From commits-return-4891-archive-asf-public=cust-asf.ponee.io@openwhisk.apache.org Tue Jun 5 21:52:44 2018 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx-eu-01.ponee.io (Postfix) with SMTP id 07FFA180625 for ; Tue, 5 Jun 2018 21:52:42 +0200 (CEST) Received: (qmail 5855 invoked by uid 500); 5 Jun 2018 19:52:42 -0000 Mailing-List: contact commits-help@openwhisk.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@openwhisk.apache.org Delivered-To: mailing list commits@openwhisk.apache.org Received: (qmail 5846 invoked by uid 99); 5 Jun 2018 19:52:42 -0000 Received: from ec2-52-202-80-70.compute-1.amazonaws.com (HELO gitbox.apache.org) (52.202.80.70) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 05 Jun 2018 19:52:42 +0000 Received: by gitbox.apache.org (ASF Mail Server at gitbox.apache.org, from userid 33) id 7D25682A2F; Tue, 5 Jun 2018 19:52:41 +0000 (UTC) Date: Tue, 05 Jun 2018 19:52:41 +0000 To: "commits@openwhisk.apache.org" Subject: [incubator-openwhisk-deploy-kube] branch master updated: Helm: Enhance pod configuration (#210) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Message-ID: <152822836125.8524.2537567175350390740@gitbox.apache.org> From: csantanapr@apache.org X-Git-Host: gitbox.apache.org X-Git-Repo: incubator-openwhisk-deploy-kube X-Git-Refname: refs/heads/master X-Git-Reftype: branch X-Git-Oldrev: 78f83818139e2fc59cda811af4188177a40c144b X-Git-Newrev: 65a9b3d11449f0c1d02d139f621936f110f0b995 X-Git-Rev: 65a9b3d11449f0c1d02d139f621936f110f0b995 X-Git-NotificationType: ref_changed_plus_diff X-Git-Multimail-Version: 1.5.dev Auto-Submitted: auto-generated This is an automated email from the ASF dual-hosted git repository. csantanapr pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/incubator-openwhisk-deploy-kube.git The following commit(s) were added to refs/heads/master by this push: new 65a9b3d Helm: Enhance pod configuration (#210) 65a9b3d is described below commit 65a9b3d11449f0c1d02d139f621936f110f0b995 Author: David Grove AuthorDate: Tue Jun 5 15:52:28 2018 -0400 Helm: Enhance pod configuration (#210) Take a pass through all the helm yaml files to align pod environment variables and configuration with the upstream project and to move all authorization names/passwords into Kubernetes secrets. Enhance templates/NOTES.txt to print out the exact wsk cli command to issue to correctly set the apihost property to connect to this instance. Split redis/apigateway into their own pods to enable separate scaling Add support for persistent volumes to zookeeper, kafka, couchdb, and redis pods using dynamic volume provisioning. --- helm/Chart.yaml | 2 +- helm/README.md | 8 +- helm/ingress.md | 12 ++- helm/templates/NOTES.txt | 4 + helm/templates/_helpers.tpl | 15 +++- .../{_helpersInvoker.tpl => _invokerHelpers.tpl} | 16 ++++ helm/templates/apigateway.yaml | 10 +-- .../{cluster_config.yaml => authSecrets.yaml} | 24 ++++-- helm/templates/controller.yaml | 33 ++++---- helm/templates/couchdb.yaml | 74 ++++++----------- ...all_catalog_job.yaml => installCatalogJob.yaml} | 6 +- ...routemgmt_job.yaml => installRouteMgmtJob.yaml} | 6 +- helm/templates/invoker.yaml | 31 +++++--- helm/templates/kafka.yaml | 30 +++++++ .../{nginx_configmap.yaml => nginxConfigMap.yaml} | 2 +- .../{nginx_secret.yaml => nginxSecret.yaml} | 0 helm/templates/redis.yaml | 93 ++++++++++++++++++++++ helm/templates/zookeeper.yaml | 53 ++++++++++++ helm/values.yaml | 71 ++++++++++++++--- tools/travis/build-helm.sh | 3 +- 20 files changed, 373 insertions(+), 120 deletions(-) diff --git a/helm/Chart.yaml b/helm/Chart.yaml index 889345c..5923669 100644 --- a/helm/Chart.yaml +++ b/helm/Chart.yaml @@ -3,7 +3,7 @@ apiVersion: v1 description: A Helm chart to deploy Apache OpenWhisk for Kubernetes -name: openwhisk +name: Apache OpenWhisk version: 0.1.0 keywords: - Apache OpenWhisk diff --git a/helm/README.md b/helm/README.md index 83383aa..5aac4bb 100644 --- a/helm/README.md +++ b/helm/README.md @@ -89,7 +89,8 @@ file appropriate for a minikube cluster where `minikube ip` returns whisk: ingress: type: NodePort - api_host: 192.168.99.100:31001 + api_host_name: 192.168.99.100 + api_host_port: 31001 nginx: httpsNodePort: 31001 @@ -112,9 +113,10 @@ kubectl get pods -n openwhisk Configure the OpenWhisk CLI, wsk, by setting the auth and apihost properties (if you don't already have the wsk cli, follow the instructions [here](https://github.com/apache/incubator-openwhisk-cli) -to get it). +to get it). Replace `whisk.ingress.api_host_name` and `whisk.ingress.api_host_port` +with the actual values from your mycluster.yaml. ```shell -wsk property set --apihost +wsk property set --apihost whisk.ingress.api_host_name:whisk.ingress.api_host_port wsk property set --auth 23bc46b1-71f6-4ed5-8c54-816aa4f8c502:123zO3xZCLrMN6v2BKK1dXYFpXlPkccOFqm12CdAsMgRU4VrNZ9lyGVCGuMDGIwP ``` diff --git a/helm/ingress.md b/helm/ingress.md index ce3459a..e28cec1 100644 --- a/helm/ingress.md +++ b/helm/ingress.md @@ -25,7 +25,8 @@ are going to deploy available outside of your Kubernetes cluster. When you select an ingress method, you are determining what values to use for the `whisk.ingress` stanza of your `mycluster.yaml` file that you will use in the `helm install` command. You will need to define -values for at least `whisk.ingress.type` and `whisk.ingress.api_host`. +values for at least `whisk.ingress.type` and `whisk.ingress.api_host_name` +and `whisk.ingress.api_host_port`. Unfortunately, the exact details of configuring an Ingress vary across cloud providers. The detailed instructions @@ -63,7 +64,8 @@ Next pick an unassigned port (eg 31001) and define mycluster.yaml as whisk: ingress: type: NodePort - api_host: 192.168.99.100:31001 + api_host_name: 192.168.99.100 + api_host_port: 31001 nginx: httpsNodePort: 31001 @@ -85,7 +87,8 @@ Then define mycluster.yaml as whisk: ingress: type: NodePort - api_host: YOUR_WORKERS_PUBLIC_IP_ADDR:31001 + api_host_name: YOUR_WORKERS_PUBLIC_IP_ADDR + api_host_port: 31001 nginx: httpsNodePort: 31001 @@ -123,7 +126,8 @@ whisk: type: ibm.standard ibmdomain: ibmtlssecret: - api_host: + api_host_name: + api_host_port: 443 ``` ## Other cloud providers diff --git a/helm/templates/NOTES.txt b/helm/templates/NOTES.txt index 29863d3..8f85ea9 100644 --- a/helm/templates/NOTES.txt +++ b/helm/templates/NOTES.txt @@ -1,5 +1,9 @@ Thank you for installing {{ .Chart.Name }}. +To configure your wsk cli to connect to it, set the apihost property +using the command below: + $ wsk property set --apihost {{ .Values.whisk.ingress.api_host_name -}}:{{- .Values.whisk.ingress.api_host_port }} + Your release is named {{ .Release.Name }}. To learn more about the release, try: diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl index ddffc1a..c386a31 100644 --- a/helm/templates/_helpers.tpl +++ b/helm/templates/_helpers.tpl @@ -21,6 +21,11 @@ {{ .Values.kafka.name }}.{{ .Release.Namespace }}.svc.cluster.local {{- end -}} +{{/* hostname for redis */}} +{{- define "redis_host" -}} +{{ .Values.redis.name }}.{{ .Release.Namespace }}.svc.cluster.local +{{- end -}} + {{/* hostname for zookeeper */}} {{- define "zookeeper_host" -}} {{ .Values.zookeeper.name }}.{{ .Release.Namespace }}.svc.cluster.local @@ -34,9 +39,15 @@ {{/* Environment variables required for accessing CouchDB from a pod */}} {{- define "whisk.dbEnvVars" -}} - name: "CONFIG_whisk_couchdb_username" - value: {{ .Values.db.auth.username | quote }} + valueFrom: + secretKeyRef: + name: db.auth + key: db_username - name: "CONFIG_whisk_couchdb_password" - value: {{ .Values.db.auth.password | quote }} + valueFrom: + secretKeyRef: + name: db.auth + key: db_password - name: "CONFIG_whisk_couchdb_port" value: {{ .Values.db.port | quote}} - name: "CONFIG_whisk_couchdb_protocol" diff --git a/helm/templates/_helpersInvoker.tpl b/helm/templates/_invokerHelpers.tpl similarity index 61% rename from helm/templates/_helpersInvoker.tpl rename to helm/templates/_invokerHelpers.tpl index 4b14cc7..54dc13d 100644 --- a/helm/templates/_helpersInvoker.tpl +++ b/helm/templates/_invokerHelpers.tpl @@ -35,5 +35,21 @@ # action runtimes - name: "RUNTIMES_MANIFEST" value: {{ template "runtimes_manifest" . }} + - name: "DOCKER_REGISTRY" + value: {{ .Values.docker.registry.name | quote }} + - name: "DOCKER_IMAGE_PREFIX" + value: {{ .Values.docker.image.prefix | quote }} + - name: "DOCKER_IMAGE_TAG" + value: {{ .Values.docker.image.tag | quote }} + - name: "DOCKER_REGISTRY_USERNAME" + valueFrom: + secretKeyRef: + name: docker.registry.auth + key: docker_registry_username + - name: "DOCKER_REGISTRY_PASSWORD" + valueFrom: + secretKeyRef: + name: docker.registry.auth + key: docker_registry_password {{- end -}} diff --git a/helm/templates/apigateway.yaml b/helm/templates/apigateway.yaml index ba3e1eb..4632f31 100644 --- a/helm/templates/apigateway.yaml +++ b/helm/templates/apigateway.yaml @@ -42,10 +42,6 @@ spec: {{- end }} containers: - - name: redis - imagePullPolicy: {{ .Values.apigw.imagePullPolicy | quote }} - image: redis:3.2 - - name: apigateway imagePullPolicy: {{ .Values.apigw.imagePullPolicy | quote }} image: {{ .Values.apigw.image | quote }} @@ -56,8 +52,8 @@ spec: containerPort: {{ .Values.apigw.apiPort }} env: - name: "REDIS_HOST" - value: "127.0.0.1" + value: "{{ include "redis_host" . }}" - name: "REDIS_PORT" - value: "6379" + value: {{ .Values.redis.port | quote }} - name: "PUBLIC_GATEWAY_URL" - value: "https://{{ .Values.whisk.ingress.api_host }}" + value: "{{- .Values.whisk.ingress.api_host_proto -}}://{{- .Values.whisk.ingress.api_host_name -}}:{{- .Values.whisk.ingress.api_host_port -}}" diff --git a/helm/templates/cluster_config.yaml b/helm/templates/authSecrets.yaml similarity index 51% rename from helm/templates/cluster_config.yaml rename to helm/templates/authSecrets.yaml index 237edf6..b81e013 100644 --- a/helm/templates/cluster_config.yaml +++ b/helm/templates/authSecrets.yaml @@ -3,21 +3,33 @@ --- apiVersion: v1 -kind: ConfigMap +kind: Secret metadata: - name: whisk.ingress + name: whisk.auth namespace: {{ .Release.Namespace | quote }} +type: Opaque data: - api_host: {{ required "A valid api_host is required" .Values.whisk.ingress.api_host }} + system: {{ .Values.whisk.auth.system | b64enc }} + guest: {{ .Values.whisk.auth.guest | b64enc }} --- apiVersion: v1 kind: Secret metadata: - name: whisk.auth + name: db.auth namespace: {{ .Release.Namespace | quote }} type: Opaque data: - system: {{ .Values.whisk.auth.system | b64enc }} - guest: {{ .Values.whisk.auth.guest | b64enc }} + db_username: {{ .Values.db.auth.username | b64enc }} + db_password: {{ .Values.db.auth.password | b64enc }} + --- +apiVersion: v1 +kind: Secret +metadata: + name: docker.registry.auth + namespace: {{ .Release.Namespace | quote }} +type: Opaque +data: + docker_registry_username: {{ .Values.docker.registry.username | b64enc }} + docker_registry_password: {{ .Values.docker.registry.password | b64enc }} diff --git a/helm/templates/controller.yaml b/helm/templates/controller.yaml index 6261cbb..9b65c8a 100644 --- a/helm/templates/controller.yaml +++ b/helm/templates/controller.yaml @@ -69,26 +69,27 @@ spec: - name: "PORT" value: {{ .Values.controller.port | quote }} - # Loadbalancer options - - name: "LOADBALANCER_INVOKERBUSYTHRESHOLD" - value: "16" - - # action runtimes - - name: "RUNTIMES_MANIFEST" - value: {{ template "runtimes_manifest" . }} - - # this version is the day it is deployed and should be configured every time - name: "WHISK_VERSION_DATE" - value: "2017-01-01T00:00:00Z" - # the buildno should be the docker image tag to use + value: {{ dateInZone "2006-01-02-03:04:05Z" (now) "UTC"| quote }} - name: "WHISK_VERSION_BUILDNO" - value: "latest" + value: {{ .Values.whisk.versions.tag | quote }} - name: "WHISK_VERSION_NAME" - value: "" + value: {{ .Values.whisk.versions.name | quote }} # Java options - name: "JAVA_OPTS" - value: "-Xmx2g" + value: "-Xmx{{- .Values.controller.jvmHeapMB -}}M {{ .Values.controller.jvmOptions }}" + + # specific controller arguments + - name: "CONTROLLER_OPTS" + value: {{ .Values.controller.options | quote }} + + # action runtimes + - name: "RUNTIMES_MANIFEST" + value: {{ template "runtimes_manifest" . }} + + - name: "CONFIG_whisk_loadbalancer_invokerBusyThreshold" + value: {{ .Values.invoker.busyThreshold | quote }} # Kafka properties - name: "KAFKA_HOSTS" @@ -96,10 +97,6 @@ spec: - name: "KAFKA_HOST_PORT" value: {{ .Values.kafka.port | quote }} - # specific controller arguments - - name: "CONTROLLER_OPTS" - value: "" - # properties for DB connection {{ include "whisk.dbEnvVars" . | indent 8 }} diff --git a/helm/templates/couchdb.yaml b/helm/templates/couchdb.yaml index e87c46c..1c7f16b 100644 --- a/helm/templates/couchdb.yaml +++ b/helm/templates/couchdb.yaml @@ -15,50 +15,6 @@ spec: - port: {{ .Values.db.port }} name: couchdb -{{- if and .Values.db.persistence.enabled (not .Values.db.persistence.existingClaim) }} ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: couchdb-pv - labels: - type: couchdb - namespace: openwhisk -spec: - accessModes: - - {{ .Values.db.persistence.accessMode | quote }} - capacity: - storage: {{ .Values.db.persistence.size | quote }} - nfs: - path: {{ .Values.db.persistence.nfs_path }} - server: {{ .Values.db.persistence.nfs_server }} -{{- end }} - - -{{- if and .Values.db.persistence.enabled (not .Values.db.persistence.existingClaim) }} ---- -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ .Values.db.pvcName | quote }} - labels: - type: couchdb - namespace: {{ .Release.Namespace | quote }} -spec: - accessModes: - - {{ .Values.db.persistence.accessMode | quote }} - resources: - requests: - storage: {{ .Values.db.persistence.size | quote }} -{{- if .Values.db.persistence.storageClass }} -{{- if (eq "-" .Values.db.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.db.persistence.storageClass }}" -{{- end }} -{{- end }} -{{- end }} - --- apiVersion: extensions/v1beta1 kind: Deployment @@ -96,9 +52,15 @@ spec: - name: "DB_PREFIX" value: {{ .Values.db.dbPrefix | quote }} - name: "COUCHDB_USER" - value: {{ .Values.db.auth.username | quote }} + valueFrom: + secretKeyRef: + name: db.auth + key: db_username - name: "COUCHDB_PASSWORD" - value: {{ .Values.db.auth.password | quote }} + valueFrom: + secretKeyRef: + name: db.auth + key: db_password - name: "DB_PORT" value: {{ .Values.db.port | quote }} - name: "NODENAME" @@ -114,11 +76,27 @@ spec: {{- if .Values.db.persistence.enabled }} volumeMounts: - name: database-storage - mountPath: /usr/local/var/lib/couchdb + mountPath: /opt/couchdb/data {{- end }} {{- if .Values.db.persistence.enabled }} volumes: - name: database-storage persistentVolumeClaim: - claimName: couchdb-pvc + claimName: {{ .Values.db.persistence.pvcName | quote }} {{- end }} + +{{- if .Values.db.persistence.enabled }} +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ .Values.db.persistence.pvcName | quote }} + namespace: {{ .Release.Namespace | quote }} +spec: + storageClassName: {{ .Values.db.persistence.storageClass }} + accessModes: + - {{ .Values.db.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.db.persistence.size }} +{{- end }} diff --git a/helm/templates/install_catalog_job.yaml b/helm/templates/installCatalogJob.yaml similarity index 83% rename from helm/templates/install_catalog_job.yaml rename to helm/templates/installCatalogJob.yaml index fab30d0..fe5cc0b 100644 --- a/helm/templates/install_catalog_job.yaml +++ b/helm/templates/installCatalogJob.yaml @@ -27,8 +27,6 @@ spec: secretKeyRef: name: whisk.auth key: system + # poorly named envvar; actually expects full apihost (host:port) - name: "WHISK_API_HOST_NAME" - valueFrom: - configMapKeyRef: - name: whisk.ingress - key: api_host + value: "{{- .Values.whisk.ingress.api_host_name -}}:{{- .Values.whisk.ingress.api_host_port -}}" diff --git a/helm/templates/install_routemgmt_job.yaml b/helm/templates/installRouteMgmtJob.yaml similarity index 86% rename from helm/templates/install_routemgmt_job.yaml rename to helm/templates/installRouteMgmtJob.yaml index 2ef1768..a10c703 100644 --- a/helm/templates/install_routemgmt_job.yaml +++ b/helm/templates/installRouteMgmtJob.yaml @@ -27,11 +27,9 @@ spec: secretKeyRef: name: whisk.auth key: system + # poorly named envvar; actually expects full apihost (host:port) - name: "WHISK_API_HOST_NAME" - valueFrom: - configMapKeyRef: - name: whisk.ingress - key: api_host + value: "{{- .Values.whisk.ingress.api_host_name -}}:{{- .Values.whisk.ingress.api_host_port -}}" - name: "WHISK_NAMESPACE" value: {{ .Values.whisk.systemNameSpace | quote }} - name: "WHISK_API_GATEWAY_HOST_V2" diff --git a/helm/templates/invoker.yaml b/helm/templates/invoker.yaml index d1c897f..232d423 100644 --- a/helm/templates/invoker.yaml +++ b/helm/templates/invoker.yaml @@ -56,23 +56,32 @@ spec: env: - name: "PORT" value: {{ .Values.invoker.port | quote }} + + # Needed by invoker to set the environment variable __OW_API_HOST in action containers + - name: "WHISK_API_HOST_PROTO" + value: {{ .Values.whisk.ingress.api_host_proto | quote }} + - name: "WHISK_API_HOST_PORT" + value: {{ .Values.whisk.ingress.api_host_port | quote }} - name: "WHISK_API_HOST_NAME" - valueFrom: - configMapKeyRef: - name: whisk.ingress - key: api_host + value: {{ .Values.whisk.ingress.api_host_name | quote }} + - name: "INVOKER_CONTAINER_NETWORK" - value: "bridge" + value: {{ .Values.invoker.containerNetwork | quote }} - name: "CONFIG_whisk_docker_containerFactory_useRunc" - value: "false" + value: {{ .Values.invoker.containerFactory.useRunc | quote }} # Properties for invoker image - name: "DOCKER_IMAGE_PREFIX" - value: "openwhisk" + value: {{ .Values.docker.image.prefix | quote }} - name: "DOCKER_IMAGE_TAG" - value: "latest" + value: {{ .Values.docker.image.tag | quote }} - name: "DOCKER_REGISTRY" - value: "" + value: {{ .Values.docker.registry.name | quote }} + + - name: "CONFIG_whisk_containerPool_numCore" + value: {{ .Values.invoker.containerPool.numCore | quote }} + - name: "CONFIG_whisk_containerPool_coreShare" + value: {{ .Values.invoker.containerPool.coreShare | quote }} # Invoker name is the name of the node (DaemonSet) or pod (StatefulSet) - name: "INVOKER_NAME" @@ -82,7 +91,7 @@ spec: # Java options - name: "JAVA_OPTS" - value: {{ .Values.invoker.jvmOptions | quote }} + value: "-Xmx{{- .Values.invoker.jvmHeapMB -}}M {{ .Values.invoker.jvmOptions }}" # Invoker options - name: "INVOKER_OPTS" @@ -105,7 +114,7 @@ spec: # this version is the day it is deployed, - name: "WHISK_VERSION_DATE" - value: "2017-01-01T00:00:00Z" + value: {{ dateInZone "2006-01-02-03:04:05Z" (now) "UTC"| quote }} # properties for DB connection {{ include "whisk.dbEnvVars" . | indent 10 }} diff --git a/helm/templates/kafka.yaml b/helm/templates/kafka.yaml index 844a937..d8b33cf 100644 --- a/helm/templates/kafka.yaml +++ b/helm/templates/kafka.yaml @@ -27,12 +27,21 @@ spec: labels: app: {{ .Values.kafka.name | quote }} spec: + restartPolicy: {{ .Values.kafka.restartPolicy }} + {{- if .Values.affinity.enabled }} affinity: {{ include "affinity.core" . | indent 8 }} {{ include "affinity.selfAntiAffinity" ( .Values.kafka.name | quote ) | indent 8 }} {{- end }} +{{- if .Values.kafka.persistence.enabled }} + volumes: + - name: kafka-data + persistentVolumeClaim: + claimName: {{ .Values.kafka.persistence.pvcName | quote }} +{{- end }} + initContainers: {{ include "readiness.waitForZookeeper" . | indent 6 }} @@ -40,6 +49,11 @@ spec: - name: {{ .Values.kafka.name | quote }} image: {{ .Values.kafka.image | quote }} imagePullPolicy: {{ .Values.kafka.imagePullPolicy | quote }} +{{- if .Values.kafka.persistence.enabled }} + volumeMounts: + - mountPath: /kafka + name: kafka-data +{{- end }} ports: - containerPort: {{ .Values.kafka.port }} name: kafka @@ -60,3 +74,19 @@ spec: # zookeeper info - name: "KAFKA_ZOOKEEPER_CONNECT" value: "{{ include "zookeeper_host" . }}:{{ .Values.zookeeper.port }}" + +{{- if .Values.kafka.persistence.enabled }} +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ .Values.kafka.persistence.pvcName | quote }} + namespace: {{ .Release.Namespace | quote }} +spec: + storageClassName: {{ .Values.kafka.persistence.storageClass }} + accessModes: + - {{ .Values.kafka.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.kafka.persistence.size }} +{{- end }} diff --git a/helm/templates/nginx_configmap.yaml b/helm/templates/nginxConfigMap.yaml similarity index 99% rename from helm/templates/nginx_configmap.yaml rename to helm/templates/nginxConfigMap.yaml index d432df6..5246a8a 100644 --- a/helm/templates/nginx_configmap.yaml +++ b/helm/templates/nginxConfigMap.yaml @@ -34,7 +34,7 @@ data: # match namespace, note while OpenWhisk allows a richer character set for a # namespace, not all those characters are permitted in the (sub)domain name; # if namespace does not match, no vanity URL rewriting takes place. - server_name ~^(?[0-9a-zA-Z-]+)\.{{ .Values.whisk.ingress.api_host }}$; + server_name ~^(?[0-9a-zA-Z-]+)\.{{ .Values.whisk.ingress.api_host_name }}$; ssl_session_cache shared:SSL:1m; ssl_session_timeout 10m; diff --git a/helm/templates/nginx_secret.yaml b/helm/templates/nginxSecret.yaml similarity index 100% rename from helm/templates/nginx_secret.yaml rename to helm/templates/nginxSecret.yaml diff --git a/helm/templates/redis.yaml b/helm/templates/redis.yaml new file mode 100644 index 0000000..087f7a0 --- /dev/null +++ b/helm/templates/redis.yaml @@ -0,0 +1,93 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more contributor +# license agreements; and to You under the Apache License, Version 2.0. + +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.redis.name | quote }} + namespace: {{ .Release.Namespace | quote }} + labels: + name: {{ .Values.redis.name | quote }} +spec: + selector: + name: {{ .Values.redis.name | quote }} + ports: + - port: {{ .Values.redis.port }} + name: redis + +--- +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ .Values.redis.name | quote }} + namespace: {{ .Release.Namespace | quote }} + labels: + name: {{ .Values.redis.name | quote }} +spec: + replicas: {{ .Values.redis.replicaCount }} + template: + metadata: + labels: + name: {{ .Values.redis.name | quote }} + spec: + restartPolicy: {{ .Values.redis.restartPolicy }} + + {{- if .Values.affinity.enabled }} + affinity: +{{ include "affinity.core" . | indent 8 }} +{{ include "affinity.selfAntiAffinity" ( .Values.redis.name | quote ) | indent 8 }} + {{- end }} + +{{- if .Values.redis.persistence.enabled }} + volumes: + - name: redis-data + persistentVolumeClaim: + claimName: {{ .Values.redis.persistence.pvcName | quote }} +{{- end }} + +{{- if .Values.redis.persistence.enabled }} + initContainers: + - name: redis-init + image: busybox + command: + - chown + - -v + - -R + - 999:999 + - /data + volumeMounts: + - mountPath: /data + name: redis-data + readOnly: false +{{- end }} + + containers: + - name: redis + imagePullPolicy: {{ .Values.redis.imagePullPolicy | quote }} + image: {{ .Values.redis.image | quote }} +{{- if .Values.redis.persistence.enabled }} + volumeMounts: + - mountPath: /data + name: redis-data + readOnly: false +{{- end }} + ports: + - name: redis + containerPort: {{ .Values.redis.port }} + +{{- if .Values.redis.persistence.enabled }} +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ .Values.redis.persistence.pvcName | quote }} + namespace: {{ .Release.Namespace | quote }} +spec: + storageClassName: {{ .Values.redis.persistence.storageClass }} + accessModes: + - {{ .Values.redis.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.redis.persistence.size }} +{{- end }} diff --git a/helm/templates/zookeeper.yaml b/helm/templates/zookeeper.yaml index 3861d59..572b594 100644 --- a/helm/templates/zookeeper.yaml +++ b/helm/templates/zookeeper.yaml @@ -36,6 +36,16 @@ spec: spec: restartPolicy: {{ .Values.zookeeper.restartPolicy | quote }} +{{- if .Values.zookeeper.persistence.enabled }} + volumes: + - name: zk-data + persistentVolumeClaim: + claimName: "{{- .Values.zookeeper.persistence.pvcName -}}-data" + - name: zk-datalog + persistentVolumeClaim: + claimName: "{{- .Values.zookeeper.persistence.pvcName -}}-datalog" +{{- end }} + {{- if .Values.affinity.enabled }} affinity: {{ include "affinity.core" . | indent 8 }} @@ -53,3 +63,46 @@ spec: containerPort: {{ .Values.zookeeper.serverPort }} - name: leader-election containerPort: {{ .Values.zookeeper.leaderElectionPort }} +{{- if .Values.zookeeper.persistence.enabled }} + volumeMounts: + - mountPath: /data + name: zk-data + - mountPath: /datalog + name: zk-data +{{- end }} + env: +{{- if .Values.zookeeper.persistence.enabled }} + - name: "ZOO_DATA_DIR" + value: /data + - name: "ZOO_DATA_LOG_DIR" + value: /datalog +{{- end }} + +{{- if .Values.zookeeper.persistence.enabled }} +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: "{{- .Values.zookeeper.persistence.pvcName -}}-data" + namespace: {{ .Release.Namespace | quote }} +spec: + storageClassName: {{ .Values.zookeeper.persistence.storageClass }} + accessModes: + - {{ .Values.zookeeper.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.zookeeper.persistence.size }} +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: "{{- .Values.zookeeper.persistence.pvcName -}}-datalog" + namespace: {{ .Release.Namespace | quote }} +spec: + storageClassName: {{ .Values.zookeeper.persistence.storageClass }} + accessModes: + - {{ .Values.zookeeper.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.zookeeper.persistence.size }} +{{- end }} diff --git a/helm/values.yaml b/helm/values.yaml index 5944d73..4e2c19f 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -7,17 +7,31 @@ whisk: ingress: name: "ow-ingress" - # You _MUST_ provide a value for whisk.ingress.api_host when deploying the chart - api_host: nil + # You _MUST_ provide a value for whisk.ingress.api_host_name and api_host_port when deploying the chart + api_host_name: nil + api_host_port: nil + api_host_proto: "https" # Production deployments _MUST_ override these default auth values auth: system: "789c46b1-71f6-4ed5-8c54-816aa4f8c502:abczO3xZCLrMN6v2BKK1dXYFpXlPkccOFqm12CdAsMgRU4VrNZ9lyGVCGuMDGIwP" guest: "23bc46b1-71f6-4ed5-8c54-816aa4f8c502:123zO3xZCLrMN6v2BKK1dXYFpXlPkccOFqm12CdAsMgRU4VrNZ9lyGVCGuMDGIwP" versions: + name: "OpenWhisk" + tag: "latest" cli: "latest" systemNameSpace: "/whisk.system" runtimes: "runtimes.json" +# Docker registry +docker: + image: + prefix: "openwhisk" + tag: "latest" + registry: + name: "" + username: "" + password: "" + # zookeeper configurations zookeeper: name: "zookeeper" @@ -28,6 +42,12 @@ zookeeper: port: 2181 serverPort: 2888 leaderElectionPort: 3888 + persistence: + enabled: false + pvcName: zookeeper-pvc + size: 2Gi + storageClass: default + accessMode: ReadWriteOnce # kafka configurations kafka: @@ -37,11 +57,17 @@ kafka: imagePullPolicy: "IfNotPresent" restartPolicy: "Always" port: 9092 + persistence: + enabled: false + pvcName: kafka-pvc + size: 2Gi + storageClass: default + accessMode: ReadWriteOnce # Database configuration db: name: "couchdb" - image: "openwhisk/kube-couchdb" + image: "openwhisk/kube-couchdb:latest" replicaCount: 1 imagePullPolicy: "IfNotPresent" restartPolicy: "Always" @@ -59,7 +85,7 @@ db: enabled: false pvcName: couchdb-pvc size: 8Gi - storageClass: CouchDBSC + storageClass: default accessMode: ReadWriteOnce # Nginx configurations @@ -76,11 +102,14 @@ nginx: # Controller configurations controller: name: "controller" - image: "openwhisk/controller" + image: "openwhisk/controller:latest" replicaCount: 1 imagePullPolicy: "IfNotPresent" restartPolicy: "Always" port: 8080 + options: "" + jvmHeapMB: "1024" + jvmOptions: "" limits: actionsSequenceMaxlength: 50 triggersFiresPerminute: 60 @@ -91,33 +120,55 @@ controller: # Invoker configurations invoker: name: "invoker" - image: "openwhisk/invoker" + image: "openwhisk/invoker:latest" imagePullPolicy: "IfNotPresent" restartPolicy: "Always" port: 8080 - pullRuntimesImage: "openwhisk/kube-docker-pull" + pullRuntimesImage: "openwhisk/kube-docker-pull:latest" options: "" - jvmOptions: "-Xmx512M" + jvmHeapMB: "512" + jvmOptions: "" containerFactory: + useRunc: false impl: "docker" kubernetes: replicaCount: 1 agent: name: "invoker-agent" - image: "openwhisk/kube-invoker-agent" + image: "openwhisk/kube-invoker-agent:latest" enabled: false port: 3233 + containerNetwork: "bridge" + containerPool: + numcore: 2 + coreshare: 4 + busyThreshold: 8 # API Gateway configurations apigw: name: "apigateway" - image: "openwhisk/apigateway" + image: "openwhisk/apigateway:latest" replicaCount: 1 imagePullPolicy: "IfNotPresent" restartPolicy: "Always" apiPort: 9000 mgmtPort: 8080 +# Redis (used by apigatewy) +redis: + name: "redis" + image: "redis:3.2" + replicaCount: 1 + imagePullPolicy: "IfNotPresent" + restartPolicy: "Always" + port: 6379 + persistence: + enabled: false + pvcName: redis-pvc + size: 256Mi + storageClass: default + accessMode: ReadWriteOnce + # Resolve the pod/node affinity for invoker, controller and other components. affinity: enabled: true diff --git a/tools/travis/build-helm.sh b/tools/travis/build-helm.sh index cdb39a5..b4b4857 100755 --- a/tools/travis/build-helm.sh +++ b/tools/travis/build-helm.sh @@ -151,7 +151,8 @@ cat > mycluster.yaml <