working opal

charts/opal/README.md

@@ -4,135 +4,10 @@ This chart is used for acceptance and production use cases.
 ## Containers
 The created containers are:
 
-- MOLGENIS
+- Opal
-- ElasticSearch
+- MongoDB
-- PostgreSQL **(optional)**
+- RServer
 
 ## Provisioning
-You can choose from which registry you want to pull. There are 2 registries:
+You can choose from which registry you want to pull. There is 1 one registry:
-- https://registry.molgenis.org
 - https://hub.docker.com
-
-The registry.molgenis.org contains the bleeding edge versions (PR's and master merges). The hub.docker.com contains the released artifacts (MOLGENIS releases and release candidates).
-
-The three properties you need to specify are:
-- ```molgenis.image.repository```
-- ```molgenis.image.name```
-- ```molgenis.image.tag```
-
-Besides determining which image you want to pull, you also have to set an administrator password. You can do this by specifying the following property. 
-- ```molgenis.adminPassword```
-
-### Firewall
-Is defined at service level you can specify this attribute in the values:
-
-- ```molgenis.firewall.enabled``` default 'false' 
-
-If set to 'true' the following options are available. One of the options below has to be set.
-
-- ```molgenis.firewall.umcg.enabled``` default 'false'  
-- ```molgenis.firewall.cluster.enabled``` default 'false'
-
-UMCG = only available within the UMCG.
-Cluster = only available within the GCC cluster environment.
-
-## Services
-When you start MOLGENIS you need:
-- an elasticsearch instance (5.5.6) 
-- an postgres instance (9.6)
-
-You can attach additional services like:
-- an opencpu instance
-
-### Elasticsearch
-You can configure elasticsearch by giving in the cluster location.
-
-To configure the transport address you can address the node communication channel but also the native JAVA API. Which MOLGENIS uses to communicate with Elasticsearch.
-From Elasticsearch version 6 and further the JAVA API is not supported anymore. At this moment you can only use Elastic instance till major version 5.
-- ```molgenis.services.elasticsearch.transportAddresses: localhost:9300```
-
-To configure the index on a Elasticsearch cluster you can specify the clusterName property.
-- ```molgenis.services.elasticsearch.clusterName: molgenis```
-
-### Postgres
-You can specify the location of the postgres instance by specify the following property:
-- ```molgenis.services.postgres.host: localhost```
-
-You can specify the schema by filling out this property:
-- ```molgenis.services.postgres.scheme: molgenis```
-
-You can specify credentials for the database scheme by specifying the following properties:
-- ```molgenis.services.postgres.user: molgenis```
-- ```molgenis.services.postgres.password: molgenis```
-
-To test you can use the **PostgreSQL**-helm chart of Kubernetes and specify these answers:
-
-```bash
-# answers for postgresql chart
-postgresUser=molgenis
-postgresPassword=molgenis
-postgresDatabase=molgenis
-persistence.enabled=false
-```
-
-### OpenCPU
-You can specify the location of the OpenCPU cluster by specifying this property:
-- ```molgenis.services.opencpu.host: localhost```
-
-You can test OpenCPU settings using the **OpenCPU**-helm chart of MOLGENIS.
-
-## Resources
-You can specify resources by resource type. There are 2 resource types.
-- memory of container
-- maximum heap space JVM
-
-Specify memory usage of container:
-- ```molgenis.resources.limits.memory```
-
-Specify memory usage for Java JVM:
-- ```molgenis.javaOpts.maxHeapSpace```
-
-Select the resources you need dependant on the customer you need to serve.
-
-## Persistence
-You can enable persistence on your MOLGENIS stack by specifying the following property.
-
-- ```persistence.enabled``` default 'true'
-
-You can also choose to retain the volume of the NFS.
-- ```persistence.retain``` default 'false'
-
-The size and claim name can be specified per service. There are now two services that can be persist.
-
-- MOLGENIS
-- ElasticSearch
-- PostgreSQL **(optional)**
-
-MOLGENIS persistent properties.
-- ```molgenis.persistence.claim```
-- ```molgenis.persistence.size```
-
-ElasticSearch persistent properties.
-- ```elasticsearch.persistence.claim```
-- ```elasticsearch.persistence.size```
-
-PostgreSQL persistent properties.
-- ```postgres.persistence.claim```
-- ```postgres.persistence.size```
-
-### Resolve you persistent volume
-You do not know which volume is attached to your MOLGENIS instance. You can resolve this by executing:
-
-```
-kubectl get pv
-```
-
-You can now view the persistent volume claims and the attached volumes.
-
-| NAME | CAPACITY | ACCESS | MODES | RECLAIM | POLICY | STATUS | CLAIM | STORAGECLASS | REASON | AGE |
-| ---- | -------- | ------ | ----- | ------- | ------ | ------ | ----- | ------------ | ------ | --- |
-| pvc-45988f55-900f-11e8-a0b4-005056a51744 | 30G | RWX | | Retain | Bound | molgenis-solverd/molgenis-nfs-claim | nfs-provisioner-retain | | | 33d |
-| pvc-3984723d-220f-14e8-a98a-skjhf88823kk | 30G | RWO | | Delete | Bound | molgenis-test/molgenis-nfs-claim | nfs-provisioner | | | 33d |
-
-You see the ```molgenis-test/molgenis-nfs-claim``` is bound to the volume: ```pvc-3984723d-220f-14e8-a98a-skjhf88823kk```.
-When you want to view the data in the this volume you can go to the nfs-provisioning pod and execute the shell. Go to the directory ```export``` and lookup the directory ```pvc-3984723d-220f-14e8-a98a-skjhf88823kk```. 

charts/opal/requirements.lock

@@ -1,6 +1,6 @@
 dependencies:
-- name: mysql
+- name: mongodb
   repository: https://kubernetes-charts.storage.googleapis.com/
-  version: 0.10.2
+  version: 4.8.1
-digest: sha256:77710fe100fb005d51e006d2e19643f9af2b1aadd1c2249c67ffc5be6a095f30
+digest: sha256:14ec2719c92a969b8dcac0de0deea31154c4dc135710f43acb7f0dc209faa9ea
-generated: 2018-10-24T22:38:04.939630519+02:00
+generated: 2018-11-06T10:03:54.890729161Z

charts/opal/requirements.yaml

@@ -1,4 +1,4 @@
 dependencies:
-  - name: mysql
+  - name: mongodb
-    version: ^0.10.2
+    version: ^4.8.1
     repository: https://kubernetes-charts.storage.googleapis.com/

charts/opal/templates/deployment.yaml

@@ -31,20 +31,10 @@ spec:
           image: {{ .image.repository }}/{{ .image.name }}:{{ .image.tag }}
           imagePullPolicy: {{ .image.pullPolicy }}
           env:
-            - name: opal.home
+            - name: OPAL_ADMINISTRATOR_PASSWORD
-              value: /home/opal
-            - name: db_uri
-              value: jdbc:postgresql://localhost/opal
-            - name: db_user
-              value: opal
-            - name: db_password
-              value: opal
-            - name: admin.password
               value: "{{ .adminPassword }}"
-            - name: CATALINA_OPTS
-              value: "-Xmx{{ .javaOpts.maxHeapSpace }} -XX:+UseConcMarkSweepGC -XX:+CMSClassUnloadingEnabled"
           ports:
-            - containerPort: 8080
+            - containerPort: {{ $.Values.service.port }}
           {{- if $.Values.persistence.enabled }}
           volumeMounts:
           - name: opal-nfs
@@ -53,19 +43,21 @@ spec:
           livenessProbe:
             httpGet:
               path: /
-              port: 8080
+              port: {{ $.Values.service.port }}
             initialDelaySeconds: 60
             periodSeconds: 5
             failureThreshold: 25
             successThreshold: 1
-          readinessProbe:
+          resources:
-            httpGet:
+{{ toYaml .resources | indent 12 }}
-              path: /api/v2/version
+        {{- end }}
-              port: 8080
+        - name: rserver
-            initialDelaySeconds: 120
+        {{- with .Values.rserver }}
-            periodSeconds: 30
+          image: {{ .image.repository }}/{{ .image.name }}:{{ .image.tag }}
-            failureThreshold: 3
+          imagePullPolicy: {{ .image.pullPolicy }}
-            successThreshold: 1
+          ports:
+            - containerPort: 6612
+            - containerPort: 6311
           resources:
 {{ toYaml .resources | indent 12 }}
         {{- end }}

charts/opal/templates/ingress.yaml

@@ -6,10 +6,10 @@ kind: Ingress
 metadata:
   name: "{{ $.Release.Name }}-ingress"
   labels:
-    app: {{ template "opal.name" . }}
+    app: {{ $.Values.service.name }}
-    chart: {{ template "opal.chart" . }}
+    chart: "{{ $.Chart.Name }}-{{ $.Chart.Version }}"
-    release: {{ .Release.Name }}
+    release: "{{ .Release.Name }}"
-    heritage: {{ .Release.Service }}
+    heritage: "{{ .Release.Service }}"
 {{- with .Values.ingress.annotations }}
   annotations:
 {{ toYaml . | indent 4 }}
@@ -33,7 +33,7 @@ spec:
         paths:
           - path: {{ $ingressPath }}
             backend:
-              serviceName: {{ $fullName }}
+              serviceName: {{ $.Values.service.name }}
               servicePort: {{ $.Values.service.port }}
   {{- end }}
   {{- end }}

charts/opal/templates/service.yaml

@@ -1,16 +1,16 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: {{ template "opal.fullname" . }}
+  name: {{ .Values.service.name }}
   labels:
-    app: {{ template "opal.name" . }}
+    app: {{ .Values.service.name }}
     chart: {{ template "opal.chart" . }}
     release: {{ .Release.Name }}
     heritage: {{ .Release.Service }}
 spec:
   type: {{ .Values.service.type }}
   ports:
-    - name: opal
+    - name: {{ .Values.service.name }}
       port: {{ .Values.service.port }}
   selector:
     app: {{ template "opal.name" . }}

charts/opal/values.yaml

@@ -3,6 +3,7 @@
 replicaCount: 1
 
 service:
+  name: opal
   type: ClusterIP
   port: 8080
 
@@ -21,8 +22,8 @@ opal:
     maxHeapSpace: "4g"
   resources:
     limits:
-    cpu: 4
+    cpu: 1
-    memory: 4Gi
+    memory: 2Gi
   requests:
     cpu: 200m
     memory: 4Gi
@@ -33,21 +34,30 @@ opal:
     name: obiba/opal
     tag: latest
     pullPolicy: Always
-  adminPassword:
+  adminPassword: admin
   persistence:
     claim: pvc-opal
     size: 10Gi
-  services:
+  containerPorts:
-    rserver:
+    - 8080
-      host: localhost
-    mysql:
-      host: localhost
 
 rserver:
   image:
-    repository: obiba/opal-rserver
+    repository: registry.hub.docker.com
+    name: obiba/opal-rserver
     tag: latest
     pullPolicy: IfNotPresent
+  resources:
+    limits:
+      cpu: 1
+      memory: 2Gi
+  containerPorts:
+   - 6612
+   - 6311
+
+mongodb:
+  persistence:
+    enabled: false
 
 persistence:
   enabled: false

charts/rstudio/templates/deployment.yaml

@@ -28,8 +28,19 @@ spec:
       - name: {{ .name }}
         image: "{{ .image.repository }}/{{ .image.name }}:{{ .image.tag }}"
         imagePullPolicy: {{ .image.pullPolicy }}
+        env:
+        - name: PASSWORD
+          value: "{{ .adminPassword }}"
         ports:
         - containerPort: {{ .service.port }}
+        livenessProbe:
+          httpGet:
+            path: /
+            port: {{ .service.port }}
+          initialDelaySeconds: 60
+          periodSeconds: 5
+          failureThreshold: 25
+          successThreshold: 1
       {{- end }}
 
 

charts/rstudio/templates/service.yaml

@@ -8,10 +8,6 @@ metadata:
     heritage: {{ .Release.Service }}
 spec:
   type: {{ .Values.rstudio.service.type }}
-  loadBalancerSourceRanges:
-  {{- range $index, $rule := .Values.rstudio.service.firewall }}
-    - {{ $rule }}
-  {{- end }}
   ports:
     - name: {{ .Values.rstudio.service.name }}
       port: {{ .Values.rstudio.service.port }}

charts/rstudio/values.yaml

@@ -11,14 +11,15 @@ rstudio:
   strategy:
     type: Recreate
   restartPolicy: Always
+  adminPassword: ?01LifeCycle!
   image:
     repository: registry.hub.docker.com
     name: molgenis/rstudio
-    tag: latest
+    tag: beta
     pullPolicy: Always
   service:
     name: rstudio
-    type: LoadBalancer
+    type: ClusterIP
     port: 8787
 
 ingress: