Adding collaborative area support

opencloud/dev-values.yaml

@@ -1,5 +1,6 @@
 env: dev # For storage class provisioning
-host: localhost # For reverse proxy rule
+host: beta.opencloud.com # For reverse proxy rule
+scheme: http # For reverse proxy rule
 
 mongo-express:
   enabled: true
@@ -253,11 +254,44 @@ ocAuth:
   resources:
     limits:
       cpu: "128m"
-      memory: "128Mi"
+      memory: "256Mi"
     requests:
       cpu: "128m"
       memory: "256Mi"
-      
+
+ocFront:
+  enabled: true
+  image: oc/oc-front:0.0.1
+  resources:
+    limits:
+      cpu: "128m"
+      memory: "256Mi"
+    requests:
+      cpu: "128m"
+      memory: "256Mi"
+
+ocWorkspace:
+  enabled: true
+  image: oc/oc-workspace:0.0.1
+  resources:
+    limits:
+      cpu: "128m"
+      memory: "256Mi"
+    requests:
+      cpu: "128m"
+      memory: "256Mi"
+
+ocShared:
+  enabled: true
+  image: oc/oc-shared:0.0.1
+  resources:
+    limits:
+      cpu: "128m"
+      memory: "256Mi"
+    requests:
+      cpu: "128m"
+      memory: "256Mi"
+
 loki:
   enabled: false
 

opencloud/templates/oc-auth/deployment.yaml

@@ -39,13 +39,13 @@ spec:
             name: opencloud-config
         ports:
           - name: http
-            containerPort: 80
+            containerPort: 8080
             protocol: TCP
         resources:
           limits:
-            cpu: "{{ .Values.ldapUserManager.resources.limits.cpu }}"
+            cpu: "{{ .Values.ocFront.resources.limits.cpu }}"
-            memory: "{{ .Values.ldapUserManager.resources.limits.memory }}"
+            memory: "{{ .Values.ocFront.resources.limits.memory }}"
           requests:
-            cpu: "{{ .Values.ldapUserManager.resources.requests.cpu }}"
+            cpu: "{{ .Values.ocFront.resources.requests.cpu }}"
-            memory: "{{ .Values.ldapUserManager.resources.requests.memory }}"        
+            memory: "{{ .Values.ocFront.resources.requests.memory }}"        
 {{- end }}

opencloud/templates/oc-auth/ingress.yaml

@@ -13,8 +13,15 @@ spec:
       services:
       - kind: Service
         name: oc-auth-svc
-        passHostHeader: true
         port: 8094
-      middlewares:
+---
-        - name: forwardauth
+apiVersion:  traefik.io/v1alpha1
+kind: Middleware
+metadata:
+  name: strip-auth-prefix
+spec:
+  stripPrefix:
+    prefixes:
+      - "/auth"
+
 {{- end }}

opencloud/templates/oc-front/config.yaml

@@ -0,0 +1,20 @@
+{{- if index .Values.ocFront.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: front-config
+data:
+  config.json: |
+    {
+      "WORKSPACE_HOST": "{{ .Values.scheme }}://{{ .Values.host }}/workspace/oc",
+      "WORKFLOW_HOST": "{{ .Values.scheme }}://{{ .Values.host }}/workflow/oc",
+      "ITEM_HOST": "{{ .Values.scheme }}://{{ .Values.host }}/item/oc",
+      "SCHEDULER_HOST": "{{ .Values.scheme }}://{{ .Values.host }}/scheduler/oc",
+      "LOGS_HOST": "{{ .Values.scheme }}://{{ .Values.host }}/logs",
+      "PEER_HOST": "{{ .Values.scheme }}://{{ .Values.host }}/peers/oc",
+      "DATACENTER_HOST": "{{ .Values.scheme }}://{{ .Values.host }}/datacenter/oc",
+      "COLLABORATIVE_AREA_HOST": "{{ .Values.scheme }}://{{ .Values.host }}/shared/oc",
+      "HOST": "{{ .Values.scheme }}://{{ .Values.host }}/oc",
+      "AUTH_HOST": "{{ .Values.scheme }}://{{ .Values.host }}/auth/oc"
+    }
+{{- end }}

opencloud/templates/oc-front/deployment.yaml

@@ -0,0 +1,40 @@
+{{- if index .Values.ocFront.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app: oc-front
+  name: {{ .Release.Name }}-oc-front
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: oc-front
+  template:
+    metadata:
+      labels:
+        app: oc-front
+    spec:
+      volumes:
+          - name: config-volume
+            configMap:
+              name: front-config
+      containers:
+      - image: "{{ .Values.ocFront.image }}"
+        name: oc-front
+        ports:
+          - name: http
+            containerPort: 80
+            protocol: TCP
+        resources:
+          limits:
+            cpu: "{{ .Values.ocFront.resources.limits.cpu }}"
+            memory: "{{ .Values.ocFront.resources.limits.memory }}"
+          requests:
+            cpu: "{{ .Values.ocFront.resources.requests.cpu }}"
+            memory: "{{ .Values.ocFront.resources.requests.memory }}"
+        volumeMounts:
+        - name: config-volume
+          mountPath: /usr/share/nginx/html/assets/assets/config/front.json
+          subPath: config.json            
+{{- end }}

opencloud/templates/oc-front/ingress.yaml

@@ -0,0 +1,17 @@
+{{- if index .Values.ocFront.enabled }}
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+  name: oc-front-ingress
+spec:
+  entryPoints:
+    - web
+  routes:                           
+    - kind: Rule
+      match:   Host(`{{ .Values.host }}`) && PathPrefix(`/`)
+      priority: 5
+      services:
+      - kind: Service
+        name: oc-front-svc
+        port: 8080
+{{- end }}

opencloud/templates/oc-front/service.yaml

@@ -0,0 +1,17 @@
+{{- if index .Values.ocFront.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: oc-front-svc
+  labels:
+    app: oc-front-svc
+spec:
+  ports:
+  - name: http
+    port: 8080
+    protocol: TCP
+    targetPort: 80
+  selector:
+    app: oc-front
+  type: ClusterIP
+{{- end }}

opencloud/templates/oc-shared/deployment.yaml

@@ -0,0 +1,35 @@
+{{- if index .Values.ocShared.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app: oc-shared
+  name: {{ .Release.Name }}-oc-shared
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: oc-shared
+  template:
+    metadata:
+      labels:
+        app: oc-shared
+    spec:
+      containers:
+      - image: "{{ .Values.ocShared.image }}"
+        name: oc-shared
+        envFrom:
+        - configMapRef:
+            name: opencloud-config
+        ports:
+          - name: http
+            containerPort: 8080
+            protocol: TCP
+        resources:
+          limits:
+            cpu: "{{ .Values.ocShared.resources.limits.cpu }}"
+            memory: "{{ .Values.ocShared.resources.limits.memory }}"
+          requests:
+            cpu: "{{ .Values.ocShared.resources.requests.cpu }}"
+            memory: "{{ .Values.ocShared.resources.requests.memory }}"
+  {{- end }}

opencloud/templates/oc-shared/ingress.yaml

@@ -0,0 +1,29 @@
+{{- if index .Values.ocShared.enabled }}
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+  name: oc-shared-ingress
+spec:
+  entryPoints:
+    - web
+  routes:                           
+    - kind: Rule
+      match:   Host(`{{ .Values.host }}`) && PathPrefix(`/shared`)
+      priority: 10                    
+      services:
+      - kind: Service
+        name: oc-shared-svc
+        port: 8080
+      middlewares:
+      - name: strip-shared-prefix
+
+---
+apiVersion:  traefik.io/v1alpha1
+kind: Middleware
+metadata:
+  name: strip-shared-prefix
+spec:
+  stripPrefix:
+    prefixes:
+      - "/shared"
+{{- end }}

opencloud/templates/oc-shared/service.yaml

@@ -0,0 +1,17 @@
+{{- if index .Values.ocShared.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: oc-shared-svc
+  labels:
+    app: oc-shared-svc
+spec:
+  ports:
+  - name: http
+    port: 8080
+    protocol: TCP
+    targetPort: 8080
+  selector:
+    app: oc-shared
+  type: ClusterIP
+{{- end }}

opencloud/templates/oc-workspace/deployment.yaml

@@ -0,0 +1,35 @@
+{{- if index .Values.ocWorkspace.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app: oc-workspace
+  name: {{ .Release.Name }}-oc-workspace
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: oc-workspace
+  template:
+    metadata:
+      labels:
+        app: oc-workspace
+    spec:
+      containers:
+      - image: "{{ .Values.ocWorkspace.image }}"
+        name: oc-workspace
+        envFrom:
+        - configMapRef:
+            name: opencloud-config
+        ports:
+          - name: http
+            containerPort: 8080
+            protocol: TCP
+        resources:
+          limits:
+            cpu: "{{ .Values.ocWorkspace.resources.limits.cpu }}"
+            memory: "{{ .Values.ocWorkspace.resources.limits.memory }}"
+          requests:
+            cpu: "{{ .Values.ocWorkspace.resources.requests.cpu }}"
+            memory: "{{ .Values.ocWorkspace.resources.requests.memory }}"
+  {{- end }}

opencloud/templates/oc-workspace/ingress.yaml

@@ -0,0 +1,29 @@
+{{- if index .Values.ocWorkspace.enabled }}
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+  name: oc-workspace-ingress
+spec:
+  entryPoints:
+    - web
+  routes:                           
+    - kind: Rule
+      match:   Host(`{{ .Values.host }}`) && PathPrefix(`/workspace`)
+      priority: 10                    
+      services:
+      - kind: Service
+        name: oc-workspace-svc
+        port: 8080
+      middlewares:
+      - name: strip-workspace-prefix
+
+---
+apiVersion:  traefik.io/v1alpha1
+kind: Middleware
+metadata:
+  name: strip-workspace-prefix
+spec:
+  stripPrefix:
+    prefixes:
+      - "/workspace"
+{{- end }}

opencloud/templates/oc-workspace/service.yaml

@@ -0,0 +1,17 @@
+{{- if index .Values.ocWorkspace.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: oc-workspace-svc
+  labels:
+    app: oc-workspace-svc
+spec:
+  ports:
+  - name: http
+    port: 8080
+    protocol: TCP
+    targetPort: 8080
+  selector:
+    app: oc-workspace
+  type: ClusterIP
+{{- end }}

opencloud/templates/openCLoudConf.yaml

@@ -3,23 +3,23 @@ kind: ConfigMap
 metadata:
   name: opencloud-config
 data:
-  OCAUTH_ADMIN_ROLE: "{{ .Values.ocAuth.keto.adminRole }}"
+  OC_ADMIN_ROLE: "{{ .Values.ocAuth.keto.adminRole }}"
-  OCAUTH_PUBLIC_KEY_PATH: "/keys/public/public.pem"
+  OC_PUBLIC_KEY_PATH: "/keys/public/public.pem"
-  OCAUTH_PRIVATE_KEY_PATH: "/keys/private/private.pem"
+  OC_PRIVATE_KEY_PATH: "/keys/private/private.pem"
-  OCAUTH_CLIENT_SECRET: "{{ .Values.ocAuth.hydra.openCloudOauth2ClientSecretName }}"
+  OC_CLIENT_SECRET: "{{ .Values.ocAuth.hydra.openCloudOauth2ClientSecretName }}"
-  OCAUTH_AUTH: "{{ .Values.ocAuth.authType }}"
+  OC_AUTH: "{{ .Values.ocAuth.authType }}"
-  OCAUTH_AUTH_CONNECTOR_HOST: "{{ .Release.Name }}-hydra-admin.{{ .Release.Namespace }}"
+  OC_AUTH_CONNECTOR_HOST: "{{ .Release.Name }}-hydra-admin.{{ .Release.Namespace }}"
-  OCAUTH_AUTH_CONNECTOR_PORT: "4444"
+  OC_AUTH_CONNECTOR_PORT: "4444"
-  OCAUTH_AUTH_CONNECTOR_ADMIN_PORT: "4445"
+  OC_AUTH_CONNECTOR_ADMIN_PORT: "4445"
-  OCAUTH_PERMISSION_CONNECTOR_HOST: "{{ .Release.Name }}-keto-write.{{ .Release.Namespace }}"
+  OC_PERMISSION_CONNECTOR_HOST: "{{ .Release.Name }}-keto-write.{{ .Release.Namespace }}"
-  OCAUTH_PERMISSION_CONNECTOR_PORT: "80"
+  OC_PERMISSION_CONNECTOR_PORT: "80"
-  OCAUTH_PERMISSION_CONNECTOR_ADMIN_PORT: "80"
+  OC_PERMISSION_CONNECTOR_ADMIN_PORT: "80"
-  OCAUTH_LDAP_ENDPOINTS: "{{ .Release.Name }}-openldap.{{ .Release.Namespace }}.svc.cluster.local:389"
+  OC_LDAP_ENDPOINTS: "{{ .Release.Name }}-openldap.{{ .Release.Namespace }}.svc.cluster.local:389"
-  OCAUTH_LDAP_BINDDN: "{{ index .Values.ocAuth.ldap.bindDn }}"
+  OC_LDAP_BINDDN: "{{ index .Values.ocAuth.ldap.bindDn }}"
-  OCAUTH_LDAP_BINDPW: "{{ index .Values.ocAuth.ldap.binPwd }}"
+  OC_LDAP_BINDPW: "{{ index .Values.ocAuth.ldap.binPwd }}"
-  OCAUTH_LDAP_BASEDN: "{{ index .Values.ocAuth.ldap.baseDn }}"
+  OC_LDAP_BASEDN: "{{ index .Values.ocAuth.ldap.baseDn }}"
-  OCAUTH_LDAP_ROLE_BASEDN: "{{ index .Values.ocAuth.ldap.roleBaseDn }}"
+  OC_LDAP_ROLE_BASEDN: "{{ index .Values.ocAuth.ldap.roleBaseDn }}"
-  OCAUTH_MONGO_URL: "mongodb://{{ index .Values.mongodb.auth.usernames 0 }}:{{ index .Values.mongodb.auth.passwords 0 }}@{{ .Release.Name }}-mongodb.{{ .Release.Namespace }}:27017/{{ index .Values.mongodb.auth.databases 0 }}"
+  OC_MONGO_URL: "mongodb://{{ index .Values.mongodb.auth.usernames 0 }}:{{ index .Values.mongodb.auth.passwords 0 }}@{{ .Release.Name }}-mongodb.{{ .Release.Namespace }}:27017/{{ index .Values.mongodb.auth.databases 0 }}"
-  OCAUTH_MONGO_DATABASE: "{{ index .Values.mongodb.auth.databases 0 }}"
+  OC_MONGO_DATABASE: "{{ index .Values.mongodb.auth.databases 0 }}"
-  OCAUTH_NATS_URL: "nats://dev-nats.{{ .Release.Namespace }}.svc.cluster.local:4222"
+  OC_NATS_URL: "nats://dev-nats.{{ .Release.Namespace }}.svc.cluster.local:4222"
-  OCAUTH_LOKI_URL: "{{ .Values.SERVER_PATH }}"
+  OC_LOKI_URL: "{{ .Values.SERVER_PATH }}"