From 4c016ca67912da08dcf2f6c43e1da5854ecd7100 Mon Sep 17 00:00:00 2001 From: bbk Date: Sat, 25 Nov 2023 12:25:53 +0100 Subject: [PATCH 01/10] add minikube doc --- DEVEL.md | 198 ++++++++++++++++++++++++++++++++++++++++ README.md | 14 ++- charts/wger/values.yaml | 1 + 3 files changed, 208 insertions(+), 5 deletions(-) create mode 100644 DEVEL.md diff --git a/DEVEL.md b/DEVEL.md new file mode 100644 index 0000000..a859958 --- /dev/null +++ b/DEVEL.md @@ -0,0 +1,198 @@ +# Development Setup + +The following is done on a Fedora Desktop to run a minikube rootless setup. For setting it up you need administrative rights. + +## Prepare the system + +First install the required network component `slirp4netns` + +```bash +sudo dnf install slirp4netns +``` + +Now map additional UIDs and GIDs for your user, to be able to use the users IDs from inside the containers. + +* https://docs.podman.io/en/latest/markdown/podman.1.html?highlight=rootless#rootless-mode + +Map additional UID/GID for your user: + +```bash +sudo usermod --add-subuids 10000-75535 USERNAME +sudo usermod --add-subgids 10000-75535 USERNAME +``` + +So this was the only parts where root priviledges are needed. + +## Prepare minicube + +Now install and setup minikube with the calico network driver. Assuming you have `~/bin` in your `$PATH` environment variable. + +```bash +wget https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 -O ~/bin/minikube +chmod 755 ~/bin/minikube + +minikube config set rootless true +minikube config set driver podman +minikube config set container-runtime containerd + +minikube start --cni calico +``` + +Now you have a running cluster on your machine. + +Minikube comes with a integrated `kubectl` command. So you can run `kubectl` commands, without downloaded `kubectl` binary: + +```bash +minikube kubectl -- get pods -A +``` + +But for using `helm` and our convenience, we install `kubectl` alongside `minikube`: + +```bash +wget "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" -O ~/bin/kubectl +``` + +Finally we install `helm`, into `~/bin`: + +```bash +export HELM_INSTALL_DIR=~/bin; export USE_SUDO=false; curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash +``` + +## Setup wger + +You can install wger without any changes to the `values.yaml`, this will run wger in development mode. + +First clone the `wger-helm-charts` repository and optionally create `your_values.yaml` file: + +```bash +git clone https://github.com/wger-project/helm-charts.git +cd helm-charts +vi your_values.yaml +``` + +The following is a example of `your_values.yaml`: + +```yaml +app: + environment: + # x-real-ip - remote ip - x-forward-for - + - name: GUNICORN_CMD_ARGS + value: "--timeout 240 --workers=2 --access-logformat '%({x-real-ip}i)s %(l)s %(h)s %(l)s %({x-forwarded-for}i)s %(l)s %(t)s \"%(r)s\" %(s)s %(b)s \"%(f)s\" \"%(a)s\"' --access-logfile - --error-logfile -" + nginx: + enabled: true + axes: + enabled: true +celery: + enabled: true + flower: + enabled: true +``` + +Deploy the helm chart from the cloned git repo. Omit `-f ../../your_values.yaml` when you don't have the file: + +```bash +cd helm-charts/charts/wger +helm dependency update +helm upgrade --install wger . -n wger --create-namespace -f ../../your_values.yaml +``` + +To access the webinterface, you can port forward `8000` from the wger app to a port on your machine, be aware you need a high port number, which doesn't require root priviledges. + +```bash +export POD=$(kubectl get pods -n wger -l "app.kubernetes.io/name=wger-app" -o jsonpath="{.items[0].metadata.name}") +echo "wger runs on: http://localhost:10001"; kubectl -n wger port-forward ${POD} 10001:8000 +``` + +Go to http://localhost:10001 and login as `admin` `adminadmin` ;-) + +## Advanced Setup + +Now when you add or changed `your_values.yaml` you simply run the `helm upgrade` again: + +```bash +cd helm-charts/charts/wger +helm upgrade --install wger . -n wger --create-namespace -f ../../your_values.yaml +``` + +When you activated `nginx` persistent storage will be automatically activated as a requirement. You can see the volumes (pv) and it's claims (pvc): + +```bash +kubectl get pv +kubectl get pvc -n wger +``` + +There is a special claim `code` which will not be created but will overload the wger django code, this can be used to mount your local development code into the setup. + +Add the following to `your_values.yaml`. + +```yaml +app: + persistence: + existingClaim: + code: wger-code +``` + +Manually create a volume and claim for your local wger code. For this add a new file `wger-code.yaml` and apply it to the cluster: + +```yaml +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: wger-code +spec: + accessModes: + - ReadWriteMany + capacity: + storage: 5Gi + persistentVolumeReclaimPolicy: Retain + volumeMode: Filesystem + storageClassName: local-storage + local: + path: /home/bbk/Documents/code/private/wger + nodeAffinity: + required: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/hostname + operator: In + values: + - minikube +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: wger-code +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: 5Gi + volumeMode: Filesystem + # volumeName should be same as PV name + volumeName: wger-code + storageClassName: "local-storage" +--- +``` + +```bash +kubectl apply -f ../../wger-code-volume.yaml +``` + +Activate the `wger-code` volume in the containers: + +```bash +helm upgrade --install wger . -n wger --create-namespace -f ../../your_values.yaml +``` + +## Uninstall wger + +To uninstall: + +```bash +helm -n wger uninstall wger +kubectl delete -f ../../wger-code-volume.yaml +kubectl delete ns wger +``` + diff --git a/README.md b/README.md index 027ba3c..68c50f7 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,9 @@ # wger -Helm charts for wger deployment on Kubernetes +Helm charts for wger deployment on Kubernetes. + +* https://wger.readthedocs.io + ## TL;DR @@ -428,6 +431,8 @@ Generally persistent volumes needs to be configured depending on your setup. ## Developing locally +The following is a basic instruction, for a more in-depth manual please have a look at [DEVEL.md](DEVEL.md). It also covers mounting the wger django code into the container. + In order to develop locally, you will need [minikube](https://minikube.sigs.k8s.io/docs/) installed. It sets a local Kubernetes cluster that you can use for testing the Helm chart. @@ -467,10 +472,9 @@ $ export POD=$(kubectl get pods -n wger -l "app.kubernetes.io/name=wger-app" -o $ kubectl -n wger exec -it $POD -c wger -- bash wger@wger-app-86c65dcbb9-9ftr6:~/src$ -# start a local proxy to test the web interface -# Wger will then be available on http://localhost:8001/api/v1/namespaces/wger/services/wger-http:8000/proxy/en -$ kubectl proxy -Starting to serve on 127.0.0.1:8001 +# start a port forwarding to access the webinterface +$ echo "wger runs on: http://localhost:10001" +$ kubectl -n wger port-forward ${POD} 10001:8000 # when you are finished with the testing, stop minikube $ minikube stop diff --git a/charts/wger/values.yaml b/charts/wger/values.yaml index 4a2ab06..06e72fc 100644 --- a/charts/wger/values.yaml +++ b/charts/wger/values.yaml @@ -17,6 +17,7 @@ app: securityContext: fsGroup: 1000 persistence: + # this will be overriden to `true` when nginx is enabled enabled: false storageClass: null accessModes: From 427620f01660bd82de97353fde2484eeab031914 Mon Sep 17 00:00:00 2001 From: bbk Date: Sat, 25 Nov 2023 12:29:15 +0100 Subject: [PATCH 02/10] add namespace to pvc --- DEVEL.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/DEVEL.md b/DEVEL.md index a859958..9628727 100644 --- a/DEVEL.md +++ b/DEVEL.md @@ -177,7 +177,7 @@ spec: ``` ```bash -kubectl apply -f ../../wger-code-volume.yaml +kubectl apply -n wger -f ../../wger-code-volume.yaml ``` Activate the `wger-code` volume in the containers: From 9adbb0869aee55691f50d5e1b92bd2c8c3c4bb75 Mon Sep 17 00:00:00 2001 From: bbk Date: Sat, 25 Nov 2023 13:46:00 +0100 Subject: [PATCH 03/10] storage --- DEVEL.md | 49 +++++-------------------------------------------- 1 file changed, 5 insertions(+), 44 deletions(-) diff --git a/DEVEL.md b/DEVEL.md index 9628727..3437d6f 100644 --- a/DEVEL.md +++ b/DEVEL.md @@ -107,11 +107,10 @@ Go to http://localhost:10001 and login as `admin` `adminadmin` ;-) ## Advanced Setup -Now when you add or changed `your_values.yaml` you simply run the `helm upgrade` again: +Install the local-path storage provisioner from ranger to later add your local wger code in a volume: ```bash -cd helm-charts/charts/wger -helm upgrade --install wger . -n wger --create-namespace -f ../../your_values.yaml +kubectl apply -f https://raw.githubusercontent.com/rancher/local-path-provisioner/v0.0.25/deploy/local-path-storage.yaml ``` When you activated `nginx` persistent storage will be automatically activated as a requirement. You can see the volumes (pv) and it's claims (pvc): @@ -135,52 +134,14 @@ app: Manually create a volume and claim for your local wger code. For this add a new file `wger-code.yaml` and apply it to the cluster: ```yaml ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: wger-code -spec: - accessModes: - - ReadWriteMany - capacity: - storage: 5Gi - persistentVolumeReclaimPolicy: Retain - volumeMode: Filesystem - storageClassName: local-storage - local: - path: /home/bbk/Documents/code/private/wger - nodeAffinity: - required: - nodeSelectorTerms: - - matchExpressions: - - key: kubernetes.io/hostname - operator: In - values: - - minikube ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: wger-code -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: 5Gi - volumeMode: Filesystem - # volumeName should be same as PV name - volumeName: wger-code - storageClassName: "local-storage" ---- +TBD ``` ```bash kubectl apply -n wger -f ../../wger-code-volume.yaml ``` -Activate the `wger-code` volume in the containers: +Activate the new values with the `wger-code` volume in the containers: ```bash helm upgrade --install wger . -n wger --create-namespace -f ../../your_values.yaml @@ -192,7 +153,7 @@ To uninstall: ```bash helm -n wger uninstall wger -kubectl delete -f ../../wger-code-volume.yaml +kubectl -n wger delete -f ../../wger-code-volume.yaml kubectl delete ns wger ``` From b1f2761192b0813c692a2724c6cea70f66136af7 Mon Sep 17 00:00:00 2001 From: bbk Date: Sun, 26 Nov 2023 13:52:32 +0100 Subject: [PATCH 04/10] wip --- DEVEL.md | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/DEVEL.md b/DEVEL.md index 3437d6f..e855612 100644 --- a/DEVEL.md +++ b/DEVEL.md @@ -107,12 +107,6 @@ Go to http://localhost:10001 and login as `admin` `adminadmin` ;-) ## Advanced Setup -Install the local-path storage provisioner from ranger to later add your local wger code in a volume: - -```bash -kubectl apply -f https://raw.githubusercontent.com/rancher/local-path-provisioner/v0.0.25/deploy/local-path-storage.yaml -``` - When you activated `nginx` persistent storage will be automatically activated as a requirement. You can see the volumes (pv) and it's claims (pvc): ```bash @@ -122,6 +116,19 @@ kubectl get pvc -n wger There is a special claim `code` which will not be created but will overload the wger django code, this can be used to mount your local development code into the setup. +First checkout the code to in the example i use `$HOME/test/wger`. + +As minikube is running in a VM we first need to mount the local files into the minikube VM to make it available for the kubernetes cluster. You can login to the minikube VM with `minikube ssh`. + +Now mount the folder into the minikube system, i use `/wger-code` here. + +```bash +minikube stop +minikube start --cni calico --mount-string="$HOME/test/wger:/wger-code" +# or +minikube mount $HOME/test/wger:/wger-code +``` + Add the following to `your_values.yaml`. ```yaml @@ -138,6 +145,7 @@ TBD ``` ```bash +kubectl create ns wger kubectl apply -n wger -f ../../wger-code-volume.yaml ``` From c1f155cc122c9b4bc47500b5e39d209df72aed7b Mon Sep 17 00:00:00 2001 From: bbk Date: Wed, 29 Nov 2023 17:12:41 +0100 Subject: [PATCH 05/10] fix SITE_URL --- charts/wger/templates/_helpers.tpl | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/charts/wger/templates/_helpers.tpl b/charts/wger/templates/_helpers.tpl index b2dc75a..d508b3f 100644 --- a/charts/wger/templates/_helpers.tpl +++ b/charts/wger/templates/_helpers.tpl @@ -45,7 +45,10 @@ environment: # django general {{- if .Values.ingress.enabled }} - name: SITE_URL - value: {{ .Values.ingress.url | quote }} + {{- if .Values.ingress.tls }} + value: "https://{{ .Values.ingress.url }}" + {{- else }} + value: "http://{{ .Values.ingress.url }}" - name: CSRF_TRUSTED_ORIGINS value: "http://{{ .Values.ingress.url }},https://{{ .Values.ingress.url }},http://127.0.0.1,https://127.0.0.1,http://localhost,https://localhost" {{- else }} From 4123f731879268c73162ad8cd59aee363dbed24a Mon Sep 17 00:00:00 2001 From: bbk Date: Fri, 1 Dec 2023 09:02:40 +0100 Subject: [PATCH 06/10] don't release 'latest' automatically --- .github/workflows/chart-release.yml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/.github/workflows/chart-release.yml b/.github/workflows/chart-release.yml index f318de8..f6d32e9 100644 --- a/.github/workflows/chart-release.yml +++ b/.github/workflows/chart-release.yml @@ -1,6 +1,13 @@ # yamllint disable rule:line-length --- -# This is a basic workflow to help you get started with Actions +# This automatic helm chart releaser Github Action that uses Microsofts Azure setup-helm +# * https://github.com/Azure/setup-helm +# and helm's chart-releaser-action which uses the https://github.com/helm/chart-releaser image +# * https://github.com/helm/chart-releaser-action +# +# It only creates a new package when there is not yet one in the same version +# It will not automatically mark the new release as latest +# name: Release helm chart @@ -49,3 +56,4 @@ jobs: env: CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" CR_SKIP_EXISTING: true + MARK_AS_LATEST: false From a13166e8abd7fe882f868c5ef4b4f4b4a143be84 Mon Sep 17 00:00:00 2001 From: bbk Date: Fri, 1 Dec 2023 09:10:13 +0100 Subject: [PATCH 07/10] update doc --- DEVEL.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/DEVEL.md b/DEVEL.md index e855612..2e6487e 100644 --- a/DEVEL.md +++ b/DEVEL.md @@ -114,6 +114,8 @@ kubectl get pv kubectl get pvc -n wger ``` +**@todo sorry but, mounting with rootless podman and minikube doesn't work yet** + There is a special claim `code` which will not be created but will overload the wger django code, this can be used to mount your local development code into the setup. First checkout the code to in the example i use `$HOME/test/wger`. From c6109922b1443d2604b4332800a50cdf5c52ad1c Mon Sep 17 00:00:00 2001 From: bbk Date: Fri, 1 Dec 2023 09:12:28 +0100 Subject: [PATCH 08/10] stop using .rc.X release names --- charts/wger/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/wger/Chart.yaml b/charts/wger/Chart.yaml index 7709f53..b3422b4 100644 --- a/charts/wger/Chart.yaml +++ b/charts/wger/Chart.yaml @@ -1,6 +1,6 @@ --- apiVersion: v2 -version: 0.1.6-rc.1 +version: 0.1.5.100 appVersion: latest name: wger description: A Helm chart for Wger installation on Kubernetes From 31d6cfd181ce443ce250a11f82878bb06389c025 Mon Sep 17 00:00:00 2001 From: bbk Date: Fri, 1 Dec 2023 09:23:48 +0100 Subject: [PATCH 09/10] SemVer is required --- charts/wger/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/wger/Chart.yaml b/charts/wger/Chart.yaml index b3422b4..e7b331b 100644 --- a/charts/wger/Chart.yaml +++ b/charts/wger/Chart.yaml @@ -1,6 +1,6 @@ --- apiVersion: v2 -version: 0.1.5.100 +version: 0.1.7 appVersion: latest name: wger description: A Helm chart for Wger installation on Kubernetes From 2130166fc39ae4e2f286368a2e8966a87ba91eae Mon Sep 17 00:00:00 2001 From: bbk Date: Fri, 1 Dec 2023 09:29:47 +0100 Subject: [PATCH 10/10] add end --- charts/wger/templates/_helpers.tpl | 1 + 1 file changed, 1 insertion(+) diff --git a/charts/wger/templates/_helpers.tpl b/charts/wger/templates/_helpers.tpl index d508b3f..d1da762 100644 --- a/charts/wger/templates/_helpers.tpl +++ b/charts/wger/templates/_helpers.tpl @@ -49,6 +49,7 @@ environment: value: "https://{{ .Values.ingress.url }}" {{- else }} value: "http://{{ .Values.ingress.url }}" + {{- end }} - name: CSRF_TRUSTED_ORIGINS value: "http://{{ .Values.ingress.url }},https://{{ .Values.ingress.url }},http://127.0.0.1,https://127.0.0.1,http://localhost,https://localhost" {{- else }}