Compare commits

..

No commits in common. "edc006563f6aeec14f99f51be4df3f7fe0928a44" and "e89d739c47e7f5d4ee7e359be62358a360cb15d6" have entirely different histories.

33 changed files with 640 additions and 7 deletions

View File

@ -1,6 +1,6 @@
# Third party - Helm templates
These are the Helm templates that we will use for third-party operations.
These are the Helm templates that we will use for MOLGENIS operations.
## Kubernetes
When you want to use kubernetes there are some commands you need to know. Also running on a remote cluster will be a must have to control your whole DTAP.
@ -76,8 +76,6 @@ Commands that can be used to get information from a kubernetes cluster
This repository is serves also as a catalogue for Rancher. We have several apps that are served through this repository. e.g.
- [Opal](charts/opal/README.md)
- [RStudio](charts/rstudio/README.md)
- [MOLGENIS website](charts/website/README.md)
### Useful commands
You can you need to know to easily develop and deploy helm-charts

Binary file not shown.

Before

Width:  |  Height:  |  Size: 28 KiB

12
charts/opal/Chart.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: v1
appVersion: "1.0"
description: Opal - helm stack (in BETA)
name: opal
version: 0.0.1
sources:
- https://git.webhosting.rug.nl/molgenis/thirdparty-ops-docker-helm.git
icon: https://git.webhosting.rug.nl/molgenis/thirdparty-ops-docker-helm/
home: https://obiba.org
maintainers:
- name: sidohaakma
- name: fdlk

13
charts/opal/README.md Normal file
View File

@ -0,0 +1,13 @@
# Opal
This chart is used for acceptance and production use cases.
## Containers
The created containers are:
- Opal
- MongoDB
- RServer
## Provisioning
You can choose from which registry you want to pull. There is 1 one registry:
- https://hub.docker.com

Binary file not shown.

35
charts/opal/questions.yml Normal file
View File

@ -0,0 +1,35 @@
categories:
- OPAL
questions:
- variable: opal.environment
label: Environment
default: "test"
description: "Environment of Opal instance"
type: enum
options:
- development
- test
- acceptance
- production
required: true
group: "Provisioning"
- variable: molgenis.type.kind
label: Type
default: "medium"
description: "Type of MOLGENIS resources"
type: enum
options:
- small
- medium
- large
required: true
group: "Provisioning"
- variable: molgenis.image.tag
label: Version
default: "stable"
description: "Select a MOLGENIS version (check the registry.molgenis.org or hub.docker.com for released tags)"
type: string
required: true
group: "Provisioning"

View File

@ -0,0 +1,6 @@
dependencies:
- name: mysql
repository: https://kubernetes-charts.storage.googleapis.com/
version: 0.10.2
digest: sha256:77710fe100fb005d51e006d2e19643f9af2b1aadd1c2249c67ffc5be6a095f30
generated: 2018-11-06T15:57:20.530933765Z

View File

@ -0,0 +1,4 @@
dependencies:
- name: mysql
version: ^0.10.2
repository: https://kubernetes-charts.storage.googleapis.com/

View File

@ -0,0 +1,19 @@
1. Get the application URL by running these commands:
{{- if .Values.ingress.enabled }}
{{- range .Values.ingress.hosts }}
http{{ if $.Values.ingress.tls }}s{{ end }}://{{ . }}{{ $.Values.ingress.path }}
{{- end }}
{{- else if contains "NodePort" .Values.service.type }}
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "molgenis.fullname" . }})
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
{{- else if contains "LoadBalancer" .Values.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status of by running 'kubectl get svc -w {{ template "molgenis.fullname" . }}'
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "molgenis.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
echo http://$SERVICE_IP:{{ .Values.service.port }}
{{- else if contains "ClusterIP" .Values.service.type }}
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "molgenis.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
echo "Visit http://127.0.0.1:8080 to use your application"
kubectl port-forward $POD_NAME 8080:80
{{- end }}

View File

@ -0,0 +1,32 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "opal.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "opal.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "opal.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}

View File

@ -0,0 +1,83 @@
apiVersion: apps/v1beta2
kind: Deployment
metadata:
{{- with .Values.ingress.annotations }}
annotations:
{{ toYaml . | indent 4 }}
{{- end }}
name: {{ template "opal.fullname" . }}
labels:
app: {{ template "opal.name" . }}
chart: {{ template "opal.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
app: {{ template "opal.name" . }}
release: {{ .Release.Name }}
strategy:
type: Recreate
template:
metadata:
labels:
app: {{ template "opal.name" . }}
release: {{ .Release.Name }}
spec:
containers:
- name: opal
{{- with .Values.opal }}
image: {{ .image.repository }}/{{ .image.name }}:{{ .image.tag }}
imagePullPolicy: {{ .image.pullPolicy }}
env:
- name: OPAL_ADMINISTRATOR_PASSWORD
value: "{{ .adminPassword }}"
ports:
- containerPort: {{ $.Values.service.port }}
{{- if $.Values.persistence.enabled }}
volumeMounts:
- name: opal-nfs
mountPath: /home/opal
{{- end }}
livenessProbe:
httpGet:
path: /
port: {{ $.Values.service.port }}
initialDelaySeconds: 60
periodSeconds: 5
failureThreshold: 25
successThreshold: 1
resources:
{{ toYaml .resources | indent 12 }}
{{- end }}
- name: rserver
{{- with .Values.rserver }}
image: {{ .image.repository }}/{{ .image.name }}:{{ .image.tag }}
imagePullPolicy: {{ .image.pullPolicy }}
ports:
- containerPort: 6612
- containerPort: 6311
resources:
{{ toYaml .resources | indent 12 }}
{{- end }}
{{- if .Values.persistence.enabled }}
volumes:
- name: opal-nfs
persistentVolumeClaim:
claimName: {{ .Release.Name }}-{{ .Values.opal.persistence.claim }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{ toYaml . | indent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}

View File

@ -0,0 +1,40 @@
{{- if .Values.ingress.enabled -}}
{{- $fullName := include "opal.fullname" . -}}
{{- $ingressPath := .Values.ingress.path -}}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: "{{ $.Release.Name }}-ingress"
labels:
app: {{ $.Values.service.name }}
chart: "{{ $.Chart.Name }}-{{ $.Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
{{- with .Values.ingress.annotations }}
annotations:
{{ toYaml . | indent 4 }}
{{- end }}
spec:
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- if .Values.ingress.hosts }}
{{- range $host := .Values.ingress.hosts }}
- host: {{ $host }}
http:
paths:
- path: {{ $ingressPath }}
backend:
serviceName: {{ $.Values.service.name }}
servicePort: {{ $.Values.service.port }}
{{- end }}
{{- end }}
{{- end }}

View File

@ -0,0 +1,19 @@
{{- if .Values.persistence.enabled -}}
apiVersion: extensions/v1beta1
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ .Release.Name }}-{{ .Values.opal.persistence.claim }}
annotations:
{{- if .Values.persistence.retain }}
volume.beta.kubernetes.io/storage-class: "nfs-provisioner-retain"
{{- else }}
volume.beta.kubernetes.io/storage-class: "nfs-provisioner"
{{- end }}
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: {{ .Values.opal.persistence.size }}
{{- end }}

View File

@ -0,0 +1,17 @@
apiVersion: v1
kind: Service
metadata:
name: "{{ .Release.Name }}-{{ .Values.service.name }}"
labels:
app: "{{ .Release.Name }}-{{ .Values.service.name }}"
chart: {{ template "opal.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
type: {{ .Values.service.type }}
ports:
- name: "{{ .Release.Name }}-{{ .Values.service.name }}"
port: {{ .Values.service.port }}
selector:
app: {{ template "opal.name" . }}
release: {{ .Release.Name }}

84
charts/opal/values.yaml Normal file
View File

@ -0,0 +1,84 @@
# Default values for molgenis.
replicaCount: 1
service:
name: opal
type: ClusterIP
port: 8080
ingress:
enabled: true
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: "0"
hosts:
- opal.dev.molgenis.org
path: /
tls: []
opal:
advanced: false
javaOpts:
maxHeapSpace: "4g"
resources:
limits:
cpu: 1
memory: 2Gi
requests:
cpu: 200m
memory: 4Gi
persistence:
size: 10Gi
image:
repository: registry.hub.docker.com
name: obiba/opal
tag: latest
pullPolicy: Always
adminPassword: ?01LifeCycle!
persistence:
claim: pvc-opal
size: 10Gi
containerPorts:
- 8080
rserver:
image:
repository: registry.hub.docker.com
name: obiba/opal-rserver
tag: latest
pullPolicy: IfNotPresent
resources:
limits:
cpu: 1
memory: 2Gi
containerPorts:
- 6612
- 6311
mysql:
persistence:
enabled: false
mysqlRootPassword: ParaD0xa
mysqlUser: opal
mysqlPassword: ?opal01!
initializationFiles:
opal-ids.sql: |-
CREATE DATABASE IF NOT EXISTS opal_ids DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;
GRANT ALL PRIVILEGES ON opal_ids.* TO "opal"@"%" IDENTIFIED BY "?opal01!";
FLUSH PRIVILEGES;
opal-data.sql: |-
CREATE DATABASE IF NOT EXISTS opal_data DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;
GRANT ALL PRIVILEGES ON opal_data.* TO "opal"@"%" IDENTIFIED BY "?opal01!";
FLUSH PRIVILEGES;
persistence:
enabled: false
retain: false
nodeSelector: {
deployPod: "true"
}
tolerations: []
affinity: {}

View File

@ -1,12 +1,12 @@
apiVersion: v1
appVersion: "1.0"
description: MOLGENIS Helm chart for OpenCPU
name: molgenis-website
description: RStudio stack
name: rstudio
version: 0.0.1
sources:
- https://git.webhosting.rug.nl/molgenis/thirdparty-ops-docker-helm.git
icon: https://raw.git.webhosting.rug.nl/molgenis/thirdparty-ops-docker-helm/raw/master/charts/molgenis-website/catalogIcon-molgenis-website.png
home: https://www.molgenis.org
icon: https://raw.git.webhosting.rug.nl/molgenis/thirdparty-ops-docker-helm/master/charts/rstudio/catalog-molgenis-rstudio.svg
home: https://www.rocker.org
maintainers:
- name: sidohaakma
- name: fdlk

37
charts/rstudio/README.md Normal file
View File

@ -0,0 +1,37 @@
# MOLGENIS - RStudio Helm Chart
An RStudio instance to support DataSHIELD users in setting up a central analysis server instance.
## Containers
This chart will deploy the following container:
- molgenis-rstudio (with DataSHIELD packages)
## Provisioning
You can choose for the RStudio image from which repository you want to pull. Experimental builds are pushed to registry.molgenis.org and the stable builds to hub.docker.com.
You need to fill out 2 properties to determine which repository you are going to use.
- ```rstudio.image.repository```
- ```rstudio.image.tag```
You can do this in the questions in Rancher or in the ```values.yaml```.
## Development
You can test in install the chart by executing:
```helm lint .```
To test if your helm chart-syntax is right and:
```helm install . --dry-run --debug```
To test if your hem chart works and:
```helm install .```
To deploy it on the cluster.
```curl -L -u xxxx:xxxx http://registry.molgenis.org/repository/helm/ --upload-file molgenis-x.x.x.tgz```
To push it to the registry

View File

@ -0,0 +1,31 @@
categories:
- MOLGENIS
questions:
- variable: rstudio.environment
label: Environment
default: development
type: enum
options:
- development
- test
- acceptence
- production
group: "Provisioning"
- variable: rstudio.image.repository
label: Registry
default: "registry.hub.docker.com"
description: "Select a registry to pull from"
type: enum
options:
- "registry.hub.docker.com"
- "registry.molgenis.org"
required: true
group: "Provisioning"
- variable: rstudio.image.tag
label: Version
default: ""
description: "Select a RStudio version (check the registry.molgenis.org or hub.docker.com for released tags)"
type: string
required: true
group: "Provisioning"

View File

@ -0,0 +1,32 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "rstudio.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "rstudio.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "rstudio.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}

View File

@ -0,0 +1,46 @@
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
{{- with .Values.ingress.annotations }}
annotations:
{{ toYaml . | indent 4 }}
{{- end }}
name: {{ template "rstudio.fullname" . }}
labels:
app: {{ template "rstudio.name" . }}
chart: {{ template "rstudio.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
app: {{ template "rstudio.name" . }}
release: {{ .Release.Name }}
template:
metadata:
labels:
app: {{ template "rstudio.name" . }}
release: {{ .Release.Name }}
spec:
containers:
{{- with .Values.rstudio }}
- name: {{ .name }}
image: "{{ .image.repository }}/{{ .image.name }}:{{ .image.tag }}"
imagePullPolicy: {{ .image.pullPolicy }}
env:
- name: PASSWORD
value: "{{ .adminPassword }}"
ports:
- containerPort: {{ .service.port }}
livenessProbe:
httpGet:
path: /
port: {{ .service.port }}
initialDelaySeconds: 60
periodSeconds: 5
failureThreshold: 25
successThreshold: 1
{{- end }}

View File

@ -0,0 +1,36 @@
{{- if .Values.ingress.enabled }}
{{- range .Values.ingress.hosts }}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: "{{ $.Release.Name }}-ingress"
labels:
app: "{{ .Release.Name}}-{{ .Values.rstudio.service.name }}"
chart: "{{ $.Chart.Name }}-{{ $.Chart.Version }}"
release: "{{ $.Release.Name }}"
heritage: "{{ $.Release.Service }}"
annotations:
{{- if .tls }}
ingress.kubernetes.io/secure-backends: "true"
{{- end }}
{{- range $key, $value := .annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
spec:
rules:
- host: {{ .name }}
http:
paths:
- path: {{ default "/" .path }}
backend:
serviceName: "{{ .Release.Name}}-{{ .Values.rstudio.service.name }}"
servicePort: {{ $.Values.rstudio.service.port }}
{{- if .tls }}
tls:
- hosts:
- {{ .name }}
secretName: {{ .tlsSecret }}
{{- end }}
---
{{- end }}
{{- end }}

View File

@ -0,0 +1,16 @@
apiVersion: v1
kind: Service
metadata:
name: "{{ .Release.Name}}-{{ .Values.rstudio.service.name }}"
labels:
app: "{{ .Release.Name}}-{{ .Values.rstudio.service.name }}"
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
type: {{ .Values.rstudio.service.type }}
ports:
- name: "{{ .Release.Name}}-{{ .Values.rstudio.service.name }}"
port: {{ .Values.rstudio.service.port }}
selector:
app: {{ template "rstudio.name" . }}
release: {{ .Release.Name }}

View File

@ -0,0 +1,40 @@
# Default values for nexus.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
replicaCount: 1
environment: production
rstudio:
name: rstudio
strategy:
type: Recreate
restartPolicy: Always
adminPassword: ?01LifeCycle!
image:
repository: registry.hub.docker.com
name: molgenis/rstudio
tag: beta
pullPolicy: Always
service:
name: rstudio
type: ClusterIP
port: 8787
ingress:
enabled: true
annotations: {
kubernetes.io/ingress.class: "nginx",
nginx.ingress.kubernetes.io/proxy-body-size: "0"
}
path: /
hosts:
- name: analysis.dev.molgenis.org
tls: []
nodeSelector: {}
tolerations: []
affinity: {}

View File

@ -0,0 +1,21 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj

12
charts/website/Chart.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: v1
appVersion: "1.0"
description: MOLGENIS Helm chart for OpenCPU
name: molgenis-website
version: 0.0.1
sources:
- https://github.com/molgenis/molgenis-ops-docker-helm.git
icon: https://raw.githubusercontent.com/molgenis/molgenis-ops-docker-helm/master/charts/molgenis-website/catalog-molgenis-website.svg
home: https://www.molgenis.org
maintainers:
- name: sidohaakma
- name: fdlk