diff --git a/charts/ocis/README.md b/charts/ocis/README.md index 3174f16c6..07d4f6692 100644 --- a/charts/ocis/README.md +++ b/charts/ocis/README.md @@ -46,77 +46,70 @@ All release can be breaking during Tech Preview, see [oCIS Tech Preview](https:/ ## Configuration -| Parameter | Description | Default | -| ---------------------------------------------------------- | ---------------------------------------------------------------- | ------------------------------------ | -| `deploymentStrategy` | Deployment strategy | `{ "type": "RollingUpdate" }` | -| `externalDomain` | Domain where oCIS is reachable for the outside world | `ocis.owncloud.test` | -| `extraLabels` | Custom labels for all manifests | `{}` | -| `extraResources` | Extra resources to be included | `[]` | -| `image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `image.repository` | Image repository | `owncloud/ocis` | -| `image.sha` | Image sha (optional) | `` | -| `image.tag` | Image tag | `1.17.0` | -| `ingress.annotations` | Ingress annotations (values are templated) | `{}` | -| `ingress.enabled` | Enables Ingress | `false` | -| `ingress.labels` | Custom labels | `{}` | -| `ingress.tls` | Ingress TLS configuration | `[]` | -| `logging.color` | Log in color | `false` | -| `logging.level` | Log level | `error` | -| `logging.pretty` | Log json or human friendly | `false` | -| `replicas` | Number of nodes | `1` | -| `resources` | CPU/Memory resource requests/limits | `{}` | -| `secrets.jwt` | JWT secret | `replace-me-with-a-real-secret-123` | -| `secrets.machineAuth` | machine auth secret for internal service communication | `replace-me-with-a-real-secret-456` | -| `secrets.transfer` | JWT secret for up- and downloads | `replace-me-with-a-real-secret-789` | -| `settings.persistence.accessModes` | settings service: Persistence access modes | `[ReadWritMany]` | -| `settings.persistence.annotations` | settings service: PersistentVolumeClaim annotations | `{}` | -| `settings.persistence.enabled` | settings service: Use persistent volume to store data | `false` | -| `settings.persistence.existingClaim` | settings service: Use an existing PVC to persist data | `nil` | -| `settings.persistence.finalizers` | settings service: PersistentVolumeClaim finalizers | `[ "kubernetes.io/pvc-protection" ]` | -| `settings.persistence.size` | settings service: Size of persistent volume claim | `5Gi` | -| `settings.persistence.storageClassName` | settings service: Type of persistent volume claim | `nil` | -| `storageMetadata.persistence.accessModes` | metadata storage service: Persistence access modes | `[ReadWritMany]` | -| `storageMetadata.persistence.annotations` | metadata storage service: PersistentVolumeClaim annotations | `{}` | -| `storageMetadata.persistence.enabled` | metadata storage service: Use persistent volume to store data | `false` | -| `storageMetadata.persistence.existingClaim` | metadata storage service: Use an existing PVC to persist data | `nil` | -| `storageMetadata.persistence.finalizers` | metadata storage service: PersistentVolumeClaim finalizers | `[ "kubernetes.io/pvc-protection" ]` | -| `storageMetadata.persistence.size` | metadata storage service: Size of persistent volume claim | `5Gi` | -| `storageMetadata.persistence.storageClassName` | metadata storage service: Type of persistent volume claim | `nil` | -| `storageSharing.persistence.accessModes` | sharing service: Persistence access modes | `[ReadWritMany]` | -| `storageSharing.persistence.annotations` | sharing service: PersistentVolumeClaim annotations | `{}` | -| `storageSharing.persistence.enabled` | sharing service: Use persistent volume to store data | `false` | -| `storageSharing.persistence.existingClaim` | sharing service: Use an existing PVC to persist data | `nil` | -| `storageSharing.persistence.finalizers` | sharing service: PersistentVolumeClaim finalizers | `[ "kubernetes.io/pvc-protection" ]` | -| `storageSharing.persistence.size` | sharing service: Size of persistent volume claim | `5Gi` | -| `storageSharing.persistence.storageClassName` | sharing service: Type of persistent volume claim | `nil` | -| `storageUsers.persistence.accessModes` | users storage service: Persistence access modes | `[ReadWritMany]` | -| `storageUsers.persistence.annotations` | users storage service: PersistentVolumeClaim annotations | `{}` | -| `storageUsers.persistence.enabled` | users storage service: Use persistent volume to store data | `false` | -| `storageUsers.persistence.existingClaim` | users storage service: Use an existing PVC to persist data | `nil` | -| `storageUsers.persistence.finalizers` | users storage service: PersistentVolumeClaim finalizers | `[ "kubernetes.io/pvc-protection" ]` | -| `storageUsers.persistence.size` | users storage service: Size of persistent volume claim | `50Gi` | -| `storageUsers.persistence.storageClassName` | users storage service: Type of persistent volume claim | `nil` | -| `storageUsers.storageBackend.driver:` | users storage: Storage backend driver | `ocis` | -| `storageUsers.storageBackend.driverConfig.s3ng.accessKey:` | users storage: S3ng Storage backend driver S3 access key | `lorem-ipsum` | -| `storageUsers.storageBackend.driverConfig.s3ng.bucket:` | users storage: S3ng Storage backend driver S3 bucket | `example-bucket` | -| `storageUsers.storageBackend.driverConfig.s3ng.endpoint:` | users storage: S3ng Storage backend driver S3 endpoint | `https://localhost:1234` | -| `storageUsers.storageBackend.driverConfig.s3ng.region:` | users storage: S3ng Storage backend driver S3 region | `default` | ` | -| `storageUsers.storageBackend.driverConfig.s3ng.secretKey:` | users storage: S3ng Storage backend driver S3 secret key | `lorem-ipsum` | -| `store.persistence.accessModes` | store service: Persistence access modes | `[ReadWritMany]` | -| `store.persistence.annotations` | store service: PersistentVolumeClaim annotations | `{}` | -| `store.persistence.enabled` | store service: Use persistent volume to store data | `false` | -| `store.persistence.existingClaim` | store service: Use an existing PVC to persist data | `nil` | -| `store.persistence.finalizers` | store service: PersistentVolumeClaim finalizers | `[ "kubernetes.io/pvc-protection" ]` | -| `store.persistence.size` | store service: Size of persistent volume claim | `5Gi` | -| `store.persistence.storageClassName` | store service: Type of persistent volume claim | `nil` | -| `thumbnails.persistence.accessModes` | thumbnails service: Persistence access modes | `[ReadWritMany]` | -| `thumbnails.persistence.annotations` | thumbnails service: PersistentVolumeClaim annotations | `{}` | -| `thumbnails.persistence.enabled` | thumbnails service: Use persistent volume to store data | `false` | -| `thumbnails.persistence.existingClaim` | thumbnails service: Use an existing PVC to persist data | `nil` | -| `thumbnails.persistence.finalizers` | thumbnails service: PersistentVolumeClaim finalizers | `[ "kubernetes.io/pvc-protection" ]` | -| `thumbnails.persistence.size` | thumbnails service: Size of persistent volume claim | `10Gi` | -| `thumbnails.persistence.storageClassName` | thumbnails service: Type of persistent volume claim | `nil` | -| ----------------------------------- | ---------------------------------------------------------------- | ------------------------------------ | +| Parameter | Description | Default | +| ---------------------------------------------------------- | ---------------------------------------------------------------- | ------------------------------------------------------------------ | +| `deploymentStrategy` | Deployment strategy | `{ "type": "RollingUpdate" }` | +| `externalDomain` | Domain where oCIS is reachable for the outside world | `ocis.owncloud.test` | +| `extraLabels` | Custom labels for all manifests | `{}` | +| `extraResources` | Extra resources to be included | `[]` | +| `image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `image.repository` | Image repository | `owncloud/ocis` | +| `image.sha` | Image sha (optional) | `a49a106802ebe44e1cfdc04ca71661be104d87224f0e6fd8e2477bc3bb078b92` | +| `image.tag` | Image tag | `latest` | +| `ingress.annotations` | Ingress annotations (values are templated) | `{}` | +| `ingress.enabled` | Enables Ingress | `false` | +| `ingress.labels` | Custom labels | `{}` | +| `ingress.tls` | Ingress TLS configuration | `[]` | +| `logging.color` | Log in color | `false` | +| `logging.level` | Log level | `error` | +| `logging.pretty` | Log json or human friendly | `false` | +| `replicas` | Number of nodes | `1` | +| `resources` | CPU/Memory resource requests/limits | `{}` | +| `secrets.jwt` | JWT secret | `replace-me-with-a-real-secret-123` | +| `secrets.machineAuth` | machine auth secret for internal service communication | `replace-me-with-a-real-secret-456` | +| `secrets.transfer` | JWT secret for up- and downloads | `replace-me-with-a-real-secret-789` | +| `storageMetadata.persistence.accessModes` | metadata storage service: Persistence access modes | `[ReadWritMany]` | +| `storageMetadata.persistence.annotations` | metadata storage service: PersistentVolumeClaim annotations | `{}` | +| `storageMetadata.persistence.enabled` | metadata storage service: Use persistent volume to store data | `false` | +| `storageMetadata.persistence.existingClaim` | metadata storage service: Use an existing PVC to persist data | `nil` | +| `storageMetadata.persistence.finalizers` | metadata storage service: PersistentVolumeClaim finalizers | `[ "kubernetes.io/pvc-protection" ]` | +| `storageMetadata.persistence.size` | metadata storage service: Size of persistent volume claim | `5Gi` | +| `storageMetadata.persistence.storageClassName` | metadata storage service: Type of persistent volume claim | `nil` | +| `storageSharing.persistence.accessModes` | sharing service: Persistence access modes | `[ReadWritMany]` | +| `storageSharing.persistence.annotations` | sharing service: PersistentVolumeClaim annotations | `{}` | +| `storageSharing.persistence.enabled` | sharing service: Use persistent volume to store data | `false` | +| `storageSharing.persistence.existingClaim` | sharing service: Use an existing PVC to persist data | `nil` | +| `storageSharing.persistence.finalizers` | sharing service: PersistentVolumeClaim finalizers | `[ "kubernetes.io/pvc-protection" ]` | +| `storageSharing.persistence.size` | sharing service: Size of persistent volume claim | `5Gi` | +| `storageSharing.persistence.storageClassName` | sharing service: Type of persistent volume claim | `nil` | +| `storageUsers.persistence.accessModes` | users storage service: Persistence access modes | `[ReadWritMany]` | +| `storageUsers.persistence.annotations` | users storage service: PersistentVolumeClaim annotations | `{}` | +| `storageUsers.persistence.enabled` | users storage service: Use persistent volume to store data | `false` | +| `storageUsers.persistence.existingClaim` | users storage service: Use an existing PVC to persist data | `nil` | +| `storageUsers.persistence.finalizers` | users storage service: PersistentVolumeClaim finalizers | `[ "kubernetes.io/pvc-protection" ]` | +| `storageUsers.persistence.size` | users storage service: Size of persistent volume claim | `50Gi` | +| `storageUsers.persistence.storageClassName` | users storage service: Type of persistent volume claim | `nil` | +| `storageUsers.storageBackend.driver:` | users storage: Storage backend driver | `ocis` | +| `storageUsers.storageBackend.driverConfig.s3ng.accessKey:` | users storage: S3ng Storage backend driver S3 access key | `lorem-ipsum` | +| `storageUsers.storageBackend.driverConfig.s3ng.bucket:` | users storage: S3ng Storage backend driver S3 bucket | `example-bucket` | +| `storageUsers.storageBackend.driverConfig.s3ng.endpoint:` | users storage: S3ng Storage backend driver S3 endpoint | `https://localhost:1234` | +| `storageUsers.storageBackend.driverConfig.s3ng.region:` | users storage: S3ng Storage backend driver S3 region | `default` | ` | +| `storageUsers.storageBackend.driverConfig.s3ng.secretKey:` | users storage: S3ng Storage backend driver S3 secret key | `lorem-ipsum` | +| `store.persistence.accessModes` | store service: Persistence access modes | `[ReadWritMany]` | +| `store.persistence.annotations` | store service: PersistentVolumeClaim annotations | `{}` | +| `store.persistence.enabled` | store service: Use persistent volume to store data | `false` | +| `store.persistence.existingClaim` | store service: Use an existing PVC to persist data | `nil` | +| `store.persistence.finalizers` | store service: PersistentVolumeClaim finalizers | `[ "kubernetes.io/pvc-protection" ]` | +| `store.persistence.size` | store service: Size of persistent volume claim | `5Gi` | +| `store.persistence.storageClassName` | store service: Type of persistent volume claim | `nil` | +| `thumbnails.persistence.accessModes` | thumbnails service: Persistence access modes | `[ReadWritMany]` | +| `thumbnails.persistence.annotations` | thumbnails service: PersistentVolumeClaim annotations | `{}` | +| `thumbnails.persistence.enabled` | thumbnails service: Use persistent volume to store data | `false` | +| `thumbnails.persistence.existingClaim` | thumbnails service: Use an existing PVC to persist data | `nil` | +| `thumbnails.persistence.finalizers` | thumbnails service: PersistentVolumeClaim finalizers | `[ "kubernetes.io/pvc-protection" ]` | +| `thumbnails.persistence.size` | thumbnails service: Size of persistent volume claim | `10Gi` | +| `thumbnails.persistence.storageClassName` | thumbnails service: Type of persistent volume claim | `nil` | +| ----------------------------------- | ---------------------------------------------------------------- | ------------------------------------ | diff --git a/charts/ocis/templates/settings/deployment.yaml b/charts/ocis/templates/settings/deployment.yaml index 2657707a3..1cbed1faa 100644 --- a/charts/ocis/templates/settings/deployment.yaml +++ b/charts/ocis/templates/settings/deployment.yaml @@ -9,7 +9,9 @@ spec: selector: matchLabels: app: settings - replicas: 1 #TODO: https://github.com/owncloud/ocis-charts/issues/12 + {{- if and (not .Values.autoscaling.enabled) (.Values.replicas) }} + replicas: {{ .Values.replicas }} + {{- end }} {{- if .Values.deploymentStrategy }} strategy: {{ toYaml .Values.deploymentStrategy | nindent 4 }} {{ end }} @@ -18,18 +20,6 @@ spec: labels: app: settings spec: - {{- if $.Values.settings.persistence.enabled }} - initContainers: - - name: init-chown-data - image: busybox - securityContext: - runAsNonRoot: false - runAsUser: 0 - command: ["chown", "-R", "1000:1000", "/var/lib/ocis"] - volumeMounts: - - name: settings-data - mountPath: /var/lib/ocis - {{ end }} containers: - name: settings {{- if .Values.image.sha }} @@ -56,20 +46,19 @@ spec: - name: SETTINGS_GRPC_ADDR value: 0.0.0.0:9191 + - name: SETTINGS_STORE_TYPE + value: metadata + - name: STORAGE_GATEWAY_GRPC_ADDR + value: storage-gateway:9142 + - name: STORAGE_GRPC_ADDR + value: storage-metadata:9215 + + - name: OCIS_MACHINE_AUTH_API_KEY + value: "{{ $.Values.secrets.machineAuth }}" + - name: SETTINGS_JWT_SECRET value: "{{ $.Values.secrets.jwt }}" resources: {{ toYaml .Values.resources | nindent 12 }} ports: - containerPort: 9190 # HTTP - containerPort: 9191 # GRPC - {{- if $.Values.settings.persistence.enabled }} - volumeMounts: - - name: settings-data - mountPath: /var/lib/ocis - {{ end }} - {{- if $.Values.settings.persistence.enabled }} - volumes: - - name: settings-data - persistentVolumeClaim: - claimName: settings-data - {{ end }} diff --git a/charts/ocis/templates/settings/hpa.yaml b/charts/ocis/templates/settings/hpa.yaml new file mode 100644 index 000000000..7bdfde0ae --- /dev/null +++ b/charts/ocis/templates/settings/hpa.yaml @@ -0,0 +1,28 @@ + +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2beta1 +kind: HorizontalPodAutoscaler +metadata: + name: settings + namespace: {{ $.Release.Namespace }} + labels: + {{- include "ocis.labels" . | nindent 4 }} +{{- if $.Values.ingress.labels }} +{{ toYaml $.Values.ingress.labels | indent 4 }} +{{- end }} + {{- if $.Values.ingress.annotations }} + annotations: + {{- range $key, $value := $.Values.ingress.annotations }} + {{ $key }}: {{ tpl $value $ | quote }} + {{- end }} + {{- end }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: settings + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: +{{ toYaml .Values.autoscaling.metrics | indent 4 }} +{{- end }} diff --git a/charts/ocis/templates/settings/pvc.yaml b/charts/ocis/templates/settings/pvc.yaml deleted file mode 100644 index ec7eb35a7..000000000 --- a/charts/ocis/templates/settings/pvc.yaml +++ /dev/null @@ -1,33 +0,0 @@ -{{- if and .Values.settings.persistence.enabled (not .Values.settings.persistence.existingClaim)}} -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: settings-data - namespace: {{ $.Release.Namespace }} - labels: - {{- include "ocis.labels" . | nindent 4 }} - {{- with .Values.settings.persistence.annotations }} - annotations: -{{ toYaml . | indent 4 }} - {{- end }} - {{- with .Values.settings.persistence.finalizers }} - finalizers: -{{ toYaml . | indent 4 }} - {{- end }} -spec: - accessModes: - {{- range .Values.settings.persistence.accessModes }} - - {{ . | quote }} - {{- end }} - resources: - requests: - storage: {{ .Values.settings.persistence.size | quote }} - {{- if .Values.settings.persistence.storageClassName }} - storageClassName: {{ .Values.settings.persistence.storageClassName }} - {{- end -}} - {{- with .Values.settings.persistence.selectorLabels }} - selector: - matchLabels: -{{ toYaml . | indent 6 }} - {{- end }} -{{- end -}} diff --git a/charts/ocis/values.yaml b/charts/ocis/values.yaml index 78edb12d7..2bd3f32cb 100644 --- a/charts/ocis/values.yaml +++ b/charts/ocis/values.yaml @@ -1,7 +1,7 @@ image: repository: owncloud/ocis - tag: "1.17.0" - sha: "" + tag: "latest" + sha: "a49a106802ebe44e1cfdc04ca71661be104d87224f0e6fd8e2477bc3bb078b92" pullPolicy: IfNotPresent logging: @@ -100,20 +100,6 @@ store: selectorLabels: {} # existingClaim: -settings: - #TODO: https://github.com/owncloud/ocis-charts/issues/13 - persistence: - enabled: false - # storageClassName: default - accessModes: - - ReadWriteMany - size: 5Gi - annotations: {} - finalizers: - - kubernetes.io/pvc-protection - selectorLabels: {} - # existingClaim: - thumbnails: persistence: enabled: false