Skip to content

Commit

Permalink
fix qgis and solr deployments, add ingress
Browse files Browse the repository at this point in the history
  • Loading branch information
@danduk82
danduk82 committed Jan 4, 2023
1 parent 7b01422 commit 8d1021f
Show file tree
Hide file tree
Showing 2 changed files with 90 additions and 36 deletions.
9 changes: 5 additions & 4 deletions Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,11 @@ description: A Helm chart for deploying Qgis Web Client services on Kubernetes
name: qwc
version: 0.1.0
dependencies:
# - name: ingress
# repository: https://camptocamp.github.io/helm-ingress/
# version: 0.3.0
- name: custom-pod
repository: https://camptocamp.github.io/helm-custom-pod/
alias: qgis
version: 0.4.2
- name: custom-pod
repository: https://camptocamp.github.io/helm-custom-pod/
alias: qwc
version: 0.4.1
version: 0.4.2
117 changes: 85 additions & 32 deletions values.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,17 +1,10 @@
x-qwc-service-variables: &qwc-service-variables
JWT_SECRET_KEY: $JWT_SECRET_KEY
JWT_COOKIE_CSRF_PROTECT: 'True'
# Set these to override the UID/GID which runs uwsgi. Useful to ensure uwsgi runs under the same user/group
# which owns the shared volumes on host, avoiding the need to change the ownership/permissions of those files/folders.
SERVICE_UID: 1000
SERVICE_GID: 1000

tolerations: []
podSecurityContext: {}
securityContext: {}

service: &common-service-definition
type: ClusterIP
servicePort: 9090
ports:
- name: http
port: 9090
Expand Down Expand Up @@ -41,7 +34,7 @@ volumeMounts: &common-volume-mounts
readOnly: true

ports: &common-ports
uwsgi:
http:
containerPort: 9090
hostIP: 127.0.0.1

Expand Down Expand Up @@ -95,6 +88,47 @@ config:
password=qwc_service_write
sslmode=disable
qgis:
ingress:
enabled: false

serviceAccount:
# Specifies whether a service account should be created
create: false
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: default
services:
# TODO: what about qgis server?
qgis-server:
enabled: true
ingress:
enabled: false
<<: *common-generic-stuff
service:
type: ClusterIP
servicePort: 8080
ports:
- name: http
port: 8080
protocol: TCP
targetPort: http
volumes:
<<: *common-volumes
containers:
qgis:
image:
repository: camptocamp/qgis-server
tag: 3.22
sha: ''
ports:
http:
containerPort: 8080
volumeMounts:
<<: *common-volume-mounts
env:
<<: *common-env

qwc:
ingress:
enabled: false
Expand Down Expand Up @@ -122,6 +156,9 @@ qwc:
services:
admin-gui:
enabled: true
ingress:
enabled: true
path: /qwc_admin
<<: *common-generic-stuff
service:
<<: *common-service-definition
Expand Down Expand Up @@ -154,6 +191,9 @@ qwc:
value: en
auth-service:
enabled: true
ingress:
enabled: true
path: /auth
<<: *common-generic-stuff
service:
<<: *common-service-definition
Expand All @@ -179,6 +219,8 @@ qwc:
value: /auth
config-service:
enabled: true
ingress:
enabled: false
<<: *common-generic-stuff
service:
<<: *common-service-definition
Expand Down Expand Up @@ -219,6 +261,9 @@ qwc:
value: /srv/qwc_service/config-out
data-service:
enabled: true
ingress:
enabled: true
path: /api/v1/data
<<: *common-generic-stuff
service:
<<: *common-service-definition
Expand All @@ -244,6 +289,8 @@ qwc:
value: /api/v1/data
document-service:
enabled: true
ingress:
enabled: false
<<: *common-generic-stuff
service:
<<: *common-service-definition
Expand All @@ -265,6 +312,9 @@ qwc:
value: /api/v1/document
elevation-service:
enabled: true
ingress:
enabled: true
path: /elevation
<<: *common-generic-stuff
service:
<<: *common-service-definition
Expand All @@ -284,6 +334,9 @@ qwc:
<<: *common-env
feature-info-service:
enabled: true
ingress:
enabled: true
path: /api/v1/featureinfo
<<: *common-generic-stuff
service:
<<: *common-service-definition
Expand All @@ -305,6 +358,9 @@ qwc:
value: /api/v1/feature-info
fulltext-search-service:
enabled: true
ingress:
enabled: true
path: /api/v2/search
<<: *common-generic-stuff
service:
<<: *common-service-definition
Expand All @@ -326,6 +382,9 @@ qwc:
value: /api/v2/search
mapinfo-service:
enabled: true
ingress:
enabled: true
path: /api/v1/mapinfo/
<<: *common-generic-stuff
service:
<<: *common-service-definition
Expand All @@ -347,6 +406,9 @@ qwc:
value: /api/v1/mapinfo
map-viewer:
enabled: true
ingress:
enabled: true
path: /
<<: *common-generic-stuff
service:
<<: *common-service-definition
Expand All @@ -366,6 +428,9 @@ qwc:
<<: *common-env
ogc-service:
enabled: true
ingress:
enabled: true
path: /ows
<<: *common-generic-stuff
service:
<<: *common-service-definition
Expand All @@ -387,6 +452,9 @@ qwc:
value: /ows
permalink-service:
enabled: true
ingress:
enabled: true
path: /api/v1/permalink
<<: *common-generic-stuff
service:
<<: *common-service-definition
Expand All @@ -408,11 +476,16 @@ qwc:
value: /api/v1/permalink
solr:
enabled: true
ingress:
enabled: false
<<: *common-generic-stuff
service:
<<: *common-service-definition
volumes:
<<: *common-volumes
v-qwc-data:
persistentVolumeClaim:
claimName: pvc-qwc-data
containers:
uwsgi:
image:
Expand All @@ -427,35 +500,15 @@ qwc:
# Change ownership to solr user with `sudo chown 8983:8983 volumes/solr/data`
/gdi_conf:
name: v-qwc-data
subPath: solr/configsets/gdi_conf
subPath: solr/configsets/gdi/conf
readOnly: true
# TODO:
#
# Protect admin GUI and admin API with Basic auth
# Change "#credentials" to "credentials" in security.json for adding a user 'solr' with password 'SolrRocks'
#- ./volumes/solr/security.json:/var/solr/data/security.json:ro
/var/solr/data:
/var/solr:
name: v-qwc-data
subPath: solr/data
env:
<<: *common-env
# TODO: what about qgis server?
qgis-server:
enabled: true
<<: *common-generic-stuff
service:
<<: *common-service-definition
volumes:
<<: *common-volumes
containers:
uwsgi:
image:
repository: sourcepole/qwc-qgis-server
tag: 3.22-plugins
sha: ''
ports:
<<: *common-ports
volumeMounts:
<<: *common-volume-mounts
subPath: solr
env:
<<: *common-env

0 comments on commit 8d1021f

Please sign in to comment.