diff --git a/charts/opal/README.md b/charts/opal/README.md index 61f5b16..007d6c2 100644 --- a/charts/opal/README.md +++ b/charts/opal/README.md @@ -4,135 +4,10 @@ This chart is used for acceptance and production use cases. ## Containers The created containers are: -- MOLGENIS -- ElasticSearch -- PostgreSQL **(optional)** +- Opal +- MongoDB +- RServer ## Provisioning -You can choose from which registry you want to pull. There are 2 registries: -- https://registry.molgenis.org +You can choose from which registry you want to pull. There is 1 one registry: - https://hub.docker.com - -The registry.molgenis.org contains the bleeding edge versions (PR's and master merges). The hub.docker.com contains the released artifacts (MOLGENIS releases and release candidates). - -The three properties you need to specify are: -- ```molgenis.image.repository``` -- ```molgenis.image.name``` -- ```molgenis.image.tag``` - -Besides determining which image you want to pull, you also have to set an administrator password. You can do this by specifying the following property. -- ```molgenis.adminPassword``` - -### Firewall -Is defined at service level you can specify this attribute in the values: - -- ```molgenis.firewall.enabled``` default 'false' - -If set to 'true' the following options are available. One of the options below has to be set. - -- ```molgenis.firewall.umcg.enabled``` default 'false' -- ```molgenis.firewall.cluster.enabled``` default 'false' - -UMCG = only available within the UMCG. -Cluster = only available within the GCC cluster environment. - -## Services -When you start MOLGENIS you need: -- an elasticsearch instance (5.5.6) -- an postgres instance (9.6) - -You can attach additional services like: -- an opencpu instance - -### Elasticsearch -You can configure elasticsearch by giving in the cluster location. - -To configure the transport address you can address the node communication channel but also the native JAVA API. Which MOLGENIS uses to communicate with Elasticsearch. -From Elasticsearch version 6 and further the JAVA API is not supported anymore. At this moment you can only use Elastic instance till major version 5. -- ```molgenis.services.elasticsearch.transportAddresses: localhost:9300``` - -To configure the index on a Elasticsearch cluster you can specify the clusterName property. -- ```molgenis.services.elasticsearch.clusterName: molgenis``` - -### Postgres -You can specify the location of the postgres instance by specify the following property: -- ```molgenis.services.postgres.host: localhost``` - -You can specify the schema by filling out this property: -- ```molgenis.services.postgres.scheme: molgenis``` - -You can specify credentials for the database scheme by specifying the following properties: -- ```molgenis.services.postgres.user: molgenis``` -- ```molgenis.services.postgres.password: molgenis``` - -To test you can use the **PostgreSQL**-helm chart of Kubernetes and specify these answers: - -```bash -# answers for postgresql chart -postgresUser=molgenis -postgresPassword=molgenis -postgresDatabase=molgenis -persistence.enabled=false -``` - -### OpenCPU -You can specify the location of the OpenCPU cluster by specifying this property: -- ```molgenis.services.opencpu.host: localhost``` - -You can test OpenCPU settings using the **OpenCPU**-helm chart of MOLGENIS. - -## Resources -You can specify resources by resource type. There are 2 resource types. -- memory of container -- maximum heap space JVM - -Specify memory usage of container: -- ```molgenis.resources.limits.memory``` - -Specify memory usage for Java JVM: -- ```molgenis.javaOpts.maxHeapSpace``` - -Select the resources you need dependant on the customer you need to serve. - -## Persistence -You can enable persistence on your MOLGENIS stack by specifying the following property. - -- ```persistence.enabled``` default 'true' - -You can also choose to retain the volume of the NFS. -- ```persistence.retain``` default 'false' - -The size and claim name can be specified per service. There are now two services that can be persist. - -- MOLGENIS -- ElasticSearch -- PostgreSQL **(optional)** - -MOLGENIS persistent properties. -- ```molgenis.persistence.claim``` -- ```molgenis.persistence.size``` - -ElasticSearch persistent properties. -- ```elasticsearch.persistence.claim``` -- ```elasticsearch.persistence.size``` - -PostgreSQL persistent properties. -- ```postgres.persistence.claim``` -- ```postgres.persistence.size``` - -### Resolve you persistent volume -You do not know which volume is attached to your MOLGENIS instance. You can resolve this by executing: - -``` -kubectl get pv -``` - -You can now view the persistent volume claims and the attached volumes. - -| NAME | CAPACITY | ACCESS | MODES | RECLAIM | POLICY | STATUS | CLAIM | STORAGECLASS | REASON | AGE | -| ---- | -------- | ------ | ----- | ------- | ------ | ------ | ----- | ------------ | ------ | --- | -| pvc-45988f55-900f-11e8-a0b4-005056a51744 | 30G | RWX | | Retain | Bound | molgenis-solverd/molgenis-nfs-claim | nfs-provisioner-retain | | | 33d | -| pvc-3984723d-220f-14e8-a98a-skjhf88823kk | 30G | RWO | | Delete | Bound | molgenis-test/molgenis-nfs-claim | nfs-provisioner | | | 33d | - -You see the ```molgenis-test/molgenis-nfs-claim``` is bound to the volume: ```pvc-3984723d-220f-14e8-a98a-skjhf88823kk```. -When you want to view the data in the this volume you can go to the nfs-provisioning pod and execute the shell. Go to the directory ```export``` and lookup the directory ```pvc-3984723d-220f-14e8-a98a-skjhf88823kk```. \ No newline at end of file diff --git a/charts/opal/charts/mongodb-4.8.1.tgz b/charts/opal/charts/mongodb-4.8.1.tgz new file mode 100644 index 0000000..8c5f189 Binary files /dev/null and b/charts/opal/charts/mongodb-4.8.1.tgz differ diff --git a/charts/opal/charts/mysql-0.10.2.tgz b/charts/opal/charts/mysql-0.10.2.tgz deleted file mode 100644 index 110868e..0000000 Binary files a/charts/opal/charts/mysql-0.10.2.tgz and /dev/null differ diff --git a/charts/opal/requirements.lock b/charts/opal/requirements.lock index 5260a04..5d13ffd 100644 --- a/charts/opal/requirements.lock +++ b/charts/opal/requirements.lock @@ -1,6 +1,6 @@ dependencies: -- name: mysql +- name: mongodb repository: https://kubernetes-charts.storage.googleapis.com/ - version: 0.10.2 -digest: sha256:77710fe100fb005d51e006d2e19643f9af2b1aadd1c2249c67ffc5be6a095f30 -generated: 2018-10-24T22:38:04.939630519+02:00 + version: 4.8.1 +digest: sha256:14ec2719c92a969b8dcac0de0deea31154c4dc135710f43acb7f0dc209faa9ea +generated: 2018-11-06T10:03:54.890729161Z diff --git a/charts/opal/requirements.yaml b/charts/opal/requirements.yaml index 74d6955..05852e8 100644 --- a/charts/opal/requirements.yaml +++ b/charts/opal/requirements.yaml @@ -1,4 +1,4 @@ dependencies: - - name: mysql - version: ^0.10.2 + - name: mongodb + version: ^4.8.1 repository: https://kubernetes-charts.storage.googleapis.com/ \ No newline at end of file diff --git a/charts/opal/templates/deployment.yaml b/charts/opal/templates/deployment.yaml index c6dcaf4..06f667b 100644 --- a/charts/opal/templates/deployment.yaml +++ b/charts/opal/templates/deployment.yaml @@ -31,20 +31,10 @@ spec: image: {{ .image.repository }}/{{ .image.name }}:{{ .image.tag }} imagePullPolicy: {{ .image.pullPolicy }} env: - - name: opal.home - value: /home/opal - - name: db_uri - value: jdbc:postgresql://localhost/opal - - name: db_user - value: opal - - name: db_password - value: opal - - name: admin.password + - name: OPAL_ADMINISTRATOR_PASSWORD value: "{{ .adminPassword }}" - - name: CATALINA_OPTS - value: "-Xmx{{ .javaOpts.maxHeapSpace }} -XX:+UseConcMarkSweepGC -XX:+CMSClassUnloadingEnabled" ports: - - containerPort: 8080 + - containerPort: {{ $.Values.service.port }} {{- if $.Values.persistence.enabled }} volumeMounts: - name: opal-nfs @@ -53,19 +43,21 @@ spec: livenessProbe: httpGet: path: / - port: 8080 + port: {{ $.Values.service.port }} initialDelaySeconds: 60 periodSeconds: 5 failureThreshold: 25 successThreshold: 1 - readinessProbe: - httpGet: - path: /api/v2/version - port: 8080 - initialDelaySeconds: 120 - periodSeconds: 30 - failureThreshold: 3 - successThreshold: 1 + resources: +{{ toYaml .resources | indent 12 }} + {{- end }} + - name: rserver + {{- with .Values.rserver }} + image: {{ .image.repository }}/{{ .image.name }}:{{ .image.tag }} + imagePullPolicy: {{ .image.pullPolicy }} + ports: + - containerPort: 6612 + - containerPort: 6311 resources: {{ toYaml .resources | indent 12 }} {{- end }} diff --git a/charts/opal/templates/ingress.yaml b/charts/opal/templates/ingress.yaml index de94600..b948431 100644 --- a/charts/opal/templates/ingress.yaml +++ b/charts/opal/templates/ingress.yaml @@ -6,10 +6,10 @@ kind: Ingress metadata: name: "{{ $.Release.Name }}-ingress" labels: - app: {{ template "opal.name" . }} - chart: {{ template "opal.chart" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + app: {{ $.Values.service.name }} + chart: "{{ $.Chart.Name }}-{{ $.Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" {{- with .Values.ingress.annotations }} annotations: {{ toYaml . | indent 4 }} @@ -33,7 +33,7 @@ spec: paths: - path: {{ $ingressPath }} backend: - serviceName: {{ $fullName }} + serviceName: {{ $.Values.service.name }} servicePort: {{ $.Values.service.port }} {{- end }} {{- end }} diff --git a/charts/opal/templates/service.yaml b/charts/opal/templates/service.yaml index 218f031..9384b2e 100644 --- a/charts/opal/templates/service.yaml +++ b/charts/opal/templates/service.yaml @@ -1,16 +1,16 @@ apiVersion: v1 kind: Service metadata: - name: {{ template "opal.fullname" . }} + name: {{ .Values.service.name }} labels: - app: {{ template "opal.name" . }} + app: {{ .Values.service.name }} chart: {{ template "opal.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} spec: type: {{ .Values.service.type }} ports: - - name: opal + - name: {{ .Values.service.name }} port: {{ .Values.service.port }} selector: app: {{ template "opal.name" . }} diff --git a/charts/opal/values.yaml b/charts/opal/values.yaml index d085c36..1078649 100644 --- a/charts/opal/values.yaml +++ b/charts/opal/values.yaml @@ -3,6 +3,7 @@ replicaCount: 1 service: + name: opal type: ClusterIP port: 8080 @@ -21,8 +22,8 @@ opal: maxHeapSpace: "4g" resources: limits: - cpu: 4 - memory: 4Gi + cpu: 1 + memory: 2Gi requests: cpu: 200m memory: 4Gi @@ -33,21 +34,30 @@ opal: name: obiba/opal tag: latest pullPolicy: Always - adminPassword: + adminPassword: admin persistence: claim: pvc-opal size: 10Gi - services: - rserver: - host: localhost - mysql: - host: localhost + containerPorts: + - 8080 rserver: image: - repository: obiba/opal-rserver + repository: registry.hub.docker.com + name: obiba/opal-rserver tag: latest pullPolicy: IfNotPresent + resources: + limits: + cpu: 1 + memory: 2Gi + containerPorts: + - 6612 + - 6311 + +mongodb: + persistence: + enabled: false persistence: enabled: false diff --git a/charts/rstudio/templates/deployment.yaml b/charts/rstudio/templates/deployment.yaml index 04e59d4..1415c99 100644 --- a/charts/rstudio/templates/deployment.yaml +++ b/charts/rstudio/templates/deployment.yaml @@ -28,8 +28,19 @@ spec: - name: {{ .name }} image: "{{ .image.repository }}/{{ .image.name }}:{{ .image.tag }}" imagePullPolicy: {{ .image.pullPolicy }} + env: + - name: PASSWORD + value: "{{ .adminPassword }}" ports: - containerPort: {{ .service.port }} + livenessProbe: + httpGet: + path: / + port: {{ .service.port }} + initialDelaySeconds: 60 + periodSeconds: 5 + failureThreshold: 25 + successThreshold: 1 {{- end }} diff --git a/charts/rstudio/templates/service.yaml b/charts/rstudio/templates/service.yaml index 96c3e66..6042903 100644 --- a/charts/rstudio/templates/service.yaml +++ b/charts/rstudio/templates/service.yaml @@ -8,10 +8,6 @@ metadata: heritage: {{ .Release.Service }} spec: type: {{ .Values.rstudio.service.type }} - loadBalancerSourceRanges: - {{- range $index, $rule := .Values.rstudio.service.firewall }} - - {{ $rule }} - {{- end }} ports: - name: {{ .Values.rstudio.service.name }} port: {{ .Values.rstudio.service.port }} diff --git a/charts/rstudio/values.yaml b/charts/rstudio/values.yaml index c58777d..3a5ac94 100644 --- a/charts/rstudio/values.yaml +++ b/charts/rstudio/values.yaml @@ -11,14 +11,15 @@ rstudio: strategy: type: Recreate restartPolicy: Always + adminPassword: ?01LifeCycle! image: repository: registry.hub.docker.com name: molgenis/rstudio - tag: latest + tag: beta pullPolicy: Always service: name: rstudio - type: LoadBalancer + type: ClusterIP port: 8787 ingress: