agent chart

clyso · Apr 25, 2024 · 51fd71d · 51fd71d
1 parent 50a1c72
commit 51fd71d
Show file tree

Hide file tree

Showing 9 changed files with 229 additions and 60 deletions.
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -1,49 +1,48 @@
-name: Release Docker images
-
+name: Release Artifacts
 on:
-  # push:
-  #   tags:
-  #     - '*'
-  pull_request:
-    branches: [ main ]
-
+  push:
+    tags:
+      - '*'
+env:
+  REGISTRY: harbor.clyso.com
 jobs:
   # build and publish docker images
-  # docker:
-  #   strategy:
-  #     matrix:
-  #       service: [worker, proxy, agent]
-  #   runs-on: ubuntu-latest
-  #   steps:
-  #     - uses: actions/checkout@v3
-  #     -
-  #       name: Set up QEMU
-  #       uses: docker/setup-qemu-action@v3
-  #     -
-  #       name: Set up Docker Buildx
-  #       uses: docker/setup-buildx-action@v3
-  #     -
-  #       name: Login to Docker Registry
-  #       uses: docker/login-action@v3
-  #       with:
-  #         registry: harbor.clyso.com
-  #         username: "${{ secrets.DOCKER_USER }}"
-  #         password: ${{ secrets.DOCKER_PASSWORD }}
-  #     -
-  #       name: Build and push
-  #       uses: docker/build-push-action@v5
-  #       with:
-  #         platforms: linux/amd64,linux/arm64
-  #         push: true
-  #         tags: |
-  #           harbor.clyso.com/chorus/${{ matrix.service }}:${{  github.ref_name }}
-  #           harbor.clyso.com/chorus/${{ matrix.service }}:latest
-  #         build-args: |
-  #           GIT_TAG=${{  github.ref_name }}
-  #           GIT_COMMIT=${{ github.sha }} 
-  #           SERVICE=${{ matrix.service }} 
+  docker:
+    strategy:
+      matrix:
+        service: [worker, proxy, agent]
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      -
+        name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      -
+        name: Login to Docker Registry
+        uses: docker/login-action@v3
+        with:
+          registry: $REGISTRY
+          username: "${{ secrets.DOCKER_USER }}"
+          password: ${{ secrets.DOCKER_PASSWORD }}
+      -
+        name: Build and push
+        uses: docker/build-push-action@v5
+        with:
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: |
+            $REGISTRY/chorus/${{ matrix.service }}:${{  github.ref_name }}
+            $REGISTRY/chorus/${{ matrix.service }}:latest
+          build-args: |
+            GIT_TAG=${{  github.ref_name }}
+            GIT_COMMIT=${{ github.sha }} 
+            SERVICE=${{ matrix.service }} 
+  # publish helm chart
   helm:
-    # needs: docker
+    needs: docker
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
@@ -57,6 +56,6 @@ jobs:
       - name: Publish chart
         run: |
           echo "${{ steps.chartVer.outputs.result }}"
-          helm registry login -u '${{ secrets.DOCKER_USER }}' -p ${{ secrets.DOCKER_PASSWORD }} harbor.clyso.com
+          helm registry login -u '${{ secrets.DOCKER_USER }}' -p ${{ secrets.DOCKER_PASSWORD }} $REGISTRY
           helm package ./deploy/chorus --app-version=${{  github.ref_name }}
-          helm push ./chorus-${{ steps.chartVer.outputs.result }}.tgz oci://harbor.clyso.com/chorus
+          helm push ./chorus-${{ steps.chartVer.outputs.result }}.tgz oci://$REGISTRY/chorus
diff --git a/deploy/chorus/Chart.yaml b/deploy/chorus/Chart.yaml
@@ -1,9 +1,11 @@
 apiVersion: v2
 name: chorus
-description: A Helm chart for Kubernetes
+description: Helm chart for Chorus S3 management software.
+keywords: ["S3","Backup","Replication","Migration"]
+home: https://github.com/clyso/chorus
 type: application
 version: 0.1.1
-appVersion: "v0.4.3"
+appVersion: "v0.5.2"
 dependencies:
   - name: redis
     version: 17.11.3

diff --git a/deploy/chorus/templates/agent/config.yaml b/deploy/chorus/templates/agent/config.yaml
@@ -0,0 +1,11 @@
+{{- if .Values.agent.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "chorus.fullname" . }}-agent
+  labels:
+  {{- include "chorus.labels" . | nindent 4 }}
+data:
+  config: |-     
+  {{- .Values.agent.config | toYaml | nindent 4 }}
+{{- end }}
diff --git a/deploy/chorus/templates/agent/deployment-agent.yaml b/deploy/chorus/templates/agent/deployment-agent.yaml
@@ -0,0 +1,75 @@
+{{- if .Values.agent.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "chorus.fullname" . }}-agent
+  labels:
+    app: agent
+  {{- include "chorus.labels" . | nindent 4 }}
+spec:
+  replicas: {{ .Values.agent.replicas }}
+  selector:
+    matchLabels:
+      app: agent
+    {{- include "chorus.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      labels:
+        app: agent
+      {{- include "chorus.selectorLabels" . | nindent 8 }}
+      {{- if .Values.agent.config.metrics.enabled }}
+      annotations:
+        prometheus.io/scrape: "true"
+        prometheus.io/path: "/metrics"
+        prometheus.io/port: "9090"
+      {{- end }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "chorus.serviceAccountName" . }}
+      containers:
+      - env:
+        - name: CFG_REDIS_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              key: password
+              name: redis-secret
+        - name: CFG_REDIS_ADDRESS
+          value: {{ printf "%s-redis-master:6379" ( .Release.Name ) }}
+        image: {{ .Values.agent.image.repository }}:{{ .Values.agent.image.tag | default .Chart.AppVersion }}
+        imagePullPolicy: {{ .Values.agent.image.pullPolicy }}
+        name: agent
+        ports:
+        - containerPort: {{ .Values.agent.config.port | default 9673 }}
+          name: http
+          protocol: TCP
+        {{- if .Values.agent.config.metrics.enabled }}
+        - containerPort: 9090
+          name: metrics
+          protocol: TCP
+        {{- end }}
+        readinessProbe:
+          initialDelaySeconds: 5
+          periodSeconds: 10
+          tcpSocket:
+            port: {{ .Values.agent.config.port | default 9673 }}
+        livenessProbe:
+          initialDelaySeconds: 15
+          periodSeconds: 20
+          tcpSocket:
+            port: {{ .Values.agent.config.port | default 9673 }}
+        resources: {{- toYaml .Values.agent.resources | nindent 10 }}
+        securityContext:
+          allowPrivilegeEscalation: false
+        volumeMounts:
+        - mountPath: /bin/config/config.yaml
+          name: config
+          subPath: config
+      terminationGracePeriodSeconds: 10
+      volumes:
+      - configMap:
+          name: {{ include "chorus.fullname" . }}-agent
+        name: config
+{{- end }}
diff --git a/deploy/chorus/templates/agent/service-agent-metrics.yaml b/deploy/chorus/templates/agent/service-agent-metrics.yaml
@@ -0,0 +1,18 @@
+{{- if and .Values.agent.enabled .Values.agent.config.metrics.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "chorus.fullname" . }}-agent-metrics
+  labels:
+    app: agent
+  {{- include "chorus.labels" . | nindent 4 }}
+spec:
+  type: ClusterIP
+  selector:
+    app: agent
+  {{- include "chorus.selectorLabels" . | nindent 4 }}
+  ports:
+    - name: metrics
+      port: 9090
+      targetPort: metrics
+{{- end }}
diff --git a/deploy/chorus/templates/agent/service-agent.yaml b/deploy/chorus/templates/agent/service-agent.yaml
@@ -0,0 +1,17 @@
+{{- if .Values.agent.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "chorus.fullname" . }}-agent-service
+  labels:
+    app: agent
+  {{- include "chorus.labels" . | nindent 4 }}
+spec:
+  selector:
+    app: agent
+  {{- include "chorus.selectorLabels" . | nindent 4 }}
+  type: {{ .Values.agent.agentService.type }}
+  ports:
+  - name: http
+	{{- .Values.agent.agentService.portHttp | toYaml | nindent 4 -}}
+{{- end }}
diff --git a/deploy/chorus/templates/agent/service-monitor.yaml b/deploy/chorus/templates/agent/service-monitor.yaml
@@ -0,0 +1,18 @@
+{{- if and .Values.agent.enabled .Values.agent.config.metrics.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: agent-monitor
+  labels:
+    release: kube-prometheus-stack
+spec:
+  selector:
+    matchLabels:
+      app: agent
+  namespaceSelector:
+    matchNames:
+      - {{ .Release.Namespace }}
+  endpoints:
+    - port: metrics
+  jobLabel: app
+{{- end }}
diff --git a/deploy/chorus/templates/worker/deployment-worker.yaml b/deploy/chorus/templates/worker/deployment-worker.yaml
@@ -37,12 +37,11 @@ spec:
               name: redis-secret
         - name: CFG_REDIS_ADDRESS
           value: {{ printf "%s-redis-master:6379" ( .Release.Name ) }}
-        image: {{ .Values.worker.image.repository }}:{{ .Values.worker.image.tag
-          | default .Chart.AppVersion }}
+        image: {{ .Values.worker.image.repository }}:{{ .Values.worker.image.tag | default .Chart.AppVersion }}
         imagePullPolicy: {{ .Values.worker.image.pullPolicy }}
         name: worker
-        {{- if .Values.worker.config.metrics.enabled }}
         ports:
+        {{- if .Values.worker.config.metrics.enabled }}
         - containerPort: 9090
           name: metrics
           protocol: TCP
@@ -76,4 +75,4 @@ spec:
       - secret:
           secretName: {{ .Values.existingSecret | default (printf "%s-secret" (include "chorus.fullname" . ) ) }}
         name: secret
-      {{- end }}
+      {{- end }}
diff --git a/deploy/chorus/values.yaml b/deploy/chorus/values.yaml
@@ -2,7 +2,7 @@ proxy:
   enabled: true
   image:
     repository: harbor.clyso.com/chorus/proxy
-    tag: latest
+    tag: "" # Chart appVersion will be used if empty
     pullPolicy: Always
   replicas: 2
   resources:
@@ -26,7 +26,7 @@ proxy:
     trace:
       enabled: false
       endpoint: # url to Jaeger or other open trace provider
-    address: "http://localhost:9669" # Chorus proxy s3 api address
+    address: http://localhost:9669 # Chorus proxy s3 api address
     port: 9669
     cors:
       enabled: false
@@ -36,15 +36,15 @@ proxy:
       allowV2Signature: false
       useStorage: # use credentials from one of configured storages <one|two>
       custom: # use custom credentials for proxy s3 endpoint
-    #      - accessKeyID: <s3 v4 accessKey credential>
-    #        secretAccessKey: <s3 v4 secretKey credential>
-    #      - accessKeyID: <s3 v4 accessKey credential>
-    #        secretAccessKey: <s3 v4 secretKey credential>
+      #      - accessKeyID: <s3 v4 accessKey credential>
+      #        secretAccessKey: <s3 v4 secretKey credential>
+      #      - accessKeyID: <s3 v4 accessKey credential>
+      #        secretAccessKey: <s3 v4 secretKey credential>
 worker:
   replicas: 2
   image:
     repository: harbor.clyso.com/chorus/worker
-    tag: latest
+    tag: "" # Chart appVersion will be used if empty
     pullPolicy: Always
   resources:
     limits:
@@ -100,7 +100,7 @@ commonConfig:
     acl: true
   storage:
     createRouting: true # create roting rules to route proxy requests to main storage
-    createReplication: false  # create replication rules to replicate data from main to other storages
+    createReplication: false # create replication rules to replicate data from main to other storages
     storages:
       one:
         address: s3.clyso.com
@@ -111,6 +111,37 @@ commonConfig:
         address: office.clyso.cloud
         provider: Ceph
         isSecure: true
+agent:
+  enabled: false
+  image:
+    repository: harbor.clyso.com/chorus/agent
+    tag: "" # Chart appVersion will be used if empty
+    pullPolicy: Always
+  replicas: 1
+  resources:
+    limits:
+      cpu: 100m
+      memory: 128Mi
+    requests:
+      cpu: 50m
+      memory: 64Mi
+  agentService:
+    portHttp:
+      port: 9673
+      targetPort: http
+    type: ClusterIP
+  config:
+    metrics:
+      enabled: false
+    log:
+      json: true
+      level: info
+    trace:
+      enabled: false
+      endpoint: # url to Jaeger or other open trace provider
+    port: 9673 # agent port to listen incoming notifications
+    url: http://localhost:9673 # REQUIRED: url to be used by s3 storage to send notifications. The URL should be reachable for s3 storage.
+    fromStorage: "" # REQUIRED: notifications source storage name from Chorus config. Normally name of the main storage from storage config.
 existingSecret: "" # set name of existing secret with storage credentials or
 secret: "" #  set storage credentials here to create secret:
 # Example
@@ -147,13 +178,12 @@ redis:
   auth:
     existingSecret: redis-secret
     existingSecretPasswordKey: password
-
 imagePullSecrets:
 serviceAccount:
   # Specifies whether a service account should be created
   create: true
   # Annotations to add to the service account
-  annotations: { }
+  annotations: {}
   # The name of the service account to use.
   # If not set and create is true, a name is generated using the fullname template
   name: ""