Skip to content
Snippets Groups Projects
Commit 473bfcd3 authored by Martin Weise's avatar Martin Weise
Browse files

Resolve "Integrate the Helm chart into this repository"

parent 464c6b94
No related branches found
No related tags found
3 merge requests!235Master,!233Master,!230Resolve "Integrate the Helm chart into this repository"
Expand all Show whitespace changes
Inline Side-by-side
Showing
with 4199 additions and 0 deletions
helm-charts/dbrepo/templates/analyse-service/service.yaml 0 → 100644
+ 19
0
View file @ 473bfcd3
{{- if .Values.analyseService.enabled }}
---
apiVersion: v1
kind: Service
metadata:
name: analyse-service
namespace: {{ $.Values.namespace }}
labels:
service: analyse-service
spec:
type: ClusterIP
ports:
- name: "flask"
port: 80
targetPort: 5000
protocol: TCP
selector:
service: analyse-service
{{- end }}
helm-charts/dbrepo/templates/auth-service/configmap.yaml 0 → 100644
+ 2731
0
View file @ 473bfcd3
This diff is collapsed.
helm-charts/dbrepo/templates/auth-service/env-configmap.yaml 0 → 100644
+ 8
0
View file @ 473bfcd3
apiVersion: v1
kind: ConfigMap
metadata:
name: auth-service-config
namespace: {{ $.Values.namespace }}
data:
KC_HOSTNAME_PATH: "/api/auth"
KC_HOSTNAME_ADMIN_URL: "https://{{ .Values.hostname }}/api/auth"
\ No newline at end of file
helm-charts/dbrepo/templates/auth-service/secret.yaml 0 → 100644
+ 11
0
View file @ 473bfcd3
apiVersion: v1
kind: Secret
metadata:
name: auth-service-secret
namespace: {{ .Values.namespace }}
stringData:
db-host: "{{ index .Values "auth-db" "host" }}"
db-port: "{{ index .Values "auth-db" "port" }}"
db-name: "{{ index .Values "auth-db" "postgresql" "database" }}"
db-username: "{{ index .Values "auth-db" "postgresql" "username" }}"
db-password: "{{ index .Values "auth-db" "postgresql" "password" }}"
helm-charts/dbrepo/templates/broker-service/secret.yaml 0 → 100644
+ 87
0
View file @ 473bfcd3
---
apiVersion: v1
kind: Secret
metadata:
name: broker-service-secret
namespace: {{ .Values.namespace }}
stringData:
definitions.json: |
{
"bindings": [
{
"arguments": {},
"destination": "dbrepo",
"destination_type": "queue",
"routing_key": "dbrepo.#",
"source": "dbrepo",
"vhost": "dbrepo"
}
],
"exchanges": [
{
"arguments": {},
"auto_delete": false,
"durable": true,
"name": "dbrepo",
"type": "topic",
"vhost": "dbrepo"
}
],
"global_parameters": [],
"parameters": [],
"permissions": [
{
"configure": ".*",
"read": ".*",
"user": "broker",
"vhost": "dbrepo",
"write": ".*"
}
],
"policies": [],
"queues": [
{
"arguments": {
"x-queue-type": "quorum",
"quorum_cluster_size": "2"
},
"auto_delete": false,
"durable": true,
"name": "dbrepo",
"type": "quorum",
"vhost": "dbrepo"
}
],
"rabbit_version": "3.10.25",
"rabbitmq_version": "3.10.25",
"topic_permissions": [],
"users": [
{
"hashing_algorithm": "rabbit_password_hashing_sha256",
"limits": {},
"name": "broker",
"password_hash": "Sek6WxpX2L6UhxlwRkD0cnYAH5GbtTcCFq1yY/SCc1mAa0gB",
"tags": [
"administrator"
]
}
],
"vhosts": [
{
"limits": [],
"metadata": {
"description": "Default virtual host",
"tags": []
},
"name": "dbrepo"
}
]
}
cert.pem: |
-----BEGIN CERTIFICATE-----
MIICmzCCAYMCBgGG3GWyBTANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZkYnJlcG8wHhcNMjMwMzEzMTkxMzE3WhcNMzMwMzEzMTkxNDU3WjARMQ8wDQYDVQQDDAZkYnJlcG8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqqcdDYFZZb28M0tEJzEP77FmD/Xqioyj9zWX6VwUSOMAgmMmn8eqs9hT9T0a+q4YTo9tUW1PNbUpwprA5b4Uk04DcIajxDVMUR/PjcHytmkqwVskq9AZW/Vngdoo+8tSbuIybwe/3Vwt266hbHpDcM97a+DXcYooRl7tQWCEX7RP27wQrMD9epDQ6IgKayZg9vC9/03dsIqwH9jXQRiZlFvwiEKhX2aY7lPGBaCK414JO00K/Z49iov9TRa/IYVbSt5qwgrx6DcqsBSPwOnI6A85UGfeUEZ/7coVJiL7RvBlsllapsL9eWTbQajVh94k9Ei3sibEPbtH+U2OAM78zAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAASnN1Cuif1sdfEK2kWAURSXGJCohCROLWdKFjaeHPRaEfpbFJsgxW0Yj3nwX5O3bUlOWoTyENwnXSsXMQsqnNi+At32CKaKO8+AkhAbgQL9F0B+KeJwmYv3cUj5N/LYkJjBvZBzUZ4Ugu5dcxH0k7AktLAIwimkyEnxTNolOA3UyrGGpREr8MCKWVr10RFuOpF/0CsJNNwbHXzalO9D756EUcRWZ9VSg6QVNso0YYRKTnILWDn9hcTRnqGy3SHo3anFTqQZ+BB57YbgFWy6udC0LYRB3zdp6zNti87eu/VEymiDY/mmo1AB8Tm0b6vxFz4AKcL3ax5qS6YnZ9efSzk=
-----END CERTIFICATE-----
pubkey.pem: |
-----BEGIN RSA PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqnHQ2BWWW9vDNLRCcxD++xZg/16oqMo/c1l+lcFEjjAIJjJp/HqrPYU/U9GvquGE6PbVFtTzW1KcKawOW+FJNOA3CGo8Q1TFEfz43B8rZpKsFbJKvQGVv1Z4HaKPvLUm7iMm8Hv91cLduuoWx6Q3DPe2vg13GKKEZe7UFghF+0T9u8EKzA/XqQ0OiICmsmYPbwvf9N3bCKsB/Y10EYmZRb8IhCoV9mmO5TxgWgiuNeCTtNCv2ePYqL/U0WvyGFW0reasIK8eg3KrAUj8DpyOgPOVBn3lBGf+3KFSYi+0bwZbJZWqbC/Xlk20Go1YfeJPRIt7ImxD27R/lNjgDO/MwIDAQAB
-----END RSA PUBLIC KEY-----
\ No newline at end of file
helm-charts/dbrepo/templates/data-db/pvc.yaml 0 → 100644
+ 11
0
View file @ 473bfcd3
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: data-db-shared
spec:
storageClassName: {{ index .Values "data-db" "persistence" "sharedStorageClass" }}
accessModes:
- ReadWriteMany
resources:
requests:
storage: 10Gi
\ No newline at end of file
helm-charts/dbrepo/templates/data-service/deployment.yaml 0 → 100644
+ 165
0
View file @ 473bfcd3
{{- if .Values.dataService.enabled }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: data-service
namespace: {{ $.Values.namespace }}
labels:
app: data-service
service: data-service
spec:
replicas: {{ .Values.metadataService.replicaCount }}
strategy:
type: {{ $.Values.strategyType }}
selector:
matchLabels:
app: data-service
service: data-service
template:
metadata:
labels:
app: data-service
service: data-service
spec:
securityContext:
fsGroup: 1000
runAsUser: 1000
runAsGroup: 1000
containers:
- name: data-service
image: {{ printf "%s/%s:%s" .Values.dataService.image.registry .Values.dataService.image.repository .Values.dataService.image.tag }}
imagePullPolicy: {{ .Values.dataService.image.pullPolicy | default "IfNotPresent" }}
ports:
- containerPort: 9093
protocol: TCP
env:
- name: METADATA_DB
valueFrom:
secretKeyRef:
name: data-service-secret
key: metadata-db
- name: METADATA_HOST
valueFrom:
secretKeyRef:
name: data-service-secret
key: metadata-host
- name: METADATA_USERNAME
valueFrom:
secretKeyRef:
name: data-service-secret
key: metadata-username
- name: METADATA_PASSWORD
valueFrom:
secretKeyRef:
name: data-service-secret
key: metadata-password
- name: METADATA_JDBC_EXTRA_ARGS
valueFrom:
secretKeyRef:
name: data-service-secret
key: metadata-jdbc-extra-args
- name: SEARCH_USERNAME
valueFrom:
secretKeyRef:
name: data-service-secret
key: search-username
- name: SEARCH_PASSWORD
valueFrom:
secretKeyRef:
name: data-service-secret
key: search-password
- name: JWT_ISSUER
valueFrom:
secretKeyRef:
name: data-service-secret
key: jwt-issuer
- name: JWT_PUBKEY
valueFrom:
secretKeyRef:
name: data-service-secret
key: jwt-pubkey
- name: BROKER_USERNAME
valueFrom:
secretKeyRef:
name: data-service-secret
key: broker-username
- name: BROKER_PASSWORD
valueFrom:
secretKeyRef:
name: data-service-secret
key: broker-password
- name: MIN_CONCURRENT_CONSUMERS
valueFrom:
secretKeyRef:
name: data-service-secret
key: min-concurrent-consumers
- name: MAX_CONCURRENT_CONSUMERS
valueFrom:
secretKeyRef:
name: data-service-secret
key: max-concurrent-consumers
- name: REQUEUE_REJECTED
valueFrom:
secretKeyRef:
name: data-service-secret
key: requeue-rejected
- name: BROKER_HOST
valueFrom:
secretKeyRef:
name: data-service-secret
key: broker-host
- name: BROKER_PORT
valueFrom:
secretKeyRef:
name: data-service-secret
key: broker-port
- name: BROKER_VIRTUALHOST
valueFrom:
secretKeyRef:
name: data-service-secret
key: broker-virtualhost
- name: QUEUE_NAME
valueFrom:
secretKeyRef:
name: data-service-secret
key: queue-name
- name: EXCHANGE_NAME
valueFrom:
secretKeyRef:
name: data-service-secret
key: exchange-name
- name: ROUTING_KEY
valueFrom:
secretKeyRef:
name: data-service-secret
key: routing-key
- name: CONNECTION_TIMEOUT
valueFrom:
secretKeyRef:
name: data-service-secret
key: connection-timeout
- name: LOG_LEVEL
valueFrom:
secretKeyRef:
name: data-service-secret
key: log-level
livenessProbe:
exec:
command:
- /bin/bash
- -ec
- "curl -sSL localhost:9093/actuator/health/readiness | grep 'UP' || exit 1"
initialDelaySeconds: 120
periodSeconds: 30
readinessProbe:
exec:
command:
- /bin/bash
- -ec
- "curl -sSL localhost:9093/actuator/health/liveness | grep 'UP' || exit 1"
initialDelaySeconds: 30
periodSeconds: 30
volumeMounts: []
volumes: []
{{- end }}
helm-charts/dbrepo/templates/data-service/secret.yaml 0 → 100644
+ 31
0
View file @ 473bfcd3
{{ $pidBase := printf "https://%s/pid/" .Values.hostname }}
{{ $jwtIssuer := printf "https://%s/api/auth/realms/dbrepo" .Values.hostname }}
---
apiVersion: v1
kind: Secret
metadata:
name: data-service-secret
namespace: {{ .Values.namespace }}
stringData:
metadata-db: "{{ index .Values "metadata-db" "db" "name" }}"
metadata-host: "{{ index .Values "metadata-db" "host" }}"
metadata-username: "{{ index .Values "metadata-db" "rootUser" "user" }}"
metadata-password: "{{ index .Values "metadata-db" "rootUser" "password" }}"
metadata-jdbc-extra-args: "{{ index .Values "metadata-db" "jdbcExtraArgs" }}"
search-username: "{{ index .Values "search-db" "username" }}"
search-password: "{{ index .Values "search-db" "password" }}"
jwt-issuer: "{{ $jwtIssuer }}"
jwt-pubkey: "{{ .Values.dataService.jwt.pubkey }}"
broker-username: "{{ index .Values "broker-service" "auth" "username" }}"
broker-password: "{{ index .Values "broker-service" "auth" "password" }}"
min-concurrent-consumers: "{{ .Values.dataService.consumerConcurrentMin }}"
max-concurrent-consumers: "{{ .Values.dataService.consumerConcurrentMax }}"
requeue-rejected: "{{ .Values.dataService.requeueRejected }}"
log-level: "{{ ternary "debug" "info" .Values.dataService.image.debug }}"
broker-host: "{{ index .Values "broker-service" "host" }}"
broker-port: "{{ index .Values "broker-service" "port" }}"
broker-virtualhost: "{{ index .Values "broker-service" "virtualHost" }}"
queue-name: "{{ index .Values "broker-service" "queueName" }}"
exchange-name: "{{ index .Values "broker-service" "exchangeName" }}"
routing-key: "{{ index .Values "broker-service" "routingKey" }}"
connection-timeout: "{{ index .Values "broker-service" "connectionTimeout" }}"
\ No newline at end of file
helm-charts/dbrepo/templates/data-service/service.yaml 0 → 100644
+ 19
0
View file @ 473bfcd3
{{- if .Values.dataService.enabled }}
---
apiVersion: v1
kind: Service
metadata:
name: data-service
namespace: {{ $.Values.namespace }}
labels:
service: data-service
spec:
type: ClusterIP
ports:
- name: "data-service"
port: 80
targetPort: 9093
protocol: TCP
selector:
service: data-service
{{- end }}
helm-charts/dbrepo/templates/ingress.yaml 0 → 100644
+ 39
0
View file @ 473bfcd3
{{- if .Values.ingress.enabled }}
{{- range .Values.ingress.data }}
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: dbrepo-{{ .name }}
{{- with .annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
namespace: {{ $.Values.namespace }}
spec:
ingressClassName: nginx
{{- if .tls }}
tls:
{{- range .tls }}
- hosts:
- "{{ $.Values.hostname }}"
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .hosts }}
- host: "{{ $.Values.hostname }}"
http:
paths:
{{- range .paths }}
- path: {{ .path }}
pathType: {{ .pathType }}
backend:
service:
name: {{ .serviceName }}
port:
number: {{ .portNumber }}
{{- end}}
{{- end}}
{{- end}}
{{- end}}
\ No newline at end of file
helm-charts/dbrepo/templates/metadata-db/configmap.yaml 0 → 100644
+ 562
0
View file @ 473bfcd3
This diff is collapsed.
helm-charts/dbrepo/templates/metadata-service/deployment.yaml 0 → 100644
+ 277
0
View file @ 473bfcd3
{{- if .Values.metadataService.enabled }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: metadata-service
namespace: {{ $.Values.namespace }}
labels:
app: metadata-service
service: metadata-service
spec:
replicas: {{ .Values.metadataService.replicaCount }}
strategy:
type: {{ $.Values.strategyType }}
selector:
matchLabels:
app: metadata-service
service: metadata-service
template:
metadata:
labels:
app: metadata-service
service: metadata-service
spec:
securityContext:
fsGroup: 0
runAsUser: 0
runAsGroup: 0
containers:
- name: metadata-service
image: {{ printf "%s/%s:%s" .Values.metadataService.image.registry .Values.metadataService.image.repository .Values.metadataService.image.tag }}
imagePullPolicy: {{ .Values.metadataService.image.pullPolicy | default "IfNotPresent" }}
securityContext:
runAsUser: 1000
runAsGroup: 1000
ports:
- containerPort: 9099
protocol: TCP
env:
- name: ADMIN_MAIL
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: admin-email
- name: GATEWAY_ENDPOINT
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: gateway-endpoint
- name: WEBSITE
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: website
- name: SEARCH_USERNAME
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: search-username
- name: SEARCH_PASSWORD
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: search-password
- name: BROKER_HOST
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: broker-host
- name: BROKER_PORT
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: broker-port
- name: BROKER_ENDPOINT
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: broker-endpoint
- name: BROKER_USERNAME
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: broker-username
- name: BROKER_PASSWORD
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: broker-password
- name: SHARED_FILESYSTEM
value: /mnt/shared
- name: METADATA_DB
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: metadata-db
- name: METADATA_HOST
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: metadata-host
- name: METADATA_USERNAME
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: metadata-username
- name: METADATA_PASSWORD
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: metadata-password
- name: METADATA_JDBC_EXTRA_ARGS
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: metadata-jdbc-extra-args
- name: KEYCLOAK_HOST
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: keycloak-host
- name: KEYCLOAK_ADMIN
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: keycloak-admin
- name: KEYCLOAK_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: keycloak-admin-password
- name: JWT_ISSUER
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: jwt-issuer
- name: DATACITE_URL
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: datacite-url
- name: DATACITE_PREFIX
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: datacite-prefix
- name: DATACITE_USERNAME
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: datacite-username
- name: DATACITE_PASSWORD
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: datacite-password
- name: REPOSITORY_NAME
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: repository-name
- name: BASE_URL
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: base-url
- name: PID_BASE
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: pid-base
- name: MIN_CONCURRENT_CONSUMERS
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: min-concurrent-consumers
- name: MAX_CONCURRENT_CONSUMERS
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: max-concurrent-consumers
- name: REQUEUE_REJECTED
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: requeue-rejected
- name: BROKER_VIRTUALHOST
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: broker-virtualhost
- name: QUEUE_NAME
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: queue-name
- name: EXCHANGE_NAME
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: exchange-name
- name: ROUTING_KEY
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: routing-key
- name: CONNECTION_TIMEOUT
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: connection-timeout
- name: LOG_LEVEL
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: log-level
- name: S3_STORAGE_ENDPOINT
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: s3-storage-endpoint
- name: S3_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: s3-access-key-id
- name: S3_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: s3-secret-access-key
- name: S3_IMPORT_BUCKET
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: s3-import-bucket
- name: S3_EXPORT_BUCKET
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: s3-export-bucket
- name: MIRROR_RATE
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: mirror-rate
- name: OBTAIN_METADATA_RATE
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: obtain-metadata-rate
- name: DELETE_STALE_QUERIES_RATE
valueFrom:
secretKeyRef:
name: metadata-service-secret
key: delete-stale-queries-rate
{{- if .Values.metadataService.datacite.enabled }}
- name: spring_profiles_active
value: doi
{{- end }}
livenessProbe:
exec:
command:
- /bin/bash
- -ec
- "curl -sSL localhost:9099/actuator/health/readiness | grep 'UP' || exit 1"
initialDelaySeconds: 120
periodSeconds: 30
readinessProbe:
exec:
command:
- /bin/bash
- -ec
- "curl -sSL localhost:9099/actuator/health/liveness | grep 'UP' || exit 1"
initialDelaySeconds: 30
periodSeconds: 30
{{- end }}
helm-charts/dbrepo/templates/metadata-service/secret.yaml 0 → 100644
+ 52
0
View file @ 473bfcd3
{{ $pidBase := printf "https://%s/pid/" .Values.hostname }}
{{ $jwtIssuer := printf "https://%s/api/auth/realms/dbrepo" .Values.hostname }}
---
apiVersion: v1
kind: Secret
metadata:
name: metadata-service-secret
namespace: {{ .Values.namespace }}
stringData:
admin-email: "{{ .Values.metadataService.adminEmail }}"
base-url: "{{ .Values.hostname }}"
broker-endpoint: "{{ index .Values "broker-service" "url" }}"
broker-host: "{{ index .Values "broker-service" "host" }}"
broker-port: "{{ index .Values "broker-service" "port" }}"
gateway-endpoint: "{{ .Values.hostname }}"
website: "{{ .Values.metadataService.website }}"
search-username: "{{ index .Values "search-db" "username" }}"
search-password: "{{ index .Values "search-db" "password" }}"
broker-username: "{{ index .Values "broker-service" "auth" "username" }}"
broker-password: "{{ index .Values "broker-service" "auth" "password" }}"
log-level: "{{ ternary "trace" "info" .Values.metadataService.image.debug }}"
metadata-db: "{{ index .Values "metadata-db" "db" "name" }}"
metadata-host: "{{ index .Values "metadata-db" "host" }}"
metadata-username: "{{ index .Values "metadata-db" "rootUser" "user" }}"
metadata-password: "{{ index .Values "metadata-db" "rootUser" "password" }}"
metadata-jdbc-extra-args: "{{ index .Values "metadata-db" "jdbcExtraArgs" }}"
keycloak-host: "{{ .Values.metadataService.authService.url }}"
keycloak-admin: "{{ index .Values "auth-service" "auth" "adminUser" }}"
keycloak-admin-password: "{{ index .Values "auth-service" "auth" "adminPassword" }}"
datacite-url: "{{ .Values.metadataService.datacite.url }}"
datacite-prefix: "{{ .Values.metadataService.datacite.prefix | toString }}"
datacite-username: "{{ .Values.metadataService.datacite.username }}"
datacite-password: "{{ .Values.metadataService.datacite.password }}"
repository-name: "{{ .Values.metadataService.repositoryName }}"
pid-base: "{{ $pidBase }}"
jwt-issuer: "{{ $jwtIssuer }}"
broker-virtualhost: "{{ index .Values "broker-service" "virtualHost" }}"
queue-name: "{{ index .Values "broker-service" "queueName" }}"
exchange-name: "{{ index .Values "broker-service" "exchangeName" }}"
routing-key: "{{ index .Values "broker-service" "routingKey" }}"
connection-timeout: "{{ index .Values "broker-service" "connectionTimeout" }}"
min-concurrent-consumers: "{{ .Values.dataService.consumerConcurrentMin }}"
max-concurrent-consumers: "{{ .Values.dataService.consumerConcurrentMax }}"
requeue-rejected: "{{ .Values.dataService.requeueRejected }}"
s3-storage-endpoint: http://storage-service-s3:9000
s3-access-key-id: seaweedfsadmin
s3-secret-access-key: seaweedfsadmin
s3-import-bucket: dbrepo-upload
s3-export-bucket: dbrepo-download
mirror-rate: {{ .Values.metadataService.rates.mirror | quote }}
obtain-metadata-rate: {{ .Values.metadataService.rates.obtainMetadata | quote }}
delete-stale-queries-rate: {{ .Values.metadataService.rates.deleteStaleQueries | quote }}
helm-charts/dbrepo/templates/metadata-service/service.yaml 0 → 100644
+ 19
0
View file @ 473bfcd3
{{- if .Values.metadataService.enabled }}
---
apiVersion: v1
kind: Service
metadata:
name: metadata-service
namespace: {{ $.Values.namespace }}
labels:
service: metadata-service
spec:
type: ClusterIP
ports:
- name: "metadata-service"
port: 80
targetPort: 9099
protocol: TCP
selector:
service: metadata-service
{{- end }}
helm-charts/dbrepo/templates/networkpolicy.yaml 0 → 100644
+ 14
0
View file @ 473bfcd3
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: public
spec:
podSelector:
matchLabels:
network: public
ingress:
- from:
- podSelector:
matchLabels:
network: public
helm-charts/dbrepo/templates/search-db-dashboard/secret.yaml 0 → 100644
+ 21
0
View file @ 473bfcd3
apiVersion: v1
kind: Secret
metadata:
name: search-db-dashboard-secret
namespace: {{ $.Values.namespace }}
stringData:
opensearch_dashboards.yml: |
server:
basePath: "/admin/dashboard"
rewriteBasePath: true
ssl:
enabled: true
certificate: /usr/share/opensearch-dashboards/tls/tls.crt
key: /usr/share/opensearch-dashboards/tls/tls.key
name: log-dashboard
host: 0.0.0.0
opensearch:
ssl:
verificationMode: none
username: {{ index .Values "search-db" "username" }}
password: {{ index .Values "search-db" "password" }}
helm-charts/dbrepo/templates/search-db/certificate.yaml 0 → 100644
+ 22
0
View file @ 473bfcd3
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: search-db
namespace: {{ .Values.namespace }}
spec:
isCA: false
duration: 2160h # 90d
renewBefore: 360h # 15d
commonName: search-db
secretName: search-db-cert
privateKey:
algorithm: RSA
encoding: PKCS8
size: 2048
usages:
- server auth
- client auth
issuerRef:
name: selfsigned-cluster-issuer
kind: ClusterIssuer
group: cert-manager.io
\ No newline at end of file
helm-charts/dbrepo/templates/search-service/deployment.yaml 0 → 100644
+ 80
0
View file @ 473bfcd3
{{- if .Values.searchService.enabled }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: search-service
namespace: {{ $.Values.namespace }}
labels:
app: search-service
service: search-service
spec:
replicas: {{ .Values.metadataService.replicaCount }}
strategy:
type: {{ $.Values.strategyType }}
selector:
matchLabels:
app: search-service
service: search-service
template:
metadata:
labels:
app: search-service
service: search-service
spec:
securityContext:
fsGroup: 1000
runAsUser: 1000
runAsGroup: 1000
containers:
- name: search-service
image: {{ printf "%s/%s:%s" .Values.searchService.image.registry .Values.searchService.image.repository .Values.searchService.image.tag }}
imagePullPolicy: {{ .Values.searchService.image.pullPolicy | default "IfNotPresent" }}
ports:
- containerPort: 4000
protocol: TCP
env:
- name: OPENSEARCH_HOST
valueFrom:
secretKeyRef:
name: search-service-secret
key: opensearch-host
- name: OPENSEARCH_PORT
valueFrom:
secretKeyRef:
name: search-service-secret
key: opensearch-port
- name: OPENSEARCH_USERNAME
valueFrom:
secretKeyRef:
name: search-service-secret
key: opensearch-username
- name: OPENSEARCH_PASSWORD
valueFrom:
secretKeyRef:
name: search-service-secret
key: opensearch-password
- name: LOG_LEVEL
valueFrom:
secretKeyRef:
name: search-service-secret
key: log-level
livenessProbe:
exec:
command:
- /bin/bash
- -ec
- "curl -sSL localhost:4000/health | grep 'UP' || exit 1"
initialDelaySeconds: 120
periodSeconds: 30
readinessProbe:
exec:
command:
- /bin/bash
- -ec
- "curl -sSL localhost:4000/health | grep 'UP' || exit 1"
initialDelaySeconds: 10
periodSeconds: 30
volumeMounts: []
volumes: []
{{- end }}
helm-charts/dbrepo/templates/search-service/secret.yaml 0 → 100644
+ 12
0
View file @ 473bfcd3
---
apiVersion: v1
kind: Secret
metadata:
name: search-service-secret
namespace: {{ .Values.namespace }}
stringData:
opensearch-host: "{{ index .Values "search-db" "host" }}"
opensearch-port: "{{ index .Values "search-db" "port" }}"
opensearch-username: "{{ index .Values "search-db" "username" }}"
opensearch-password: "{{ index .Values "search-db" "password" }}"
log-level: "{{ ternary "DEBUG" "INFO" .Values.searchService.image.debug }}"
helm-charts/dbrepo/templates/search-service/service.yaml 0 → 100644
+ 19
0
View file @ 473bfcd3
{{- if .Values.searchService.enabled }}
---
apiVersion: v1
kind: Service
metadata:
name: search-service
namespace: {{ $.Values.namespace }}
labels:
service: search-service
spec:
type: ClusterIP
ports:
- name: "search-service"
port: 80
targetPort: 4000
protocol: TCP
selector:
service: search-service
{{- end }}
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment