From d7ee74647f4152669aea80052aad990cf10013f3 Mon Sep 17 00:00:00 2001 From: sido Date: Wed, 27 Jun 2018 15:17:32 +0200 Subject: [PATCH 01/11] mount the other work- directory --- README.md | 14 ++++++++++++++ .../templates/deployments/nexus-deployment.yaml | 2 ++ 2 files changed, 16 insertions(+) diff --git a/README.md b/README.md index 312383d..70131ce 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,14 @@ # MOLGENIS Helm templates +These are the Helm templates that we will use for MOLGENIS operations. There are some prerequisites you need. +- docker +- minikube + ## Useful commands for Kubernetes +Commands that can be used to get information from a kubernetes cluster + - kubectl get pods Gets alls running instances of containers from a certain deployment - kubectl get services @@ -14,6 +20,14 @@ - kubectl get deployments Gets all deployments (comparable with docker-compose) +When you want to see what is running on the clusters at the CIT you have to make a context switch. +You can access the cluster with kubeconfig-files. You can obtain these by downloading them from the +MOLGENIS kubernetes cluster. + +- Goto https://rancher.molgenis.org:7443 +- Goto + + ## Useful commands for Helm - helm install . diff --git a/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml b/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml index 32523d4..9d82b3e 100644 --- a/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml +++ b/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml @@ -34,4 +34,6 @@ spec: volumeMounts: - name: molgenis-nexus-data mountPath: "/nexus-data" + - name: molgenis-nexus-data + mountPath: "/sonatype-work" From 3fe04e53a7e19f65ab60a5d7ca3c9077bbeec408 Mon Sep 17 00:00:00 2001 From: sido Date: Wed, 27 Jun 2018 15:36:42 +0200 Subject: [PATCH 02/11] mount the other work- directory --- nexus/v0.1.x/templates/volumes/nexus-pv.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nexus/v0.1.x/templates/volumes/nexus-pv.yaml b/nexus/v0.1.x/templates/volumes/nexus-pv.yaml index 24b438c..a08d6ba 100644 --- a/nexus/v0.1.x/templates/volumes/nexus-pv.yaml +++ b/nexus/v0.1.x/templates/volumes/nexus-pv.yaml @@ -13,4 +13,4 @@ spec: persistentVolumeReclaimPolicy: Retain nfs: server: 192.168.64.12 - path: /gcc/molgenis/nexus-data + path: /gcc/molgenis/nexus From 3ba4162a59a362fb0a970242121a26740f1c13ae Mon Sep 17 00:00:00 2001 From: sido Date: Wed, 27 Jun 2018 15:40:57 +0200 Subject: [PATCH 03/11] mount the other work- directory --- nexus/v0.1.x/templates/deployments/nexus-deployment.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml b/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml index 9d82b3e..da4d1ee 100644 --- a/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml +++ b/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml @@ -34,6 +34,6 @@ spec: volumeMounts: - name: molgenis-nexus-data mountPath: "/nexus-data" - - name: molgenis-nexus-data - mountPath: "/sonatype-work" + securityContext: + fsGroup: 2000 From 98c030e937ec4f1e3939581ac08ff027b5246de9 Mon Sep 17 00:00:00 2001 From: sido Date: Wed, 27 Jun 2018 15:44:49 +0200 Subject: [PATCH 04/11] mount the other work- directory --- nexus/v0.1.x/templates/deployments/nexus-deployment.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml b/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml index da4d1ee..be2bcdf 100644 --- a/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml +++ b/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml @@ -19,6 +19,9 @@ spec: app: {{ .Values.nexus.name }} creationTimestamp: null spec: + securityContext: + runAsUser: 200 + fsGroup: 200 volumes: - name: molgenis-nexus-data persistentVolumeClaim: @@ -35,5 +38,5 @@ spec: - name: molgenis-nexus-data mountPath: "/nexus-data" securityContext: - fsGroup: 2000 + allowPrivilegeEscalation: false From eaf9219f76e9ee4b32a576a97a68adfe27e85926 Mon Sep 17 00:00:00 2001 From: sido Date: Wed, 27 Jun 2018 16:13:58 +0200 Subject: [PATCH 05/11] mount the other work- directory --- .../v0.1.x/templates/deployments/nexus-deployment.yaml | 10 +++++----- nexus/v0.1.x/templates/volumes/nexus-pv.yaml | 2 ++ 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml b/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml index be2bcdf..dd28a46 100644 --- a/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml +++ b/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml @@ -19,9 +19,9 @@ spec: app: {{ .Values.nexus.name }} creationTimestamp: null spec: - securityContext: - runAsUser: 200 - fsGroup: 200 +# securityContext: +# runAsUser: 200 +# fsGroup: 200 volumes: - name: molgenis-nexus-data persistentVolumeClaim: @@ -37,6 +37,6 @@ spec: volumeMounts: - name: molgenis-nexus-data mountPath: "/nexus-data" - securityContext: - allowPrivilegeEscalation: false +# securityContext: +# allowPrivilegeEscalation: false diff --git a/nexus/v0.1.x/templates/volumes/nexus-pv.yaml b/nexus/v0.1.x/templates/volumes/nexus-pv.yaml index a08d6ba..4eee738 100644 --- a/nexus/v0.1.x/templates/volumes/nexus-pv.yaml +++ b/nexus/v0.1.x/templates/volumes/nexus-pv.yaml @@ -2,6 +2,8 @@ apiVersion: v1 kind: PersistentVolume metadata: name: molgenis-nexus-data + annotations: + pv.beta.kubernetes.io/gid: "200" labels: name: nfs2 spec: From ed6c9613e010339138f1de6348919ba0aa4231d5 Mon Sep 17 00:00:00 2001 From: sido Date: Wed, 27 Jun 2018 16:23:48 +0200 Subject: [PATCH 06/11] mount the other work- directory --- .../v0.1.x/templates/deployments/nexus-deployment.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml b/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml index dd28a46..be2bcdf 100644 --- a/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml +++ b/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml @@ -19,9 +19,9 @@ spec: app: {{ .Values.nexus.name }} creationTimestamp: null spec: -# securityContext: -# runAsUser: 200 -# fsGroup: 200 + securityContext: + runAsUser: 200 + fsGroup: 200 volumes: - name: molgenis-nexus-data persistentVolumeClaim: @@ -37,6 +37,6 @@ spec: volumeMounts: - name: molgenis-nexus-data mountPath: "/nexus-data" -# securityContext: -# allowPrivilegeEscalation: false + securityContext: + allowPrivilegeEscalation: false From 5d4b6338282e765d88a0d610b59136811061595a Mon Sep 17 00:00:00 2001 From: sido Date: Wed, 27 Jun 2018 16:27:41 +0200 Subject: [PATCH 07/11] mount the other work- directory --- .../v0.1.x/templates/deployments/nexus-deployment.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml b/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml index be2bcdf..dd28a46 100644 --- a/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml +++ b/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml @@ -19,9 +19,9 @@ spec: app: {{ .Values.nexus.name }} creationTimestamp: null spec: - securityContext: - runAsUser: 200 - fsGroup: 200 +# securityContext: +# runAsUser: 200 +# fsGroup: 200 volumes: - name: molgenis-nexus-data persistentVolumeClaim: @@ -37,6 +37,6 @@ spec: volumeMounts: - name: molgenis-nexus-data mountPath: "/nexus-data" - securityContext: - allowPrivilegeEscalation: false +# securityContext: +# allowPrivilegeEscalation: false From 0c0f5fb61e4ce9eae9862f7057599e755ba180a8 Mon Sep 17 00:00:00 2001 From: sido Date: Wed, 27 Jun 2018 16:32:56 +0200 Subject: [PATCH 08/11] mount the other work- directory --- nexus/v0.1.x/templates/deployments/nexus-deployment.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml b/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml index dd28a46..84fddca 100644 --- a/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml +++ b/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml @@ -19,9 +19,9 @@ spec: app: {{ .Values.nexus.name }} creationTimestamp: null spec: -# securityContext: + securityContext: # runAsUser: 200 -# fsGroup: 200 + fsGroup: 200 volumes: - name: molgenis-nexus-data persistentVolumeClaim: From e410aad24d9b3e76e86b49635f55d2493ec70a3b Mon Sep 17 00:00:00 2001 From: sido Date: Wed, 27 Jun 2018 16:37:32 +0200 Subject: [PATCH 09/11] mount the other work- directory --- nexus/v0.1.x/templates/deployments/nexus-deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml b/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml index 84fddca..09fb0e0 100644 --- a/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml +++ b/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml @@ -20,7 +20,7 @@ spec: creationTimestamp: null spec: securityContext: -# runAsUser: 200 + runAsUser: 200 fsGroup: 200 volumes: - name: molgenis-nexus-data From 399abaf4f91483c526b36ad55afd943f3068d466 Mon Sep 17 00:00:00 2001 From: sido Date: Wed, 27 Jun 2018 17:00:10 +0200 Subject: [PATCH 10/11] volumes permissions --- .../templates/deployments/nexus-deployment.yaml | 12 +++++++----- nexus/v0.1.x/templates/volumes/nexus-pv.yaml | 2 -- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml b/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml index 09fb0e0..a94d79f 100644 --- a/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml +++ b/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml @@ -19,9 +19,6 @@ spec: app: {{ .Values.nexus.name }} creationTimestamp: null spec: - securityContext: - runAsUser: 200 - fsGroup: 200 volumes: - name: molgenis-nexus-data persistentVolumeClaim: @@ -29,6 +26,13 @@ spec: restartPolicy: {{ .Values.nexus.restartPolicy }} containers: - name: {{ .Values.nexus.name }} + initContainers: + - name: volume-mount-nexus + image: busybox + command: ["sh", "-c", "chown -R 200:200 /gcc/molgenis/nexus"] + volumeMounts: + - name: molgenis-nexus-data + mountPath: "/nexus-data" image: "{{ .Values.nexus.image.repository }}:{{ .Values.nexus.image.tag }}" imagePullPolicy: {{ .Values.nexus.image.pullPolicy }} ports: @@ -37,6 +41,4 @@ spec: volumeMounts: - name: molgenis-nexus-data mountPath: "/nexus-data" -# securityContext: -# allowPrivilegeEscalation: false diff --git a/nexus/v0.1.x/templates/volumes/nexus-pv.yaml b/nexus/v0.1.x/templates/volumes/nexus-pv.yaml index 4eee738..a08d6ba 100644 --- a/nexus/v0.1.x/templates/volumes/nexus-pv.yaml +++ b/nexus/v0.1.x/templates/volumes/nexus-pv.yaml @@ -2,8 +2,6 @@ apiVersion: v1 kind: PersistentVolume metadata: name: molgenis-nexus-data - annotations: - pv.beta.kubernetes.io/gid: "200" labels: name: nfs2 spec: From e3d48562bb3f49fa1807d78b92beea9dd803b136 Mon Sep 17 00:00:00 2001 From: sido Date: Wed, 27 Jun 2018 17:02:59 +0200 Subject: [PATCH 11/11] volumes permissions --- .../templates/deployments/nexus-deployment.yaml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml b/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml index a94d79f..c6b9866 100644 --- a/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml +++ b/nexus/v0.1.x/templates/deployments/nexus-deployment.yaml @@ -24,15 +24,15 @@ spec: persistentVolumeClaim: claimName: molgenis-nexus-data restartPolicy: {{ .Values.nexus.restartPolicy }} + initContainers: + - name: volume-mount-nexus + image: busybox + command: ["sh", "-c", "chown -R 200:200 /gcc/molgenis/nexus"] + volumeMounts: + - name: molgenis-nexus-data + mountPath: "/nexus-data" containers: - name: {{ .Values.nexus.name }} - initContainers: - - name: volume-mount-nexus - image: busybox - command: ["sh", "-c", "chown -R 200:200 /gcc/molgenis/nexus"] - volumeMounts: - - name: molgenis-nexus-data - mountPath: "/nexus-data" image: "{{ .Values.nexus.image.repository }}:{{ .Values.nexus.image.tag }}" imagePullPolicy: {{ .Values.nexus.image.pullPolicy }} ports: