Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Job queue integrations and initContainers #15

Open
wants to merge 9 commits into
base: develop
Choose a base branch
from
Open

Job queue integrations and initContainers #15

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
8ee4dad
add documentation value
frostyfan109 Aug 22, 2024
5e658d4
add celery/rabbit/redis/flower integrations
frostyfan109 Oct 29, 2024
e810d06
remove rabbit integration in favor of redis
frostyfan109 Oct 29, 2024
35db2df
add celery beat container for scheduling, move securitycontext/resour…
frostyfan109 Oct 29, 2024
8a7555e
add probes back for worker/beat containers
frostyfan109 Oct 29, 2024
d61bbdf
Merge branch 'develop' of https://github.com/helxplatform/eduhelx-gra…
frostyfan109 Nov 12, 2024
743a482
increment version
frostyfan109 Nov 12, 2024
d5c8cdc
review comments
frostyfan109 Nov 12, 2024
6fcead9
add security context defaultS
frostyfan109 Nov 12, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 5 additions & 1 deletion Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 1.0.4
version: 1.0.5

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
Expand All @@ -28,3 +28,7 @@ dependencies:
condition: postgresql.enabled
version: ^12.0.0
repository: "https://charts.bitnami.com/bitnami"
- name: redis
condition: redis.enabled
version: ^20.0.0
repository: "https://charts.bitnami.com/bitnami"
16 changes: 16 additions & 0 deletions templates/_helpers.tpl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,15 @@ app.kubernetes.io/name: {{ include "grader-api.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}

{{/*
Flower selector labels
*/}}
{{- define "grader-api.flowerSelectorLabels" -}}
app.kubernetes.io/name: {{ include "grader-api.name" . }}-flower
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}


{{/*
Create the name of the service account to use
*/}}
Expand All @@ -66,4 +75,11 @@ Print the Grader API postgresql secret name
*/}}
{{- define "grader-api.postgresqlSecretName" -}}
{{- printf "%s" .Values.postgresql.auth.existingSecret }}
{{- end }}

{{/*
Print the Grader API redis secret name
*/}}
{{- define "grader-api.redisSecretName" -}}
{{- printf "%s" .Values.redis.auth.existingSecret }}
{{- end }}
227 changes: 227 additions & 0 deletions templates/celery-deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,227 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "grader-api.fullname" . }}-celery
labels:
{{- include "grader-api.labels" . | nindent 4 }}
spec:
{{- if not .Values.autoscaling.enabled }}
replicas: {{ .Values.replicaCount }}
{{- end }}
selector:
matchLabels:
{{- include "grader-api.flowerSelectorLabels" . | nindent 6 }}
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "grader-api.flowerSelectorLabels" . | nindent 8 }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "grader-api.fullname" . }}-sa
securityContext:
{{- toYaml .Values.celery.podSecurityContext | nindent 8 }}
initContainers:
{{- if .Values.postgresql.enabled }}
- name: wait-for-postgresql
image: "{{ .Values.postgresql.image.repository }}:{{ .Values.postgresql.image.tag }}"
imagePullPolicy: "{{ .Values.postgresql.image.pullPolicy }}"
command:
- sh
- -c
- until pg_isready -h {{ include "grader-api.fullname" . }}-postgresql -p 5432 -U postgres; do echo "waiting for postgresql"; sleep 5; done
{{- end }}
{{ if .Values.redis.enabled }}
- name: wait-for-redis
image: goodsmileduck/redis-cli:6.0.4
command: ['sh', '-c', 'until [ "$(redis-cli -h ${REDIS_HOST} -p ${REDIS_PORT} -a ${REDIS_PASSWORD} --user ${REDIS_USER} ping | grep PONG)" = "PONG" ]; do echo waiting for redis; sleep 2; done;']
env:
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: {{ include "grader-api.fullname" . }}
key: BROKER_HOST
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: {{ include "grader-api.fullname" . }}
key: BROKER_PORT
- name: REDIS_USER
valueFrom:
configMapKeyRef:
name: {{ include "grader-api.fullname" . }}
key: BROKER_USER
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "grader-api.redisSecretName" . }}
key: BROKER_PASSWORD
{{ end }}
containers:
- name: celery-worker
securityContext:
{{- toYaml .Values.celery.worker.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
command: ["celery"]
args: [
"-A", "app.celery",
"worker",
"--pool", "{{ .Values.celery.worker.options.pool }}",
"--concurrency", "{{ .Values.celery.worker.options.concurrency }}",
"--loglevel", "{{ .Values.celery.worker.options.loglevel }}"
]
livenessProbe:
exec:
command: ["celery"]
args: [
"-A", "app.celery",
"inspect",
"ping",
"-d", "celery@$HOSTNAME",
"--timeout", "{{ .Values.celery.worker.livenessProbe.timeoutSeconds }}"
]
timeoutSeconds: {{ .Values.celery.worker.livenessProbe.timeoutSeconds }}
initialDelaySeconds: {{ .Values.celery.worker.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.celery.worker.livenessProbe.periodSeconds }}
readinessProbe:
exec:
command: ["celery"]
args: [
"-A", "app.celery",
"inspect",
"ping",
"-d", "celery@$HOSTNAME",
"--timeout", "{{ .Values.celery.worker.readinessProbe.timeoutSeconds }}"
]
timeoutSeconds: {{ .Values.celery.worker.readinessProbe.timeoutSeconds }}
initialDelaySeconds: {{ .Values.celery.worker.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.celery.worker.readinessProbe.periodSeconds }}
resources:
{{- toYaml .Values.celery.worker.resources | nindent 12 }}
envFrom:
- configMapRef:
name: {{ include "grader-api.fullname" . }}
- secretRef:
name: {{ include "grader-api.fullname" . }}
{{- if .Values.postgresql.enabled }}
- secretRef:
name: {{ .Values.postgresql.auth.existingSecret }}
{{- end }}
{{- if .Values.redis.enabled }}
- secretRef:
name: {{ .Values.redis.auth.existingSecret }}
{{- end }}
- name: celery-beat
securityContext:
{{- toYaml .Values.celery.beat.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
command: ["celery"]
args: [
"-A", "app.celery",
"beat",
"--loglevel", "{{ .Values.celery.beat.options.loglevel }}"
]
livenessProbe:
exec:
command: ["celery"]
args: [
"-A", "app.celery",
"inspect",
"ping",
"-d", "celery@$HOSTNAME",
"--timeout", "{{ .Values.celery.beat.livenessProbe.timeoutSeconds }}"
]
timeoutSeconds: {{ .Values.celery.beat.livenessProbe.timeoutSeconds }}
initialDelaySeconds: {{ .Values.celery.beat.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.celery.beat.livenessProbe.periodSeconds }}
readinessProbe:
exec:
command: ["celery"]
args: [
"-A", "app.celery",
"inspect",
"ping",
"-d", "celery@$HOSTNAME",
"--timeout", "{{ .Values.celery.beat.readinessProbe.timeoutSeconds }}"
]
timeoutSeconds: {{ .Values.celery.beat.readinessProbe.timeoutSeconds }}
initialDelaySeconds: {{ .Values.celery.beat.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.celery.beat.readinessProbe.periodSeconds }}
resources:
{{- toYaml .Values.celery.beat.resources | nindent 12 }}
envFrom:
- configMapRef:
name: {{ include "grader-api.fullname" . }}
- secretRef:
name: {{ include "grader-api.fullname" . }}
{{- if .Values.postgresql.enabled }}
- secretRef:
name: {{ .Values.postgresql.auth.existingSecret }}
{{- end }}
{{- if .Values.redis.enabled }}
- secretRef:
name: {{ .Values.redis.auth.existingSecret }}
{{- end }}
{{- if .Values.celery.flower.enabled }}
- name: celery-flower
securityContext:
{{- toYaml .Values.celery.flower.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
command: ["celery"]
args: [
"-A", "app.celery",
"flower"
]
ports:
- name: http
containerPort: 5555
protocol: TCP
livenessProbe:
tcpSocket:
port: 5555
timeoutSeconds: {{ .Values.celery.flower.livenessProbe.timeoutSeconds }}
initialDelaySeconds: {{ .Values.celery.flower.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.celery.flower.livenessProbe.periodSeconds }}
readinessProbe:
tcpSocket:
port: 5555
timeoutSeconds: {{ .Values.celery.flower.readinessProbe.timeoutSeconds }}
initialDelaySeconds: {{ .Values.celery.flower.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.celery.flower.readinessProbe.periodSeconds }}
resources:
{{- toYaml .Values.celery.flower.resources | nindent 12 }}
envFrom:
- configMapRef:
name: {{ include "grader-api.fullname" . }}
- secretRef:
name: {{ include "grader-api.fullname" . }}
{{- if .Values.postgresql.enabled }}
- secretRef:
name: {{ .Values.postgresql.auth.existingSecret }}
{{- end }}
{{- if .Values.redis.enabled }}
- secretRef:
name: {{ .Values.redis.auth.existingSecret }}
{{- end }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
7 changes: 7 additions & 0 deletions templates/configmap.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,4 +6,11 @@ metadata:
data:
{{- toYaml .Values.config.data | nindent 2 }}
POSTGRES_HOST: {{ printf "%s-%s" (include "grader-api.fullname" .) "postgresql" }}
BROKER_HOST: {{ printf "%s-%s" (include "grader-api.fullname" .) "redis-master" }}
{{ if .Values.redis.sentinel.enabled }}
BROKER_PORT: "{{ .Values.redis.sentinel.service.ports.redis }}"
{{ else }}
BROKER_PORT: "{{ .Values.redis.master.service.ports.redis }}"
{{ end }}
BROKER_USER: default
{{- end }}
16 changes: 13 additions & 3 deletions templates/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,9 +28,15 @@ spec:
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
initContainers:
- name: wait-for-postgres
image: busybox:1.28
command: ['sh', '-c', 'until nc -z {{ printf "%s%s" (include "grader-api.fullname" .) "-postgresql" }} 5432; do echo waiting for postgres; sleep 2; done;']
{{- if .Values.postgresql.enabled }}
- name: wait-for-postgresql
image: "{{ .Values.postgresql.image.repository }}:{{ .Values.postgresql.image.tag }}"
imagePullPolicy: "{{ .Values.postgresql.image.pullPolicy }}"
command:
- sh
- -c
- until pg_isready -h {{ include "grader-api.fullname" . }}-postgresql -p 5432 -U postgres; do echo "waiting for postgresql"; sleep 5; done
{{- end }}
containers:
- name: {{ .Chart.Name }}
securityContext:
Expand Down Expand Up @@ -66,6 +72,10 @@ spec:
- secretRef:
name: {{ .Values.postgresql.auth.existingSecret }}
{{- end }}
{{- if .Values.redis.enabled }}
- secretRef:
name: {{ .Values.redis.auth.existingSecret }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
Expand Down
17 changes: 17 additions & 0 deletions templates/flower-service.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
{{- if .Values.celery.flower.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ include "grader-api.fullname" . }}-flower
labels:
{{- include "grader-api.labels" . | nindent 4 }}
spec:
type: {{ .Values.celery.flower.service.type }}
ports:
- port: {{ .Values.celery.flower.service.port }}
targetPort: 5555
protocol: TCP
name: http
selector:
{{- include "grader-api.flowerSelectorLabels" . | nindent 4 }}
{{- end }}
14 changes: 14 additions & 0 deletions templates/redis-secret.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
{{- if and (.Release.IsInstall) (.Values.redis.enabled) }}
{{- if not (lookup "v1" "Secret" .Release.Namespace (include "grader-api.redisSecretName" .)) }}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "grader-api.redisSecretName" . }}
annotations:
helm.sh/resource-policy: keep
data:
{{- $redisPassword := (randAlphaNum 24 | b64enc) }}
redis-password: {{ $redisPassword }}
BROKER_PASSWORD: {{ $redisPassword }}
{{- end }}
{{- end }}
12 changes: 12 additions & 0 deletions templates/secret.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,4 +5,16 @@ metadata:
name: {{ include "grader-api.fullname" . }}
stringData:
{{- toYaml .Values.config.secretData | nindent 2 }}
{{- $flowerPassword := "" }}
{{ if .Values.celery.flower.auth.password }}
{{- $flowerPassword = .Values.celery.flower.auth.password }}
Hoid marked this conversation as resolved.
Show resolved Hide resolved
{{- else }}
{{- if .Release.IsInstall }}
{{- $flowerPassword = randAlphaNum 20 }}
{{ else }}
{{- $flowerPassword = index (lookup "v1" "Secret" .Release.Namespace ( include "grader-api.fullname" . )).data "FLOWER_PASSWORD" | b64dec }}
{{ end }}
{{- end }}
FLOWER_PASSWORD: {{ $flowerPassword }}
FLOWER_BASIC_AUTH: "{{ .Values.celery.flower.auth.username }}:{{ $flowerPassword }}"
{{- end }}
Loading