
|   - "1250Mi" | ||||
|   - "1500Mi" | ||||
|   - "2000Mi" | ||||
|   - "2500Mi" | ||||
|   required: true | ||||
|   group: "MOLGENIS - Resource limits" | ||||
|   label: Memory limit | ||||
| - variable: molgenis.javaOpts | ||||
|   default: "-Xmx1g -XX:+UseConcMarkSweepGC -XX:+CMSClassUnloadingEnabled" | ||||
|   description: "Java runtime options for the MOLGENIS instance" | ||||
|   type: enum | ||||
|   options: | ||||
|   - "-Xmx1g -XX:+UseConcMarkSweepGC -XX:+CMSClassUnloadingEnabled" | ||||
|   - "-Xmx2g -XX:+UseConcMarkSweepGC -XX:+CMSClassUnloadingEnabled" | ||||
|   group: "MOLGENIS - Resource limits" | ||||
|   label: Java memory options | ||||
| @@ -1,19 +0,0 @@ | ||||
| 1. Get the application URL by running these commands: | ||||
| {{- if .Values.ingress.enabled }} | ||||
| {{- range .Values.ingress.hosts }} | ||||
|   http{{ if $.Values.ingress.tls }}s{{ end }}://{{ . }}{{ $.Values.ingress.path }} | ||||
| {{- end }} | ||||
| {{- else if contains "NodePort" .Values.service.type }} | ||||
|   export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "molgenis.fullname" . }}) | ||||
|   export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") | ||||
|   echo http://$NODE_IP:$NODE_PORT | ||||
| {{- else if contains "LoadBalancer" .Values.service.type }} | ||||
|      NOTE: It may take a few minutes for the LoadBalancer IP to be available. | ||||
|            You can watch the status of by running 'kubectl get svc -w {{ template "molgenis.fullname" . }}' | ||||
|   export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "molgenis.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') | ||||
|   echo http://$SERVICE_IP:{{ .Values.service.port }} | ||||
| {{- else if contains "ClusterIP" .Values.service.type }} | ||||
|   export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "molgenis.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") | ||||
|   echo "Visit http://127.0.0.1:8080 to use your application" | ||||
|   kubectl port-forward $POD_NAME 8080:80 | ||||
| {{- end }} | ||||
| @@ -1,32 +0,0 @@ | ||||
| {{/* vim: set filetype=mustache: */}} | ||||
| {{/* | ||||
| Expand the name of the chart. | ||||
| */}} | ||||
| {{- define "molgenis.name" -}} | ||||
| {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} | ||||
| {{- end -}} | ||||
|  | ||||
| {{/* | ||||
| Create a default fully qualified app name. | ||||
| We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). | ||||
| If release name contains chart name it will be used as a full name. | ||||
| */}} | ||||
| {{- define "molgenis.fullname" -}} | ||||
| {{- if .Values.fullnameOverride -}} | ||||
| {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} | ||||
| {{- else -}} | ||||
| {{- $name := default .Chart.Name .Values.nameOverride -}} | ||||
| {{- if contains $name .Release.Name -}} | ||||
| {{- .Release.Name | trunc 63 | trimSuffix "-" -}} | ||||
| {{- else -}} | ||||
| {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} | ||||
| {{- end -}} | ||||
| {{- end -}} | ||||
| {{- end -}} | ||||
|  | ||||
| {{/* | ||||
| Create chart name and version as used by the chart label. | ||||
| */}} | ||||
| {{- define "molgenis.chart" -}} | ||||
| {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} | ||||
| {{- end -}} | ||||
| @@ -1,124 +0,0 @@ | ||||
| apiVersion: apps/v1beta2 | ||||
| kind: Deployment | ||||
| metadata: | ||||
|   {{- with .Values.ingress.annotations }} | ||||
|   annotations: | ||||
| {{ toYaml . | indent 4 }} | ||||
|   {{- end }} | ||||
|   name: {{ template "molgenis.fullname" . }} | ||||
|   labels: | ||||
|     app: {{ template "molgenis.name" . }} | ||||
|     chart: {{ template "molgenis.chart" . }} | ||||
|     release: {{ .Release.Name }} | ||||
|     heritage: {{ .Release.Service }} | ||||
| spec: | ||||
|   replicas: {{ .Values.replicaCount }} | ||||
|   selector: | ||||
|     matchLabels: | ||||
|       app: {{ template "molgenis.name" . }} | ||||
|       release: {{ .Release.Name }} | ||||
|   template: | ||||
|     metadata: | ||||
|       labels: | ||||
|         app: {{ template "molgenis.name" . }} | ||||
|         release: {{ .Release.Name }} | ||||
|     spec: | ||||
|       containers: | ||||
|         - name: molgenis | ||||
|         {{- with .Values.molgenis }} | ||||
|           image: "{{ .image.repository }}/{{ .image.name }}:{{ .image.tag }}" | ||||
|           imagePullPolicy: {{ .image.pullPolicy }} | ||||
|           env: | ||||
|             - name: molgenis.home | ||||
|               value: /home/molgenis | ||||
|             - name: opencpu.uri.host | ||||
|               value: localhost | ||||
|             - name: elasticsearch.transport.addresses | ||||
|               value: localhost:9300 | ||||
|             - name: elasticsearch.cluster.name | ||||
|               value: {{ $.Values.elasticsearch.clusterName }} | ||||
|             - name: db_uri | ||||
|               value: "jdbc:postgresql://localhost/{{ $.Values.postgres.db }}" | ||||
|             - name: db_user | ||||
|               value: {{ $.Values.postgres.user }} | ||||
|             - name: db_password | ||||
|               value: {{ $.Values.postgres.password }} | ||||
|             - name: admin.password | ||||
|               value: {{ .adminPassword }} | ||||
|             - name: CATALINA_OPTS | ||||
|               value: "{{ .javaOpts }}" | ||||
|           ports: | ||||
|             - containerPort: 8080 | ||||
| #          livenessProbe: | ||||
| #            httpGet: | ||||
| #              path: / | ||||
| #              port: 8080 | ||||
| #          readinessProbe: | ||||
| #            httpGet: | ||||
| #              path: /api/v2/version | ||||
| #              port: 8080 | ||||
|           resources: | ||||
| {{ toYaml .resources | indent 12 }} | ||||
|         {{- end }} | ||||
|  | ||||
|         - name: elasticsearch | ||||
|         {{- with .Values.elasticsearch }} | ||||
|           image: "{{ .image.repository }}:{{ .image.tag }}" | ||||
|           imagePullPolicy: {{ .image.pullPolicy }} | ||||
|           env: | ||||
|             - name: cluster.name | ||||
|               value: {{ .clusterName }} | ||||
|             - name: bootstrap.memory_lock | ||||
|               value: "true" | ||||
|             - name: ES_JAVA_OPTS | ||||
|               value: "{{ .javaOpts }}" | ||||
|             - name: xpack.security.enabled | ||||
|               value: "false" | ||||
|             - name: discovery.type | ||||
|               value: single-node | ||||
|           ports: | ||||
|             - containerPort: 9200 | ||||
|             - containerPort: 9300 | ||||
|           resources: | ||||
| {{ toYaml .resources | indent 12 }} | ||||
|         {{- end }} | ||||
|  | ||||
|         - name: postgres | ||||
|         {{- with .Values.postgres }} | ||||
|           image: "{{ .image.repository }}:{{ .image.tag }}" | ||||
|           imagePullPolicy: {{ .image.pullPolicy }} | ||||
|           env: | ||||
|             - name: POSTGRES_USER | ||||
|               value: {{ .user }} | ||||
|             - name: POSTGRES_PASSWORD | ||||
|               value: {{ .password }} | ||||
|             - name: POSTGRES_DB | ||||
|               value: {{ .db }} | ||||
|           ports: | ||||
|             - containerPort: 5432 | ||||
|           resources: | ||||
| {{ toYaml .resources | indent 12 }} | ||||
|         {{- end }} | ||||
|  | ||||
|         - name: opencpu | ||||
|         {{- with .Values.opencpu }} | ||||
|           image: "{{ .image.repository }}:{{ .image.tag }}" | ||||
|           imagePullPolicy: {{ .image.pullPolicy }} | ||||
|           ports: | ||||
|             - containerPort: 8004 | ||||
|           resources: | ||||
| {{ toYaml .resources | indent 12 }} | ||||
|         {{- end }} | ||||
|  | ||||
|     {{- with .Values.nodeSelector }} | ||||
|       nodeSelector: | ||||
| {{ toYaml . | indent 8 }} | ||||
|     {{- end }} | ||||
|     {{- with .Values.affinity }} | ||||
|       affinity: | ||||
| {{ toYaml . | indent 8 }} | ||||
|     {{- end }} | ||||
|     {{- with .Values.tolerations }} | ||||
|       tolerations: | ||||
| {{ toYaml . | indent 8 }} | ||||
|     {{- end }} | ||||
| @@ -1,38 +0,0 @@ | ||||
| {{- if .Values.ingress.enabled -}} | ||||
| {{- $fullName := include "molgenis.fullname" . -}} | ||||
| {{- $ingressPath := .Values.ingress.path -}} | ||||
| apiVersion: extensions/v1beta1 | ||||
| kind: Ingress | ||||
| metadata: | ||||
|   name: {{ $fullName }} | ||||
|   labels: | ||||
|     app: {{ template "molgenis.name" . }} | ||||
|     chart: {{ template "molgenis.chart" . }} | ||||
|     release: {{ .Release.Name }} | ||||
|     heritage: {{ .Release.Service }} | ||||
| {{- with .Values.ingress.annotations }} | ||||
|   annotations: | ||||
| {{ toYaml . | indent 4 }} | ||||
| {{- end }} | ||||
| spec: | ||||
| {{- if .Values.ingress.tls }} | ||||
|   tls: | ||||
|   {{- range .Values.ingress.tls }} | ||||
|     - hosts: | ||||
|       {{- range .hosts }} | ||||
|         - {{ . }} | ||||
|       {{- end }} | ||||
|       secretName: {{ .secretName }} | ||||
|   {{- end }} | ||||
| {{- end }} | ||||
|   rules: | ||||
|   {{- range .Values.ingress.hosts }} | ||||
|     - host: {{ .name }} | ||||
|       http: | ||||
|         paths: | ||||
|           - path: {{ $ingressPath }} | ||||
|             backend: | ||||
|               serviceName: {{ $fullName }} | ||||
|               servicePort: 8080 | ||||
|   {{- end }} | ||||
| {{- end }} | ||||
| @@ -1,17 +0,0 @@ | ||||
| apiVersion: v1 | ||||
| kind: Service | ||||
| metadata: | ||||
|   name: {{ template "molgenis.fullname" . }} | ||||
|   labels: | ||||
|     app: {{ template "molgenis.name" . }} | ||||
|     chart: {{ template "molgenis.chart" . }} | ||||
|     release: {{ .Release.Name }} | ||||
|     heritage: {{ .Release.Service }} | ||||
| spec: | ||||
|   type: {{ .Values.service.type }} | ||||
|   ports: | ||||
|     - name: molgenis | ||||
|       port: {{ .Values.service.port }} | ||||
|   selector: | ||||
|     app: {{ template "molgenis.name" . }} | ||||
|     release: {{ .Release.Name }} | ||||
| @@ -1,82 +0,0 @@ | ||||
| # Default values for molgenis. | ||||
|  | ||||
| replicaCount: 1 | ||||
|  | ||||
| service: | ||||
|   type: LoadBalancer | ||||
|   port: 8080 | ||||
|  | ||||
| ingress: | ||||
|   enabled: true | ||||
|   annotations: | ||||
|     nginx.ingress.kubernetes.io/proxy-body-size: "0" | ||||
|   path: / | ||||
|   hosts: | ||||
|   - name: test.molgenis.org | ||||
|   tls: [] | ||||
|  | ||||
| molgenis: | ||||
|   image: | ||||
|     repository: registry.molgenis.org | ||||
|     name: molgenis/molgenis-app | ||||
|     tag: 7.0.0-SNAPSHOT | ||||
|     pullPolicy: Always | ||||
|   adminPassword: admin | ||||
|   javaOpts: "-Xmx1g -XX:+UseConcMarkSweepGC -XX:+CMSClassUnloadingEnabled" | ||||
|   resources: | ||||
|    limits: | ||||
|     cpu: 1 | ||||
|     memory: 1250Mi | ||||
|    requests: | ||||
|     cpu: 200m | ||||
|     memory: 1Gi | ||||
|  | ||||
| postgres: | ||||
|   image: | ||||
|     repository: postgres | ||||
|     tag: 9.6-alpine | ||||
|     pullPolicy: IfNotPresent | ||||
|   user: molgenis | ||||
|   password: molgenis | ||||
|   db: molgenis | ||||
|   resources: | ||||
|    limits: | ||||
|     cpu: 1 | ||||
|     memory: 250Mi | ||||
|    requests: | ||||
|     cpu: 100m | ||||
|     memory: 250Mi | ||||
|  | ||||
| elasticsearch: | ||||
|   image: | ||||
|     repository: docker.elastic.co/elasticsearch/elasticsearch | ||||
|     tag: 5.5.3 | ||||
|     pullPolicy: IfNotPresent | ||||
|   javaOpts: "-Xms512m -Xmx512m" | ||||
|   clusterName: molgenis | ||||
|   resources: | ||||
|    limits: | ||||
|     cpu: 1 | ||||
|     memory: 1500Mi | ||||
|    requests: | ||||
|     cpu: 100m | ||||
|     memory: 1Gi | ||||
|  | ||||
| opencpu: | ||||
|   image: | ||||
|     repository: molgenis/opencpu | ||||
|     tag: latest | ||||
|     pullPolicy: Always | ||||
|   resources: | ||||
|     limits: | ||||
|       cpu: 1 | ||||
|       memory: 512Mi | ||||
|     requests: | ||||
|       cpu: 100m | ||||
|       memory: 256Mi | ||||
|  | ||||
| nodeSelector: {} | ||||
|  | ||||
| tolerations: [] | ||||
|  | ||||
| affinity: {} | ||||
| @@ -1,8 +1,8 @@ | ||||
| apiVersion: v1 | ||||
| appVersion: "1.0" | ||||
| description: MOLGENIS - helm stack (in BETA) | ||||
| name: molgenis-beta | ||||
| version: 0.3.0 | ||||
| name: molgenis | ||||
| version: 0.4.2 | ||||
| sources: | ||||
| - https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm.git | ||||
| icon: https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm/raw/master/molgenis/catalogIcon-molgenis.svg | ||||
| @@ -5,6 +5,8 @@ This chart is used for acceptance and production use cases. | ||||
| This chart spins up a MOLGENIS instance with HTTPD. The created containers are: | ||||
|  | ||||
| - MOLGENIS | ||||
| - ElasticSearch | ||||
| - PostgreSQL **(optional)** | ||||
|  | ||||
| ## Provisioning | ||||
| You can choose from which registry you want to pull. There are 2 registries: | ||||
| @@ -21,6 +23,19 @@ The three properties you need to specify are: | ||||
| Besides determining which image you want to pull, you also have to set an administrator password. You can do this by specifying the following property.  | ||||
| - ```molgenis.adminPassword``` | ||||
|  | ||||
| ### Firewall | ||||
| Is defined at service level you can specify this attribute in the values: | ||||
|  | ||||
| - ```molgenis.firewall.enabled``` default 'false'  | ||||
|  | ||||
| If set to 'true' the following options are available. One of the options below has to be set. | ||||
|  | ||||
| - ```molgenis.firewall.umcg.enabled``` default 'false'   | ||||
| - ```molgenis.firewall.cluster.enabled``` default 'false' | ||||
|  | ||||
| UMCG = only available within the UMCG. | ||||
| Cluster = only available within the GCC cluster environment. | ||||
|  | ||||
| ## Services | ||||
| When you start MOLGENIS you need: | ||||
| - an elasticsearch instance (5.5.6)  | ||||
| @@ -82,15 +97,16 @@ Select the resources you need dependant on the customer you need to serve. | ||||
| ## Persistence | ||||
| You can enable persistence on your MOLGENIS stack by specifying the following property. | ||||
|  | ||||
| - ```persistence.enabled``` | ||||
| - ```persistence.enabled``` default 'true' | ||||
|  | ||||
| You can also choose to retain the volume of the NFS. | ||||
| - ```persistence.retain``` | ||||
| - ```persistence.retain``` default 'false' | ||||
|  | ||||
| The size and claim name can be specified per service. There are now two services that can be persist. | ||||
|  | ||||
| - MOLGENIS | ||||
| - ElasticSearch | ||||
| - PostgreSQL **(optional)** | ||||
|  | ||||
| MOLGENIS persistent properties. | ||||
| - ```molgenis.persistence.claim``` | ||||
| @@ -100,6 +116,9 @@ ElasticSearch persistent properties. | ||||
| - ```elasticsearch.persistence.claim``` | ||||
| - ```elasticsearch.persistence.size``` | ||||
|  | ||||
| PostgreSQL persistent properties. | ||||
| - ```postgres.persistence.claim``` | ||||
| - ```postgres.persistence.size``` | ||||
|  | ||||
| ### Resolve you persistent volume | ||||
| You do not know which volume is attached to your MOLGENIS instance. You can resolve this by executing: | ||||
| @@ -116,7 +135,4 @@ You can now view the persistent volume claims and the attached volumes. | ||||
| | pvc-3984723d-220f-14e8-a98a-skjhf88823kk | 30G | RWO | | Delete | Bound | molgenis-test/molgenis-nfs-claim | nfs-provisioner | | | 33d | | ||||
|  | ||||
| You see the ```molgenis-test/molgenis-nfs-claim``` is bound to the volume: ```pvc-3984723d-220f-14e8-a98a-skjhf88823kk```. | ||||
| When you want to view the data in the this volume you can go to the nfs-provisioning pod and execute the shell. Go to the directory ```export``` and lookup the directory ```pvc-3984723d-220f-14e8-a98a-skjhf88823kk```.  | ||||
|  | ||||
| ## Firewall | ||||
| Is defined at cluster level. This chart does not facilitate firewall configuration. | ||||
| When you want to view the data in the this volume you can go to the nfs-provisioning pod and execute the shell. Go to the directory ```export``` and lookup the directory ```pvc-3984723d-220f-14e8-a98a-skjhf88823kk```.  | ||||
| @@ -8,7 +8,7 @@ questions: | ||||
|   description: "Hostname for your stack" | ||||
|   type: hostname | ||||
|   required: true | ||||
|   group: "Load Balancing" | ||||
|   group: "Load balancing" | ||||
| - variable: molgenis.image.repository | ||||
|   label: Registry | ||||
|   default: "registry.hub.docker.com" | ||||
| @@ -33,6 +33,24 @@ questions: | ||||
|   type: password | ||||
|   required: true | ||||
|   group: "Provisioning" | ||||
| - variable: service.firewall.enabled | ||||
|   label: Firewall enabled | ||||
|   default: false | ||||
|   description: "Firewall enabled (can be cluster or UMCG scoped)" | ||||
|   type: boolean | ||||
|   required: true | ||||
|   group: "Provisioning" | ||||
|   show_subquestion_if: true | ||||
|   subquestions: | ||||
|   - variable: service.firewall.kind | ||||
|     default: "umcg" | ||||
|     description: "Firewall kind. This can be 'umcg' or 'cluster' environment" | ||||
|     type: enum | ||||
|     required: true | ||||
|     options: | ||||
|     - umcg | ||||
|     - cluster | ||||
|     label: Firewall kind | ||||
| - variable: molgenis.services.opencpu.host | ||||
|   label: OpenCPU cluster | ||||
|   default: "localhost" | ||||
| @@ -40,34 +58,43 @@ questions: | ||||
|   type: string | ||||
|   required: true | ||||
|   group: "Services" | ||||
| - variable: molgenis.services.postgres.host | ||||
|   label: Postgres cluster location | ||||
|   default: "postgresql.molgenis-postgresql.svc" | ||||
|   description: "Set the location of the postgres cluster" | ||||
|   type: string | ||||
|   required: true | ||||
|   group: "Services" | ||||
| - variable: molgenis.services.postgres.scheme | ||||
|   label: Database scheme | ||||
|   default: "molgenis" | ||||
|   description: "Set the database scheme" | ||||
|   type: string | ||||
|   required: true | ||||
|   group: "Services" | ||||
| - variable: molgenis.services.postgres.user | ||||
|   label: Database username | ||||
|   default: "molgenis" | ||||
|   description: "Set user of the database scheme" | ||||
|   type: string | ||||
|   required: true | ||||
|   group: "Services" | ||||
| - variable: molgenis.services.postgres.password | ||||
|   label: Database password | ||||
|   default: "molgenis" | ||||
|   description: "Set the password of the database scheme" | ||||
|   type: string | ||||
| - variable: molgenis.services.postgres.embedded | ||||
|   label: Postgres embedded | ||||
|   default: false | ||||
|   description: "Do you want an embedded postgres" | ||||
|   type: boolean | ||||
|   required: true | ||||
|   group: "Services" | ||||
|   show_subquestion_if: false | ||||
|   subquestions: | ||||
|   - variable: molgenis.services.postgres.host | ||||
|     label: Postgres cluster location | ||||
|     default: "" | ||||
|     description: "Set the location of the postgres cluster. This can be localhost when the postgres is enabled else you need to specify a cluster location if you do not want a embedded postgres instance)" | ||||
|     type: string | ||||
|     required: true | ||||
|     group: "Services" | ||||
|   - variable: molgenis.services.postgres.scheme | ||||
|     label: Database scheme | ||||
|     default: "molgenis" | ||||
|     description: "Set the database scheme" | ||||
|     type: string | ||||
|     required: true | ||||
|     group: "Services" | ||||
|   - variable: molgenis.services.postgres.user | ||||
|     label: Database username | ||||
|     default: "molgenis" | ||||
|     description: "Set user of the database scheme" | ||||
|     type: string | ||||
|     required: true | ||||
|     group: "Services" | ||||
|   - variable: molgenis.services.postgres.password | ||||
|     label: Database password | ||||
|     default: "molgenis" | ||||
|     description: "Set the password of the database scheme" | ||||
|     type: string | ||||
|     required: true | ||||
|     group: "Services" | ||||
| - variable: molgenis.resources.limits.memory | ||||
|   label: Container memory limit | ||||
|   default: 1250Mi | ||||
| @@ -98,7 +125,7 @@ questions: | ||||
|   - "2g" | ||||
|   group: "Resources" | ||||
| - variable: persistence.enabled | ||||
|   default: false | ||||
|   default: true | ||||
|   description: "Do you want to use persistence" | ||||
|   type: boolean | ||||
|   required: true | ||||
| @@ -112,20 +139,29 @@ questions: | ||||
|     type: boolean | ||||
|     label: Retain volume | ||||
|   - variable: molgenis.persistence.size | ||||
|     default: "30Gi" | ||||
|     default: "5Gi" | ||||
|     description: "Size of MOLGENIS filestore (PostgreSQL and ElasticSearch excluded)" | ||||
|     type: enum | ||||
|     options: | ||||
|     - "30Gi" | ||||
|     - "50Gi" | ||||
|     - "100Gi" | ||||
|     - "5Gi" | ||||
|     - "10Gi" | ||||
|     - "20Gi" | ||||
|     label: Size MOLGENIS filestore | ||||
|   - variable: elasticsearch.persistence.size | ||||
|     default: "50Gi" | ||||
|     default: "5Gi" | ||||
|     description: "Size of ElasticSearch data (directory that is persist: /usr/share/elasticsearch/data)" | ||||
|     type: enum | ||||
|     options: | ||||
|     - "5Gi" | ||||
|     - "10Gi" | ||||
|     - "50Gi" | ||||
|     - "100Gi" | ||||
|     - "200Gi" | ||||
|     label: Size for ElasticSearch data | ||||
|     label: Size for ElasticSearch data | ||||
|   - variable: postgres.persistence.size | ||||
|     default: "5Gi" | ||||
|     description: "Size of PostgreSQL data (directory that is persist: /var/lib/postgresql/data/pgdata)" | ||||
|     type: enum | ||||
|     options: | ||||
|     - "5Gi" | ||||
|     - "10Gi" | ||||
|     - "50Gi" | ||||
|     label: Size for PostgreSQL data | ||||
| @@ -97,11 +97,33 @@ spec: | ||||
|           - name: elasticsearch-nfs | ||||
|             mountPath: /usr/share/elasticsearch/data | ||||
|           {{- end }} | ||||
|  | ||||
|           resources: | ||||
| {{ toYaml .resources | indent 12 }} | ||||
|         {{- end }} | ||||
|  | ||||
|         - name: postgres | ||||
|         {{- with .Values.postgres }} | ||||
|           image: "{{ .image.repository }}:{{ .image.tag }}" | ||||
|           imagePullPolicy: {{ .image.pullPolicy }} | ||||
|           env: | ||||
|             - name: POSTGRES_USER | ||||
|               value: {{ $.Values.molgenis.services.postgres.user }} | ||||
|             - name: POSTGRES_PASSWORD | ||||
|               value: {{ $.Values.molgenis.services.postgres.password }} | ||||
|             - name: POSTGRES_DB | ||||
|               value: {{ $.Values.molgenis.services.postgres.scheme }} | ||||
|           ports: | ||||
|             - containerPort: 5432 | ||||
|           resources: | ||||
| {{ toYaml .resources | indent 12 }} | ||||
|           {{- if $.Values.persistence.enabled }} | ||||
|           volumeMounts: | ||||
|           - name: postgres-nfs | ||||
|             mountPath: /var/lib/postgresql/data | ||||
|           {{- end }} | ||||
|         {{- end }} | ||||
|  | ||||
|  | ||||
| {{- if .Values.persistence.enabled }} | ||||
|       volumes: | ||||
|         - name: molgenis-nfs | ||||
| @@ -110,6 +132,9 @@ spec: | ||||
|         - name: elasticsearch-nfs | ||||
|           persistentVolumeClaim: | ||||
|             claimName: {{ .Values.elasticsearch.persistence.claim }} | ||||
|         - name: postgres-nfs | ||||
|           persistentVolumeClaim: | ||||
|             claimName: {{ .Values.postgres.persistence.claim }} | ||||
| {{- end }} | ||||
|  | ||||
|     {{- with .Values.nodeSelector }} | ||||
|   | ||||
| @@ -4,7 +4,7 @@ | ||||
| apiVersion: extensions/v1beta1 | ||||
| kind: Ingress | ||||
| metadata: | ||||
|   name: {{ $fullName }} | ||||
|   name: "{{ $.Release.Name }}-ingress" | ||||
|   labels: | ||||
|     app: {{ template "molgenis.name" . }} | ||||
|     chart: {{ template "molgenis.chart" . }} | ||||
| @@ -33,6 +33,6 @@ spec: | ||||
|           - path: {{ $ingressPath }} | ||||
|             backend: | ||||
|               serviceName: {{ $fullName }} | ||||
|               servicePort: 8080 | ||||
|               servicePort: {{ $.Values.service.port }} | ||||
|   {{- end }} | ||||
| {{- end }} | ||||
|   | ||||
							
								
								
									
										21
									
								
								molgenis/templates/persistence/postgresPVC.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										21
									
								
								molgenis/templates/persistence/postgresPVC.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,21 @@ | ||||
| {{- if .Values.molgenis.services.postgres.embedded }} | ||||
| {{- if .Values.persistence.enabled }} | ||||
| apiVersion: extensions/v1beta1 | ||||
| kind: PersistentVolumeClaim | ||||
| apiVersion: v1 | ||||
| metadata: | ||||
|   name: {{ .Values.postgres.persistence.claim }} | ||||
|   annotations: | ||||
|     {{- if .Values.persistence.retain }} | ||||
|     volume.beta.kubernetes.io/storage-class: "nfs-provisioner-retain" | ||||
|     {{- else }} | ||||
|     volume.beta.kubernetes.io/storage-class: "nfs-provisioner" | ||||
|     {{- end }} | ||||
| spec: | ||||
|   accessModes: | ||||
|     - ReadWriteMany | ||||
|   resources: | ||||
|     requests: | ||||
|       storage: {{ .Values.postgres.persistence.size }} | ||||
| {{- end }} | ||||
| {{- end }} | ||||
| @@ -9,6 +9,18 @@ metadata: | ||||
|     heritage: {{ .Release.Service }} | ||||
| spec: | ||||
|   type: {{ .Values.service.type }} | ||||
| {{- if .Values.service.firewall.enabled }} | ||||
|   loadBalancerSourceRanges: | ||||
| {{- if .Values.service.firewall.kind eq "umcg" }} | ||||
|     {{- range $index, $rule := .Values.service.firewall.umcg.rules }} | ||||
|     - {{ $rule }} | ||||
|     {{- end }} | ||||
| {{- else }} | ||||
|     {{- range $index, $rule := .Values.service.firewall.cluster.rules }} | ||||
|     - {{ $rule }} | ||||
|     {{- end }} | ||||
| {{- end }} | ||||
| {{- end }} | ||||
|   ports: | ||||
|     - name: molgenis | ||||
|       port: {{ .Values.service.port }} | ||||
|   | ||||
| @@ -4,6 +4,15 @@ replicaCount: 1 | ||||
|  | ||||
| service: | ||||
|   type: LoadBalancer | ||||
|   firewall: | ||||
|     enabled: false | ||||
|     kind: "umcg" | ||||
|     umcg: | ||||
|       rules: | ||||
|       - 127.0.0.1/32 | ||||
|     cluster: | ||||
|       rules: | ||||
|       - 127.0.0.1/32 | ||||
|   port: 8080 | ||||
|  | ||||
| ingress: | ||||
| @@ -33,7 +42,7 @@ molgenis: | ||||
|       memory: 1250Mi | ||||
|   persistence: | ||||
|     claim: molgenis-nfs-claim | ||||
|     size: 30Gi | ||||
|     size: 5Gi | ||||
|   services: | ||||
|     opencpu: | ||||
|       host: localhost | ||||
| @@ -41,6 +50,7 @@ molgenis: | ||||
|       transportAddresses: localhost:9300 | ||||
|       clusterName: molgenis | ||||
|     postgres: | ||||
|       embedded: false | ||||
|       host: localhost | ||||
|       scheme: molgenis | ||||
|       user: molgenis | ||||
| @@ -62,10 +72,26 @@ elasticsearch: | ||||
|     memory: 1Gi | ||||
|   persistence: | ||||
|     claim: elasticsearch-nfs-claim | ||||
|     size: 50Gi | ||||
|     size: 5Gi | ||||
|  | ||||
| postgres: | ||||
|   image: | ||||
|     repository: postgres | ||||
|     tag: 9.6-alpine | ||||
|     pullPolicy: IfNotPresent | ||||
|   resources: | ||||
|     limits: | ||||
|       cpu: 1 | ||||
|       memory: 250Mi | ||||
|     requests: | ||||
|       cpu: 100m | ||||
|       memory: 250Mi | ||||
|   persistence: | ||||
|     claim: postgres-nfs-claim | ||||
|     size: 5Gi | ||||
|  | ||||
| persistence: | ||||
|   enabled: false | ||||
|   enabled: true | ||||
|   retain: false | ||||
|  | ||||
| nodeSelector: { | ||||
|   | ||||
		Reference in New Issue
	
	Block a user