commit aa671d7c8d01a0fd784261d63a6e747445f82fa6 Author: marcsello Date: Tue Apr 20 00:36:44 2021 +0200 Initial commit diff --git a/.helmignore b/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/Chart.yaml b/Chart.yaml new file mode 100644 index 0000000..f6dc61f --- /dev/null +++ b/Chart.yaml @@ -0,0 +1,21 @@ +apiVersion: v2 +name: ursim +description: A Helm chart for the ursim project + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 0.1.0 diff --git a/templates/job_orchestrator_deployment.yaml b/templates/job_orchestrator_deployment.yaml new file mode 100644 index 0000000..44e7d42 --- /dev/null +++ b/templates/job_orchestrator_deployment.yaml @@ -0,0 +1,58 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: job-orchestrator +spec: + replicas: 1 + template: + metadata: + labels: + app: job-orchestrator + spec: + serviceAccountName: job-orchestrator-account + automountServiceAccountToken: true + containers: + - name: job-orchestrator-container + image: registry.kmlabz.com/universalrobots/job_orchestrator_service + envFrom: + - configMapRef: + name: job-orchestrator-config + imagePullSecrets: + - name: regcred + + selector: + matchLabels: + app: job-orchestrator +--- +apiVersion: v1 +kind: Service +metadata: + name: job-orchestrator +spec: + selector: + app: job-orchestrator + ports: + - name: job-orchestrator + protocol: TCP + port: 80 + targetPort: 8000 +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: job-orchestrator-config +data: + SQLALCHEMY_DATABASE_URI: "postgresql://joborchestrator:joborchestratorpostgressupersecret@job-orchestrator-postgres/joborchestrator" + SENTRY_DSN: {{ .Values.jobOrchestrator.sentry_dsn }} + URSIM_CONTROL_IMAGE: "registry.kmlabz.com/universalrobots/single_ursim_control:latest" + URSIM_CONTROL_CONFIGMAP: "single-ursim-controller-config" +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: single-ursim-controller-config +data: + DRY_RUN: {{ .Values.singleURSimControl.dry_run }} + REDIS_URL: "redis://controller-redis/0" + SENTRY_DSN: {{ .Values.singleURSimControl.sentry_dsn }} diff --git a/templates/mongo_deployment.yaml b/templates/mongo_deployment.yaml new file mode 100644 index 0000000..0630dd6 --- /dev/null +++ b/templates/mongo_deployment.yaml @@ -0,0 +1,57 @@ +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: program-service-mongo-pvc +spec: + storageClassName: longhorn + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: program-service-mongo +spec: + replicas: 1 + selector: + matchLabels: + app: program-service-mongo + template: + metadata: + labels: + app: program-service-mongo + spec: + containers: + - name: program-service-mongo + image: mongo + envFrom: + - configMapRef: + name: program-service-mongo-config + volumeMounts: + - mountPath: /data/db + name: program-service-mongo-pvc +--- +apiVersion: v1 +kind: Service +metadata: + name: program-service-mongo-service +spec: + selector: + app: program-service-mongo + ports: + - name: program-service-mongo + protocol: TCP + port: 27017 + targetPort: 27017 +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: program-service-mongo-config +data: + MONGO_INITDB_ROOT_USERNAME: root + MONGO_INITDB_ROOT_PASSWORD: programservicemongosupersecret diff --git a/templates/postgresql_deployment.yaml b/templates/postgresql_deployment.yaml new file mode 100644 index 0000000..4ca5cc0 --- /dev/null +++ b/templates/postgresql_deployment.yaml @@ -0,0 +1,58 @@ +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: job-orchestrator-postgres-pvc +spec: + storageClassName: longhorn + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: job-orchestrator-postgres +spec: + replicas: 1 + selector: + matchLabels: + app: job-orchestrator-postgres + template: + metadata: + labels: + app: job-orchestrator-postgres + spec: + containers: + - name: job-orchestrator-postgres + image: postgresql:13 + envFrom: + - configMapRef: + name: job-orchestrator-postgres-config + volumeMounts: + - mountPath: /var/lib/postgresql/data + name: job-orchestrator-postgres-pvc +--- +apiVersion: v1 +kind: Service +metadata: + name: job-orchestrator-postgres-service +spec: + selector: + app: job-orchestrator-postgres + ports: + - name: job-orchestrator-postgres + protocol: TCP + port: 5432 + targetPort: 5432 +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: job-orchestrator-postgres-config +data: + POSTGRES_PASSWORD: "joborchestratorpostgressupersecret" + POSTGRES_USER: "joborchestrator" + POSTGRES_DB: "joborchestrator" diff --git a/templates/program_service_deployment.yaml b/templates/program_service_deployment.yaml new file mode 100644 index 0000000..9cdd4c3 --- /dev/null +++ b/templates/program_service_deployment.yaml @@ -0,0 +1,46 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: program-service +spec: + replicas: 2 + template: + metadata: + labels: + app: program-service + spec: + containers: + - name: program-service + image: registry.kmlabz.com/universalrobots/program_service + envFrom: + - configMapRef: + name: program-service-config + imagePullSecrets: + - name: regcred + + selector: + matchLabels: + app: job-orchestrator +--- +apiVersion: v1 +kind: Service +metadata: + name: program-service-service +spec: + selector: + app: program-service + ports: + - name: program-service + protocol: TCP + port: 80 + targetPort: 8000 +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: job-orchestrator-config +data: + MONGO_URI: "mongodb://root:programservicemongosupersecret@program-service-mongo:27017/programservice?authSource=admin" + SENTRY_DSN: {{ .Values.programService.sentry_dsn }} + diff --git a/templates/redis_deployment.yaml b/templates/redis_deployment.yaml new file mode 100644 index 0000000..cc449c9 --- /dev/null +++ b/templates/redis_deployment.yaml @@ -0,0 +1,31 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: controller-redis +spec: + replicas: 1 + selector: + matchLabels: + app: controller-redis + template: + metadata: + labels: + app: controller-redis + spec: + containers: + - name: controller-redis + image: redis +--- +apiVersion: v1 +kind: Service +metadata: + name: controller-redis-service +spec: + selector: + app: controller-redis + ports: + - name: controller-redis + protocol: TCP + port: 6390 + targetPort: 6390 diff --git a/templates/serivceaccount.yaml b/templates/serivceaccount.yaml new file mode 100644 index 0000000..b8450a6 --- /dev/null +++ b/templates/serivceaccount.yaml @@ -0,0 +1,30 @@ +--- +kind: Role +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: job-orchestrator-role +rules: + - apiGroups: [""] + resources: ["pods"] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] +--- +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: job-orchestrator-role-binding +subjects: + - kind: ServiceAccount + name: job-orchestrator-account +roleRef: + kind: Role + name: job-orchestrator-role + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: job-orchestrator-account +{{ if eq .Values.k8s.use_regcred true }} +imagePullSecrets: + - name: {{ .Values.k8s.regcred_name }} +{{ end }} diff --git a/values.yaml b/values.yaml new file mode 100644 index 0000000..db3162d --- /dev/null +++ b/values.yaml @@ -0,0 +1,10 @@ +k8s: + use_regcred: true + regcred_name: regcred +jobOrchestrator: + sentry_dsn: "" +programService: + sentry_dsn: "" +singleURSimControl: + sentry_dsn: "" + dry_run: "True"