diff --git a/README.md b/README.md index 773d5e0..378c850 100644 --- a/README.md +++ b/README.md @@ -15,6 +15,7 @@ Helm charts to ease the deployment of containers on Kubernetes clusters and get * [Cow Demo](charts/cow-demo/README.md) 🗸 * [Drupal](charts/drupal/README.md) * [E Corp Demo](charts/ecorp-demo/README.md) 🗸 + * [Devpro Sales Portal](charts/devpro-salesportal/README.md) 🗸 * [WordPress](charts/wordpress/README.md) 🗸 * Authentication / Identity * [Keycloak](charts/keycloak/README.md) 🗸 @@ -49,7 +50,7 @@ Helm charts to ease the deployment of containers on Kubernetes clusters and get * [Rancher](charts/rancher/README.md) 🗸 * Observability * [Elastic Stack](charts/elastic-stack/README.md) - * [OpenTelemetry Collector](charts/opentelemetry/README.md) + * [OpenTelemetry Collector](charts/opentelemetry-collector/README.md) 🗸 * [Prometheus](charts/prometheus/README.md) * [Grafana](charts/grafana/README.md) * Secrets @@ -84,6 +85,10 @@ Helm charts to ease the deployment of containers on Kubernetes clusters and get Limitation: [Helm Chart Releaser](https://github.com/helm/chart-releaser) doesn't support multiple chart directories ou multiple levels so all charts must be in `charts` repository +## Best pratices + +* [Operations](docs/operations.md) + ## Samples * [SUSE Exchange Paris 2023](samples/suse-exchange-paris-2023/README.md) diff --git a/charts/devpro-salesportal/.helmignore b/charts/devpro-salesportal/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/charts/devpro-salesportal/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/devpro-salesportal/Chart.lock b/charts/devpro-salesportal/Chart.lock new file mode 100644 index 0000000..9bac0d6 --- /dev/null +++ b/charts/devpro-salesportal/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: mongodb + repository: https://charts.bitnami.com/bitnami + version: 13.9.4 +digest: sha256:40f660c388f3965695fbf9ad9f5b36b59f7a7c1ff166cf15cae957c5988d5c72 +generated: "2023-04-18T15:32:14.627874569+02:00" diff --git a/charts/devpro-salesportal/Chart.yaml b/charts/devpro-salesportal/Chart.yaml new file mode 100644 index 0000000..dc645a3 --- /dev/null +++ b/charts/devpro-salesportal/Chart.yaml @@ -0,0 +1,15 @@ +apiVersion: v2 +name: devpro-salesportal +description: Helm chart for Devpro Sales Portal +type: application +version: 0.1.0 +appVersion: "1.0.0" +dependencies: + - name: mongodb + version: 13.9.4 # MongoDB 6.0.5 + repository: https://charts.bitnami.com/bitnami + alias: mongodb + condition: mongodb.enabled +maintainers: + - name: devpro + email: bertrand@devpro.fr diff --git a/charts/devpro-salesportal/README.md b/charts/devpro-salesportal/README.md new file mode 100644 index 0000000..2354007 --- /dev/null +++ b/charts/devpro-salesportal/README.md @@ -0,0 +1,87 @@ +# Helm chart for Devpro Sales Portal + +This Helm chart will install [Devpro Sales Portal](https://github.com/devpro/sales-portal) on a Kubernetes cluster. + +## Usage + +[Helm](https://helm.sh) must be installed to use the charts. Once correctly setup, add the repository: + +```bash +helm repo add devpro https://devpro.github.io/helm-charts +``` + +If you had already added this repo earlier, run `helm repo update` to retrieve the latest versions of the packages. You can then run `helm search repo sales-portal` to see the charts. + +To install the chart: + +```bash +helm upgrade --install sales-portal devpro/sales-portal --create-namespace --namespace sales-portal +``` + +To uninstall the chart and clean-up the cluster: + +```bash +helm delete sales-portal +kubectl delete ns sales-portal +``` + +## Development + +### Update chart dependencies + +Make sure to run `../../scripts/add_helm_repos.sh` and look at available version with with `helm search repo -l mongodb --versions`. + +Every time you update `Chart.yaml`, run `helm dependency update` to update `Chart.lock`. + +### Linting + +Run `helm lint` to check the chart. + +### Reviewing generated chart + +Run `helm template sales-portal . -f values.yaml > temp.yaml` to look at what is generated. + +## Examples + +### Installation with MongoDB + +```bash +# installs or updates the Helm release +helm upgrade --install sales-portal-beta . -f values.yaml --create-namespace \ + --set mongodb.enabled=true,mongodb.auth.rootPassword=admin \ + --set data.db.connectionString=mongodb://root:admin@sales-portal-beta-mongodb:27017/sales-portal-beta?authSource=admin \ + --set data.db.databaseName=sales-portal-beta \ + --namespace sales-portal-beta + +# (optional) forwards MongoDB port for local access +kubectl port-forward service/sales-portal-beta-mongodb 27017:27017 -n sales-portal-beta + +# forwards port for local access +kubectl port-forward service/salesportal-wasmapp-svc 3001:80 -n sales-portal-beta + +# accesses with http://localhost:3001/ +curl http://localhost:3001/ + +# cleans up +helm delete sales-portal-beta -n sales-portal-beta +kubectl delete ns sales-portal-beta +``` + +### Installation with MongoDB, cert-manager, Let's Encrypt & NGINX Ingress Controller + +```bash +# retrieves public IP +NGINX_PUBLIC_IP=`kubectl get service -n ingress-nginx ingress-nginx-controller --output jsonpath='{.status.loadBalancer.ingress[0].ip}'` + +# applies the manifest (add "--debug > output.yaml" in case of issue) +helm upgrade --install sales-portal-beta . -f values.yaml --create-namespace \ + --set mongodb.enabled=true,mongodb.auth.rootPassword=admin \ + --set data.db.connectionString=mongodb://root:admin@sales-portal-beta-mongodb:27017/sales-portal-beta?authSource=admin \ + --set data.db.databaseName=sales-portal-beta \ + --set ingress.enabled=true,ingress.className=nginx,ingress.annotations.'cert-manager\.io/cluster-issuer'=letsencrypt-prod \ + --set front.host=sales-portal.${NGINX_PUBLIC_IP}.sslip.io,front.tls.secretName=sales-portal-tls \ + --set adapter.host=crm-adapter.${NGINX_PUBLIC_IP}.sslip.io,adapter.tls.secretName=crm-adapter-tls \ + --set data.host=crm-data.${NGINX_PUBLIC_IP}.sslip.io,data.tls.secretName=crm-data-tls \ + --set dotnet.environment=Development,dotnet.enableSwagger=true,dotnet.enableOpenTelemetry=true \ + --namespace sales-portal-beta +``` diff --git a/charts/opentelemetry/README.md b/charts/devpro-salesportal/templates/NOTES.txt similarity index 100% rename from charts/opentelemetry/README.md rename to charts/devpro-salesportal/templates/NOTES.txt diff --git a/charts/devpro-salesportal/templates/_helpers.tpl b/charts/devpro-salesportal/templates/_helpers.tpl new file mode 100644 index 0000000..e69de29 diff --git a/charts/devpro-salesportal/templates/deployment.yaml b/charts/devpro-salesportal/templates/deployment.yaml new file mode 100644 index 0000000..0c79454 --- /dev/null +++ b/charts/devpro-salesportal/templates/deployment.yaml @@ -0,0 +1,93 @@ +{{- $applications := list .Values.front .Values.adapter .Values.data -}} +{{ range $applications }} +{{- $name := .name -}} +{{- if .enabled -}} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .name }} + labels: + app: {{ .name }} + app.kubernetes.io/name: {{ .name }} +spec: + replicas: {{ .replicaCount }} + selector: + matchLabels: + app: {{ .name }} + app.kubernetes.io/name: {{ .name }} + template: + metadata: + labels: + app: {{ $name }} + app.kubernetes.io/name: {{ $name }} + {{- if .additionalPodLabels }} + {{- toYaml .additionalPodLabels | nindent 8 }} + {{- end }} + spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "kubernetes.io/arch" + operator: In + values: ["amd64"] + containers: + - name: {{ .name }} + image: {{ .image }}:{{ .tag }} + imagePullPolicy: Always + ports: + - name: http + containerPort: 80 + protocol: TCP + livenessProbe: + httpGet: + path: {{ .healthEndpoint }} + port: http + readinessProbe: + httpGet: + path: {{ .healthEndpoint }} + port: http + resources: + {{- toYaml .resources | nindent 12 }} + {{- $api := .api -}} + {{- $db := .db -}} + {{- with .env }} + env: + - name: HOST_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.hostIP + # TODO: only add this variables when needed and manage http calls + - name: ASPNETCORE_ENVIRONMENT + value: "{{ $.Values.dotnet.environment }}" + - name: AllowedOrigins__0 + value: "https://{{ $.Values.front.host }}" + - name: AllowedOrigins__1 + value: "https://{{ $.Values.adapter.host }}" + - name: CrmDataWebApi__Url + value: "https://{{ $.Values.data.host }}" + {{- if $.Values.dotnet.enableSwagger }} + - name: Application__IsSwaggerEnabled + value: "true" + {{- end }} + {{- if $.Values.dotnet.enableOpenTelemetry }} + - name: Application__IsOpenTelemetryEnabled + value: "true" + - name: OpenTelemetry__CollectorEndpoint + value: "http://$(HOST_IP):4317" + {{- end }} + {{- if $db }} + - name: ConnectionStrings__MongoDb + value: {{ $db.connectionString }} + - name: MongoDb__ConnectionStringName + value: "MongoDb" + - name: MongoDb__DatabaseName + value: {{ $db.databaseName }} + {{- end }} + {{- toYaml . | nindent 12 }} + {{- end }} +{{- end }} +{{ end }} diff --git a/charts/devpro-salesportal/templates/ingress.yaml b/charts/devpro-salesportal/templates/ingress.yaml new file mode 100644 index 0000000..9c62237 --- /dev/null +++ b/charts/devpro-salesportal/templates/ingress.yaml @@ -0,0 +1,50 @@ +{{- $applications := list .Values.front .Values.adapter .Values.data -}} +{{ range $applications }} +{{- $name := .name -}} +{{- if and $.Values.ingress.enabled .enabled -}} +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ $name }}-ingress + {{- with $.Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if $.Values.ingress.className }} + ingressClassName: {{ $.Values.ingress.className }} + {{- end }} + rules: + - host: {{ .host }} + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: {{ $name }}-svc + port: + number: 80 + {{- range .ingressExtraHosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + pathType: {{ .pathType }} + backend: + service: + name: {{ $name }}-svc + port: + number: 80 + {{- end }} + {{- end }} + {{- if .tls }} + tls: + - hosts: + - {{ .host | quote }} + secretName: {{ .tls.secretName }} + {{- end }} +{{- end }} +{{ end }} diff --git a/charts/devpro-salesportal/templates/service.yaml b/charts/devpro-salesportal/templates/service.yaml new file mode 100644 index 0000000..0f09919 --- /dev/null +++ b/charts/devpro-salesportal/templates/service.yaml @@ -0,0 +1,23 @@ +{{- $applications := list .Values.front .Values.adapter .Values.data -}} +{{ range $applications }} +{{- if .enabled -}} +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: {{ .name }} + app.kubernetes.io/name: {{ .name }} + name: {{ .name }}-svc +spec: + type: ClusterIP + ports: + - port: 80 + targetPort: http + protocol: TCP + name: http + selector: + app: {{ .name }} + app.kubernetes.io/name: {{ .name }} +{{- end }} +{{ end }} diff --git a/charts/devpro-salesportal/values.yaml b/charts/devpro-salesportal/values.yaml new file mode 100644 index 0000000..9c5e16d --- /dev/null +++ b/charts/devpro-salesportal/values.yaml @@ -0,0 +1,86 @@ +front: + enabled: true + host: sales-portal.random + name: salesportal-wasmapp + image: docker.io/devprofr/salesportal-wasmapp + tag: latest + replicaCount: 1 + healthEndpoint: /health + db: {} + env: + - name: Logging__LogLevel__Devpro + value: "Debug" + additionalPodLabels: {} + api: {} + tls: {} + # secretName: chart-example-tls + resources: {} + # limits: + # cpu: 200m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 64Mi + +adapter: + enabled: true + host: crm-adapter.random + name: salesportal-crmadapterwebapi + image: docker.io/devprofr/salesportal-crmadapterwebapi + tag: latest + replicaCount: 1 + healthEndpoint: /health + db: {} + env: + - name: Logging__LogLevel__Devpro + value: "Debug" + additionalPodLabels: {} + tls: {} + # secretName: chart-example-tls + resources: {} + # limits: + # cpu: 200m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 64Mi + +data: + enabled: true + host: crm-data.random + name: salesportal-crmdatawebapi + image: docker.io/devprofr/salesportal-crmdatawebapi + tag: latest + replicaCount: 1 + healthEndpoint: /health + db: + connectionString: "" + databaseName: "" + env: + - name: Logging__LogLevel__Devpro + value: "Debug" + additionalPodLabels: {} + tls: {} + # secretName: chart-example-tls + resources: {} + # limits: + # cpu: 200m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 64Mi + +dotnet: + environment: Production + enableSwagger: false + enableOpenTelemetry: false + +ingress: + enabled: false + className: "" + annotations: {} + +mongodb: + enabled: false + # https://github.com/bitnami/charts/blob/main/bitnami/mongodb/values.yaml + auth: {} diff --git a/charts/hobbyfarm/Chart.yaml b/charts/hobbyfarm/Chart.yaml index 506cbd2..3f70912 100644 --- a/charts/hobbyfarm/Chart.yaml +++ b/charts/hobbyfarm/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: hobbyfarm description: Helm chart for managing HobbyFarm type: application -version: "0.1.2" +version: "0.1.3" appVersion: "2.0.8" dependencies: - name: hobbyfarm diff --git a/charts/hobbyfarm/README.md b/charts/hobbyfarm/README.md index b286548..88e19b9 100644 --- a/charts/hobbyfarm/README.md +++ b/charts/hobbyfarm/README.md @@ -53,7 +53,7 @@ helm template hobbyfarm . -f values.yaml \ NGINX_PUBLIC_IP=`kubectl get service -n ingress-nginx ingress-nginx-controller --output jsonpath='{.status.loadBalancer.ingress[0].ip}'` # applies the manifest (add "--debug > output.yaml" in case of issue) -helm install hobbyfarm-beta . -f values.yaml --create-namespace \ +helm upgrade --install hobbyfarm-beta . -f values.yaml --create-namespace \ --set hobbyfarm.ingress.enabled=true \ --set hobbyfarm.ingress.annotations.'cert-manager\.io/cluster-issuer'=letsencrypt-prod \ --set hobbyfarm.ingress.className=nginx \ @@ -67,11 +67,6 @@ helm install hobbyfarm-beta . -f values.yaml --create-namespace \ --set hobbyfarm.ingress.hostnames.shell=shell.hf.${NGINX_PUBLIC_IP}.sslip.io \ --set hobbyfarm.ingress.hostnames.ui=learn.hf.${NGINX_PUBLIC_IP}.sslip.io \ --set hobbyfarm.terraform.enabled=false \ - --namespace hobbyfarm-beta - -# upgrades and create an admin user -helm upgrade hobbyfarm-beta . -f values.yaml \ - --reuse-values \ --set hobbyfarm.users.admin.enabled=true \ --namespace hobbyfarm-beta ``` diff --git a/charts/opentelemetry-collector/Chart.lock b/charts/opentelemetry-collector/Chart.lock new file mode 100644 index 0000000..9ff0275 --- /dev/null +++ b/charts/opentelemetry-collector/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: opentelemetry-collector + repository: https://open-telemetry.github.io/opentelemetry-helm-charts + version: 0.54.0 +digest: sha256:e91d68792423daaf82efd640d08e789c91bb4b2306d61c046247c26e2517862c +generated: "2023-04-19T15:46:11.768612746+02:00" diff --git a/charts/opentelemetry-collector/Chart.yaml b/charts/opentelemetry-collector/Chart.yaml new file mode 100644 index 0000000..a213143 --- /dev/null +++ b/charts/opentelemetry-collector/Chart.yaml @@ -0,0 +1,14 @@ +apiVersion: v2 +name: opentelemetry-collector +description: Helm chart for managing OpenTelemetry Collector +type: application +version: "0.1.0" +appVersion: "0.75.0" +dependencies: + - name: opentelemetry-collector + version: 0.54.0 + repository: https://open-telemetry.github.io/opentelemetry-helm-charts +maintainers: + - name: devpro + email: bertrand@devpro.fr +home: https://github.com/devpro/helm-charts/tree/main/charts/opentelemetry-collector diff --git a/charts/opentelemetry-collector/README.md b/charts/opentelemetry-collector/README.md new file mode 100644 index 0000000..40a07ef --- /dev/null +++ b/charts/opentelemetry-collector/README.md @@ -0,0 +1,47 @@ +# Helm chart for OpenTelemetry Collector + +This Helm chart will install [OpenTelemetry Collector](https://opentelemetry.io/docs/collector/) +by using the [official Helm chart](https://github.com/open-telemetry/opentelemetry-helm-charts). + +## How to use + +- With Helm CLI (see [README](../../README.md#from-helm-cli) for requirements) + +```bash +# install with default parameters +helm upgrade --install opentelemetry-collector devpro/opentelemetry-collector --create-namespace \ + --namespace opentelemetry-collector + +# watches the installation and checks all pods are running after some time +kubectl get pod -n opentelemetry-collector --watch +``` + +## How to create or update the chart + +```bash +# update helm repositories +../../scripts/add_helm_repos.sh + +# searches for the latest version +helm search repo -l open-telemetry/opentelemetry-collector + +# manual: update version number in Chart.yaml + +# updates Chart.lock +helm dependency update +``` + +## How to deploy manually from the sources + +```bash +# creates the release from the local files +helm upgrade --install opentelemetry-collector . -f values.yaml --create-namespace \ + --namespace opentelemetry-collector + +# (optional) forwards port for local access +kubectl port-forward daemonsets/opentelemetry-collector-agent 4317:4317 -n opentelemetry-collector + +# if needed, deletes the release +helm uninstall opentelemetry-collector -n opentelemetry-collector +kubectl delete ns opentelemetry-collector +``` diff --git a/charts/opentelemetry-collector/values.yaml b/charts/opentelemetry-collector/values.yaml new file mode 100644 index 0000000..b052a06 --- /dev/null +++ b/charts/opentelemetry-collector/values.yaml @@ -0,0 +1,35 @@ +# https://github.com/open-telemetry/opentelemetry-helm-charts/blob/main/charts/opentelemetry-collector/values.yaml +opentelemetry-collector: + mode: daemonset + config: + receivers: + jaeger: null + prometheus: null + zipkin: null + service: + pipelines: + logs: + exporters: + - logging + processors: + - memory_limiter + - batch + receivers: + - otlp + metrics: + exporters: + - logging + processors: + - memory_limiter + - batch + receivers: + - otlp + # - prometheus + traces: + exporters: + - logging + processors: + - memory_limiter + - batch + receivers: + - otlp diff --git a/docs/operations.md b/docs/operations.md new file mode 100644 index 0000000..7d62374 --- /dev/null +++ b/docs/operations.md @@ -0,0 +1,9 @@ +# Operations + +## Keep up-to-date with Kubernetes APIs updates + +* Install and use [Helm mapkubeapis Plugin](https://github.com/helm/helm-mapkubeapis) + +```bash +helm plugin install https://github.com/helm/helm-mapkubeapis +``` diff --git a/scripts/add_helm_repo.sh b/scripts/add_helm_repo.sh index 300b4c2..1539b8a 100755 --- a/scripts/add_helm_repo.sh +++ b/scripts/add_helm_repo.sh @@ -14,10 +14,13 @@ helm repo add jenkinsci https://charts.jenkins.io helm repo add jetstack https://charts.jetstack.io helm repo add kasten https://charts.kasten.io/ helm repo add longhorn https://charts.longhorn.io +helm repo add mongodb https://mongodb.github.io/helm-charts helm repo add neuvector https://neuvector.github.io/neuvector-helm +helm repo add open-telemetry https://open-telemetry.github.io/opentelemetry-helm-charts helm repo add rancher-latest https://releases.rancher.com/server-charts/latest helm repo add reportportal https://reportportal.github.io/kubernetes helm repo add s3gw https://aquarist-labs.github.io/s3gw-charts helm repo add sealed-secrets https://bitnami-labs.github.io/sealed-secrets helm repo add sonarqube https://sonarsource.github.io/helm-chart-sonarqube helm repo add traefik https://traefik.github.io/charts +helm repo update