-
Notifications
You must be signed in to change notification settings - Fork 50
/
reana-workflow-controller.yaml
262 lines (262 loc) · 10.7 KB
/
reana-workflow-controller.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
---
apiVersion: v1
kind: Service
metadata:
name: {{ include "reana.prefix" . }}-workflow-controller
namespace: {{ .Release.Namespace }}
spec:
type: "NodePort"
ports:
- port: 80
targetPort: 5000
name: "http"
protocol: TCP
selector:
app: {{ include "reana.prefix" . }}-workflow-controller
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "reana.prefix" . }}-workflow-controller
namespace: {{ .Release.Namespace }}
spec:
replicas: 1
selector:
matchLabels:
app: {{ include "reana.prefix" . }}-workflow-controller
template:
metadata:
labels:
app: {{ include "reana.prefix" . }}-workflow-controller
spec:
serviceAccountName: {{ include "reana.prefixed_infrastructure_svaccount_name" . }}
containers:
- name: rest-api
image: {{ .Values.components.reana_workflow_controller.image }}
imagePullPolicy: {{ .Values.components.reana_workflow_controller.imagePullPolicy }}
ports:
- containerPort: 5000
name: http
{{- if .Values.debug.enabled }}
command: ["/bin/sh","-c"]
args: ["flask run --host=0.0.0.0"]
tty: true
stdin: true
{{- end }}
volumeMounts:
{{- if .Values.debug.enabled }}
- mountPath: /code
name: reana-code
{{- end }}
- mountPath: {{ .Values.shared_storage.shared_volume_mount_path }}
name: reana-shared-volume
{{- range $workspace_paths := .Values.workspaces.paths }}
{{- if ne (typeOf $workspace_paths) "string" -}}
{{- fail "The workspaces.paths should be a list of strings e.g node_host_path:pod_mount_path" -}}
{{- end }}
{{- $workspace_path := split ":" $workspace_paths }}
{{- if and (ne $workspace_path._0 $.Values.shared_storage.hostpath.root_path) (ne $workspace_path._1 $.Values.shared_storage.shared_volume_mount_path) }}
- name: {{ $workspace_path._0 | quote | replace "/" "" }}
mountPath: {{ $workspace_path._1 }}
{{- end }}
{{- end }}
env:
- name: REANA_COMPONENT_PREFIX
value: {{ include "reana.prefix" . }}
- name: REANA_INFRASTRUCTURE_KUBERNETES_NAMESPACE
value: {{ .Release.Namespace }}
- name: REANA_RUNTIME_KUBERNETES_NAMESPACE
value: {{ .Values.namespace_runtime | default .Release.Namespace }}
- name: REANA_DEFAULT_QUOTA_CPU_LIMIT
value: {{ .Values.quota.default_cpu_limit | default 0 | quote }}
- name: REANA_DEFAULT_QUOTA_DISK_LIMIT
value: {{ .Values.quota.default_disk_limit | default 0 | quote }}
{{- if .Values.quota.enabled }}
- name: REANA_WORKFLOW_TERMINATION_QUOTA_UPDATE_POLICY
value: {{ .Values.quota.termination_update_policy | default "disk,cpu" }}
{{- end }}
{{- if .Values.naming_scheme }}
- name: REANA_COMPONENT_NAMING_SCHEME
value: {{ .Values.naming_scheme }}
{{- end }}
- name: WORKSPACE_PATHS
value: {{ .Values.workspaces.paths | toJson | quote }}
{{- range $key, $value := .Values.db_env_config }}
- name: {{ $key }}
value: {{ $value | quote }}
{{- end }}
{{- range $key, $value := .Values.components.reana_workflow_controller.environment }}
- name: {{ $key }}
value: {{ $value | quote }}
{{- end }}
- name: REANA_INFRASTRUCTURE_KUBERNETES_SERVICEACCOUNT_NAME
value: {{ include "reana.prefixed_infrastructure_svaccount_name" . }}
{{- if .Values.namespace_runtime }}
- name: REANA_RUNTIME_KUBERNETES_SERVICEACCOUNT_NAME
value: {{ include "reana.prefixed_runtime_svaccount_name" . }}
{{- end }}
{{- if .Values.node_label_runtimebatch }}
- name: REANA_RUNTIME_BATCH_KUBERNETES_NODE_LABEL
value: {{ .Values.node_label_runtimebatch }}
{{- end }}
{{- if .Values.node_label_runtimejobs }}
- name: REANA_RUNTIME_JOBS_KUBERNETES_NODE_LABEL
value: {{ .Values.node_label_runtimejobs }}
{{- end }}
{{- if .Values.node_label_runtimesessions }}
- name: REANA_RUNTIME_SESSIONS_KUBERNETES_NODE_LABEL
value: {{ .Values.node_label_runtimesessions }}
{{- end }}
{{- if .Values.kubernetes_jobs_max_user_memory_limit }}
- name: REANA_KUBERNETES_JOBS_MAX_USER_MEMORY_LIMIT
value: {{ .Values.kubernetes_jobs_max_user_memory_limit }}
{{- end }}
- name: REANA_KUBERNETES_JOBS_MEMORY_LIMIT
value: {{ .Values.kubernetes_jobs_memory_limit | default "4Gi" }}
- name: REANA_JOB_CONTROLLER_IMAGE
value: {{ .Values.components.reana_job_controller.image }}
- name: REANA_WORKFLOW_ENGINE_IMAGE_CWL
value: {{ .Values.components.reana_workflow_engine_cwl.image }}
- name: REANA_WORKFLOW_ENGINE_IMAGE_YADAGE
value: {{ .Values.components.reana_workflow_engine_yadage.image }}
- name: REANA_WORKFLOW_ENGINE_IMAGE_SERIAL
value: {{ .Values.components.reana_workflow_engine_serial.image }}
- name: REANA_WORKFLOW_ENGINE_IMAGE_SNAKEMAKE
value: {{ .Values.components.reana_workflow_engine_snakemake.image }}
{{- if .Values.reana_hostname }}
- name: REANA_HOSTNAME
value: {{ .Values.reana_hostname }}
{{- end }}
{{- if .Values.eos.enabled }}
- name: K8S_CERN_EOS_AVAILABLE
value: "True"
{{ end }}
{{- if not (eq .Values.shared_storage.backend "hostpath") }}
- name: REANA_STORAGE_BACKEND
value: "network"
{{ end }}
- name: REANA_GITLAB_HOST
valueFrom:
secretKeyRef:
name: {{ include "reana.prefix" . }}-cern-gitlab-secrets
key: REANA_GITLAB_HOST
- name: REANA_SECRET_KEY
valueFrom:
secretKeyRef:
name: {{ include "reana.prefix" . }}-secrets
key: REANA_SECRET_KEY
{{- if .Values.debug.enabled }}
- name: WDB_SOCKET_SERVER
value: "{{ include "reana.prefix" . }}-wdb"
- name: WDB_NO_BROWSER_AUTO_OPEN
value: "True"
- name: FLASK_ENV
value: "development"
# Hack to not verify SSL connections https://stackoverflow.com/questions/48391750/disable-python-requests-ssl-validation-for-an-imported-module
- name: CURL_CA_BUNDLE
value: ""
- name: GIT_SSL_NO_VERIFY
value: "true"
{{- else }}
- name: REANA_DB_USERNAME
valueFrom:
secretKeyRef:
name: {{ include "reana.prefix" . }}-db-secrets
key: user
- name: REANA_DB_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "reana.prefix" . }}-db-secrets
key: password
{{ end }}
- name: job-status-consumer
image: {{ .Values.components.reana_workflow_controller.image }}
imagePullPolicy: {{ .Values.components.reana_workflow_controller.imagePullPolicy }}
command: ["flask", "consume-job-queue"]
volumeMounts:
{{- if .Values.debug.enabled }}
- mountPath: /code
name: reana-code
{{- end }}
- mountPath: {{ .Values.shared_storage.shared_volume_mount_path }}
name: reana-shared-volume
env:
- name: REANA_COMPONENT_PREFIX
value: {{ include "reana.prefix" . }}
- name: REANA_INFRASTRUCTURE_KUBERNETES_NAMESPACE
value: {{ .Release.Namespace }}
- name: REANA_RUNTIME_KUBERNETES_NAMESPACE
value: {{ .Values.namespace_runtime | default .Release.Namespace }}
{{- if .Values.quota.enabled }}
- name: REANA_WORKFLOW_TERMINATION_QUOTA_UPDATE_POLICY
value: {{ .Values.quota.termination_update_policy | default "disk,cpu" }}
{{- end }}
{{- range $key, $value := .Values.db_env_config }}
- name: {{ $key }}
value: {{ $value | quote }}
{{- end }}
{{- range $key, $value := .Values.components.reana_workflow_controller.environment }}
- name: {{ $key }}
value: {{ $value | quote }}
{{- end }}
{{- if .Values.reana_hostname }}
- name: REANA_HOSTNAME
value: {{ .Values.reana_hostname }}
{{- end }}
{{- if .Values.debug.enabled }}
- name: WDB_SOCKET_SERVER
value: "{{ include "reana.prefix" . }}-wdb"
- name: WDB_NO_BROWSER_AUTO_OPEN
value: "True"
- name: FLASK_ENV
value: "development"
# Hack to not verify SSL connections https://stackoverflow.com/questions/48391750/disable-python-requests-ssl-validation-for-an-imported-module
- name: CURL_CA_BUNDLE
value: ""
- name: GIT_SSL_NO_VERIFY
value: "true"
{{- else }}
- name: REANA_DB_USERNAME
valueFrom:
secretKeyRef:
name: {{ include "reana.prefix" . }}-db-secrets
key: user
- name: REANA_DB_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "reana.prefix" . }}-db-secrets
key: password
{{ end }}
- name: REANA_GITLAB_HOST
valueFrom:
secretKeyRef:
name: {{ include "reana.prefix" . }}-cern-gitlab-secrets
key: REANA_GITLAB_HOST
volumes:
- name: reana-shared-volume
{{- if not (eq .Values.shared_storage.backend "hostpath") }}
persistentVolumeClaim:
claimName: {{ include "reana.prefix" . }}-shared-persistent-volume
readOnly: false
{{- else }}
hostPath:
path: {{ .Values.shared_storage.hostpath.root_path }}
{{- end }}
{{- if .Values.debug.enabled }}
- name: reana-code
hostPath:
path: /code/reana-workflow-controller
{{- end }}
{{- if .Values.node_label_infrastructure }}
{{- $full_label := split "=" .Values.node_label_infrastructure }}
nodeSelector:
{{ $full_label._0 }}: {{ $full_label._1 }}
{{- end }}
{{- range $workspace_paths := .Values.workspaces.paths }}
{{- $workspace_path := split ":" $workspace_paths }}
{{- if and (ne $workspace_path._0 $.Values.shared_storage.hostpath.root_path) (ne $workspace_path._1 $.Values.shared_storage.shared_volume_mount_path) }}
- name: {{ $workspace_path._0 | quote | replace "/" "" }}
hostPath:
path: {{ $workspace_path._0 }}
{{- end }}
{{- end }}