From e0d15dcef72dc1a5a76b033f4027111b69ab4d55 Mon Sep 17 00:00:00 2001 From: Fleur Kelpin Date: Sat, 29 Sep 2018 14:32:02 +0200 Subject: [PATCH] refactor: Move charts to charts directory --- charts/molgenis-nexus/README.md | 5 + molgenis-jenkins/Chart.yaml | 8 - molgenis-jenkins/README.md | 115 ---- molgenis-jenkins/resources/README.md | 8 - molgenis-jenkins/values.yaml | 617 --------------------- molgenis-nexus/README.md | 69 --- molgenis-opencpu/templates/deployment.yaml | 37 -- molgenis-opencpu/values.yaml | 43 -- molgenis-vault/README.md | 52 -- molgenis-vault/values.yaml | 86 --- molgenis/values.yaml | 102 ---- 11 files changed, 5 insertions(+), 1137 deletions(-) delete mode 100755 molgenis-jenkins/Chart.yaml delete mode 100644 molgenis-jenkins/README.md delete mode 100644 molgenis-jenkins/resources/README.md delete mode 100644 molgenis-jenkins/values.yaml delete mode 100644 molgenis-nexus/README.md delete mode 100644 molgenis-opencpu/templates/deployment.yaml delete mode 100644 molgenis-opencpu/values.yaml delete mode 100644 molgenis-vault/README.md delete mode 100644 molgenis-vault/values.yaml delete mode 100644 molgenis/values.yaml diff --git a/charts/molgenis-nexus/README.md b/charts/molgenis-nexus/README.md index b6bda27..bf174c5 100644 --- a/charts/molgenis-nexus/README.md +++ b/charts/molgenis-nexus/README.md @@ -61,4 +61,9 @@ To test if your hem chart works and: To deploy it on the cluster. +```curl -L -u xxxx:xxxx http://registry.molgenis.org/repository/helm/ --upload-file molgenis-x.x.x.tgz``` + +To push it to the registry + + diff --git a/molgenis-jenkins/Chart.yaml b/molgenis-jenkins/Chart.yaml deleted file mode 100755 index a50005e..0000000 --- a/molgenis-jenkins/Chart.yaml +++ /dev/null @@ -1,8 +0,0 @@ -name: molgenis-jenkins -home: https://jenkins.io/ -version: 0.8.0 -appVersion: 2.121 -description: Molgenis installation for the jenkins chart. -sources: -- https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm.git -icon: https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm/raw/master/molgenis-jenkins/catalogIcon-molgenis-jenkins.svg diff --git a/molgenis-jenkins/README.md b/molgenis-jenkins/README.md deleted file mode 100644 index f84d082..0000000 --- a/molgenis-jenkins/README.md +++ /dev/null @@ -1,115 +0,0 @@ -# Molgenis Jenkins Helm Chart - -Jenkins master and slave cluster utilizing the Jenkins Kubernetes plugin. -Wraps [the kuberenetes jenkins chart](https://github.com/kubernetes/charts/tree/master/stable/jenkins), see documentation there! - -## Chart Details - -This chart will do the following: - -* 1 x Jenkins Master with port 8080 exposed on an external ClusterIP -* All using Kubernetes Deployments - -## Installing the Chart - -Usually, you'll be deploying this to the molgenis cluster. -In the [Rancher Catalog](https://rancher.molgenis.org:7443/g/catalog), add the latest version of this repository. -In the [molgenis cluster management page](https://rancher.molgenis.org:7443/p/c-mhkqb:project-2pf45/apps), choose the -catalog, pick the molgenis-jenkins app from the catalog and deploy it. - -## Configuration - -When deploying, you can paste values into the Rancher Answers to override the defaults in this chart. -Array values can be added as {value, value, value}. -``` -jenkins.Master.HostName=jenkins.molgenis.org -jenkins.Master.AdminPassword=pa$$word -jenkins.Persistence.Enabled=false -jenkins.Master.InstallPlugins={kubernetes:1.8.4, workflow-aggregator:2.5, workflow-job:2.21, credentials-binding:1.16, git:3.9.1, blueocean:1.6.2, github-oauth:0.29} -jenkins.Master.Security.UseGitHub=false -## if UseGitHub=true -jenkins.Master.Security.GitHub.ClientID=id -jenkins.Master.Security.GitHub.ClientSecret=S3cr3t -## end UseGitHub=true -PipelineSecrets.Env.PGPPassphrase=literal:S3cr3t -``` - -You can use [all configuration values of the jenkins subchart](https://github.com/kubernetes/charts/tree/master/stable/jenkins). -> Because we use jenkins as a sub-chart, you should prefix all value keys with `jenkins`! - -### GitHub Authentication delegation -You need to setup a MOLGENIS - Jenkins GitHub OAuth App. You can do this by accessing this url: [add new OAuth app](https://github.com/settings/applications/new). - -### Secrets - - When deployed, the chart creates a couple of kubernetes secrets that get used by jenkins. - - You can override the values at deploy time but otherwise also configure them - [in Rancher](https://rancher.molgenis.org:7443/p/c-mhkqb:project-2pf45/secrets) or through kubectl. - -#### Vault - -The vault secret gets mounted in the vault pod so pipeline scripts can retrieve secrets from the vault. - -| Parameter | Description | Default | -| ------------------------- | ------------------------------------------ | ---------------------------------------------- | -| `secret.vault.token` | Token to log into the hashicorp vault | `xxxx` | -| `secret.vault.addr` | Address of the vault | `https:vault-operator.vault-operator.svc:8200` | -| `secret.vault.skipVerify` | Skip verification of the https connection | `1` | - -#### GitHub - -Token used by Jenkins to authenticate on GitHub. - -| Parameter | Description | Default | -| --------------------- | ------------------------ | ------------------ | -| `secret.gitHub.user` | username for the account | `molgenis-jenkins` | -| `secret.gitHub.token` | token for the account | `xxxx` | - -#### Gogs - -Token used by Jenkins to authenticate on the [RuG Webhosting Gogs](https://git.webhosting.rug.nl). - -| Parameter | Description | Default | -| ------------------- | ------------------------ | --------- | -| `secret.gogs.user` | username for the account | `p281392` | -| `secret.gogs.token` | token for the account | `xxxx` | - - -#### Slack -The Slack integration is done mostly in the Jenkinsfile of each project. It is sufficient to only add the plugin to the Jenkins configuration in Helm. - -#### Legacy: - -##### Docker Hub - -Account used in pipeline builds to push docker images to `hub.docker.com`. -> They should read `secret/gcc/account/dockerhub` from vault instead! - -| Parameter | Description | Default | -| --------------------------- | ------------------------ | --------------- | -| `secret.dockerHub.user` | username for the account | `molgenisci` | -| `secret.dockerHub.password` | password for the account | `xxxx` | - -##### Registry - -Account used in pipeline builds to push docker images to `registry.molgenis.org`. -> They should read `secret/ops/account/nexus` from vault instead! - -| Parameter | Description | Default | -| --------------------------- | ------------------------ | --------- | -| `secret.dockerHub.user` | username for the account | `admin` | -| `secret.dockerHub.password` | password for the account | `xxxx` | - -## Command line use -Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. - -Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. -For example, - -```bash -$ helm install --name jenkins -f values.yaml molgenis-jenkins -``` - -> **Tip**: You can use the default [values.yaml](values.yaml) - diff --git a/molgenis-jenkins/resources/README.md b/molgenis-jenkins/resources/README.md deleted file mode 100644 index b96b362..0000000 --- a/molgenis-jenkins/resources/README.md +++ /dev/null @@ -1,8 +0,0 @@ -# Helm in Jenkins - -To be able to run helm inside a jenkins pod, you'll need to -* create a role in the namespace where tiller is installed -* bind that role to the user that jenkins pods run as - -This directory contains yaml for these resources. -See also https://github.com/helm/helm/blob/master/docs/rbac.md \ No newline at end of file diff --git a/molgenis-jenkins/values.yaml b/molgenis-jenkins/values.yaml deleted file mode 100644 index deba807..0000000 --- a/molgenis-jenkins/values.yaml +++ /dev/null @@ -1,617 +0,0 @@ -jenkins: - Master: - NodeSelector: - deployPod: "true" - HostName: jenkins.molgenis.org - ServiceType: ClusterIP - InstallPlugins: - - kubernetes:1.12.6 - - workflow-aggregator:2.5 - - workflow-job:2.25 - - credentials-binding:1.16 - - git:3.9.1 - - github-branch-source:2.3.6 - - kubernetes-credentials-provider:0.10 - - blueocean:1.8.3 - - github-oauth:0.29 - - gogs-webhook:1.0.14 - - github-scm-trait-commit-skip:0.1.1 - - slack:2.3 - Security: - UseGitHub: false - GitHub: - ClientID: "" - ClienSecret: "" - DefaultView: dev - Views: - dev: - - molgenis - ops: - - molgenis-ops-docker-httpd - - molgenis-ops-docker-maven - - molgenis-ops-docker-node - - molgenis-ops-tools - - molgenis-ops-tomcat - Jobs: |- - molgenis: |- - - - - - - - - - - - .* - - - - - - - - false - - - - - - - true - -1 - -1 - - - - H H * * * - 86400000 - - - false - - - molgenis - molgenis-jenkins-github-secret - - - 1 - - - 1 - - - 1 - - - - - - ** - - - - - MOLGENIS Jenkins - molgenis+ci@gmail.com - - - - - - - - Jenkinsfile - - - - - molgenis-ops-docker-httpd: |- - - - - HTTPD server that can be used for redirection and proxieing - molgenis-ops-docker-httpd - - - - - - - - - - - - false - - - - - - - true - -1 - -1 - - - false - - - - - a756941d-6c9d-4492-bcf9-327041764be6 - https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-httpd.git - molgenis-jenkins-gogs-secret - - - - - ** - - - - - MOLGENIS Jenkins - molgenis+ci@gmail.com - - - - - - - - - - - - - - Jenkinsfile - - - molgenis-ops-docker-node: |- - - - - NodeJS build container with Curl - molgenis-ops-docker-node - - - - - - - - - - - - false - - - - - - - true - -1 - -1 - - - false - - - - - a756941d-6c9d-4492-bcf9-327041764be6 - https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-node.git - molgenis-jenkins-gogs-secret - - - - - ** - - - - - MOLGENIS Jenkins - molgenis+ci@gmail.com - - - - - - - - - - - - - - Jenkinsfile - - - molgenis-ops-docker-maven: |- - - - - MAVEN build container with RPMbuild and Curl - molgenis-ops-docker-maven - - - - - - - - - - - - false - - - - - - - true - -1 - -1 - - - false - - - - - 4702479a-6988-4a85-b4b7-e77fa2d05ffa - https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-maven.git - molgenis-jenkins-gogs-secret - - - - - ** - - - - - MOLGENIS Jenkins - molgenis+ci@gmail.com - - - - - - - - - - - - - - Jenkinsfile - - - molgenis-ops-tomcat: |- - - - - MOLGENIS tomcat package to manage tomcat version on CentOS - molgenis-ops-tomcat - - - - - - - - - - - - false - - - - - - - true - -1 - -1 - - - false - - - - - 4702479a-6988-4a85-b4b7-e77fa2d05ffa - https://git.webhosting.rug.nl/molgenis/molgenis-ops-tomcat.git - molgenis-jenkins-gogs-secret - - - - - ** - - - - - MOLGENIS Jenkins - molgenis+ci@gmail.com - - - - - - - - - - - - - - Jenkinsfile - - - molgenis-ops-tools: |- - - - - MOLGENIS operations tools-package to configure firewall, apache, sudoers, etc. - molgenis-ops-tools - - - - - - - - - - - - false - - - - - - - true - -1 - -1 - - - false - - - - - 4702479a-6988-4a85-b4b7-e77fa2d05ffa - https://git.webhosting.rug.nl/molgenis/molgenis-ops-tools.git - molgenis-jenkins-gogs-secret - - - - - ** - - - - - MOLGENIS Jenkins - molgenis+ci@gmail.com - - - - - - - - - - - - - - Jenkinsfile - - - # Kubernetes secret that contains a 'credentials.xml' for Jenkins - # CredentialsXmlSecret: jenkins-credentials - # Kubernetes secret that contains files to be put in the Jenkins 'secrets' directory, - # useful to manage encryption keys used for credentials.xml for instance (such as - # master.key and hudson.util.Secret) - # SecretsFilesSecret: jenkins-secrets - CustomConfigMap: true - rbac: - install: true - Pods: - molgenis: - Label: molgenis - NodeUsageMode: NORMAL - volumes: - - type: HostPath - hostPath: "/var/run/docker.sock" - mountPath: "/var/run/docker.sock" - Containers: - maven: - Image: "registry.webhosting.rug.nl/molgenis/maven" - ImageTag: lts - AlwaysPullImage: true - Command: cat - WorkingDir: /home/jenkins - TTY: true - resources: - requests: - cpu: "1" - memory: "4Gi" - EnvVars: - - type: KeyValue - key: MAVEN_OPTS - value: "-Duser.home=/home/jenkins" - - type: KeyValue - key: MAVEN_CONFIG - value: "/home/jenkins/.m2" - alpine: - Image: "spotify/alpine" - Command: cat - WorkingDir: /home/jenkins - TTY: true - vault: - Image: "vault" - Command: cat - WorkingDir: /home/jenkins - TTY: true - EnvVars: - - type: Secret - key: VAULT_TOKEN - secretName: molgenis-pipeline-vault-secret - secretKey: token - - type: Secret - key: VAULT_SKIP_VERIFY - secretName: molgenis-pipeline-vault-secret - secretKey: skipVerify - - type: Secret - key: VAULT_ADDR - secretName: molgenis-pipeline-vault-secret - secretKey: addr - helm: - Image: "lachlanevenson/k8s-helm" - ImageTag: "v2.10.0" - Command: cat - WorkingDir: /home/jenkins - TTY: true - NodeSelector: { - deployPod: "true" - } - node: - Label: node-carbon - NodeUsageMode: EXCLUSIVE - Containers: - node: - Image: "registry.webhosting.rug.nl/molgenis/node" - ImageTag: lts - AlwaysPullImage: true - Command: cat - WorkingDir: /home/jenkins - TTY: true - vault: - Image: "vault" - Command: cat - WorkingDir: /home/jenkins - TTY: true - EnvVars: - - type: Secret - key: VAULT_TOKEN - secretName: molgenis-pipeline-vault-secret - secretKey: token - - type: Secret - key: VAULT_SKIP_VERIFY - secretName: molgenis-pipeline-vault-secret - secretKey: skipVerify - - type: Secret - key: VAULT_ADDR - secretName: molgenis-pipeline-vault-secret - secretKey: addr - NodeSelector: { - deployPod: "true" - } - molgenis-it: - InheritFrom: molgenis - Label: molgenis-it - NodeUsageMode: EXCLUSIVE - Containers: - elasticsearch: - Image: docker.elastic.co/elasticsearch/elasticsearch - ImageTag: 5.5.3 - resources: - requests: - cpu: "100m" - memory: "1Gi" - limits: - cpu: "1" - memory: "1500Mi" - EnvVars: - - type: KeyValue - key: ES_JAVA_OPTS - value: "-Xms512m -Xmx512m" - - type: KeyValue - key: cluster.name - value: molgenis - - type: KeyValue - key: bootstrap.memory_lock - value: "true" - - type: KeyValue - key: xpack.security.enabled - value: "false" - - type: KeyValue - key: discovery.type - value: single-node - postgres: - Image: postgres - ImageTag: 9.6-alpine - resources: - requests: - cpu: "100m" - memory: "250Mi" - limits: - cpu: "1" - memory: "250Mi" - EnvVars: - - type: KeyValue - key: POSTGRES_USER - value: molgenis - - type: KeyValue - key: POSTGRES_PASSWORD - value: molgenis - - type: KeyValue - key: POSTGRES_DB - value: molgenis - opencpu: - Image: molgenis/opencpu - AlwaysPullImage: true - resources: - requests: - cpu: "100m" - memory: "256Mi" - limits: - cpu: "1" - memory: "512Mi" - NodeSelector: { - deployPod: "true" - } - -#secret contains configuration for the kubernetes secrets that jenkins can access -secret: - # vault configures the vault secret - vault: - token: xxxx - addr: "https://vault-operator.vault-operator.svc:8200" - skipVerify: "1" - # githubToken contains access token for jenkins bot account on github.com - gitHub: - user: "molgenis-jenkins" - token: xxxx - # gogs contains access token for jenkins bot account on RuG GoGs - gogs: - user: p281392 - token: xxxx - # registry contains credentials for registry.molgenis.org - registry: - user: admin - password: xxxx - # dockerHubPassword contains password for hub.docker.com - dockerHub: - user: molgenisci - password: xxxx \ No newline at end of file diff --git a/molgenis-nexus/README.md b/molgenis-nexus/README.md deleted file mode 100644 index bf174c5..0000000 --- a/molgenis-nexus/README.md +++ /dev/null @@ -1,69 +0,0 @@ -# MOLGENIS - NEXUS Helm Chart - -NEXUS repository for kubernetes to deploy on a kubernetes cluster with NFS-share - -## Chart Details - -This chart will deploy: - -- 1 NEXUS-nfs initialization container - - We need this container to avoid permission issues on the NEXUS docker -- 1 NEXUS container -- 1 MOLGENIS-httpd container (to proxy the registry and docker to one domain) - -## Backup restore -There are two steps in restoring the NEXUS. - -- Database -- Blobstore - -### Restore the database -Go to the commandline: - -```bash -kubectl get pv -``` - -```bash -| NAME | CAPACITY | ACCESS | MODES | RECLAIM | POLICY | STATUS | CLAIM | STORAGECLASS | REASON | AGE | -| ---- | -------- | ------ | ----- | ------- | ------ | ------ | ----- | ------------ | ------ | --- | -| pvc-45988f55-900f-11e8-a0b4-005056a51744 | 30G | RWX | | Retain | Bound | molgenis-nexus/molgenis-nfs-claim | nfs-provisioner-retain | | | 33d | -| pvc-3984723d-220f-14e8-a98a-skjhf88823kk | 30G | RWO | | Delete | Bound | molgenis-test/molgenis-nfs-claim | nfs-provisioner | | | 33d | -``` - -The persistent volume is the one in the molgenis-nexus namespace. - -Go to the NFS-provisioner to the path of the persistent volume: - -```bash -ls -t --full-time | head -7 | xargs cp ../restore-from-backup/ -``` - -### Restore the blobstore -You can copy the directory ```blobs``` to the target persistent volume ```/ blobs```. - -You can now bring the NEXUS back up. - -## Installing the Chart - -You can test in install the chart by executing: - -```helm lint .``` - -To test if your helm chart-syntax is right and: - -```helm install . --dry-run --debug``` - -To test if your hem chart works and: - -```helm install .``` - -To deploy it on the cluster. - -```curl -L -u xxxx:xxxx http://registry.molgenis.org/repository/helm/ --upload-file molgenis-x.x.x.tgz``` - -To push it to the registry - - - diff --git a/molgenis-opencpu/templates/deployment.yaml b/molgenis-opencpu/templates/deployment.yaml deleted file mode 100644 index b2b1cca..0000000 --- a/molgenis-opencpu/templates/deployment.yaml +++ /dev/null @@ -1,37 +0,0 @@ -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - {{- with .Values.ingress.annotations }} - annotations: -{{ toYaml . | indent 4 }} - {{- end }} - name: {{ template "opencpu.fullname" . }} - labels: - app: {{ template "opencpu.name" . }} - chart: {{ template "opencpu.chart" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ template "opencpu.name" . }} - release: {{ .Release.Name }} - template: - metadata: - labels: - app: {{ template "opencpu.name" . }} - release: {{ .Release.Name }} - spec: - containers: - {{- with .Values.opencpu }} - - name: {{ .name }} - image: "{{ .image.repository }}/{{ .image.name }}:{{ .image.tag }}" - imagePullPolicy: {{ .image.pullPolicy }} - ports: - - containerPort: {{ .service.port }} - {{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: -{{ toYaml . | indent 8 }} - {{- end }} diff --git a/molgenis-opencpu/values.yaml b/molgenis-opencpu/values.yaml deleted file mode 100644 index 0a1668a..0000000 --- a/molgenis-opencpu/values.yaml +++ /dev/null @@ -1,43 +0,0 @@ -# Default values for nexus. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -replicaCount: 1 - -environment: production - -opencpu: - name: opencpu - strategy: - type: Recreate - restartPolicy: Always - image: - repository: registry.hub.docker.com - name: molgenis/opencpu - tag: stable - pullPolicy: Always - service: - name: opencpu - type: LoadBalancer - port: 8004 - firewall: - - 145.100.224.1/24 - -ingress: - enabled: false - annotations: { - kubernetes.io/ingress.class: "nginx", - nginx.ingress.kubernetes.io/proxy-body-size: "0" - } - path: / - hosts: - - name: opencpu.molgenis.org - tls: [] - -nodeSelector: { - deployPod: "true" -} - -tolerations: [] - -affinity: {} diff --git a/molgenis-vault/README.md b/molgenis-vault/README.md deleted file mode 100644 index da2e77a..0000000 --- a/molgenis-vault/README.md +++ /dev/null @@ -1,52 +0,0 @@ -# MOLGENIS Vault helm chart - -This chart creates a vault operator, but NO vault. -The vault operator defines a new custom resource named `vault` that you can use to create vaults. - -After launching the operator, create the molgenis vault manually: -`kubectl create -f resources/vault.yaml` - -That creates a new vault with two vault pods. - -See https://github.com/coreos/vault-operator/blob/master/doc/user/vault.md - -## Parameters - -### Azure cloud credentials -Define credentials for backup to the Azure Blob Store. -See [etcd-operator documentation](https://github.com/coreos/etcd-operator/blob/master/doc/user/abs_backup.md). - -| Parameter | Description | Default | -| --------------- | ----------------------------- | ------------------ | -| `abs.account` | name of storage account | `fdlkops` | -| `abs.accessKey` | access key of storage account | `xxxx` | -| `abs.cloud` | name of cloud environment | `AzurePublicCloud` | - -### Backup job -Define the schedule of the backup job - -| Parameter | Description | Default | -| -------------------- | ---------------------------- | ------------- | -| `backupJob.enable` | Enable backup cronjob | `true` | -| `backupJob.schedule` | cron schedule for the backup | `0 12 * * 1` | - -### UI - -Parameter | Description | Default ---------- | ----------- | ------- -`ui.replicaCount` | desired number of Vault UI pod | `1` -`ui.image.repository` | Vault UI container image repository | `djenriquez/vault-ui` -`ui.image.tag` | Vault UI container image tag | `latest` -`ui.resources` | Vault UI pod resource requests & limits | `{}` -`ui.nodeSelector` | node labels for Vault UI pod assignment | `{deployPod: "true"}` -`ui.ingress.enabled` | If true, Vault UI Ingress will be created | `true` -`ui.ingress.annotations` | Vault UI Ingress annotations | `{}` -`ui.ingress.host` | Vault UI Ingress hostname | `vault.molgenis.org` -`ui.ingress.tls` | Vault UI Ingress TLS configuration (YAML) | `[]` -`ui.vault.url` | Vault UI default vault url | `https://vault.vault-operator:8200` -`ui.vault.auth` | Vault UI login method | `GITHUB` -`ui.service.name` | Vault UI service name | `vault-ui` -`ui.service.type` | type of ui service to create | `ClusterIP` -`ui.service.externalPort` | Vault UI service target port | `8000` -`ui.service.internalPort` | Vault UI container port | `8000` -`ui.service.nodePort` | Port to be used as the service NodePort (ignored if `server.service.type` is not `NodePort`) | `0` \ No newline at end of file diff --git a/molgenis-vault/values.yaml b/molgenis-vault/values.yaml deleted file mode 100644 index 16b76da..0000000 --- a/molgenis-vault/values.yaml +++ /dev/null @@ -1,86 +0,0 @@ -# Default values for molgenis-vault. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -# abs gives details of the credentials to reach the azure backup storage -abs: - # account is the name of the Storage account - account: fdlkops - # access key for the Storage account - accessKey: xxxx - # default cloud - cloud: AzurePublicCloud - -# backupjob describes the backup cronjob -backupJob: - # enable enables the backup job - enable: true - # schedule gives the cron schedule for the backup job - schedule: "0 12 * * 1" - -vault-operator: - nodeSelector: - deployPod: "true" - -### -# All of the config variables related to setting up the etcd-operator -# If you want more information about the variables exposed, please visit: -# https://github.com/kubernetes/charts/tree/master/stable/etcd-operator#configuration -### -etcd-operator: - deployments: - etcdOperator: true - backupOperator: true - restoreOperator: true - serviceAccount: - etcdOperatorServiceAccount: - create: true - backupOperatorServiceAccount: - create: true - restoreOperatorServiceAccount: - create: true - etcdOperator: - image: - tag: v0.9.2 - backupOperator: - image: - tag: v0.9.2 - restoreOperator: - image: - tag: v0.9.2 - nodeSelector: - deployPod: "true" - -ui: - name: "vault-ui" - replicaCount: 1 - image: - repository: djenriquez/vault-ui - tag: latest - service: - name: vault-ui - type: ClusterIP - externalPort: 8000 - internalPort: 8000 - # nodePort: 32001 - ingress: - enabled: true - # Used to create Ingress record (should used with service.type: ClusterIP). - host: vault.molgenis.org - - resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - #requests: - # cpu: 100m - # memory: 128Mi - nodeSelector: - deployPod: "true" - vault: - auth: GITHUB - url: https://vault.vault-operator:8200 \ No newline at end of file diff --git a/molgenis/values.yaml b/molgenis/values.yaml deleted file mode 100644 index 72241f7..0000000 --- a/molgenis/values.yaml +++ /dev/null @@ -1,102 +0,0 @@ -# Default values for molgenis. - -replicaCount: 1 - -service: - type: LoadBalancer - firewall: - enabled: false - kind: "umcg" - umcg: - rules: - - 127.0.0.1/32 - cluster: - rules: - - 127.0.0.1/32 - port: 8080 - -ingress: - enabled: true - annotations: - nginx.ingress.kubernetes.io/proxy-body-size: "0" - path: / - hosts: - - name: test.molgenis.org - tls: [] - -molgenis: - image: - repository: registry.hub.docker.com - name: molgenis/molgenis-app - tag: stable - pullPolicy: Always - adminPassword: - javaOpts: - maxHeapSpace: "1g" - resources: - limits: - cpu: 1 - memory: 1250Mi - requests: - cpu: 200m - memory: 1250Mi - persistence: - claim: molgenis-nfs-claim - size: 5Gi - services: - opencpu: - host: localhost - elasticsearch: - transportAddresses: localhost:9300 - clusterName: molgenis - postgres: - embedded: false - host: localhost - scheme: molgenis - user: molgenis - password: molgenis - -elasticsearch: - image: - repository: docker.elastic.co/elasticsearch/elasticsearch - tag: 5.5.3 - pullPolicy: IfNotPresent - javaOpts: "-Xms1g -Xmx1g" - clusterName: molgenis - resources: - limits: - cpu: 2 - memory: 3Gi - requests: - cpu: 100m - memory: 1Gi - persistence: - claim: elasticsearch-nfs-claim - size: 5Gi - -postgres: - image: - repository: postgres - tag: 9.6-alpine - pullPolicy: IfNotPresent - resources: - limits: - cpu: 1 - memory: 250Mi - requests: - cpu: 100m - memory: 250Mi - persistence: - claim: postgres-nfs-claim - size: 5Gi - -persistence: - enabled: true - retain: false - -nodeSelector: - deployPod: "true" - -tolerations: [] - -affinity: {}