chore: add nodeSelectors to the charts

molgenis-jenkins/values.yaml

@@ -1,5 +1,7 @@
 jenkins:
   Master:
+    NodeSelector:
+      deployPod: "true"
     HostName: jenkins.molgenis.org
     ServiceType: ClusterIP
     InstallPlugins:
@@ -489,7 +491,9 @@ jenkins:
           Command: cat
           WorkingDir: /home/jenkins
           TTY: true
-      NodeSelector: {}
+      NodeSelector: {
+        deployPod: "true"
+      }
     node:
       Label: node-carbon
       NodeUsageMode: EXCLUSIVE
@@ -519,7 +523,9 @@ jenkins:
               key: VAULT_ADDR
               secretName: molgenis-pipeline-vault-secret
               secretKey: addr
-      NodeSelector: {}
+      NodeSelector: {
+        deployPod: "true"
+      }
     molgenis-it:
       InheritFrom: molgenis
       Label: molgenis-it
@@ -581,7 +587,9 @@ jenkins:
             limits:
               cpu: "1"
               memory: "512Mi"
-      NodeSelector: {}
+      NodeSelector: {
+        deployPod: "true"
+      }
 
 #secret contains configuration for the kubernetes secrets that jenkins can access
 secret:

molgenis-nexus/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v1
 appVersion: "1.0"
 description: Nexus stack for MOLGENIS
 name: molgenis-nexus
-version: 0.3.0
+version: 0.4.2
 sources:
 - https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm.git
 icon: https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm/raw/master/molgenis-nexus/catalogIcon-molgenis-nexus.svg

molgenis-nexus/README.md

@@ -6,8 +6,44 @@ NEXUS repository for kubernetes to deploy on a kubernetes cluster with NFS-share
 
 This chart will deploy:
 
+- 1 NEXUS-nfs initialization container
+
+  We need this container to avoid permission issues on the NEXUS docker
 - 1 NEXUS container
-- 1 MOLGENIS-httpd container ()to proxy the registry and docker to one domain)
+- 1 MOLGENIS-httpd container (to proxy the registry and docker to one domain)
+
+## Backup restore
+There are two steps in restoring the NEXUS.
+
+- Database
+- Blobstore
+
+### Restore the database
+Go to the commandline:
+
+```bash
+kubectl get pv
+```
+
+```bash
+| NAME | CAPACITY | ACCESS | MODES | RECLAIM | POLICY | STATUS | CLAIM | STORAGECLASS | REASON | AGE |
+| ---- | -------- | ------ | ----- | ------- | ------ | ------ | ----- | ------------ | ------ | --- |
+| pvc-45988f55-900f-11e8-a0b4-005056a51744 | 30G | RWX | | Retain | Bound | molgenis-nexus/molgenis-nfs-claim | nfs-provisioner-retain | | | 33d |
+| pvc-3984723d-220f-14e8-a98a-skjhf88823kk | 30G | RWO | | Delete | Bound | molgenis-test/molgenis-nfs-claim | nfs-provisioner | | | 33d |
+```
+
+The persistent volume is the one in the molgenis-nexus namespace. 
+
+Go to the NFS-provisioner to the path of the persistent volume:
+
+```bash
+ls -t --full-time | head -7 | xargs cp ../restore-from-backup/
+```
+
+### Restore the blobstore
+You can copy the directory ```blobs``` to the target persistent volume ```/ blobs```.
+
+You can now bring the NEXUS back up.
 
 ## Installing the Chart
 

molgenis-nexus/templates/deployments/nexus-deployment.yaml

@@ -20,6 +20,13 @@ spec:
       creationTimestamp: null
     spec:
       restartPolicy: {{ .Values.nexus.restartPolicy }}
+      initContainers:
+      - name: nexus-nfs
+        image: busybox
+        command: ["sh", "-c", "chown -R 200:200 /nexus-data"]
+        volumeMounts:
+        - name: molgenis-nexus-nfs
+          mountPath: "/nexus-data"
       containers:
       - name: {{ .Values.nexus.name }}
         image: "{{ .Values.nexus.image.repository }}:{{ .Values.nexus.image.tag }}"
@@ -29,22 +36,22 @@ spec:
         - containerPort: {{ .Values.nexus.port.docker }}
         volumeMounts:
         - name: molgenis-nexus-nfs
-            mountPath: "/nexus-data"
+          mountPath: /nexus-data
         livenessProbe:
           httpGet:
             path: /
             port: {{ .Values.nexus.port.ui }}
-            initialDelaySeconds: 90
+          initialDelaySeconds: 120
           periodSeconds: 20
-            failureThreshold: 5
+          failureThreshold: 15
           successThreshold: 1
         readinessProbe:
           httpGet:
             path: /
             port: {{ .Values.nexus.port.ui }}
-            initialDelaySeconds: 90
-            periodSeconds: 5
-            failureThreshold: 5
+          initialDelaySeconds: 120
+          periodSeconds: 20
+          failureThreshold: 15
           successThreshold: 1
 
       volumes:

molgenis-nexus/templates/deployments/nexusProxy-deployment.yaml

@@ -36,17 +36,17 @@ spec:
           httpGet:
             path: /
             port: {{ .Values.nexusProxy.port }}
-          initialDelaySeconds: 90
-          periodSeconds: 5
+          initialDelaySeconds: 1500
+          periodSeconds: 20
           failureThreshold: 5
           successThreshold: 1
         readinessProbe:
           httpGet:
             path: /
             port: {{ .Values.nexusProxy.port }}
-          initialDelaySeconds: 90
-          periodSeconds: 5
-          failureThreshold: 5
+          initialDelaySeconds: 150
+          periodSeconds: 20
+          failureThreshold: 15
           successThreshold: 1
 
     {{- with .Values.nodeSelector }}

molgenis-nexus/templates/ingress.yaml

@@ -5,7 +5,7 @@ kind: Ingress
 metadata:
   name: "{{ $.Release.Name }}-ingress"
   labels:
-    app: httpd
+    app: {{ $.Values.nexusProxy.name }}
     chart: "{{ $.Chart.Name }}-{{ $.Chart.Version }}"
     release: "{{ $.Release.Name }}"
     heritage: "{{ $.Release.Service }}"

molgenis-nexus/values.yaml

@@ -13,7 +13,7 @@ nexus:
   selector: nexus
   restartPolicy: Always
   image:
-    repository: sonatype/nexus3
+    repository: molgenis/nexus3
     tag: latest
     pullPolicy: Always
   port:
@@ -32,8 +32,8 @@ nexusProxy:
   selector: nexus-proxy
   restartPolicy: Always
   image:
-    repository: registry.webhosting.rug.nl/molgenis/httpd
-    tag: lts
+    repository: molgenis/httpd
+    tag: latest
     pullPolicy: Always
   port: 80
   service:

molgenis-opencpu/templates/deployment.yaml

@@ -31,5 +31,7 @@ spec:
         ports:
         - containerPort: {{ .service.port }}
       {{- end }}
-
-
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+{{ toYaml . | indent 8 }}
+      {{- end }}

molgenis-opencpu/values.yaml

@@ -34,7 +34,9 @@ ingress:
   - name: opencpu.molgenis.org
   tls: []
 
-nodeSelector: {}
+nodeSelector: {
+  deployPod: "true"
+}
 
 tolerations: []
 

molgenis-vault/README.md

@@ -38,7 +38,7 @@ Parameter | Description | Default
 `ui.image.repository` | Vault UI container image repository | `djenriquez/vault-ui`
 `ui.image.tag` | Vault UI container image tag | `latest`
 `ui.resources` | Vault UI pod resource requests & limits | `{}`
-`ui.nodeSelector` | node labels for Vault UI pod assignment | `{}`
+`ui.nodeSelector` | node labels for Vault UI pod assignment | `{deployPod: "true"}`
 `ui.ingress.enabled` | If true, Vault UI Ingress will be created | `true`
 `ui.ingress.annotations` | Vault UI Ingress annotations | `{}`
 `ui.ingress.host` | Vault UI Ingress hostname | `vault.molgenis.org`

molgenis-vault/values.yaml

@@ -18,6 +18,10 @@ backupJob:
   # schedule gives the cron schedule for the backup job
   schedule: "0 12 * * 1"
 
+vault-operator:
+  nodeSelector:
+    deployPod: "true"
+
 ###
 # All of the config variables related to setting up the etcd-operator
 # If you want more information about the variables exposed, please visit:
@@ -44,6 +48,8 @@ etcd-operator:
   restoreOperator:
     image:
       tag: v0.9.2
+  nodeSelector:
+    deployPod: "true"
 
 ui:
   name: "vault-ui"
@@ -73,7 +79,8 @@ ui:
     #requests:
     #  cpu: 100m
     #  memory: 128Mi
-  nodeSelector: {}
+  nodeSelector:
+    deployPod: "true"
   vault:
     auth: GITHUB
     url: https://vault.vault-operator:8200

molgenis/values.yaml

@@ -94,9 +94,8 @@ persistence:
   enabled: true
   retain: false
 
-nodeSelector: {
+nodeSelector:
   deployPod: "true"
-}
 
 tolerations: []