1
0

Compare commits

..

20 Commits

Author SHA1 Message Date
Fleur Kelpin
a9571dbdcb Merge branch 'master' of https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm into chore/jenkins-gitsource 2018-09-27 16:20:41 +02:00
Sido Haakma
364fe53114 Merge branch 'chore/upgrade-jenkins' of P129679/molgenis-ops-docker-helm into master 2018-09-27 16:10:52 +02:00
Sido Haakma
4f9c9866cf Merge branch 'fix/75' of P129679/molgenis-ops-docker-helm into master 2018-09-27 16:10:03 +02:00
Fleur Kelpin
525847fdf5 fix(molgenis): Recreate pods upon upgrade
The default upgrade strategy would cause multiple instances of MOLGENIS to run on the same database.
Use Recreate strategy instead.

Fixes #75
2018-09-27 11:46:11 +02:00
Fleur Kelpin
3ae115c429 chore(molgenis-jenkins): Upgrade chart version 2018-09-27 11:26:25 +02:00
Fleur Kelpin
76b39cc236 chore(molgenis-jenkins): Upgrade plugins 2018-09-27 11:21:34 +02:00
Fleur Kelpin
0a328dd9d3 chore(molgenis-jenkins): Upgrade jenkins to 0.18.0 2018-09-27 11:01:41 +02:00
Fleur Kelpin
5760171c4b Merge branch 'use-molgenis-prod-in-helm' of p281392/molgenis-ops-docker-helm into master 2018-09-26 18:05:06 +02:00
Fleur Kelpin
e192f5819a Merge branch 'add-skip-build-config' of p281392/molgenis-ops-docker-helm into master 2018-09-26 18:00:56 +02:00
sido
aaad66b40f updated pvc creation of postgres 2018-09-26 17:39:47 +02:00
sido
b201117f9a updated pvc initialization 2018-09-26 17:27:45 +02:00
sido
74a87892fb bumped patch version 2018-09-26 17:18:33 +02:00
sido
6f995f45bd updated postgres instances and firewall configuration 2018-09-26 16:52:06 +02:00
Fleur Kelpin
35c7fd79af Merge branch 'implement-nfs-provisioning-nexus' of p281392/molgenis-ops-docker-helm into master 2018-09-26 16:34:34 +02:00
sido
039c9993f6 fix for postgres volume mount, not available when persistence is not enabled 2018-09-26 16:30:33 +02:00
sido
d4d9d5931d added embedded containers 2018-09-26 16:09:20 +02:00
sido
f10b8d7ea8 updated production chart and removed preview chart 2018-09-26 16:04:22 +02:00
sido
a4c4d19fe2 renamed service again 2018-09-20 16:54:34 +02:00
sido
d0c9c91ff3 updated nexus to connect to nfs provisioning 2018-09-20 16:50:46 +02:00
sido
7c9a7a143b add plugin for skipping build after release 2018-08-10 08:20:46 +02:00
36 changed files with 347 additions and 1623 deletions

View File

@ -104,6 +104,7 @@ This repository is serves also as a catalogue for Rancher. We have serveral apps
- [Jenkins](molgenis-jenkins/README.md) - [Jenkins](molgenis-jenkins/README.md)
- [NEXUS](molgenis-nexus/README.md) - [NEXUS](molgenis-nexus/README.md)
- [HTTPD](molgenis-httpd/README.md) - [HTTPD](molgenis-httpd/README.md)
- [MOLGENIS](molgenis/README.md)
- [MOLGENIS preview](molgenis-preview/README.md) - [MOLGENIS preview](molgenis-preview/README.md)
- [MOLGENIS vault](molgenis-vault/README.md) - [MOLGENIS vault](molgenis-vault/README.md)
@ -122,6 +123,26 @@ You can you need to know to easily develop and deploy helm-charts
Do it in the root of the project where the Chart.yaml is located Do it in the root of the project where the Chart.yaml is located
It installs a release of a kubernetes stack. You also store this as an artifact in a kubernetes repository It installs a release of a kubernetes stack. You also store this as an artifact in a kubernetes repository
- ```helm package .```
You can create a package which can be uploaded in the molgenis helm repository
- ```helm publish```
You still have to create an ```index.yaml``` for the chart. You can do this by executing this command: ```helm repo index #directory name of helm chart#```
Then you can upload it by executing:
- ```curl -v --user #username#:#password# --upload-file index.yaml https://registry.molgenis.org/repository/helm/#chart name#/index.yml```
- ```curl -v --user #username#:#password# --upload-file #chart name#-#version#.tgz https://registry.molgenis.org/repository/helm/#chart name#/#chart name#-#version#.tgz```
Now you have to add the repository locally to use in your ```requirements.yaml```.
- ```helm repo add #repository name# https://registry.molgenis.org/repository/helm/molgenis```
- ```helm dep build```
You can build your dependencies (create a ```charts``` directory and install the chart in it) of the helm-chart.
- ```helm list``` - ```helm list```
Lists all installed releases Lists all installed releases

View File

@ -1,6 +1,6 @@
name: molgenis-jenkins name: molgenis-jenkins
home: https://jenkins.io/ home: https://jenkins.io/
version: 0.7.0 version: 0.7.1
appVersion: 2.121 appVersion: 2.121
description: Molgenis installation for the jenkins chart. description: Molgenis installation for the jenkins chart.
sources: sources:

Binary file not shown.

View File

@ -1,6 +1,6 @@
dependencies: dependencies:
- name: jenkins - name: jenkins
repository: https://kubernetes-charts.storage.googleapis.com/ repository: https://kubernetes-charts.storage.googleapis.com/
version: 0.16.4 version: 0.18.0
digest: sha256:39f694515489598fa545c9a5a4f1347749e8f2a8d7fae6ccae3e2acae1564685 digest: sha256:39f694515489598fa545c9a5a4f1347749e8f2a8d7fae6ccae3e2acae1564685
generated: 2018-06-27T14:36:23.172954738+02:00 generated: 2018-09-27T11:00:15.795416984+02:00

View File

@ -3,17 +3,17 @@ jenkins:
HostName: jenkins.molgenis.org HostName: jenkins.molgenis.org
ServiceType: ClusterIP ServiceType: ClusterIP
InstallPlugins: InstallPlugins:
- kubernetes:1.12.0 - kubernetes:1.12.6
- workflow-aggregator:2.5 - workflow-aggregator:2.5
- workflow-job:2.21 - workflow-job:2.25
- credentials-binding:1.16 - credentials-binding:1.16
- git:3.9.1 - git:3.9.1
- github-branch-source:2.3.6 - github-branch-source:2.3.6
- kubernetes-credentials-provider:0.9 - kubernetes-credentials-provider:0.10
- blueocean:1.6.2 - blueocean:1.8.3
- github-oauth:0.29 - github-oauth:0.29
- gogs-webhook:1.0.14 - gogs-webhook:1.0.14
- sauce-ondemand:1.176 - github-scm-trait-commit-skip:0.1.1
Security: Security:
UseGitHub: false UseGitHub: false
GitHub: GitHub:
@ -82,6 +82,7 @@ jenkins:
<strategyId>1</strategyId> <strategyId>1</strategyId>
<trust class="org.jenkinsci.plugins.github_branch_source.ForkPullRequestDiscoveryTrait$TrustPermission"/> <trust class="org.jenkinsci.plugins.github_branch_source.ForkPullRequestDiscoveryTrait$TrustPermission"/>
</org.jenkinsci.plugins.github__branch__source.ForkPullRequestDiscoveryTrait> </org.jenkinsci.plugins.github__branch__source.ForkPullRequestDiscoveryTrait>
<org.jenkinsci.plugins.scm__filter.GitHubCommitSkipTrait plugin="github-scm-trait-commit-skip@0.1.1"/>
<jenkins.plugins.git.traits.LocalBranchTrait plugin="git@3.9.1"> <jenkins.plugins.git.traits.LocalBranchTrait plugin="git@3.9.1">
<extension class="hudson.plugins.git.extensions.impl.LocalBranch"> <extension class="hudson.plugins.git.extensions.impl.LocalBranch">
<localBranch>**</localBranch> <localBranch>**</localBranch>

View File

@ -1,34 +0,0 @@
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
creationTimestamp: null
name: {{ .Values.httpd.name }}
labels:
app: {{ .Values.httpd.name }}
environment: {{ .Values.environment }}
spec:
replicas: {{ .Values.replicaCount }}
strategy:
type: {{ .Values.httpd.strategy.type }}
selector:
matchLabels:
app: {{ .Values.httpd.selector }}
template:
metadata:
labels:
app: {{ .Values.httpd.name }}
creationTimestamp: null
spec:
restartPolicy: {{ .Values.httpd.restartPolicy }}
containers:
- name: {{ .Values.httpd.name }}
image: "{{ .Values.httpd.image.repository }}:{{ .Values.httpd.image.tag }}"
imagePullPolicy: {{ .Values.httpd.image.pullPolicy }}
env:
- name: PROXY_SERVICE
value: "{{ .Values.nexus.name }}:{{ .Values.nexus.port.ui }},{{ .Values.nexus.name }}:{{ .Values.nexus.port.docker }}:{{ .Values.nexus.path.dockerV2 }}"
- name: SERVER_NAME
value: {{ .Values.httpd.hostname }}
ports:
- containerPort: {{ .Values.httpd.port }}
resources: {}

View File

@ -19,26 +19,40 @@ spec:
app: {{ .Values.nexus.name }} app: {{ .Values.nexus.name }}
creationTimestamp: null creationTimestamp: null
spec: spec:
volumes:
- name: {{ .Values.persistence.name }}
persistentVolumeClaim:
claimName: {{ .Values.persistence.name }}
restartPolicy: {{ .Values.nexus.restartPolicy }} restartPolicy: {{ .Values.nexus.restartPolicy }}
initContainers:
- name: volume-mount-nexus
image: busybox
command: ["sh", "-c", "chown -R 200:200 {{ .Values.persistence.mountPath }}"]
volumeMounts:
- name: {{ .Values.persistence.name }}
mountPath: "{{ .Values.persistence.mountPath }}"
containers: containers:
- name: {{ .Values.nexus.name }} - name: {{ .Values.nexus.name }}
image: "{{ .Values.nexus.image.repository }}:{{ .Values.nexus.image.tag }}" image: "{{ .Values.nexus.image.repository }}:{{ .Values.nexus.image.tag }}"
imagePullPolicy: {{ .Values.nexus.image.pullPolicy }} imagePullPolicy: {{ .Values.nexus.image.pullPolicy }}
ports: ports:
- containerPort: {{ .Values.nexus.port.ui }} - containerPort: {{ .Values.nexus.port.ui }}
- containerPort: {{ .Values.nexus.port.docker }} - containerPort: {{ .Values.nexus.port.docker }}
volumeMounts: volumeMounts:
- name: {{ .Values.persistence.name }} - name: molgenis-nexus-nfs
mountPath: "/nexus-data" mountPath: "/nexus-data"
livenessProbe:
httpGet:
path: /
port: {{ .Values.nexus.port.ui }}
initialDelaySeconds: 90
periodSeconds: 20
failureThreshold: 5
successThreshold: 1
readinessProbe:
httpGet:
path: /
port: {{ .Values.nexus.port.ui }}
initialDelaySeconds: 90
periodSeconds: 5
failureThreshold: 5
successThreshold: 1
volumes:
- name: molgenis-nexus-nfs
persistentVolumeClaim:
claimName: {{ .Values.persistence.claim }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{ toYaml . | indent 8 }}
{{- end }}

View File

@ -0,0 +1,55 @@
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
creationTimestamp: null
name: {{ .Values.nexusProxy.name }}
labels:
app: {{ .Values.nexusProxy.name }}
environment: {{ .Values.environment }}
spec:
replicas: {{ .Values.replicaCount }}
strategy:
type: {{ .Values.nexusProxy.strategy.type }}
selector:
matchLabels:
app: {{ .Values.nexusProxy.selector }}
template:
metadata:
labels:
app: {{ .Values.nexusProxy.name }}
creationTimestamp: null
spec:
restartPolicy: {{ .Values.nexusProxy.restartPolicy }}
containers:
- name: {{ .Values.nexusProxy.name }}
image: "{{ .Values.nexusProxy.image.repository }}:{{ .Values.nexusProxy.image.tag }}"
imagePullPolicy: {{ .Values.nexusProxy.image.pullPolicy }}
env:
- name: PROXY_SERVICE
value: "{{ .Values.nexus.name }}:{{ .Values.nexus.port.ui }},{{ .Values.nexus.name }}:{{ .Values.nexus.port.docker }}:{{ .Values.nexus.path.dockerV2 }}"
- name: SERVER_NAME
value: {{ .Values.nexusProxy.hostname }}
ports:
- containerPort: {{ .Values.nexusProxy.port }}
resources: {}
livenessProbe:
httpGet:
path: /
port: {{ .Values.nexusProxy.port }}
initialDelaySeconds: 90
periodSeconds: 5
failureThreshold: 5
successThreshold: 1
readinessProbe:
httpGet:
path: /
port: {{ .Values.nexusProxy.port }}
initialDelaySeconds: 90
periodSeconds: 5
failureThreshold: 5
successThreshold: 1
{{- with .Values.nodeSelector }}
nodeSelector:
{{ toYaml . | indent 8 }}
{{- end }}

View File

@ -25,8 +25,8 @@ spec:
paths: paths:
- path: {{ default "/" .path }} - path: {{ default "/" .path }}
backend: backend:
serviceName: httpd serviceName: {{ $.Values.nexusProxy.name }}
servicePort: 80 servicePort: {{ $.Values.nexusProxy.port }}
{{- if .tls }} {{- if .tls }}
tls: tls:
- hosts: - hosts:

View File

@ -0,0 +1,15 @@
{{- if .Values.persistence.enabled -}}
apiVersion: extensions/v1beta1
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ .Values.persistence.claim }}
annotations:
volume.beta.kubernetes.io/storage-class: "nfs-provisioner-retain"
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: {{ .Values.persistence.size }}
{{- end }}

View File

@ -1,13 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ .Values.httpd.name }}
labels:
app: {{ .Values.httpd.name }}
spec:
type: {{ .Values.httpd.service.type }}
ports:
- name: {{ .Values.httpd.name }}
port: {{ .Values.httpd.port }}
selector:
app: {{ .Values.httpd.selector }}

View File

@ -0,0 +1,13 @@
apiVersion: v1
kind: Service
metadata:
name: {{ .Values.nexusProxy.name }}
labels:
app: {{ .Values.nexusProxy.name }}
spec:
type: {{ .Values.nexusProxy.service.type }}
ports:
- name: {{ .Values.nexusProxy.name }}
port: {{ .Values.nexusProxy.port }}
selector:
app: {{ .Values.nexusProxy.selector }}

View File

@ -1,16 +0,0 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: {{ .Values.persistence.name }}
labels:
name: nfs2
spec:
storageClassName: {{ .Values.persistence.storageClass }}
capacity:
storage: {{ .Values.persistence.size }}
accessModes:
- {{ .Values.persistence.accessMode }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.reclaimPolicy }}
nfs:
server: {{ .Values.persistence.server }}
path: {{ .Values.persistence.mountPath }}

View File

@ -1,11 +0,0 @@
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ .Values.persistence.name }}
spec:
storageClassName: {{ .Values.persistence.storageClass }}
accessModes:
- {{ .Values.persistence.accessMode }}
resources:
requests:
storage: {{ .Values.persistence.size }}

View File

@ -24,12 +24,12 @@ nexus:
service: service:
type: ClusterIP type: ClusterIP
httpd: nexusProxy:
name: httpd name: nexus-proxy
hostname: registry.molgenis.org hostname: registry.molgenis.org
strategy: strategy:
type: Recreate type: Recreate
selector: httpd selector: nexus-proxy
restartPolicy: Always restartPolicy: Always
image: image:
repository: registry.webhosting.rug.nl/molgenis/httpd repository: registry.webhosting.rug.nl/molgenis/httpd
@ -43,39 +43,22 @@ httpd:
ingress: ingress:
enabled: true enabled: true
annotations: {} annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
path: / path: /
hosts: hosts:
- name: registry.molgenis.org - name: registry.molgenis.org
tls: [] tls: []
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
persistence: persistence:
name: molgenis-nexus-data enabled: true
storageClass: nfs-class claim: molgenis-nexus
size: 30G size: 500Gi
reclaimPolicy: Retain
server: 192.168.64.12
accessMode: ReadWriteMany
mountPath: /gcc/molgenis/nexus
resources: {} resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
nodeSelector: {} nodeSelector: {
deployPod: "true"
}
tolerations: [] tolerations: []

View File

@ -8,7 +8,7 @@ questions:
description: "Enable ingress" description: "Enable ingress"
type: boolean type: boolean
required: true required: true
group: "Loadbalancing" group: "Load balancing"
- variable: opencpu.image.repository - variable: opencpu.image.repository
label: Registry label: Registry
default: "registry.hub.docker.com" default: "registry.hub.docker.com"

View File

@ -1,21 +0,0 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj

View File

@ -1,8 +0,0 @@
apiVersion: v1
appVersion: "1.0"
description: MOLGENIS - helm stack for testing purposes
name: molgenis-preview
version: 0.2.0
sources:
- https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm.git
icon: https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm/raw/master/molgenis-preview/catalogIcon-molgenis.svg

View File

@ -1,16 +0,0 @@
# MOLGENIS preview
This chart is used for testing purposes. It can be used by data managers or developers to test MOLGENIS (e.g. integration testing).
## Containers
This chart spins up a complete stack to run MOLGENIS. The created containers are:
- MOLGENIS
- PostgreSQL
- Elasticsearch
- OpenCPU
## Rancher
You can spin up a test instance by navigating to https://rancher.molgenis.org:7777 and login with your LDAP-account.
Go to the test-environment and click on "Launch". Search for MOLGENIS.

File diff suppressed because it is too large Load Diff

Before

Width:  |  Height:  |  Size: 77 KiB

View File

@ -1,61 +0,0 @@
categories:
- MOLGENIS
questions:
- variable: ingress.hosts[0].name
default: "test.molgenis.org"
description: "Hostname for your stack"
type: hostname
required: true
group: "Services and Load Balancing"
label: Hostname
- variable: molgenis.image.repository
default: "registry.hub.docker.com"
description: "Select a registry to pull from"
type: enum
options:
- "registry.hub.docker.com"
- "registry.molgenis.org"
required: true
group: "MOLGENIS - Version"
label: Registry
- variable: molgenis.image.tag
default: "stable"
description: "Select a MOLGENIS version (check the registry.molgenis.org or hub.docker.com for other tags)"
type: string
required: true
group: "MOLGENIS - Version"
label: Version
- variable: molgenis.resources.limits.cpu
default: 1
description: "CPU limit for this MOLGENIS instance"
type: enum
options:
- "1"
- "2"
- "3"
- "4"
required: true
group: "MOLGENIS - Resource limits"
label: CPU limit
- variable: molgenis.resources.limits.memory
default: 1250Mi
description: "Memory limit for this MOLGENIS instance"
type: enum
options:
- "1250Mi"
- "1500Mi"
- "2000Mi"
- "2500Mi"
required: true
group: "MOLGENIS - Resource limits"
label: Memory limit
- variable: molgenis.javaOpts
default: "-Xmx1g -XX:+UseConcMarkSweepGC -XX:+CMSClassUnloadingEnabled"
description: "Java runtime options for the MOLGENIS instance"
type: enum
options:
- "-Xmx1g -XX:+UseConcMarkSweepGC -XX:+CMSClassUnloadingEnabled"
- "-Xmx2g -XX:+UseConcMarkSweepGC -XX:+CMSClassUnloadingEnabled"
group: "MOLGENIS - Resource limits"
label: Java memory options

View File

@ -1,19 +0,0 @@
1. Get the application URL by running these commands:
{{- if .Values.ingress.enabled }}
{{- range .Values.ingress.hosts }}
http{{ if $.Values.ingress.tls }}s{{ end }}://{{ . }}{{ $.Values.ingress.path }}
{{- end }}
{{- else if contains "NodePort" .Values.service.type }}
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "molgenis.fullname" . }})
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
{{- else if contains "LoadBalancer" .Values.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status of by running 'kubectl get svc -w {{ template "molgenis.fullname" . }}'
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "molgenis.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
echo http://$SERVICE_IP:{{ .Values.service.port }}
{{- else if contains "ClusterIP" .Values.service.type }}
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "molgenis.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
echo "Visit http://127.0.0.1:8080 to use your application"
kubectl port-forward $POD_NAME 8080:80
{{- end }}

View File

@ -1,32 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "molgenis.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "molgenis.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "molgenis.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}

View File

@ -1,124 +0,0 @@
apiVersion: apps/v1beta2
kind: Deployment
metadata:
{{- with .Values.ingress.annotations }}
annotations:
{{ toYaml . | indent 4 }}
{{- end }}
name: {{ template "molgenis.fullname" . }}
labels:
app: {{ template "molgenis.name" . }}
chart: {{ template "molgenis.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
app: {{ template "molgenis.name" . }}
release: {{ .Release.Name }}
template:
metadata:
labels:
app: {{ template "molgenis.name" . }}
release: {{ .Release.Name }}
spec:
containers:
- name: molgenis
{{- with .Values.molgenis }}
image: "{{ .image.repository }}/{{ .image.name }}:{{ .image.tag }}"
imagePullPolicy: {{ .image.pullPolicy }}
env:
- name: molgenis.home
value: /home/molgenis
- name: opencpu.uri.host
value: localhost
- name: elasticsearch.transport.addresses
value: localhost:9300
- name: elasticsearch.cluster.name
value: {{ $.Values.elasticsearch.clusterName }}
- name: db_uri
value: "jdbc:postgresql://localhost/{{ $.Values.postgres.db }}"
- name: db_user
value: {{ $.Values.postgres.user }}
- name: db_password
value: {{ $.Values.postgres.password }}
- name: admin.password
value: {{ .adminPassword }}
- name: CATALINA_OPTS
value: "{{ .javaOpts }}"
ports:
- containerPort: 8080
# livenessProbe:
# httpGet:
# path: /
# port: 8080
# readinessProbe:
# httpGet:
# path: /api/v2/version
# port: 8080
resources:
{{ toYaml .resources | indent 12 }}
{{- end }}
- name: elasticsearch
{{- with .Values.elasticsearch }}
image: "{{ .image.repository }}:{{ .image.tag }}"
imagePullPolicy: {{ .image.pullPolicy }}
env:
- name: cluster.name
value: {{ .clusterName }}
- name: bootstrap.memory_lock
value: "true"
- name: ES_JAVA_OPTS
value: "{{ .javaOpts }}"
- name: xpack.security.enabled
value: "false"
- name: discovery.type
value: single-node
ports:
- containerPort: 9200
- containerPort: 9300
resources:
{{ toYaml .resources | indent 12 }}
{{- end }}
- name: postgres
{{- with .Values.postgres }}
image: "{{ .image.repository }}:{{ .image.tag }}"
imagePullPolicy: {{ .image.pullPolicy }}
env:
- name: POSTGRES_USER
value: {{ .user }}
- name: POSTGRES_PASSWORD
value: {{ .password }}
- name: POSTGRES_DB
value: {{ .db }}
ports:
- containerPort: 5432
resources:
{{ toYaml .resources | indent 12 }}
{{- end }}
- name: opencpu
{{- with .Values.opencpu }}
image: "{{ .image.repository }}:{{ .image.tag }}"
imagePullPolicy: {{ .image.pullPolicy }}
ports:
- containerPort: 8004
resources:
{{ toYaml .resources | indent 12 }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{ toYaml . | indent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}

View File

@ -1,38 +0,0 @@
{{- if .Values.ingress.enabled -}}
{{- $fullName := include "molgenis.fullname" . -}}
{{- $ingressPath := .Values.ingress.path -}}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ $fullName }}
labels:
app: {{ template "molgenis.name" . }}
chart: {{ template "molgenis.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
{{- with .Values.ingress.annotations }}
annotations:
{{ toYaml . | indent 4 }}
{{- end }}
spec:
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.ingress.hosts }}
- host: {{ .name }}
http:
paths:
- path: {{ $ingressPath }}
backend:
serviceName: {{ $fullName }}
servicePort: 8080
{{- end }}
{{- end }}

View File

@ -1,17 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ template "molgenis.fullname" . }}
labels:
app: {{ template "molgenis.name" . }}
chart: {{ template "molgenis.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
type: {{ .Values.service.type }}
ports:
- name: molgenis
port: {{ .Values.service.port }}
selector:
app: {{ template "molgenis.name" . }}
release: {{ .Release.Name }}

View File

@ -1,82 +0,0 @@
# Default values for molgenis.
replicaCount: 1
service:
type: LoadBalancer
port: 8080
ingress:
enabled: true
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: "0"
path: /
hosts:
- name: test.molgenis.org
tls: []
molgenis:
image:
repository: registry.molgenis.org
name: molgenis/molgenis-app
tag: 7.0.0-SNAPSHOT
pullPolicy: Always
adminPassword: admin
javaOpts: "-Xmx1g -XX:+UseConcMarkSweepGC -XX:+CMSClassUnloadingEnabled"
resources:
limits:
cpu: 1
memory: 1250Mi
requests:
cpu: 200m
memory: 1Gi
postgres:
image:
repository: postgres
tag: 9.6-alpine
pullPolicy: IfNotPresent
user: molgenis
password: molgenis
db: molgenis
resources:
limits:
cpu: 1
memory: 250Mi
requests:
cpu: 100m
memory: 250Mi
elasticsearch:
image:
repository: docker.elastic.co/elasticsearch/elasticsearch
tag: 5.5.3
pullPolicy: IfNotPresent
javaOpts: "-Xms512m -Xmx512m"
clusterName: molgenis
resources:
limits:
cpu: 1
memory: 1500Mi
requests:
cpu: 100m
memory: 1Gi
opencpu:
image:
repository: molgenis/opencpu
tag: latest
pullPolicy: Always
resources:
limits:
cpu: 1
memory: 512Mi
requests:
cpu: 100m
memory: 256Mi
nodeSelector: {}
tolerations: []
affinity: {}

View File

@ -1,8 +1,8 @@
apiVersion: v1 apiVersion: v1
appVersion: "1.0" appVersion: "1.0"
description: MOLGENIS - helm stack (in BETA) description: MOLGENIS - helm stack (in BETA)
name: molgenis-beta name: molgenis
version: 0.3.0 version: 0.4.3
sources: sources:
- https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm.git - https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm.git
icon: https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm/raw/master/molgenis/catalogIcon-molgenis.svg icon: https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm/raw/master/molgenis/catalogIcon-molgenis.svg

View File

@ -5,6 +5,8 @@ This chart is used for acceptance and production use cases.
This chart spins up a MOLGENIS instance with HTTPD. The created containers are: This chart spins up a MOLGENIS instance with HTTPD. The created containers are:
- MOLGENIS - MOLGENIS
- ElasticSearch
- PostgreSQL **(optional)**
## Provisioning ## Provisioning
You can choose from which registry you want to pull. There are 2 registries: You can choose from which registry you want to pull. There are 2 registries:
@ -21,6 +23,19 @@ The three properties you need to specify are:
Besides determining which image you want to pull, you also have to set an administrator password. You can do this by specifying the following property. Besides determining which image you want to pull, you also have to set an administrator password. You can do this by specifying the following property.
- ```molgenis.adminPassword``` - ```molgenis.adminPassword```
### Firewall
Is defined at service level you can specify this attribute in the values:
- ```molgenis.firewall.enabled``` default 'false'
If set to 'true' the following options are available. One of the options below has to be set.
- ```molgenis.firewall.umcg.enabled``` default 'false'
- ```molgenis.firewall.cluster.enabled``` default 'false'
UMCG = only available within the UMCG.
Cluster = only available within the GCC cluster environment.
## Services ## Services
When you start MOLGENIS you need: When you start MOLGENIS you need:
- an elasticsearch instance (5.5.6) - an elasticsearch instance (5.5.6)
@ -82,15 +97,16 @@ Select the resources you need dependant on the customer you need to serve.
## Persistence ## Persistence
You can enable persistence on your MOLGENIS stack by specifying the following property. You can enable persistence on your MOLGENIS stack by specifying the following property.
- ```persistence.enabled``` - ```persistence.enabled``` default 'true'
You can also choose to retain the volume of the NFS. You can also choose to retain the volume of the NFS.
- ```persistence.retain``` - ```persistence.retain``` default 'false'
The size and claim name can be specified per service. There are now two services that can be persist. The size and claim name can be specified per service. There are now two services that can be persist.
- MOLGENIS - MOLGENIS
- ElasticSearch - ElasticSearch
- PostgreSQL **(optional)**
MOLGENIS persistent properties. MOLGENIS persistent properties.
- ```molgenis.persistence.claim``` - ```molgenis.persistence.claim```
@ -100,6 +116,9 @@ ElasticSearch persistent properties.
- ```elasticsearch.persistence.claim``` - ```elasticsearch.persistence.claim```
- ```elasticsearch.persistence.size``` - ```elasticsearch.persistence.size```
PostgreSQL persistent properties.
- ```postgres.persistence.claim```
- ```postgres.persistence.size```
### Resolve you persistent volume ### Resolve you persistent volume
You do not know which volume is attached to your MOLGENIS instance. You can resolve this by executing: You do not know which volume is attached to your MOLGENIS instance. You can resolve this by executing:
@ -116,7 +135,4 @@ You can now view the persistent volume claims and the attached volumes.
| pvc-3984723d-220f-14e8-a98a-skjhf88823kk | 30G | RWO | | Delete | Bound | molgenis-test/molgenis-nfs-claim | nfs-provisioner | | | 33d | | pvc-3984723d-220f-14e8-a98a-skjhf88823kk | 30G | RWO | | Delete | Bound | molgenis-test/molgenis-nfs-claim | nfs-provisioner | | | 33d |
You see the ```molgenis-test/molgenis-nfs-claim``` is bound to the volume: ```pvc-3984723d-220f-14e8-a98a-skjhf88823kk```. You see the ```molgenis-test/molgenis-nfs-claim``` is bound to the volume: ```pvc-3984723d-220f-14e8-a98a-skjhf88823kk```.
When you want to view the data in the this volume you can go to the nfs-provisioning pod and execute the shell. Go to the directory ```export``` and lookup the directory ```pvc-3984723d-220f-14e8-a98a-skjhf88823kk```. When you want to view the data in the this volume you can go to the nfs-provisioning pod and execute the shell. Go to the directory ```export``` and lookup the directory ```pvc-3984723d-220f-14e8-a98a-skjhf88823kk```.
## Firewall
Is defined at cluster level. This chart does not facilitate firewall configuration.

View File

@ -8,7 +8,7 @@ questions:
description: "Hostname for your stack" description: "Hostname for your stack"
type: hostname type: hostname
required: true required: true
group: "Load Balancing" group: "Load balancing"
- variable: molgenis.image.repository - variable: molgenis.image.repository
label: Registry label: Registry
default: "registry.hub.docker.com" default: "registry.hub.docker.com"
@ -33,6 +33,24 @@ questions:
type: password type: password
required: true required: true
group: "Provisioning" group: "Provisioning"
- variable: service.firewall.enabled
label: Firewall enabled
default: false
description: "Firewall enabled (can be cluster or UMCG scoped)"
type: boolean
required: true
group: "Provisioning"
show_subquestion_if: true
subquestions:
- variable: service.firewall.kind
default: "umcg"
description: "Firewall kind. This can be 'umcg' or 'cluster' environment"
type: enum
required: true
options:
- umcg
- cluster
label: Firewall kind
- variable: molgenis.services.opencpu.host - variable: molgenis.services.opencpu.host
label: OpenCPU cluster label: OpenCPU cluster
default: "localhost" default: "localhost"
@ -40,34 +58,43 @@ questions:
type: string type: string
required: true required: true
group: "Services" group: "Services"
- variable: molgenis.services.postgres.host - variable: molgenis.services.postgres.embedded
label: Postgres cluster location label: Postgres embedded
default: "postgresql.molgenis-postgresql.svc" default: false
description: "Set the location of the postgres cluster" description: "Do you want an embedded postgres"
type: string type: boolean
required: true
group: "Services"
- variable: molgenis.services.postgres.scheme
label: Database scheme
default: "molgenis"
description: "Set the database scheme"
type: string
required: true
group: "Services"
- variable: molgenis.services.postgres.user
label: Database username
default: "molgenis"
description: "Set user of the database scheme"
type: string
required: true
group: "Services"
- variable: molgenis.services.postgres.password
label: Database password
default: "molgenis"
description: "Set the password of the database scheme"
type: string
required: true required: true
group: "Services" group: "Services"
show_subquestion_if: false
subquestions:
- variable: molgenis.services.postgres.host
label: Postgres cluster location
default: ""
description: "Set the location of the postgres cluster. This can be localhost when the postgres is enabled else you need to specify a cluster location if you do not want a embedded postgres instance)"
type: string
required: true
group: "Services"
- variable: molgenis.services.postgres.scheme
label: Database scheme
default: "molgenis"
description: "Set the database scheme"
type: string
required: true
group: "Services"
- variable: molgenis.services.postgres.user
label: Database username
default: "molgenis"
description: "Set user of the database scheme"
type: string
required: true
group: "Services"
- variable: molgenis.services.postgres.password
label: Database password
default: "molgenis"
description: "Set the password of the database scheme"
type: string
required: true
group: "Services"
- variable: molgenis.resources.limits.memory - variable: molgenis.resources.limits.memory
label: Container memory limit label: Container memory limit
default: 1250Mi default: 1250Mi
@ -98,7 +125,7 @@ questions:
- "2g" - "2g"
group: "Resources" group: "Resources"
- variable: persistence.enabled - variable: persistence.enabled
default: false default: true
description: "Do you want to use persistence" description: "Do you want to use persistence"
type: boolean type: boolean
required: true required: true
@ -112,20 +139,29 @@ questions:
type: boolean type: boolean
label: Retain volume label: Retain volume
- variable: molgenis.persistence.size - variable: molgenis.persistence.size
default: "30Gi" default: "5Gi"
description: "Size of MOLGENIS filestore (PostgreSQL and ElasticSearch excluded)" description: "Size of MOLGENIS filestore (PostgreSQL and ElasticSearch excluded)"
type: enum type: enum
options: options:
- "30Gi" - "5Gi"
- "50Gi" - "10Gi"
- "100Gi" - "20Gi"
label: Size MOLGENIS filestore label: Size MOLGENIS filestore
- variable: elasticsearch.persistence.size - variable: elasticsearch.persistence.size
default: "50Gi" default: "5Gi"
description: "Size of ElasticSearch data (directory that is persist: /usr/share/elasticsearch/data)" description: "Size of ElasticSearch data (directory that is persist: /usr/share/elasticsearch/data)"
type: enum type: enum
options: options:
- "5Gi"
- "10Gi"
- "50Gi" - "50Gi"
- "100Gi" label: Size for ElasticSearch data
- "200Gi" - variable: postgres.persistence.size
label: Size for ElasticSearch data default: "5Gi"
description: "Size of PostgreSQL data (directory that is persist: /var/lib/postgresql/data/pgdata)"
type: enum
options:
- "5Gi"
- "10Gi"
- "50Gi"
label: Size for PostgreSQL data

View File

@ -17,6 +17,8 @@ spec:
matchLabels: matchLabels:
app: {{ template "molgenis.name" . }} app: {{ template "molgenis.name" . }}
release: {{ .Release.Name }} release: {{ .Release.Name }}
strategy:
type: Recreate
template: template:
metadata: metadata:
labels: labels:
@ -97,11 +99,33 @@ spec:
- name: elasticsearch-nfs - name: elasticsearch-nfs
mountPath: /usr/share/elasticsearch/data mountPath: /usr/share/elasticsearch/data
{{- end }} {{- end }}
resources: resources:
{{ toYaml .resources | indent 12 }} {{ toYaml .resources | indent 12 }}
{{- end }} {{- end }}
- name: postgres
{{- with .Values.postgres }}
image: "{{ .image.repository }}:{{ .image.tag }}"
imagePullPolicy: {{ .image.pullPolicy }}
env:
- name: POSTGRES_USER
value: {{ $.Values.molgenis.services.postgres.user }}
- name: POSTGRES_PASSWORD
value: {{ $.Values.molgenis.services.postgres.password }}
- name: POSTGRES_DB
value: {{ $.Values.molgenis.services.postgres.scheme }}
ports:
- containerPort: 5432
resources:
{{ toYaml .resources | indent 12 }}
{{- if $.Values.persistence.enabled }}
volumeMounts:
- name: postgres-nfs
mountPath: /var/lib/postgresql/data
{{- end }}
{{- end }}
{{- if .Values.persistence.enabled }} {{- if .Values.persistence.enabled }}
volumes: volumes:
- name: molgenis-nfs - name: molgenis-nfs
@ -110,6 +134,9 @@ spec:
- name: elasticsearch-nfs - name: elasticsearch-nfs
persistentVolumeClaim: persistentVolumeClaim:
claimName: {{ .Values.elasticsearch.persistence.claim }} claimName: {{ .Values.elasticsearch.persistence.claim }}
- name: postgres-nfs
persistentVolumeClaim:
claimName: {{ .Values.postgres.persistence.claim }}
{{- end }} {{- end }}
{{- with .Values.nodeSelector }} {{- with .Values.nodeSelector }}

View File

@ -4,7 +4,7 @@
apiVersion: extensions/v1beta1 apiVersion: extensions/v1beta1
kind: Ingress kind: Ingress
metadata: metadata:
name: {{ $fullName }} name: "{{ $.Release.Name }}-ingress"
labels: labels:
app: {{ template "molgenis.name" . }} app: {{ template "molgenis.name" . }}
chart: {{ template "molgenis.chart" . }} chart: {{ template "molgenis.chart" . }}
@ -33,6 +33,6 @@ spec:
- path: {{ $ingressPath }} - path: {{ $ingressPath }}
backend: backend:
serviceName: {{ $fullName }} serviceName: {{ $fullName }}
servicePort: 8080 servicePort: {{ $.Values.service.port }}
{{- end }} {{- end }}
{{- end }} {{- end }}

View File

@ -0,0 +1,21 @@
{{- if .Values.molgenis.services.postgres.embedded }}
{{- if .Values.persistence.enabled }}
apiVersion: extensions/v1beta1
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ .Values.postgres.persistence.claim }}
annotations:
{{- if .Values.persistence.retain }}
volume.beta.kubernetes.io/storage-class: "nfs-provisioner-retain"
{{- else }}
volume.beta.kubernetes.io/storage-class: "nfs-provisioner"
{{- end }}
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: {{ .Values.postgres.persistence.size }}
{{- end }}
{{- end }}

View File

@ -9,6 +9,18 @@ metadata:
heritage: {{ .Release.Service }} heritage: {{ .Release.Service }}
spec: spec:
type: {{ .Values.service.type }} type: {{ .Values.service.type }}
{{- if .Values.service.firewall.enabled }}
loadBalancerSourceRanges:
{{- if .Values.service.firewall.kind eq "umcg" }}
{{- range $index, $rule := .Values.service.firewall.umcg.rules }}
- {{ $rule }}
{{- end }}
{{- else }}
{{- range $index, $rule := .Values.service.firewall.cluster.rules }}
- {{ $rule }}
{{- end }}
{{- end }}
{{- end }}
ports: ports:
- name: molgenis - name: molgenis
port: {{ .Values.service.port }} port: {{ .Values.service.port }}

View File

@ -4,6 +4,15 @@ replicaCount: 1
service: service:
type: LoadBalancer type: LoadBalancer
firewall:
enabled: false
kind: "umcg"
umcg:
rules:
- 127.0.0.1/32
cluster:
rules:
- 127.0.0.1/32
port: 8080 port: 8080
ingress: ingress:
@ -33,7 +42,7 @@ molgenis:
memory: 1250Mi memory: 1250Mi
persistence: persistence:
claim: molgenis-nfs-claim claim: molgenis-nfs-claim
size: 30Gi size: 5Gi
services: services:
opencpu: opencpu:
host: localhost host: localhost
@ -41,6 +50,7 @@ molgenis:
transportAddresses: localhost:9300 transportAddresses: localhost:9300
clusterName: molgenis clusterName: molgenis
postgres: postgres:
embedded: false
host: localhost host: localhost
scheme: molgenis scheme: molgenis
user: molgenis user: molgenis
@ -62,10 +72,26 @@ elasticsearch:
memory: 1Gi memory: 1Gi
persistence: persistence:
claim: elasticsearch-nfs-claim claim: elasticsearch-nfs-claim
size: 50Gi size: 5Gi
postgres:
image:
repository: postgres
tag: 9.6-alpine
pullPolicy: IfNotPresent
resources:
limits:
cpu: 1
memory: 250Mi
requests:
cpu: 100m
memory: 250Mi
persistence:
claim: postgres-nfs-claim
size: 5Gi
persistence: persistence:
enabled: false enabled: true
retain: false retain: false
nodeSelector: { nodeSelector: {