diff --git a/cmd/main.go b/cmd/main.go index 98b9dfd..06b343c 100644 --- a/cmd/main.go +++ b/cmd/main.go @@ -38,7 +38,7 @@ func action() error { if len(os.Args) > 2 { args = os.Args[2:] } - internal.Start(args...) + internal.Stop(args...) case "extract": what := os.Args[2] switch what { diff --git a/cmd/oc-k8s b/cmd/oc-k8s index e2eff2b..3065191 100755 Binary files a/cmd/oc-k8s and b/cmd/oc-k8s differ diff --git a/cmd/opencloud-chart/Chart.lock b/cmd/opencloud-chart/Chart.lock index b789baf..4edfb3a 100644 --- a/cmd/opencloud-chart/Chart.lock +++ b/cmd/opencloud-chart/Chart.lock @@ -36,4 +36,4 @@ dependencies: repository: https://prometheus-community.github.io/helm-charts version: 27.45.0 digest: sha256:11c96ddd86e2857872d7dafaa48b545870bef019169b0cc1c00ed3fb9f32b9ac -generated: "2026-01-08T21:09:54.004802973+01:00" +generated: "2026-01-15T15:35:28.283016654+01:00" diff --git a/cmd/opencloud-chart/templates/hydra.yaml b/cmd/opencloud-chart/templates/hydra.yaml index 463c9b0..4eb80e9 100644 --- a/cmd/opencloud-chart/templates/hydra.yaml +++ b/cmd/opencloud-chart/templates/hydra.yaml @@ -9,10 +9,9 @@ spec: routes: - kind: Rule match: Host(`{{ .Values.host }}`) && PathPrefix(`/hydra`) - priority: 10 services: - kind: Service - name: {{ .Release.Name }}-hydra-public.{{ .Release.Namespace }} + name: {{ .Release.Name }}-hydra-public passHostHeader: true port: 4444 --- diff --git a/cmd/opencloud-chart/templates/ldapUserManager.yaml b/cmd/opencloud-chart/templates/ldapUserManager.yaml index 02fa89a..484652d 100644 --- a/cmd/opencloud-chart/templates/ldapUserManager.yaml +++ b/cmd/opencloud-chart/templates/ldapUserManager.yaml @@ -104,7 +104,6 @@ spec: routes: - kind: Rule match: Host(`{{ .Values.host }}`) && PathPrefix(`/users`) - priority: 10 services: - kind: Service name: {{ .Release.Name }}-ldap-user-manager-svc diff --git a/cmd/opencloud-chart/templates/mongo.yaml b/cmd/opencloud-chart/templates/mongo.yaml index 1c5e3d9..035942e 100644 --- a/cmd/opencloud-chart/templates/mongo.yaml +++ b/cmd/opencloud-chart/templates/mongo.yaml @@ -11,5 +11,5 @@ spec: resources: requests: storage: {{ .Values.mongodb.persistence.size }} - storageClassName: {{ .Values.mongodb.persistence.storageClass }} + storageClassName: {{ .Values.mongodb.global.storageClass }} {{- end }} diff --git a/cmd/opencloud-chart/templates/mongoExpress.yaml b/cmd/opencloud-chart/templates/mongoExpress.yaml index 7352f9a..3adec18 100644 --- a/cmd/opencloud-chart/templates/mongoExpress.yaml +++ b/cmd/opencloud-chart/templates/mongoExpress.yaml @@ -9,10 +9,9 @@ spec: routes: - kind: Rule match: Host(`{{ .Values.host }}`) && PathPrefix(`/mongoexpress`) - priority: 10 services: - kind: Service - name: {{ .Release.Name }}-mongo-express.{{ .Release.Namespace }} + name: {{ .Release.Name }}-mongo-express passHostHeader: true port: 8081 {{- end }} \ No newline at end of file diff --git a/cmd/opencloud-chart/templates/oc-front/config.yaml b/cmd/opencloud-chart/templates/oc-front/config.yaml new file mode 100644 index 0000000..76124ac --- /dev/null +++ b/cmd/opencloud-chart/templates/oc-front/config.yaml @@ -0,0 +1,18 @@ +{{- if index .Values.ocFront.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: front-config +data: + config.json: | + { + "WORKSPACE_HOST": "workspace", + "WORKFLOW_HOST": "workflow", + "CATALOG_HOST": "catalog", + "SCHEDULER_HOST": "scheduler", + "PEER_HOST": "peers", + "DATACENTER_HOST": "datacenter", + "COLLABORATIVE_AREA_HOST": "shared", + "HOST": "{{ .Values.scheme }}://{{ .Values.host }}", + } +{{- end }} \ No newline at end of file diff --git a/cmd/opencloud-chart/templates/oc-front/deployment.yaml b/cmd/opencloud-chart/templates/oc-front/deployment.yaml index 948fd23..c0ce772 100644 --- a/cmd/opencloud-chart/templates/oc-front/deployment.yaml +++ b/cmd/opencloud-chart/templates/oc-front/deployment.yaml @@ -1,4 +1,4 @@ -{{- if .Values.ocFront.enabled }} +{{- if index .Values.ocFront.enabled }} apiVersion: apps/v1 kind: Deployment metadata: @@ -6,7 +6,7 @@ metadata: app: oc-front name: {{ .Release.Name }}-oc-front spec: - replicas: {{ .Values.ocFront.replicas }} + replicas: 1 selector: matchLabels: app: oc-front @@ -30,12 +30,6 @@ spec: - name: http containerPort: 80 protocol: TCP - livenessProbe: - httpGet: - path: / - port: 80 - initialDelaySeconds: 10 - periodSeconds: 30 resources: limits: cpu: "{{ .Values.ocFront.resources.limits.cpu }}" diff --git a/cmd/opencloud-chart/templates/prometheus.yaml b/cmd/opencloud-chart/templates/prometheus.yaml index 93aa59f..a711495 100644 --- a/cmd/opencloud-chart/templates/prometheus.yaml +++ b/cmd/opencloud-chart/templates/prometheus.yaml @@ -9,10 +9,9 @@ spec: routes: - kind: Rule match: Host(`{{ .Values.host }}`) && PathPrefix(`/monitor`) - priority: 10 services: - kind: Service - name: {{ .Release.Name }}-monitor.{{ .Release.Namespace }} + name: {{ .Release.Name }}-prometheus-server passHostHeader: true - port: 9090 + port: 80 {{- end }} \ No newline at end of file diff --git a/cmd/opencloud-chart/templates/registry/docker-registry.yaml b/cmd/opencloud-chart/templates/registry/docker-registry.yaml index 08e7b7a..23b5160 100644 --- a/cmd/opencloud-chart/templates/registry/docker-registry.yaml +++ b/cmd/opencloud-chart/templates/registry/docker-registry.yaml @@ -25,7 +25,6 @@ spec: routes: - kind: Rule match: Host(`{{ .Values.registryHost }}`) - priority: 5 services: - kind: Service name: {{ .Values.env }}-docker-registry-ui-registry-server @@ -43,7 +42,6 @@ spec: routes: - kind: Rule match: Host(`{{ .Values.registryHost }}`) && PathPrefix(`/ui`) - priority: 10 services: - kind: Service name: {{ .Values.env }}-docker-registry-ui-user-interface diff --git a/cmd/opencloud-chart/templates/traefik.yaml b/cmd/opencloud-chart/templates/traefik/traefik.yaml similarity index 80% rename from cmd/opencloud-chart/templates/traefik.yaml rename to cmd/opencloud-chart/templates/traefik/traefik.yaml index 24b7c92..a17fc03 100644 --- a/cmd/opencloud-chart/templates/traefik.yaml +++ b/cmd/opencloud-chart/templates/traefik/traefik.yaml @@ -1,3 +1,4 @@ +{{- if index .Values.traefik.enabled }} apiVersion: traefik.io/v1alpha1 kind: Middleware metadata: @@ -6,3 +7,4 @@ spec: forwardAuth: address: "http://oc-auth-svc.{{ .Release.Namespace }}:8080/oc/forward" trustForwardHeader: true +{{- end }} diff --git a/cmd/opencloud-chart/tmpcharts-699769/mongodb-16.3.1.tgz b/cmd/opencloud-chart/tmpcharts-699769/mongodb-16.3.1.tgz deleted file mode 100644 index 4ae6ba9..0000000 Binary files a/cmd/opencloud-chart/tmpcharts-699769/mongodb-16.3.1.tgz and /dev/null differ diff --git a/cmd/opencloud-chart/tmpcharts-699769/nats-1.2.6.tgz b/cmd/opencloud-chart/tmpcharts-699769/nats-1.2.6.tgz deleted file mode 100644 index 5e57f29..0000000 Binary files a/cmd/opencloud-chart/tmpcharts-699769/nats-1.2.6.tgz and /dev/null differ diff --git a/cmd/opencloud-chart/tmpcharts-699769/openldap-2.0.4.tgz b/cmd/opencloud-chart/tmpcharts-699769/openldap-2.0.4.tgz deleted file mode 100644 index a9a344a..0000000 Binary files a/cmd/opencloud-chart/tmpcharts-699769/openldap-2.0.4.tgz and /dev/null differ diff --git a/cmd/opencloud-chart/tmpcharts-699769/traefik-33.0.0.tgz b/cmd/opencloud-chart/tmpcharts-699769/traefik-33.0.0.tgz deleted file mode 100644 index 62261b4..0000000 Binary files a/cmd/opencloud-chart/tmpcharts-699769/traefik-33.0.0.tgz and /dev/null differ diff --git a/cmd/opencloud-chart/tmpcharts-734773/mongo-express-6.5.2.tgz b/cmd/opencloud-chart/tmpcharts-734773/mongo-express-6.5.2.tgz deleted file mode 100644 index c389abf..0000000 Binary files a/cmd/opencloud-chart/tmpcharts-734773/mongo-express-6.5.2.tgz and /dev/null differ diff --git a/cmd/opencloud-chart/tmpcharts-734773/mongodb-16.3.1.tgz b/cmd/opencloud-chart/tmpcharts-734773/mongodb-16.3.1.tgz deleted file mode 100644 index 4ae6ba9..0000000 Binary files a/cmd/opencloud-chart/tmpcharts-734773/mongodb-16.3.1.tgz and /dev/null differ diff --git a/cmd/opencloud-chart/tmpcharts-734773/nats-1.2.6.tgz b/cmd/opencloud-chart/tmpcharts-734773/nats-1.2.6.tgz deleted file mode 100644 index 5e57f29..0000000 Binary files a/cmd/opencloud-chart/tmpcharts-734773/nats-1.2.6.tgz and /dev/null differ diff --git a/cmd/opencloud-chart/tmpcharts-734773/openldap-2.0.4.tgz b/cmd/opencloud-chart/tmpcharts-734773/openldap-2.0.4.tgz deleted file mode 100644 index a9a344a..0000000 Binary files a/cmd/opencloud-chart/tmpcharts-734773/openldap-2.0.4.tgz and /dev/null differ diff --git a/cmd/opencloud-chart/tmpcharts-734773/traefik-33.0.0.tgz b/cmd/opencloud-chart/tmpcharts-734773/traefik-33.0.0.tgz deleted file mode 100644 index 62261b4..0000000 Binary files a/cmd/opencloud-chart/tmpcharts-734773/traefik-33.0.0.tgz and /dev/null differ diff --git a/cmd/opencloud-chart/tmpcharts-760958/hydra-0.50.6.tgz b/cmd/opencloud-chart/tmpcharts-760958/hydra-0.50.6.tgz deleted file mode 100644 index b645b68..0000000 Binary files a/cmd/opencloud-chart/tmpcharts-760958/hydra-0.50.6.tgz and /dev/null differ diff --git a/cmd/opencloud-chart/tmpcharts-760958/keto-0.50.2.tgz b/cmd/opencloud-chart/tmpcharts-760958/keto-0.50.2.tgz deleted file mode 100644 index 8943b66..0000000 Binary files a/cmd/opencloud-chart/tmpcharts-760958/keto-0.50.2.tgz and /dev/null differ diff --git a/cmd/opencloud-chart/tmpcharts-760958/loki-6.23.0.tgz b/cmd/opencloud-chart/tmpcharts-760958/loki-6.23.0.tgz deleted file mode 100644 index 7c398d2..0000000 Binary files a/cmd/opencloud-chart/tmpcharts-760958/loki-6.23.0.tgz and /dev/null differ diff --git a/cmd/opencloud-chart/tmpcharts-760958/mongo-express-6.5.2.tgz b/cmd/opencloud-chart/tmpcharts-760958/mongo-express-6.5.2.tgz deleted file mode 100644 index c389abf..0000000 Binary files a/cmd/opencloud-chart/tmpcharts-760958/mongo-express-6.5.2.tgz and /dev/null differ diff --git a/cmd/opencloud-chart/tmpcharts-760958/mongodb-16.3.1.tgz b/cmd/opencloud-chart/tmpcharts-760958/mongodb-16.3.1.tgz deleted file mode 100644 index 4ae6ba9..0000000 Binary files a/cmd/opencloud-chart/tmpcharts-760958/mongodb-16.3.1.tgz and /dev/null differ diff --git a/cmd/opencloud-chart/tmpcharts-760958/nats-1.2.6.tgz b/cmd/opencloud-chart/tmpcharts-760958/nats-1.2.6.tgz deleted file mode 100644 index 5e57f29..0000000 Binary files a/cmd/opencloud-chart/tmpcharts-760958/nats-1.2.6.tgz and /dev/null differ diff --git a/cmd/opencloud-chart/tmpcharts-760958/openldap-2.0.4.tgz b/cmd/opencloud-chart/tmpcharts-760958/openldap-2.0.4.tgz deleted file mode 100644 index a9a344a..0000000 Binary files a/cmd/opencloud-chart/tmpcharts-760958/openldap-2.0.4.tgz and /dev/null differ diff --git a/cmd/opencloud-chart/tmpcharts-760958/traefik-33.0.0.tgz b/cmd/opencloud-chart/tmpcharts-760958/traefik-33.0.0.tgz deleted file mode 100644 index 62261b4..0000000 Binary files a/cmd/opencloud-chart/tmpcharts-760958/traefik-33.0.0.tgz and /dev/null differ diff --git a/cmd/opencloud-chart/values.yaml.template b/cmd/opencloud-chart/values.yaml.template index a1d9fb6..070d0d9 100644 --- a/cmd/opencloud-chart/values.yaml.template +++ b/cmd/opencloud-chart/values.yaml.template @@ -1,5 +1,6 @@ env: ${RELEASE:-prod} # For storage class provisioning -name: ${CLUSTER_NAME:-opencloud} +clusterName: ${CLUSTER_NAME:-opencloud} +hostNetwork: true host: ${HOST:-beta.opencloud.com} registryHost: ${REGISTRY_HOST:-oc} # For reverse proxy rule scheme: https # For reverse proxy rule @@ -20,8 +21,8 @@ mongo-express: mongodb: enabled: ${OC_MONGO_ENABLED:-true} global: - defaultStorageClass: ${OC_MONGO_STORAGE:-""} - storageClass: ${OC_MONGO_STORAGE:-""} + defaultStorageClass: ${OC_MONGO_STORAGE:-"standard"} + storageClass: ${OC_MONGO_STORAGE:-"standard"} architecture: standalone useStatefulSet: false auth: @@ -37,7 +38,7 @@ mongodb: enabled: true create: false # do not auto-create existingClaim: ${OC_MONGO_PVC:-mongo-pvc} - storageClassName: ${OC_MONGO_STORAGE:-""} + storageClassName: ${OC_MONGO_STORAGE:-"standard"} accessModes: - ReadWriteOnce size: ${OC_MONGO_SIZE:-5000Mi} @@ -242,7 +243,6 @@ traefik: ports: web: nodePort: 30950 - hydra: enabled: ${OC_HYDRA_ENABLED:-true} maester: @@ -287,6 +287,7 @@ loki: commonConfig: replication_factor: 1 storage: + storageClassName: standard type: filesystem filesystem: chunks_directory: /var/loki/chunks @@ -325,7 +326,7 @@ loki: enabled: false # Deactivate loki auto provisioning, rely on existing PVC accessMode: ReadWriteOnce size: ${OC_LOKI_SIZE:-1Gi} - storageClassName: ${OC_LOKI_STORAGE:-""} + storageClassName: ${OC_LOKI_STORAGE:-"standard"} create: false claimName: ${OC_LOKI_PVC:-loki-pvc} @@ -607,7 +608,8 @@ docker-registry-ui: claimName: docker-registry-pvc persistence: create: false + storageClassName: standard existingClaim: docker-registry-pvc accessMode: ReadWriteOnce storage: ${OC_DOCKER_REGISTRY_SIZE:-5Gi} - storageClassName: ${OC_DOCKER_REGISTRY_STORAGE:-""} + storageClassName: ${OC_DOCKER_REGISTRY_STORAGE:-"standard"} diff --git a/cmd/test-values.yaml b/cmd/test-values.yaml index a99e58f..3b1b477 100755 --- a/cmd/test-values.yaml +++ b/cmd/test-values.yaml @@ -1,12 +1,12 @@ -env: sqsdq # For storage class provisioning +env: test # For storage class provisioning clusterName: opencloud host: beta.opencloud.com registryHost: oc # For reverse proxy rule scheme: https # For reverse proxy rule - + mongo-express: enabled: true - mongodbServer: "sqsdq-mongodb.sqsdq" # TO LOOK AFTER + mongodbServer: "test-mongodb.test" # TO LOOK AFTER mongodbPort: 27017 mongodbEnableAdmin: true mongodbAdminUsername: admin @@ -20,8 +20,8 @@ mongo-express: mongodb: enabled: true global: - defaultStorageClass: "" - storageClass: "" + defaultStorageClass: "standard" + storageClass: "standard" architecture: standalone useStatefulSet: false auth: @@ -37,7 +37,7 @@ mongodb: enabled: true create: false # do not auto-create existingClaim: mongo-pvc - storageClassName: "" + storageClassName: "standard" accessModes: - ReadWriteOnce size: 5000Mi @@ -53,7 +53,7 @@ mongodb: enabled: true nats: - enabled: false + enabled: true extraEnv: - name: NATS_MAX_FILE_DESCRIPTORS value: "65536" @@ -78,7 +78,7 @@ nats: name: nats-jetstream openldap: - enabled: false + enabled: true test: enabled: false ltb-passwd: @@ -261,7 +261,7 @@ hydra: # consent: https://localhost-consent/consent/consent # logout: https://localhost-logout/authentication/logout self: - issuer: "http://sqsdq-hydra-public.sqsdq:4444/" + issuer: "http://test-hydra-public.test:4444/" keto: enabled: true @@ -325,7 +325,7 @@ loki: enabled: false # Deactivate loki auto provisioning, rely on existing PVC accessMode: ReadWriteOnce size: 1Gi - storageClassName: "" + storageClassName: "standard" create: false claimName: loki-pvc @@ -598,7 +598,7 @@ docker-registry-ui: ui: title: "opencloud docker registry" proxy: true - dockerRegistryUrl: "http://sqsdq-docker-registry-ui-registry-server.sqsdq.svc.cluster.local:5000" + dockerRegistryUrl: "http://test-docker-registry-ui-registry-server.test.svc.cluster.local:5000" registry: secretName: regcred enabled: true @@ -610,4 +610,4 @@ docker-registry-ui: existingClaim: docker-registry-pvc accessMode: ReadWriteOnce storage: 5Gi - storageClassName: "" + storageClassName: "standard" diff --git a/cmd/tmp.json b/cmd/tmp.json new file mode 100644 index 0000000..ff9bf82 --- /dev/null +++ b/cmd/tmp.json @@ -0,0 +1,60 @@ +{ + "apiVersion": "v1", + "kind": "Namespace", + "metadata": { + "creationTimestamp": "2026-01-14T12:21:46Z", + "deletionTimestamp": "2026-01-15T07:35:29Z", + "labels": { + "kubernetes.io/metadata.name": "test", + "name": "test" + }, + "name": "test", + "resourceVersion": "55940", + "uid": "4b990a37-71e7-44d8-9e70-cbaf10b8ed52" + }, + "spec": { + "finalizers": [ + "kubernetes" + ] + }, + "status": { + "conditions": [ + { + "lastTransitionTime": "2026-01-15T13:06:55Z", + "message": "Discovery failed for some groups, 1 failing: unable to retrieve the complete list of server APIs: metrics.k8s.io/v1beta1: stale GroupVersion discovery: metrics.k8s.io/v1beta1", + "reason": "DiscoveryFailed", + "status": "True", + "type": "NamespaceDeletionDiscoveryFailure" + }, + { + "lastTransitionTime": "2026-01-15T07:35:35Z", + "message": "All legacy kube types successfully parsed", + "reason": "ParsedGroupVersions", + "status": "False", + "type": "NamespaceDeletionGroupVersionParsingFailure" + }, + { + "lastTransitionTime": "2026-01-15T07:35:35Z", + "message": "All content successfully deleted, may be waiting on finalization", + "reason": "ContentDeleted", + "status": "False", + "type": "NamespaceDeletionContentFailure" + }, + { + "lastTransitionTime": "2026-01-15T07:36:19Z", + "message": "Some resources are remaining: oauth2clients.hydra.ory.sh has 1 resource instances", + "reason": "SomeResourcesRemain", + "status": "True", + "type": "NamespaceContentRemaining" + }, + { + "lastTransitionTime": "2026-01-15T07:36:19Z", + "message": "Some content in the namespace has finalizers remaining: finalizer.ory.hydra.sh in 1 resource instances", + "reason": "SomeFinalizersRemain", + "status": "True", + "type": "NamespaceFinalizersRemaining" + } + ], + "phase": "Terminating" + } +} diff --git a/internal/cluster.go b/internal/cluster.go index 9a32334..af4dbf1 100644 --- a/internal/cluster.go +++ b/internal/cluster.go @@ -44,7 +44,6 @@ func Delete_Cluster(args ...string) error { } func Create_Cluster(args ...string) error { - Delete_Cluster(args...) folder := "." env := "dev" if len(args) > 0 { @@ -109,5 +108,9 @@ containerdConfigPatches: if err := utils.Exec("kubectl config use-context kind-opencloud"); err != nil { return err } + + if err := utils.Exec("docker start opencloud-control-plane"); err != nil { + return err + } return nil } diff --git a/internal/func.go b/internal/func.go index aebc598..198ed99 100644 --- a/internal/func.go +++ b/internal/func.go @@ -42,6 +42,8 @@ Usage: func Start(args ...string) error { utils.Exec("sudo sysctl -w fs.inotify.max_user_instances=256") + utils.Exec("sudo sysctl -w fs.inotify.max_user_watches=65536") + utils.Exec("sudo /etc/init.d/apache2 stop") utils.Exec("sudo nginx -s stop") Create_Cluster(args...) diff --git a/internal/helm.go b/internal/helm.go index b647ce0..32a9d7b 100644 --- a/internal/helm.go +++ b/internal/helm.go @@ -53,11 +53,11 @@ func Delete_Helm(args ...string) error { func Create_Helm(args ...string) error { tmp := "./opencloud-chart" + utils.Exec("sudo rm -rf " + tmp) if err := os.MkdirAll(tmp, os.ModePerm); err != nil { fmt.Println(err) return err } - defer os.RemoveAll(tmp) ExtractTrees("assets", tmp) folder := "." @@ -77,22 +77,40 @@ func Create_Helm(args ...string) error { if len(args) > 2 { namespace = args[2] } + fmt.Println("set up helm") if err := utils.Exec("helm dependency update " + tmp); err != nil { return err } + fmt.Println("set up deps") for name, repo := range utils.ExtractRepo() { utils.Exec("helm repo add " + name + " " + repo) } if err := utils.Exec("helm dependency build " + tmp); err != nil { return err } - utils.Exec("kubectl delete sc longhorn-nor1") - if err := utils.Exec("helm install " + release + " " + tmp + " -n " + namespace + " --create-namespace -f " + folder + "/" + release + "-values.yaml --debug"); err != nil { + utils.Exec("sudo ulimit -n 1000000") + + utils.Exec("helm repo add jetstack https://charts.jetstack.io") + utils.Exec("helm repo update") + + utils.Exec("kubectl apply -f https://github.com/cert-manager/cert-manager/releases/latest/download/cert-manager.crds.yaml") + utils.Exec("helm repo add jetstack https://charts.jetstack.io") + utils.Exec("helm repo update") + utils.Exec("helm install cert-manager jetstack/cert-manager --namespace cert-manager --create-namespace --version v1.14.0") + + utils.Exec("helm install admiralty oci://public.ecr.aws/admiralty/admiralty --namespace admiralty --create-namespace --version 0.17.0 --wait") + utils.Exec("helm repo add argo https://argoproj.github.io/argo-helm") + utils.Exec("helm repo update") + utils.Exec("helm install argo-workflows argo/argo-workflows --namespace argo --create-namespace") + + if err := utils.Exec("helm upgrade --install " + release + " " + tmp + " -n " + namespace + " --create-namespace -f " + folder + "/" + release + "-values.yaml --debug"); err != nil { return err } utils.Exec("kind get kubeconfig --name " + clusterName + " > ./deployed_config") utils.Exec("kind export logs ./kind-logs") + utils.Exec("sudo rm -rf " + tmp) + return nil } diff --git a/internal/values.go b/internal/values.go index 66b4d43..6fb99d0 100644 --- a/internal/values.go +++ b/internal/values.go @@ -58,6 +58,7 @@ func generateConfig(confFile string, release string, output_folder string) error if err != nil { return err } + confs["RELEASE"] = release rendered := renderTemplate(string(content), confs) diff --git a/utils/assets/templates/hydra.yaml b/utils/assets/templates/hydra.yaml index 463c9b0..4eb80e9 100644 --- a/utils/assets/templates/hydra.yaml +++ b/utils/assets/templates/hydra.yaml @@ -9,10 +9,9 @@ spec: routes: - kind: Rule match: Host(`{{ .Values.host }}`) && PathPrefix(`/hydra`) - priority: 10 services: - kind: Service - name: {{ .Release.Name }}-hydra-public.{{ .Release.Namespace }} + name: {{ .Release.Name }}-hydra-public passHostHeader: true port: 4444 --- diff --git a/utils/assets/templates/ldapUserManager.yaml b/utils/assets/templates/ldapUserManager.yaml index 02fa89a..484652d 100644 --- a/utils/assets/templates/ldapUserManager.yaml +++ b/utils/assets/templates/ldapUserManager.yaml @@ -104,7 +104,6 @@ spec: routes: - kind: Rule match: Host(`{{ .Values.host }}`) && PathPrefix(`/users`) - priority: 10 services: - kind: Service name: {{ .Release.Name }}-ldap-user-manager-svc diff --git a/utils/assets/templates/mongo.yaml b/utils/assets/templates/mongo.yaml index 1c5e3d9..035942e 100644 --- a/utils/assets/templates/mongo.yaml +++ b/utils/assets/templates/mongo.yaml @@ -11,5 +11,5 @@ spec: resources: requests: storage: {{ .Values.mongodb.persistence.size }} - storageClassName: {{ .Values.mongodb.persistence.storageClass }} + storageClassName: {{ .Values.mongodb.global.storageClass }} {{- end }} diff --git a/utils/assets/templates/mongoExpress.yaml b/utils/assets/templates/mongoExpress.yaml index 7352f9a..3adec18 100644 --- a/utils/assets/templates/mongoExpress.yaml +++ b/utils/assets/templates/mongoExpress.yaml @@ -9,10 +9,9 @@ spec: routes: - kind: Rule match: Host(`{{ .Values.host }}`) && PathPrefix(`/mongoexpress`) - priority: 10 services: - kind: Service - name: {{ .Release.Name }}-mongo-express.{{ .Release.Namespace }} + name: {{ .Release.Name }}-mongo-express passHostHeader: true port: 8081 {{- end }} \ No newline at end of file diff --git a/utils/assets/templates/oc-auth/deployment.yaml b/utils/assets/templates/oc-auth/deployment.yaml index cc40cc0..f4b5e85 100644 --- a/utils/assets/templates/oc-auth/deployment.yaml +++ b/utils/assets/templates/oc-auth/deployment.yaml @@ -16,6 +16,10 @@ spec: app: oc-auth spec: volumes: + - name: oc-pem + secret: + secretName: oc-peer-pem + optional: true - name: public-key-volume secret: secretName: public-key-secret @@ -37,6 +41,9 @@ spec: - name: private-key-volume mountPath: /keys/private/private.pem subPath: private.pem + - name: oc-pem + mountPath: /app/pem + readOnly: true envFrom: - configMapRef: name: opencloud-config diff --git a/utils/assets/templates/oc-catalog/deployment.yaml b/utils/assets/templates/oc-catalog/deployment.yaml index 647d8b8..052cf07 100644 --- a/utils/assets/templates/oc-catalog/deployment.yaml +++ b/utils/assets/templates/oc-catalog/deployment.yaml @@ -15,6 +15,11 @@ spec: labels: app: oc-catalog spec: + volumes: + - name: oc-pem + secret: + secretName: oc-peer-pem + optional: true {{- if or (eq .Values.env "prod") (eq .Values.env "staging") }} imagePullSecrets: - name: regcred @@ -42,4 +47,8 @@ spec: port: 8080 initialDelaySeconds: 10 periodSeconds: 30 + volumeMounts: + - name: oc-pem + mountPath: /app/pem + readOnly: true {{- end }} \ No newline at end of file diff --git a/utils/assets/templates/oc-datacenter/deployment.yaml b/utils/assets/templates/oc-datacenter/deployment.yaml index c2ec0fc..af06acc 100644 --- a/utils/assets/templates/oc-datacenter/deployment.yaml +++ b/utils/assets/templates/oc-datacenter/deployment.yaml @@ -19,9 +19,18 @@ spec: imagePullSecrets: - name: regcred {{- end }} + volumes: + - name: oc-pem + secret: + secretName: oc-peer-pem + optional: true containers: - image: "{{ .Values.ocDatacenter.image }}" name: oc-datacenter + volumeMounts: + - name: oc-pem + mountPath: /app/pem + readOnly: true envFrom: - configMapRef: name: opencloud-config diff --git a/utils/assets/templates/oc-front/config.yaml b/utils/assets/templates/oc-front/config.yaml new file mode 100644 index 0000000..76124ac --- /dev/null +++ b/utils/assets/templates/oc-front/config.yaml @@ -0,0 +1,18 @@ +{{- if index .Values.ocFront.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: front-config +data: + config.json: | + { + "WORKSPACE_HOST": "workspace", + "WORKFLOW_HOST": "workflow", + "CATALOG_HOST": "catalog", + "SCHEDULER_HOST": "scheduler", + "PEER_HOST": "peers", + "DATACENTER_HOST": "datacenter", + "COLLABORATIVE_AREA_HOST": "shared", + "HOST": "{{ .Values.scheme }}://{{ .Values.host }}", + } +{{- end }} \ No newline at end of file diff --git a/utils/assets/templates/oc-front/deployment.yaml b/utils/assets/templates/oc-front/deployment.yaml index 948fd23..69b9def 100644 --- a/utils/assets/templates/oc-front/deployment.yaml +++ b/utils/assets/templates/oc-front/deployment.yaml @@ -1,4 +1,4 @@ -{{- if .Values.ocFront.enabled }} +{{- if index .Values.ocFront.enabled }} apiVersion: apps/v1 kind: Deployment metadata: @@ -6,7 +6,7 @@ metadata: app: oc-front name: {{ .Release.Name }}-oc-front spec: - replicas: {{ .Values.ocFront.replicas }} + replicas: 1 selector: matchLabels: app: oc-front @@ -28,14 +28,8 @@ spec: name: oc-front ports: - name: http - containerPort: 80 + containerPort: 8080 protocol: TCP - livenessProbe: - httpGet: - path: / - port: 80 - initialDelaySeconds: 10 - periodSeconds: 30 resources: limits: cpu: "{{ .Values.ocFront.resources.limits.cpu }}" diff --git a/utils/assets/templates/oc-front/service.yaml b/utils/assets/templates/oc-front/service.yaml index a090def..0c5d977 100644 --- a/utils/assets/templates/oc-front/service.yaml +++ b/utils/assets/templates/oc-front/service.yaml @@ -10,7 +10,7 @@ spec: - name: http port: 8080 protocol: TCP - targetPort: 80 + targetPort: 8080 selector: app: oc-front type: ClusterIP diff --git a/utils/assets/templates/oc-peer/deployment.yaml b/utils/assets/templates/oc-peer/deployment.yaml index c7dd390..a412190 100644 --- a/utils/assets/templates/oc-peer/deployment.yaml +++ b/utils/assets/templates/oc-peer/deployment.yaml @@ -19,12 +19,21 @@ spec: imagePullSecrets: - name: regcred {{- end }} + volumes: + - name: oc-pem + secret: + secretName: oc-peer-pem + optional: true containers: - image: "{{ .Values.ocPeer.image }}" name: oc-peer envFrom: - configMapRef: name: opencloud-config + volumeMounts: + - name: oc-pem + mountPath: /app/pem + readOnly: true livenessProbe: httpGet: path: /oc/version diff --git a/utils/assets/templates/oc-scheduler/deployment.yaml b/utils/assets/templates/oc-scheduler/deployment.yaml index 2eb91ae..d8a8e33 100644 --- a/utils/assets/templates/oc-scheduler/deployment.yaml +++ b/utils/assets/templates/oc-scheduler/deployment.yaml @@ -15,6 +15,11 @@ spec: labels: app: oc-scheduler spec: + volumes: + - name: oc-pem + secret: + secretName: oc-peer-pem + optional: true serviceAccountName: scheduler-sa {{- if or (eq .Values.env "prod") (eq .Values.env "staging") }} imagePullSecrets: @@ -23,6 +28,10 @@ spec: containers: - image: "{{ .Values.ocScheduler.image }}" name: oc-scheduler + volumeMounts: + - name: oc-pem + mountPath: /app/pem + readOnly: true envFrom: - configMapRef: name: opencloud-config diff --git a/utils/assets/templates/oc-shared/deployment.yaml b/utils/assets/templates/oc-shared/deployment.yaml index 2ed533d..a314df6 100644 --- a/utils/assets/templates/oc-shared/deployment.yaml +++ b/utils/assets/templates/oc-shared/deployment.yaml @@ -19,9 +19,18 @@ spec: imagePullSecrets: - name: regcred {{- end }} + volumes: + - name: oc-pem + secret: + secretName: oc-peer-pem + optional: true containers: - image: "{{ .Values.ocShared.image }}" name: oc-shared + volumeMounts: + - name: oc-pem + mountPath: /app/pem + readOnly: true envFrom: - configMapRef: name: opencloud-config diff --git a/utils/assets/templates/oc-workflow/deployment.yaml b/utils/assets/templates/oc-workflow/deployment.yaml index 230f431..48f11b0 100644 --- a/utils/assets/templates/oc-workflow/deployment.yaml +++ b/utils/assets/templates/oc-workflow/deployment.yaml @@ -19,9 +19,18 @@ spec: imagePullSecrets: - name: regcred {{- end }} + volumes: + - name: oc-pem + secret: + secretName: oc-peer-pem + optional: true containers: - image: "{{ .Values.ocWorkflow.image }}" name: oc-shared + volumeMounts: + - name: oc-pem + mountPath: /app/pem + readOnly: true envFrom: - configMapRef: name: opencloud-config diff --git a/utils/assets/templates/oc-workspace/deployment.yaml b/utils/assets/templates/oc-workspace/deployment.yaml index f3a4d09..8426bcc 100644 --- a/utils/assets/templates/oc-workspace/deployment.yaml +++ b/utils/assets/templates/oc-workspace/deployment.yaml @@ -15,9 +15,18 @@ spec: labels: app: oc-workspace spec: + volumes: + - name: oc-pem + secret: + secretName: oc-peer-pem + optional: true containers: - image: "{{ .Values.ocWorkspace.image }}" name: oc-workspace + volumeMounts: + - name: oc-pem + mountPath: /app/pem + readOnly: true envFrom: - configMapRef: name: opencloud-config diff --git a/utils/assets/templates/prometheus.yaml b/utils/assets/templates/prometheus.yaml index 93aa59f..a711495 100644 --- a/utils/assets/templates/prometheus.yaml +++ b/utils/assets/templates/prometheus.yaml @@ -9,10 +9,9 @@ spec: routes: - kind: Rule match: Host(`{{ .Values.host }}`) && PathPrefix(`/monitor`) - priority: 10 services: - kind: Service - name: {{ .Release.Name }}-monitor.{{ .Release.Namespace }} + name: {{ .Release.Name }}-prometheus-server passHostHeader: true - port: 9090 + port: 80 {{- end }} \ No newline at end of file diff --git a/utils/assets/templates/registry/docker-registry.yaml b/utils/assets/templates/registry/docker-registry.yaml index 08e7b7a..23b5160 100644 --- a/utils/assets/templates/registry/docker-registry.yaml +++ b/utils/assets/templates/registry/docker-registry.yaml @@ -25,7 +25,6 @@ spec: routes: - kind: Rule match: Host(`{{ .Values.registryHost }}`) - priority: 5 services: - kind: Service name: {{ .Values.env }}-docker-registry-ui-registry-server @@ -43,7 +42,6 @@ spec: routes: - kind: Rule match: Host(`{{ .Values.registryHost }}`) && PathPrefix(`/ui`) - priority: 10 services: - kind: Service name: {{ .Values.env }}-docker-registry-ui-user-interface diff --git a/utils/assets/templates/traefik.yaml b/utils/assets/templates/traefik/traefik.yaml similarity index 80% rename from utils/assets/templates/traefik.yaml rename to utils/assets/templates/traefik/traefik.yaml index 24b7c92..a17fc03 100644 --- a/utils/assets/templates/traefik.yaml +++ b/utils/assets/templates/traefik/traefik.yaml @@ -1,3 +1,4 @@ +{{- if index .Values.traefik.enabled }} apiVersion: traefik.io/v1alpha1 kind: Middleware metadata: @@ -6,3 +7,4 @@ spec: forwardAuth: address: "http://oc-auth-svc.{{ .Release.Namespace }}:8080/oc/forward" trustForwardHeader: true +{{- end }} diff --git a/utils/assets/values.yaml.template b/utils/assets/values.yaml.template index a1d9fb6..070d0d9 100644 --- a/utils/assets/values.yaml.template +++ b/utils/assets/values.yaml.template @@ -1,5 +1,6 @@ env: ${RELEASE:-prod} # For storage class provisioning -name: ${CLUSTER_NAME:-opencloud} +clusterName: ${CLUSTER_NAME:-opencloud} +hostNetwork: true host: ${HOST:-beta.opencloud.com} registryHost: ${REGISTRY_HOST:-oc} # For reverse proxy rule scheme: https # For reverse proxy rule @@ -20,8 +21,8 @@ mongo-express: mongodb: enabled: ${OC_MONGO_ENABLED:-true} global: - defaultStorageClass: ${OC_MONGO_STORAGE:-""} - storageClass: ${OC_MONGO_STORAGE:-""} + defaultStorageClass: ${OC_MONGO_STORAGE:-"standard"} + storageClass: ${OC_MONGO_STORAGE:-"standard"} architecture: standalone useStatefulSet: false auth: @@ -37,7 +38,7 @@ mongodb: enabled: true create: false # do not auto-create existingClaim: ${OC_MONGO_PVC:-mongo-pvc} - storageClassName: ${OC_MONGO_STORAGE:-""} + storageClassName: ${OC_MONGO_STORAGE:-"standard"} accessModes: - ReadWriteOnce size: ${OC_MONGO_SIZE:-5000Mi} @@ -242,7 +243,6 @@ traefik: ports: web: nodePort: 30950 - hydra: enabled: ${OC_HYDRA_ENABLED:-true} maester: @@ -287,6 +287,7 @@ loki: commonConfig: replication_factor: 1 storage: + storageClassName: standard type: filesystem filesystem: chunks_directory: /var/loki/chunks @@ -325,7 +326,7 @@ loki: enabled: false # Deactivate loki auto provisioning, rely on existing PVC accessMode: ReadWriteOnce size: ${OC_LOKI_SIZE:-1Gi} - storageClassName: ${OC_LOKI_STORAGE:-""} + storageClassName: ${OC_LOKI_STORAGE:-"standard"} create: false claimName: ${OC_LOKI_PVC:-loki-pvc} @@ -607,7 +608,8 @@ docker-registry-ui: claimName: docker-registry-pvc persistence: create: false + storageClassName: standard existingClaim: docker-registry-pvc accessMode: ReadWriteOnce storage: ${OC_DOCKER_REGISTRY_SIZE:-5Gi} - storageClassName: ${OC_DOCKER_REGISTRY_STORAGE:-""} + storageClassName: ${OC_DOCKER_REGISTRY_STORAGE:-"standard"}