api-deployment.yaml 8.97 KB
Newer Older
Markus Scheidgen's avatar
Markus Scheidgen committed
1
2
3
apiVersion: v1
kind: ConfigMap
metadata:
4
  name: {{ include "nomad.fullname" . }}-app-gunicorn-log-config
Markus Scheidgen's avatar
Markus Scheidgen committed
5
  labels:
6
    app.kubernetes.io/name: {{ include "nomad.name" . }}-app-gunicorn-log-config
Markus Scheidgen's avatar
Markus Scheidgen committed
7
8
9
10
11
12
13
    helm.sh/chart: {{ include "nomad.chart" . }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/managed-by: {{ .Release.Service }}
data:
  gunicorn.log.conf: |
    [loggers]
    keys=root, gunicorn.error, gunicorn.access
Markus Scheidgen's avatar
Markus Scheidgen committed
14

Markus Scheidgen's avatar
Markus Scheidgen committed
15
16
    [handlers]
    keys=console, access, error
Markus Scheidgen's avatar
Markus Scheidgen committed
17

Markus Scheidgen's avatar
Markus Scheidgen committed
18
    [formatters]
Markus Scheidgen's avatar
Markus Scheidgen committed
19
    keys=generic, json
Markus Scheidgen's avatar
Markus Scheidgen committed
20

Markus Scheidgen's avatar
Markus Scheidgen committed
21
22
23
    [logger_root]
    level=INFO
    handlers=console
Markus Scheidgen's avatar
Markus Scheidgen committed
24

Markus Scheidgen's avatar
Markus Scheidgen committed
25
26
27
28
    [logger_gunicorn.error]
    level=INFO
    handlers=error
    qualname=gunicorn.error
Markus Scheidgen's avatar
Markus Scheidgen committed
29

Markus Scheidgen's avatar
Markus Scheidgen committed
30
31
32
33
    [logger_gunicorn.access]
    level=INFO
    handlers=access
    qualname=gunicorn.access
Markus Scheidgen's avatar
Markus Scheidgen committed
34

Markus Scheidgen's avatar
Markus Scheidgen committed
35
36
37
38
    [handler_console]
    class=StreamHandler
    formatter=generic
    args=(sys.stdout, )
Markus Scheidgen's avatar
Markus Scheidgen committed
39

Markus Scheidgen's avatar
Markus Scheidgen committed
40
    [handler_access]
Markus Scheidgen's avatar
Markus Scheidgen committed
41
    class=StreamHandler
Markus Scheidgen's avatar
Markus Scheidgen committed
42
    formatter=json
Markus Scheidgen's avatar
Markus Scheidgen committed
43
    args=(sys.stdout, )
Markus Scheidgen's avatar
Markus Scheidgen committed
44

Markus Scheidgen's avatar
Markus Scheidgen committed
45
    [handler_error]
Markus Scheidgen's avatar
Markus Scheidgen committed
46
    class=StreamHandler
Markus Scheidgen's avatar
Markus Scheidgen committed
47
    formatter=json
Markus Scheidgen's avatar
Markus Scheidgen committed
48
    args=(sys.stdout, )
Markus Scheidgen's avatar
Markus Scheidgen committed
49

Markus Scheidgen's avatar
Markus Scheidgen committed
50
51
52
53
    [formatter_generic]
    format=%(asctime)s [%(process)d] [%(levelname)s] %(message)s
    datefmt=%Y-%m-%d %H:%M:%S
    class=logging.Formatter
Markus Scheidgen's avatar
Markus Scheidgen committed
54
55
56

    [formatter_json]
    class=pythonjsonlogger.jsonlogger.JsonFormatter
Markus Scheidgen's avatar
Markus Scheidgen committed
57
---
58
59
60
apiVersion: v1
kind: ConfigMap
metadata:
61
  name: {{ include "nomad.fullname" . }}-app-gunicorn-config
62
  labels:
63
    app.kubernetes.io/name: {{ include "nomad.name" . }}-app-gunicorn-config
64
65
66
67
68
69
    helm.sh/chart: {{ include "nomad.chart" . }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/managed-by: {{ .Release.Service }}
data:
  gunicorn.conf: |
    secure_scheme_headers = {'X-FORWARDED-PROTOCOL': 'ssl', 'X-FORWARDED-PROTO': 'https', 'X-FORWARDED-SSL': 'on'}
70
    {{ if ne .Values.app.workerClass "sync" }}
Markus Scheidgen's avatar
Markus Scheidgen committed
71
72
    worker_class = '{{ .Values.app.workerClass }}'
    threads = {{ .Values.app.threads }}
73
    {{ end }}
74
    worker_connections = 1000
75
    workers = {{ .Values.app.worker }}
76
---
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
apiVersion: v1
kind: ConfigMap
metadata:
  name: {{ include "nomad.fullname" . }}-gui-env-js
  labels:
    app.kubernetes.io/name: {{ include "nomad.name" . }}-gui-env-js
    helm.sh/chart: {{ include "nomad.chart" . }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/managed-by: {{ .Release.Service }}
data:
  env.js: |
    window.nomadEnv = {
      "appBase": "{{ .Values.proxy.external.path }}",
      "keycloakBase": "{{ .Values.keycloak.serverExternalUrl }}",
      "keycloakRealm": "{{ .Values.keycloak.realmName }}",
      "keycloakClientId": "{{ .Values.keycloak.guiClientId }}",
      "matomoSiteId": {{ .Values.gui.matomoSiteId }},
      "matomoUrl": "{{ .Values.gui.matomoUrl }}",
95
      "matomoEnabled": {{ .Values.gui.matomoEnabled }},
96
97
98
99
100
101
      "debug": {{ .Values.gui.debug }},
      "version": {
        "label": "{{ .Values.version.label }}",
        "isBeta": {{ .Values.version.isBeta }},
        "usesBetaData": {{ .Values.version.usesBetaData }},
        "officialUrl": "{{ .Values.version.officialUrl }}"
102
103
      },
      "encyclopediaEnabled": {{ .Values.gui.encyclopediaEnabled }}
104
105
    };
---
106
107
108
109
110
111
112
113
114
115
116
117
apiVersion: v1
kind: ConfigMap
metadata:
  name: {{ include "nomad.fullname" . }}-enc-conf-js
  labels:
    app.kubernetes.io/name: {{ include "nomad.name" . }}-enc-conf-js
    helm.sh/chart: {{ include "nomad.chart" . }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/managed-by: {{ .Release.Service }}
data:
  conf.js: |
    window.nomadEnv = {
118
      apiRoot: "https://{{ .Values.proxy.external.host }}{{ .Values.proxy.external.path }}/api/encyclopedia/",
Lauri Himanen's avatar
Lauri Himanen committed
119
      guiRoot: "https://{{ .Values.proxy.external.host }}{{ .Values.proxy.external.path }}/encyclopedia/",
120
121
      userCookieDomain: ".{{ .Values.proxy.external.host }}",
      guestUserToken: 'eyJhbGciOiJIUzI1NiIsImlhdCI6MTUyMzg4MDE1OSwiZXhwIjoxNjgxNTYwMTU5fQ.ey'+
122
123
124
125
      'JpZCI6ImVuY2d1aSJ9.MsMWQa3IklH7cQTxRaIRSF9q8D_2LD5Fs2-irpWPTp4',
      keycloakBase: "{{ .Values.keycloak.serverExternalUrl }}",
      keycloakRealm: "{{ .Values.keycloak.realmName }}",
      keycloakClientId: "{{ .Values.keycloak.guiClientId }}"
126
127
    };
---
128
129
130
apiVersion: apps/v1
kind: Deployment
metadata:
131
  name: {{ include "nomad.fullname" . }}-app
132
  labels:
133
    app.kubernetes.io/name: {{ include "nomad.name" . }}-app
134
135
136
137
    helm.sh/chart: {{ include "nomad.chart" . }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/managed-by: {{ .Release.Service }}
spec:
138
  replicas: {{ .Values.app.replicas }}
139
140
  selector:
    matchLabels:
141
      app.kubernetes.io/name: {{ include "nomad.name" . }}-app
142
143
144
145
      app.kubernetes.io/instance: {{ .Release.Name }}
  template:
    metadata:
      labels:
146
        app.kubernetes.io/name: {{ include "nomad.name" . }}-app
147
        app.kubernetes.io/instance: {{ .Release.Name }}
148
149
150
151
      {{ if .Values.roll }}
      annotations:
        rollme: {{ randAlphaNum 5 | quote }}
      {{ end }}
152
153
    spec:
      containers:
154
      - name: {{ include "nomad.name" . }}-app
155
156
        image: "{{ .Values.image.name }}:{{ .Values.image.tag }}"
        imagePullPolicy: {{ .Values.image.pullPolicy }}
157
        volumeMounts:
Markus Scheidgen's avatar
Markus Scheidgen committed
158
        - mountPath: /app/nomad.yaml
159
          name: nomad-conf
Markus Scheidgen's avatar
Markus Scheidgen committed
160
161
162
163
          subPath: nomad.yaml
        - mountPath: /app/gunicorn.log.conf
          name: gunicorn-log-conf
          subPath: gunicorn.log.conf
Markus Scheidgen's avatar
Markus Scheidgen committed
164
165
166
        - mountPath: /app/gunicorn.conf
          name: gunicorn-conf
          subPath: gunicorn.conf
167
        - mountPath: /app/.volumes/fs/public
168
169
170
          name: public-volume
        - mountPath: /app/.volumes/fs/staging
          name: staging-volume
171
172
        - mountPath: /nomad
          name: nomad-volume
173
174
175
176
        - mountPath: /app/gui/build/env.js
          readOnly: true
          subPath: env.js
          name: gui-env-js
177
178
179
180
        - mountPath: /app/dependencies/encyclopedia-gui/client/conf.js
          readOnly: true
          subPath: conf.js
          name: enc-conf-js
Markus Scheidgen's avatar
Markus Scheidgen committed
181
        env:
182
        - name: NOMAD_META_SERVICE
183
          value: "app"
184
        - name: NOMAD_CONSOLE_LOGLEVEL
185
          value: "{{ .Values.app.console_loglevel }}"
186
        - name: NOMAD_LOGSTASH_LEVEL
187
          value: "{{ .Values.app.logstash_loglevel }}"
188
       {{ if .Values.api.apiSecret }}
189
        - name: NOMAD_SERVICES_API_SECRET
190
          valueFrom:
191
            secretKeyRef:
192
              name: {{ .Values.api.apiSecret}}
193
194
              key: password
        {{ end }}
195
196
        {{ if .Values.keycloak.clientSecret }}
        - name: NOMAD_KEYCLOAK_CLIENT_SECRET
197
          valueFrom:
198
            secretKeyRef:
199
              name: {{ .Values.keycloak.clientSecret }}
200
201
              key: password
        {{ end }}
202
203
204
205
206
207
208
        {{ if .Values.client.passwordSecret }}
        - name: NOMAD_CLIENT_PASSWORD
          valueFrom:
            secretKeyRef:
              name: {{ .Values.client.passwordSecret }}
              key: password
        {{ end }}
209
210
        {{ if .Values.keycloak.passwordSecret }}
        - name: NOMAD_KEYCLOAK_PASSWORD
211
          valueFrom:
212
213
214
215
            secretKeyRef:
              name: {{ .Values.keycloak.passwordSecret }}
              key: password
        {{ end }}
Markus Scheidgen's avatar
Markus Scheidgen committed
216
217
218
219
220
221
222
223
224
225
226
227
        {{ if .Values.datacite.secret }}
        - name: NOMAD_DATACITE_PASSWORD
          valueFrom:
            secretKeyRef:
              name: {{ .Values.datacite.secret }}
              key: password
        - name: NOMAD_DATACITE_USER
          valueFrom:
            secretKeyRef:
              name: {{ .Values.datacite.secret }}
              key: user
        {{ end }}
228
        command: ["./run.sh",  "{{ .Values.proxy.external.path }}"]
229
230
        livenessProbe:
          httpGet:
231
            path: "{{ .Values.proxy.external.path }}/alive"
232
            port: 8000
233
234
235
          initialDelaySeconds: 30
          periodSeconds: 30
          timeoutSeconds: 5
236
237
        readinessProbe:
          httpGet:
238
            path: "{{ .Values.proxy.external.path }}/alive"
239
            port: 8000
240
241
242
          initialDelaySeconds: 15
          periodSeconds: 15
          timeoutSeconds: 5
243
      nodeSelector:
244
        nomadtype: {{ .Values.app.nomadNodeType }}
245
      imagePullSecrets:
246
      - name: {{ .Values.image.secret }}
247
      volumes:
Markus Scheidgen's avatar
Markus Scheidgen committed
248
249
      - name: gunicorn-log-conf
        configMap:
250
          name: {{ include "nomad.fullname" . }}-app-gunicorn-log-config
Markus Scheidgen's avatar
Markus Scheidgen committed
251
252
      - name: gunicorn-conf
        configMap:
253
          name: {{ include "nomad.fullname" . }}-app-gunicorn-config
254
255
256
      - name: nomad-conf
        configMap:
          name: {{ include "nomad.fullname" . }}-configmap
257
258
259
      - name: gui-env-js
        configMap:
          name: {{ include "nomad.fullname" . }}-gui-env-js
260
261
262
      - name: enc-conf-js
        configMap:
          name: {{ include "nomad.fullname" . }}-enc-conf-js
263
      - name: public-volume
264
        hostPath:
265
          path: {{ .Values.volumes.public }}
266
          type: Directory
267
      - name: staging-volume
268
        {{ if (eq .Values.worker.storage "memory") }}
269
270
271
272
        emptyDir:
          medium: 'Memory'
        {{ else }}
        hostPath:
273
          path: {{ .Values.volumes.staging}}
274
275
          type: Directory
        {{ end }}
276
277
278
279
      - name: nomad-volume
        hostPath:
          path: {{ .Values.volumes.nomad }}
          type: Directory