From c97d083172372cd1ad664a5242f380db22448f6f Mon Sep 17 00:00:00 2001 From: solovyovk Date: Wed, 12 Jun 2024 20:52:16 +0300 Subject: [PATCH] Promoted Helm chart version to 1.0.0 (#2) * Promoted Helm chart version to 1.0.0 --- README.md | 144 +++++++++++++----- manifests/deployment_http.yaml | 80 ++++++++++ ...{deployment.yaml => deployment_https.yaml} | 30 ++-- manifests/hpa.yaml | 24 +++ manifests/secrets.yaml | 18 ++- manifests/service_http.yaml | 19 +++ .../{service.yaml => service_https.yaml} | 10 +- manifests/serviceaccount.yaml | 8 +- manifests/volumes.yaml | 18 ++- wproofreader/Chart.yaml | 4 +- wproofreader/templates/NOTES.txt | 8 +- wproofreader/templates/_helpers.tpl | 9 ++ wproofreader/templates/deployment.yaml | 25 ++- wproofreader/templates/hpa.yaml | 14 +- wproofreader/templates/volumes.yaml | 9 +- wproofreader/values.yaml | 73 ++++++--- 16 files changed, 374 insertions(+), 119 deletions(-) create mode 100644 manifests/deployment_http.yaml rename manifests/{deployment.yaml => deployment_https.yaml} (70%) create mode 100644 manifests/hpa.yaml create mode 100644 manifests/service_http.yaml rename manifests/{service.yaml => service_https.yaml} (50%) diff --git a/README.md b/README.md index fb19859..24309b4 100644 --- a/README.md +++ b/README.md @@ -15,31 +15,15 @@ Before you begin, make sure you have the required environment: ## Basic installation -The chart uses `nodeAffinity` for mounting Persistent Volume of type `local`. -This also allows the user to specify which node will host the WProofreader Server -on a cluster (even a single-node one). - -To assign this role to a node, one has to attach a label to it. It can be whatever you want it to be, -e.g. `proofreader.your-company.com/app`: -```shell -kubectl label node proofreader.company-domain.com/app= -``` -Note that `=` is required, but the value after it is not important (empty in this example). - -Keep in mind that your custom label has to be either updated in `values.yaml` -(`affinityLabel` key, recommended), or passed to `helm` calls using -`--set affinityLabel=proofreader.company-domain.com/app`. - -Now, the chart can be installed the usual way using all the defaults: +The Chart can be installed the usual way using all the defaults: ```shell git clone https://github.com/WebSpellChecker/wproofreader-helm.git cd wproofreader-helm -helm install --create-namespace --namespace wsc wsc-app-5-x-x wproofreader --set affinityLabel=proofreader.company-domain.com/app +helm install --create-namespace --namespace wsc wproofreader-app wproofreader ``` -where `wsc` is the namespace the app should be installed to, -`wsc-app-5-25-0` – the release name, where we specifically mention the product version 5.25.0, -`wproofreader` – local chart directory, -`--set affinityLabel=proofreader.company-domain.com/app` – optional affinity label, see previous paragraph. +where `wsc` is the namespace where the app should be installed, +`wproofreader-app` is the Helm release name, +`wproofreader` is the local Chart directory. API requests should be sent to the Kubernetes Service instance, reachable at ```text @@ -47,7 +31,7 @@ http(s)://..svc: ``` where - `http` or `https` depends on the protocol used; -- `` is the name of the Service instance, which would be `wsc-app-5-25-0-wproofreader` with the above +- `` is the name of the Service instance, which would be `wproofreader-app` with the above command, unless overwritten using `fullnameOverride` `values.yaml` parameter; - `` is the namespace where the chart was installed; - `.svc` can be omitted in most cases, but is recommended to keep; @@ -88,30 +72,102 @@ The defaults for the DockerHub image are `cert.pem`, `key.pem`, and `/certificat ## Custom dictionaries -To allow WProofreader Server to use your custom dictionaries, you have to do the following: -1. Upload the files to some directory on the node, where the chart will be deployed - (remember, it's the one with the `proofreader.company-domain.com/app` label). +To enable WProofreader Server to use your custom dictionaries, follow these steps: +1. Upload the files to a directory on the node where the chart will be deployed. + Ensure this node has `wproofreader.domain-name.com/app` label. 2. Set `dictionaries.localPath` parameter to the absolute path of this directory. 3. Optionally, edit `dictionaries.mountPath` value if non-default one was used in `Dockerfile`, as well as other `dictionaries` parameters if needed. -4. Install the chart normally. +4. Install the chart as usual. + +The Chart uses `nodeAffinity` for mounting Persistent Volume of type `local`. +This allows the user to specify which node will host WProofreader Server +on a cluster, even a single-node one. +To assign this role to a node, you need to attach a label to it. It can be any label you choose, +e.g. `wproofreader.domain-name.com/app`: +```shell +kubectl label node wproofreader.domain-name.com/app= +``` +Note that `=` is required but the value after it is not important (empty in this example). + +Keep in mind that your custom label has to be either updated in `values.yaml` +(`nodeAffinityLabel` key, recommended), or passed to `helm` calls using +`--set nodeAffinityLabel=wproofreader.domain-name.com/app`. + +To install the Chart with custom dictionaries feature enabled and the local path set to the directory on the node where dictionaries are stored: +```shell +helm install --create-namespace --namespace wsc wproofreader-app wproofreader --set nodeAffinityLabel=wproofreader.domain-name.com/app --set dictionaries.enabled=true --set dictionaries.localPath=/dictionaries +``` The dictionary files can be uploaded after the chart installation, but the `dictionaries.localPath` -folder has to exist on the node beforehand. -Dictionaries can be uploaded to the node VM either the usual way (`scp`, `rsync`, `FTP` etc), or -using `kubectl cp` command. With `kubectl cp` we have to use one of pods of the deployment. -Once the files are uploaded, they will appear on all the pods automatically, and will persist -if any or all the pods are restarted. The workflow for this would look something like this: -1. Get the name of one of the pods. For the Helm release named `wsc-app-5-25-0` installed in the `wsc` namespace, we can use +folder must exist on the node beforehand. +Dictionaries can be uploaded to the node VM using standard methods (`scp`, `rsync`, `FTP` etc) or +the `kubectl cp` command. With `kubectl cp`, you need to use one of the deployment's pods. +Once uploaded, the files will automatically appear on all pods and persist +even if the pods are restarted. Follow these steps: +1. Get the name of one of the pods. For the Helm release named `wproofreader-app` in the `wsc` namespace, use ```shell - POD=$(kubectl get pods -n wsc -l app.kubernetes.io/instance=wsc-app-5-25-0 -o jsonpath="{.items[0].metadata.name}") + POD=$(kubectl get pods -n wsc -l app.kubernetes.io/instance=wproofreader-app -o jsonpath="{.items[0].metadata.name}") ``` 2. Upload the files to the pod ```shell kubectl cp -n wsc $POD:/dictionaries ``` - where `/dictionaries` should be changed to whatever non-default `dictionaries.mountPath` value was used if applicable. + Replace `/dictionaries` with your custom `dictionaries.mountPath` value if applicable. +There is also a way in the Chart to specify an already existing Persistent Volume Claim (PVC) with dictionaries that can be configured to operate on multiple nodes (e.g., NFS). To do this, enable the custom dictionary feature by setting the `dictionaries.enabled` parameter to `true` and specifying the name of the existing PVC in the `dictionaries.existingClaim` parameter. + +**Recommended approach:** Using an existing PVC is the recommended way because it ensures that your data will persist even if the Chart is uninstalled. This approach offers a reliable method to maintain data integrity and availability across deployments. + +However, please note that provisioning the Persistent Volume (PV) and PVC for storage backends like NFS is outside the scope of this Chart. You will need to provision the PV and PVC separately according to your storage backend's documentation before using the `dictionaries.existingClaim` parameter. + +## Use in production + +For production deployments, it is highly recommended **to specify resource requests and limits for your Kubernetes pods**. This helps ensure that your applications have the necessary resources to run efficiently while preventing them from consuming excessive resources on the cluster which can impact other applications. +This can be configured in the `values.yaml` file under the `resources` section. + +### Recommended resource requests and limits + +Below are the recommended resource requests and limits for deploying WProofreader Server v5.34.x with enabled English dialects (en_US, en_GB, en_CA, and en_AU) for spelling & grammar check using the English AI language model for enhanced and more accurate proofreading. It also includes such features as a style guide, spelling autocorrect, named-entity recognition (NER), and text autocomplete suggestions (text prediction). These values represent the minimum requirements for running WProofreader Server in a production environment. + +**Note:** Depending on your specific needs and usage patterns, especially when deploying AI language models for enhanced proofreading in other languages, you may need to adjust these values to ensure optimal performance and resource utilization. Alternatively, you can choose the bare-minimum configuration without AI language models. In this case, only algorithmic engines will be used to provide basic spelling and grammar checks. + +```yaml +resources: + requests: + memory: "4Gi" + cpu: "1" + limits: + memory: "8Gi" + cpu: "4" +``` + +### Readiness and liveness probes + +The Helm chart includes readiness and liveness probes to help Kubernetes manage the lifecycle of the WProofreader Server pods. These probes are used to determine when the pod is ready to accept traffic and when it should be restarted if it becomes unresponsive. + +You may thoughtfully modify the Chart default values based on your environment's resources and application needs in the `values.yaml` file under the `readinessProbeOptions` and `livenessProbeOptions` sections. +Example: +```yaml +readinessProbeOptions: + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 3 +``` + +### Application scaling +WProofreader Server can be scaled horizontally by changing the number of replicas. +This can be done by setting the `replicaCount` parameter in the `values.yaml` file. +The default value is `1`. For example, to scale the application to 3 replicas, set the `--set replicaCount=3` flag when installing the Helm chart. + +For dynamic scaling based on resource utilization, you can use Kubernetes Horizontal Pod Autoscaler (HPA). +To use the HPA, you need to turn on the metrics server in your Kubernetes cluster. The HPA will then automatically change the number of pods in a deployment based on how much CPU is being used. +The HPA is not enabled by default in the Helm chart. To enable it, set the `autoscaling.enabled` parameter to `true` in the `values.yaml` file. + +**Important Note:** WProofreader Server can be scaled only based on CPU usage metric. The `targetMemoryUtilizationPercentage` is not supported. + ## Common issues ### Readiness probe failed @@ -141,7 +197,7 @@ Otherwise, they are overwritten with the contents of `values.yaml`. For illustration purposes, please find exported Kubernetes manifests in the `manifests` folder. If you need to export the manifest files from this sample Helm Chart, please use the following command: ```shell -helm template --namespace wsc wsc-app-sample wproofreader \ +helm template --namespace wsc wproofreader-app wproofreader \ --set licenseTicketID=qWeRtY123 \ --set useHTTPS=true \ --set certFile=cert.pem \ @@ -154,21 +210,25 @@ helm template --namespace wsc wsc-app-sample wproofreader \ The service might fail to start up properly if misconfigured. For troubleshooting, it can be beneficial to get the full configuration you attempted to deploy. If needed, later it can be shared with the support team for further investigation. -There are several options for how to gather needed details: +There are several ways to gather necessary details: 1. Get the values (user-configurable options) used by Help to generate Kubernetes manifests: ```shell -helm get values --all --namespace wsc wsc-app-5-25-0 > wsc-app-5-25-0-values.yaml +helm get values --all --namespace wsc wproofreader-app > wproofreader-app-values.yaml ``` -where `wsc` is the namespace and `wsc-app-5-25-0` – the name of your release, -and `wsc-app-5-25-0-values.yaml` – name of the file the data will be written to. +where `wsc` is the namespace and `wproofreader-app` – the name of your release, +and `wproofreader-app-values.yaml` – name of the file the data will be written to. 2. Extract the full Kubernetes manifest(s) as follows: ```shell -helm get manifest --namespace wsc wsc-app-5-25-0 > manifests.yaml +helm get manifest --namespace wsc wproofreader-app > manifests.yaml ``` -If, for any reason, you do not have access to `helm`, same can be accomplished using -`kubectl`. To get manifests for all resources in `wsc` namespace, use: +If you do not have access to `helm`, same can be accomplished using +`kubectl`. To get manifests for all resources in the `wsc` namespace, run: ```shell kubectl get all --namespace wsc -o yaml > manifests.yaml +``` +3. Retrieve the logs of all `wsproofreader-app` pods in the `wsc` namespace: +```shell +kubectl logs -n wsc -l app.kubernetes.io/instance=wproofreader-app ``` \ No newline at end of file diff --git a/manifests/deployment_http.yaml b/manifests/deployment_http.yaml new file mode 100644 index 0000000..ae12804 --- /dev/null +++ b/manifests/deployment_http.yaml @@ -0,0 +1,80 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: wproofreader-app + labels: + helm.sh/chart: wproofreader-1.0.0 + app.kubernetes.io/name: wproofreader + app.kubernetes.io/instance: wproofreader-app + app.kubernetes.io/version: "5.34.3" + app.kubernetes.io/managed-by: Helm +spec: + replicas: 1 + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + selector: + matchLabels: + app.kubernetes.io/name: wproofreader + app.kubernetes.io/instance: wproofreader-app + template: + metadata: + annotations: + checksum/secrets: 3dc935bf0e71c4a7d9f2b3cf2c9743c0ad... + labels: + app.kubernetes.io/name: wproofreader + app.kubernetes.io/instance: wproofreader-app + spec: + serviceAccountName: wproofreader-app + securityContext: + fsGroup: 2000 + containers: + - name: wproofreader + securityContext: + {} + image: "webspellchecker/wproofreader:5.34.3" + imagePullPolicy: IfNotPresent + ports: + - name: container-port + containerPort: 8080 + protocol: TCP + livenessProbe: + httpGet: + path: /wscservice + port: container-port + scheme: HTTP + readinessProbe: + httpGet: + path: "/wscservice/api?cmd=status" + port: container-port + scheme: HTTP + resources: + {} + volumeMounts: + - mountPath: /dictionaries + name: dictionaries-volume + env: + - name: PROTOCOL + value: "2" + - name: WEB_PORT + value: "80" + - name: VIRTUAL_DIR + value: wscservice + - name: LICENSE_TICKET_ID + valueFrom: + secretKeyRef: + name: wproofreader-app-lic + key: license + volumes: + - name: dictionaries-volume + persistentVolumeClaim: + claimName: wproofreader-app-dict + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: wproofreader.domain-name.com/app + operator: Exists \ No newline at end of file diff --git a/manifests/deployment.yaml b/manifests/deployment_https.yaml similarity index 70% rename from manifests/deployment.yaml rename to manifests/deployment_https.yaml index a79ac5d..3004a49 100644 --- a/manifests/deployment.yaml +++ b/manifests/deployment_https.yaml @@ -1,11 +1,13 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: wsc-app-sample-wproofreader + name: wproofreader-app labels: + helm.sh/chart: wproofreader-1.0.0 app.kubernetes.io/name: wproofreader - app.kubernetes.io/instance: wsc-app-sample - app.kubernetes.io/version: "5.25.0" + app.kubernetes.io/instance: wproofreader-app + app.kubernetes.io/version: "5.34.3" + app.kubernetes.io/managed-by: Helm spec: replicas: 1 strategy: @@ -16,23 +18,23 @@ spec: selector: matchLabels: app.kubernetes.io/name: wproofreader - app.kubernetes.io/instance: wsc-app-sample + app.kubernetes.io/instance: wproofreader-app template: metadata: annotations: - checksum/secrets: 3d370016ca764dcc4fbace6c41ec622b592a9cd42d3da47118149693c2b2b5e0 + checksum/secrets: 3d370016ca764dcc4fbace6c41e... labels: app.kubernetes.io/name: wproofreader - app.kubernetes.io/instance: wsc-app-sample + app.kubernetes.io/instance: wproofreader-app spec: - serviceAccountName: wsc-app-sample-wproofreader + serviceAccountName: wproofreader-app securityContext: fsGroup: 2000 containers: - name: wproofreader securityContext: {} - image: "webspellchecker/wproofreader:5.25.0" + image: "webspellchecker/wproofreader:5.34.3" imagePullPolicy: IfNotPresent ports: - name: container-port @@ -45,7 +47,7 @@ spec: scheme: HTTPS readinessProbe: httpGet: - path: "/wscservice/api?cmd=ver" + path: "/wscservice/api?cmd=status" port: container-port scheme: HTTPS resources: @@ -65,19 +67,19 @@ spec: - name: LICENSE_TICKET_ID valueFrom: secretKeyRef: - name: wsc-app-sample-wproofreader-lic + name: wproofreader-app-lic key: license volumes: - name: tls-secret-volume secret: - secretName: wsc-app-sample-wproofreader-cert + secretName: wproofreader-app-cert - name: dictionaries-volume persistentVolumeClaim: - claimName: wsc-app-sample-wproofreader-dict + claimName: wproofreader-app-dict affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - - key: proofreader.company-domain.com/app - operator: Exists + - key: wproofreader.domain-name.com/app + operator: Exists \ No newline at end of file diff --git a/manifests/hpa.yaml b/manifests/hpa.yaml new file mode 100644 index 0000000..73a6fe4 --- /dev/null +++ b/manifests/hpa.yaml @@ -0,0 +1,24 @@ +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: wproofreader-app + labels: + helm.sh/chart: wproofreader-1.0.0 + app.kubernetes.io/name: wproofreader + app.kubernetes.io/instance: wproofreader-app + app.kubernetes.io/version: "5.34.3" + app.kubernetes.io/managed-by: Helm +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: wproofreader-app + minReplicas: 1 + maxReplicas: 5 + metrics: + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: 80 \ No newline at end of file diff --git a/manifests/secrets.yaml b/manifests/secrets.yaml index afaee46..b2085d5 100644 --- a/manifests/secrets.yaml +++ b/manifests/secrets.yaml @@ -1,23 +1,27 @@ apiVersion: v1 kind: Secret metadata: - name: wsc-app-sample-wproofreader-lic + name: wproofreader-app-lic labels: + helm.sh/chart: wproofreader-1.0.0 app.kubernetes.io/name: wproofreader - app.kubernetes.io/instance: wsc-app-sample - app.kubernetes.io/version: "5.25.0" + app.kubernetes.io/instance: wproofreader-app + app.kubernetes.io/version: "5.34.3" + app.kubernetes.io/managed-by: Helm type: Opaque data: - license: "cVdlUnRZMTIz" + license: "your-license-key" --- apiVersion: v1 kind: Secret metadata: - name: wsc-app-sample-wproofreader-cert + name: wproofreader-app-cert labels: + helm.sh/chart: wproofreader-1.0.0 app.kubernetes.io/name: wproofreader - app.kubernetes.io/instance: wsc-app-sample - app.kubernetes.io/version: "5.25.0" + app.kubernetes.io/instance: wproofreader-app + app.kubernetes.io/version: "5.34.3" + app.kubernetes.io/managed-by: Helm type: Opaque data: cert.pem: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVnRENDQXVpZ0F3SUJBZ0lSQU1DVFFQSUFadERzNW94R25YRWEwd1l3RFFZSktvWklodmNOQVFFTEJRQXcKZ2FzeEhqQWNCZ05WQkFvVEZXMXJZMlZ5ZENCa1pYWmxiRzl3YldWdWRDQkRRVEZBTUQ0R0ExVUVDd3czWVc1MApiMjR1YjNaamFHRnlaVzVyYjBCM2IzSnJMV052YlhCMWRHVnlMbXh2WTJGc0lDaEJiblJ2YmlCUGRtTm9ZWEpsCmJtdHZLVEZITUVVR0ExVUVBd3crYld0alpYSjBJR0Z1ZEc5dUxtOTJZMmhoY21WdWEyOUFkMjl5YXkxamIyMXcKZFhSbGNpNXNiMk5oYkNBb1FXNTBiMjRnVDNaamFHRnlaVzVyYnlrd0hoY05Nakl4TVRFM01qQXlNVEkwV2hjTgpNalV3TWpFM01qQXlNVEkwV2pCck1TY3dKUVlEVlFRS0V4NXRhMk5sY25RZ1pHVjJaV3h2Y0cxbGJuUWdZMlZ5CmRHbG1hV05oZEdVeFFEQStCZ05WQkFzTU4yRnVkRzl1TG05MlkyaGhjbVZ1YTI5QWQyOXlheTFqYjIxd2RYUmwKY2k1c2IyTmhiQ0FvUVc1MGIyNGdUM1pqYUdGeVpXNXJieWt3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQgpEd0F3Z2dFS0FvSUJBUURWNXVhZDlqS0lIRXlnTG95RFdtVFlhNDhDbWVxTE5MU3hLdG1vSXFSMXUvSERRUE1RCnpQNncvb3pjd0U2aE1tZ3Y0Qjd5Z0MwcEIxTTlLVjA5TkFoNnJGZGVwdjFJYlNWRVNQVnV5WXcyVUVLNVYzLzQKL2dDWnMxamJGNXJRWmV3a1RYblVQMjVwOVRlMEp0YUZvSUhxb3YwTFRudEpUc3Z5bXZJK1g5QUFNNTlnUDc0Qwo4ZEQydlFVYUI1d1pnVnAxc3VjVmw2UFRLanFqSFJkQ1owYTlmcFNuT3NBZ3hIOVVsRG11UVk5WTdvblZOQ3YrCjhzQnlwUnBjOVdqeVhFakIrSDdzNE81Q2U1ejBqbXVnYXlUczdaaklmVFlwcmdkdFozNGVxUnQ4NHoreWZCTXAKY281SCtpVDVPdmtVREV2UlJvTHNNbDN4ZWZOb2tLUkRLUm81QWdNQkFBR2pYakJjTUE0R0ExVWREd0VCL3dRRQpBd0lGb0RBVEJnTlZIU1VFRERBS0JnZ3JCZ0VGQlFjREFUQWZCZ05WSFNNRUdEQVdnQlRsY3FhaTNLa1owSW56CmptNjY0MjN2TnNMcnlqQVVCZ05WSFJFRURUQUxnZ2xzYjJOaGJHaHZjM1F3RFFZSktvWklodmNOQVFFTEJRQUQKZ2dHQkFIdkdMUFJyVlhYcmNVUWFuZlJkZ050MXdUZU1mYkxoS3g2TW9JKzBzaHdLZlF3ZTNlQXRWeUtyRHFSRgpMcCtIQ1d2cHZaTVREZnFxWHFVTkFwdEt6TjNKTHlUNHkwTXpXRTZQRXh1ZFBFNEtMaHhMK3RWSDVqY2VkWE84CisvN3JHUlNHMVpOb0pJam0yVDE1K3FuNmtnMjQvM1QwUmhxQlhmRGVTRTdtQno3Q1loMWNzN2VLb3lVYUtGVGwKUXNzSy9lQmxkbkxlMEsxSkE5UzN3TVNGVWFUanpnLytBLzNaaHJxRXpLVjdEL1FjWFVzL2JkSUJaa05VOHowUApJZ0hYU1QyMGc2V0RMMXJ6OTMyV2tHelQwN25YQWxzTVZLTC9STGI4bUtEMXl1UU5jZzAzNENjcTAwZFJkWXY2CjJvcExMZE8xRm5RTkVSd0t1OC9TNnBEZkhIU2p1NFlDUXFueXBnRDc5aHRubHZwR1JHWHRiUDgvM2xIay9iZW4KVDlmMVFZMTlneTVlMThpTXp4YktJN1pqOXNjS0hxVFczN0FXVDRnOFV5YTUrQTBRME14SGJXcW5ZRnJyR0N0awpQelVPTmgwOG9xYUNuR2V5aCtzd0JXY3hxY1Uwa3kzaHdmajJjWDliaFdLMlMwaDVLUmRaenNtcThoTTBNbXZwCjBBSko1UT09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" diff --git a/manifests/service_http.yaml b/manifests/service_http.yaml new file mode 100644 index 0000000..cd7fa6c --- /dev/null +++ b/manifests/service_http.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Service +metadata: + name: wproofreader-app + labels: + helm.sh/chart: wproofreader-1.0.0 + app.kubernetes.io/name: wproofreader + app.kubernetes.io/instance: wproofreader-app + app.kubernetes.io/version: "5.34.3" + app.kubernetes.io/managed-by: Helm +spec: + type: ClusterIP + ports: + - port: 80 + targetPort: container-port + protocol: TCP + selector: + app.kubernetes.io/name: wproofreader + app.kubernetes.io/instance: wproofreader-app diff --git a/manifests/service.yaml b/manifests/service_https.yaml similarity index 50% rename from manifests/service.yaml rename to manifests/service_https.yaml index 0fac164..79a6863 100644 --- a/manifests/service.yaml +++ b/manifests/service_https.yaml @@ -1,11 +1,13 @@ apiVersion: v1 kind: Service metadata: - name: wsc-app-sample-wproofreader + name: wproofreader-app labels: + helm.sh/chart: wproofreader-1.0.0 app.kubernetes.io/name: wproofreader - app.kubernetes.io/instance: wsc-app-sample - app.kubernetes.io/version: "5.25.0" + app.kubernetes.io/instance: wproofreader-app + app.kubernetes.io/version: "5.34.3" + app.kubernetes.io/managed-by: Helm spec: type: ClusterIP ports: @@ -14,4 +16,4 @@ spec: protocol: TCP selector: app.kubernetes.io/name: wproofreader - app.kubernetes.io/instance: wsc-app-sample + app.kubernetes.io/instance: wproofreader-app diff --git a/manifests/serviceaccount.yaml b/manifests/serviceaccount.yaml index 0781e05..f6fb541 100644 --- a/manifests/serviceaccount.yaml +++ b/manifests/serviceaccount.yaml @@ -1,8 +1,10 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: wsc-app-sample-wproofreader + name: wproofreader-app labels: + helm.sh/chart: wproofreader-1.0.0 app.kubernetes.io/name: wproofreader - app.kubernetes.io/instance: wsc-app-sample - app.kubernetes.io/version: "5.25.0" + app.kubernetes.io/instance: wproofreader-app + app.kubernetes.io/version: "5.34.3" + app.kubernetes.io/managed-by: Helm \ No newline at end of file diff --git a/manifests/volumes.yaml b/manifests/volumes.yaml index 342608d..2a51742 100644 --- a/manifests/volumes.yaml +++ b/manifests/volumes.yaml @@ -1,11 +1,13 @@ apiVersion: v1 kind: PersistentVolume metadata: - name: wsc-app-sample-wproofreader-dict + name: wproofreader-app-dict labels: + helm.sh/chart: wproofreader-1.0.0 app.kubernetes.io/name: wproofreader - app.kubernetes.io/instance: wsc-app-sample - app.kubernetes.io/version: "5.25.0" + app.kubernetes.io/instance: wproofreader-app + app.kubernetes.io/version: "5.34.3" + app.kubernetes.io/managed-by: Helm spec: storageClassName: standard capacity: @@ -19,17 +21,19 @@ spec: required: nodeSelectorTerms: - matchExpressions: - - key: proofreader.company-domain.com/app + - key: wproofreader.domain-name.com/app operator: Exists --- apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: wsc-app-sample-wproofreader-dict + name: wproofreader-app-dict labels: + helm.sh/chart: wproofreader-1.0.0 app.kubernetes.io/name: wproofreader - app.kubernetes.io/instance: wsc-app-sample - app.kubernetes.io/version: "5.25.0" + app.kubernetes.io/instance: wproofreader-app + app.kubernetes.io/version: "5.34.3" + app.kubernetes.io/managed-by: Helm spec: storageClassName: standard accessModes: diff --git a/wproofreader/Chart.yaml b/wproofreader/Chart.yaml index 40427b6..5af9c39 100644 --- a/wproofreader/Chart.yaml +++ b/wproofreader/Chart.yaml @@ -4,6 +4,6 @@ description: A Helm chart for deploying webspellchecker/wproofreader in Kubernet type: application -version: 0.1.0 +version: 1.0.0 -appVersion: "5.25.0" +appVersion: "5.34.3" diff --git a/wproofreader/templates/NOTES.txt b/wproofreader/templates/NOTES.txt index 494e38c..01cf799 100644 --- a/wproofreader/templates/NOTES.txt +++ b/wproofreader/templates/NOTES.txt @@ -1,14 +1,14 @@ -WProofreader service was deployed successfully! +WProofreader Server has been deployed successfully! {{- $baseUrl := printf "http%s://%s.%s.svc:%s/%s/" (.Values.useHTTPS | ternary "s" "") (include "wproofreader.fullname" .) .Release.Namespace (include "wproofreader.servicePort" . | toString) .Values.virtualDir }} -Dashboard is available at +Quick start: {{ print $baseUrl }} -Status can be checked at +Status: {{ printf "%sapi/?cmd=status" $baseUrl }} -And to check the installation version, go to +Version: {{ printf "%sapi/?cmd=ver" $baseUrl }} Port forwarding to the app server can be enabled with the following command (sudo might be required on some platforms) diff --git a/wproofreader/templates/_helpers.tpl b/wproofreader/templates/_helpers.tpl index 00a1fff..e68af12 100644 --- a/wproofreader/templates/_helpers.tpl +++ b/wproofreader/templates/_helpers.tpl @@ -61,6 +61,15 @@ Create the name of the service account to use. {{- end }} {{- end }} +{{/* +Create the name of the PersistentVolumeClaim. +*/}} +{{- define "wproofreader.pvcName" -}} +{{- if and .Values.dictionaries.enabled (not .Values.dictionaries.existingClaim) }} +{{- default (include "wproofreader.fullname" .) }}-dict +{{- end }} +{{- end }} + {{/* Prints key-value pairs encoded in base 64. */}} diff --git a/wproofreader/templates/deployment.yaml b/wproofreader/templates/deployment.yaml index 07acdd2..49b4f0c 100644 --- a/wproofreader/templates/deployment.yaml +++ b/wproofreader/templates/deployment.yaml @@ -47,22 +47,30 @@ spec: path: /{{ .Values.virtualDir }} port: container-port scheme: {{ if .Values.useHTTPS }}HTTPS{{ else }}HTTP{{ end }} + {{- with .Values.livenessProbeOptions }} + {{- toYaml . | nindent 12 }} + {{- end }} readinessProbe: httpGet: - path: "/{{ .Values.virtualDir }}/api?cmd=ver" + path: "/{{ .Values.virtualDir }}/api?cmd=status" port: container-port scheme: {{ if .Values.useHTTPS }}HTTPS{{ else }}HTTP{{ end }} + {{- with .Values.readinessProbeOptions }} + {{- toYaml . | nindent 12 }} + {{- end }} resources: {{- toYaml .Values.resources | nindent 12 }} + {{- if or (.Values.useHTTPS | and .Values.certFile) .Values.dictionaries.localPath .Values.dictionaries.existingClaim }} volumeMounts: {{- if .Values.useHTTPS | and .Values.certFile }} - mountPath: {{ .Values.certMountPath }} name: tls-secret-volume {{- end }} - {{- if .Values.dictionaries.localPath }} + {{- if or .Values.dictionaries.localPath .Values.dictionaries.existingClaim }} - mountPath: {{ .Values.dictionaries.mountPath }} name: dictionaries-volume {{- end }} + {{- end }} env: - name: PROTOCOL value: {{ if .Values.useHTTPS }}"1"{{ else }}"2"{{ end }} @@ -75,24 +83,31 @@ spec: secretKeyRef: name: {{ include "wproofreader.fullname" . }}-lic key: license + {{- if or (.Values.useHTTPS | and .Values.certFile) .Values.dictionaries.localPath .Values.dictionaries.existingClaim }} volumes: {{- if .Values.useHTTPS | and .Values.certFile }} - name: tls-secret-volume secret: secretName: {{ include "wproofreader.fullname" . }}-cert {{- end }} - {{- if .Values.dictionaries.localPath }} + {{- if or .Values.dictionaries.localPath .Values.dictionaries.existingClaim }} - name: dictionaries-volume persistentVolumeClaim: - claimName: {{ include "wproofreader.fullname" . }}-dict + claimName: {{ default (include "wproofreader.pvcName" .) .Values.dictionaries.existingClaim }} {{- end }} + {{- end }} + {{- if and .Values.dictionaries.enabled .Values.dictionaries.localPath }} affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - - key: {{ .Values.affinityLabel }} + - key: {{ .Values.nodeAffinityLabel }} operator: Exists + {{- else if .Values.affinity }} + affinity: + {{- toYaml .Values.affinity | nindent 8 }} + {{- end }} {{- with .Values.tolerations }} tolerations: {{- toYaml . | nindent 8 }} diff --git a/wproofreader/templates/hpa.yaml b/wproofreader/templates/hpa.yaml index c1dfa30..e328276 100644 --- a/wproofreader/templates/hpa.yaml +++ b/wproofreader/templates/hpa.yaml @@ -1,5 +1,5 @@ {{- if .Values.autoscaling.enabled }} -apiVersion: autoscaling/v2beta1 +apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: name: {{ include "wproofreader.fullname" . }} @@ -17,12 +17,8 @@ spec: - type: Resource resource: name: cpu - targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} {{- end }} - {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} - - type: Resource - resource: - name: memory - targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} - {{- end }} -{{- end }} +{{- end }} \ No newline at end of file diff --git a/wproofreader/templates/volumes.yaml b/wproofreader/templates/volumes.yaml index 88df3fc..139ca3e 100644 --- a/wproofreader/templates/volumes.yaml +++ b/wproofreader/templates/volumes.yaml @@ -1,4 +1,5 @@ -{{- if .Values.dictionaries.localPath }} +{{- if .Values.dictionaries.enabled }} +{{- if and .Values.dictionaries.localPath (not .Values.dictionaries.existingClaim) }} apiVersion: v1 kind: PersistentVolume metadata: @@ -18,14 +19,13 @@ spec: required: nodeSelectorTerms: - matchExpressions: - - key: {{ .Values.affinityLabel }} + - key: {{ .Values.nodeAffinityLabel }} operator: Exists - --- apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: {{ include "wproofreader.fullname" . }}-dict + name: {{ include "wproofreader.pvcName" . }} labels: {{- include "wproofreader.labels" . | nindent 4 }} spec: @@ -35,4 +35,5 @@ spec: resources: requests: storage: {{ .Values.dictionaries.volumeSize }} +{{- end }} {{- end }} \ No newline at end of file diff --git a/wproofreader/values.yaml b/wproofreader/values.yaml index 9cf27db..9ade2bb 100644 --- a/wproofreader/values.yaml +++ b/wproofreader/values.yaml @@ -31,8 +31,12 @@ certMountPath: "/certificate" # `dictionaries` structure provide storage for custom user dictionaries inside the cluster dictionaries: - # absolute path of the directory on the Kubernetes node, where the files should be kept - # leave empty if no volume for custom dictionaries should be created + # enable or disable persistence of custom dictionary feature + enabled: false + # name of existing the PersistentVolumeClaim to use for storing dictionaries + existingClaim: "" + # absolute path of the directory on the Kubernetes node where the files should be kept. + # leave empty if no volume for custom dictionaries should be created. localPath: "" # location inside the container that the above directory should be mounted to # make sure it matches DICTIONARIES_DIR variable in the Dockerfile (https://github.com/WebSpellChecker/wproofreader-docker) @@ -49,35 +53,53 @@ image: repository: webspellchecker/wproofreader # options: IfNotPresent, Never, Always pullPolicy: IfNotPresent - # overrides the image tag whose default is the chart appVersion + # overrides the image tag whose default is the chart appVersion. tag: "" +# Readiness Options allows customizing the default readiness probe +readinessProbeOptions: {} +# initialDelaySeconds: 10 +# periodSeconds: 10 +# timeoutSeconds: 5 +# successThreshold: 1 +# failureThreshold: 3 + +# Liveness Options allows customizing the default liveness probe +livenessProbeOptions: {} +# periodSeconds: 10 +# timeoutSeconds: 3 +# failureThreshold: 1 + # number of Pods (AppServer instances) to retain; is ignored if HorizontalPodAutoscaling is enabled (see below) replicaCount: 1 # HorizontalPodAutoscaling parameters. For more info, see documentation: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale # if enabled, requires "resources" (see below) -autoscaling: - enabled: false - minReplicas: 1 - maxReplicas: 5 - targetCPUUtilizationPercentage: 80 - targetMemoryUtilizationPercentage: 80 - -# max resources usage allowed for pod +# Note: WProofreader Server can be scaled only based on CPU usage metric. The targetMemoryUtilizationPercentage is not supported. +autoscaling: {} +# enabled: false +# minReplicas: 1 +# maxReplicas: 5 +# targetCPUUtilizationPercentage: 80 + +# Max resources usage allowed for pod # have to be specified if HorizontalPodAutoscaling is enabled # if none are given, uses all available on host # (to add your values remove "{}" form the line below, uncomment and edit the ones further down) +# Ref: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ resources: {} -# limits: -# cpu: 100m -# memory: 128Mi # requests: -# cpu: 100m -# memory: 128Mi +# memory: "4Gi" +# cpu: "1" +# limits: +# memory: "8Gi" +# cpu: "4" # if you keep you custom images in a private container repository, you might have to -# provide an imagePullSecret. See: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod +# provide an imagePullSecret. +# See: +# - https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod +# - https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ imagePullSecrets: [] # overrides default chart name ("wproofreader") used for naming resources @@ -123,7 +145,22 @@ securityContext: {} # the label is used for setting the affinity parameter, which specifies a set of # labels that a candidate node for hosting the deployment should have # we recommend customizing it for your use -affinityLabel: "proofreader.company-domain.com/app" +# Example: +## nodeAffinityLabel: "wproofreader.domain-name.com/app" +nodeAffinityLabel: "" + +# Affinity for pod assignment (evaluated as template) +# ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity +affinity: {} +# podAntiAffinity: +# prefferedDuringSchedulingIgnoredDuringExecution: +# - labelSelector: +# matchExpressions: +# - key: app.kubernetes.io/name +# operator: In +# values: +# - wproofreader +# topologyKey: kubernetes.io/hostname # default deployment strategy for Kubernetes: # allow no more than 25% (no fewer than 1) of pods be