diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b92b3f3..68fc7bd 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,49 +1,48 @@ -name: Release Docker images - +name: Release Artifacts on: - # push: - # tags: - # - '*' - pull_request: - branches: [ main ] - + push: + tags: + - '*' +env: + REGISTRY: harbor.clyso.com jobs: # build and publish docker images - # docker: - # strategy: - # matrix: - # service: [worker, proxy, agent] - # runs-on: ubuntu-latest - # steps: - # - uses: actions/checkout@v3 - # - - # name: Set up QEMU - # uses: docker/setup-qemu-action@v3 - # - - # name: Set up Docker Buildx - # uses: docker/setup-buildx-action@v3 - # - - # name: Login to Docker Registry - # uses: docker/login-action@v3 - # with: - # registry: harbor.clyso.com - # username: "${{ secrets.DOCKER_USER }}" - # password: ${{ secrets.DOCKER_PASSWORD }} - # - - # name: Build and push - # uses: docker/build-push-action@v5 - # with: - # platforms: linux/amd64,linux/arm64 - # push: true - # tags: | - # harbor.clyso.com/chorus/${{ matrix.service }}:${{ github.ref_name }} - # harbor.clyso.com/chorus/${{ matrix.service }}:latest - # build-args: | - # GIT_TAG=${{ github.ref_name }} - # GIT_COMMIT=${{ github.sha }} - # SERVICE=${{ matrix.service }} + docker: + strategy: + matrix: + service: [worker, proxy, agent] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - + name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - + name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - + name: Login to Docker Registry + uses: docker/login-action@v3 + with: + registry: $REGISTRY + username: "${{ secrets.DOCKER_USER }}" + password: ${{ secrets.DOCKER_PASSWORD }} + - + name: Build and push + uses: docker/build-push-action@v5 + with: + platforms: linux/amd64,linux/arm64 + push: true + tags: | + $REGISTRY/chorus/${{ matrix.service }}:${{ github.ref_name }} + $REGISTRY/chorus/${{ matrix.service }}:latest + build-args: | + GIT_TAG=${{ github.ref_name }} + GIT_COMMIT=${{ github.sha }} + SERVICE=${{ matrix.service }} + # publish helm chart helm: - # needs: docker + needs: docker runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 @@ -57,6 +56,6 @@ jobs: - name: Publish chart run: | echo "${{ steps.chartVer.outputs.result }}" - helm registry login -u '${{ secrets.DOCKER_USER }}' -p ${{ secrets.DOCKER_PASSWORD }} harbor.clyso.com + helm registry login -u '${{ secrets.DOCKER_USER }}' -p ${{ secrets.DOCKER_PASSWORD }} $REGISTRY helm package ./deploy/chorus --app-version=${{ github.ref_name }} - helm push ./chorus-${{ steps.chartVer.outputs.result }}.tgz oci://harbor.clyso.com/chorus + helm push ./chorus-${{ steps.chartVer.outputs.result }}.tgz oci://$REGISTRY/chorus diff --git a/deploy/chorus/Chart.yaml b/deploy/chorus/Chart.yaml index 1b6e4f4..32a712c 100644 --- a/deploy/chorus/Chart.yaml +++ b/deploy/chorus/Chart.yaml @@ -1,9 +1,11 @@ apiVersion: v2 name: chorus -description: A Helm chart for Kubernetes +description: Helm chart for Chorus S3 management software. +keywords: ["S3","Backup","Replication","Migration"] +home: https://github.com/clyso/chorus type: application version: 0.1.1 -appVersion: "v0.4.3" +appVersion: "v0.5.2" dependencies: - name: redis version: 17.11.3 diff --git a/deploy/chorus/templates/agent/config.yaml b/deploy/chorus/templates/agent/config.yaml new file mode 100644 index 0000000..bfb398c --- /dev/null +++ b/deploy/chorus/templates/agent/config.yaml @@ -0,0 +1,11 @@ +{{- if .Values.agent.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "chorus.fullname" . }}-agent + labels: + {{- include "chorus.labels" . | nindent 4 }} +data: + config: |- + {{- .Values.agent.config | toYaml | nindent 4 }} +{{- end }} diff --git a/deploy/chorus/templates/agent/deployment-agent.yaml b/deploy/chorus/templates/agent/deployment-agent.yaml new file mode 100644 index 0000000..8dcbc9b --- /dev/null +++ b/deploy/chorus/templates/agent/deployment-agent.yaml @@ -0,0 +1,75 @@ +{{- if .Values.agent.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "chorus.fullname" . }}-agent + labels: + app: agent + {{- include "chorus.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.agent.replicas }} + selector: + matchLabels: + app: agent + {{- include "chorus.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + app: agent + {{- include "chorus.selectorLabels" . | nindent 8 }} + {{- if .Values.agent.config.metrics.enabled }} + annotations: + prometheus.io/scrape: "true" + prometheus.io/path: "/metrics" + prometheus.io/port: "9090" + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "chorus.serviceAccountName" . }} + containers: + - env: + - name: CFG_REDIS_PASSWORD + valueFrom: + secretKeyRef: + key: password + name: redis-secret + - name: CFG_REDIS_ADDRESS + value: {{ printf "%s-redis-master:6379" ( .Release.Name ) }} + image: {{ .Values.agent.image.repository }}:{{ .Values.agent.image.tag | default .Chart.AppVersion }} + imagePullPolicy: {{ .Values.agent.image.pullPolicy }} + name: agent + ports: + - containerPort: {{ .Values.agent.config.port | default 9673 }} + name: http + protocol: TCP + {{- if .Values.agent.config.metrics.enabled }} + - containerPort: 9090 + name: metrics + protocol: TCP + {{- end }} + readinessProbe: + initialDelaySeconds: 5 + periodSeconds: 10 + tcpSocket: + port: {{ .Values.agent.config.port | default 9673 }} + livenessProbe: + initialDelaySeconds: 15 + periodSeconds: 20 + tcpSocket: + port: {{ .Values.agent.config.port | default 9673 }} + resources: {{- toYaml .Values.agent.resources | nindent 10 }} + securityContext: + allowPrivilegeEscalation: false + volumeMounts: + - mountPath: /bin/config/config.yaml + name: config + subPath: config + terminationGracePeriodSeconds: 10 + volumes: + - configMap: + name: {{ include "chorus.fullname" . }}-agent + name: config +{{- end }} diff --git a/deploy/chorus/templates/agent/service-agent-metrics.yaml b/deploy/chorus/templates/agent/service-agent-metrics.yaml new file mode 100644 index 0000000..9a8e0e5 --- /dev/null +++ b/deploy/chorus/templates/agent/service-agent-metrics.yaml @@ -0,0 +1,18 @@ +{{- if and .Values.agent.enabled .Values.agent.config.metrics.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "chorus.fullname" . }}-agent-metrics + labels: + app: agent + {{- include "chorus.labels" . | nindent 4 }} +spec: + type: ClusterIP + selector: + app: agent + {{- include "chorus.selectorLabels" . | nindent 4 }} + ports: + - name: metrics + port: 9090 + targetPort: metrics +{{- end }} diff --git a/deploy/chorus/templates/agent/service-agent.yaml b/deploy/chorus/templates/agent/service-agent.yaml new file mode 100644 index 0000000..c9d5b5b --- /dev/null +++ b/deploy/chorus/templates/agent/service-agent.yaml @@ -0,0 +1,17 @@ +{{- if .Values.agent.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "chorus.fullname" . }}-agent-service + labels: + app: agent + {{- include "chorus.labels" . | nindent 4 }} +spec: + selector: + app: agent + {{- include "chorus.selectorLabels" . | nindent 4 }} + type: {{ .Values.agent.agentService.type }} + ports: + - name: http + {{- .Values.agent.agentService.portHttp | toYaml | nindent 4 -}} +{{- end }} diff --git a/deploy/chorus/templates/agent/service-monitor.yaml b/deploy/chorus/templates/agent/service-monitor.yaml new file mode 100644 index 0000000..42edae4 --- /dev/null +++ b/deploy/chorus/templates/agent/service-monitor.yaml @@ -0,0 +1,18 @@ +{{- if and .Values.agent.enabled .Values.agent.config.metrics.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: agent-monitor + labels: + release: kube-prometheus-stack +spec: + selector: + matchLabels: + app: agent + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + endpoints: + - port: metrics + jobLabel: app +{{- end }} diff --git a/deploy/chorus/templates/worker/deployment-worker.yaml b/deploy/chorus/templates/worker/deployment-worker.yaml index 5f7c07e..6d25c8f 100644 --- a/deploy/chorus/templates/worker/deployment-worker.yaml +++ b/deploy/chorus/templates/worker/deployment-worker.yaml @@ -37,12 +37,11 @@ spec: name: redis-secret - name: CFG_REDIS_ADDRESS value: {{ printf "%s-redis-master:6379" ( .Release.Name ) }} - image: {{ .Values.worker.image.repository }}:{{ .Values.worker.image.tag - | default .Chart.AppVersion }} + image: {{ .Values.worker.image.repository }}:{{ .Values.worker.image.tag | default .Chart.AppVersion }} imagePullPolicy: {{ .Values.worker.image.pullPolicy }} name: worker - {{- if .Values.worker.config.metrics.enabled }} ports: + {{- if .Values.worker.config.metrics.enabled }} - containerPort: 9090 name: metrics protocol: TCP @@ -76,4 +75,4 @@ spec: - secret: secretName: {{ .Values.existingSecret | default (printf "%s-secret" (include "chorus.fullname" . ) ) }} name: secret - {{- end }} \ No newline at end of file + {{- end }} diff --git a/deploy/chorus/values.yaml b/deploy/chorus/values.yaml index 2526b5e..11f21ce 100644 --- a/deploy/chorus/values.yaml +++ b/deploy/chorus/values.yaml @@ -2,7 +2,7 @@ proxy: enabled: true image: repository: harbor.clyso.com/chorus/proxy - tag: latest + tag: "" # Chart appVersion will be used if empty pullPolicy: Always replicas: 2 resources: @@ -26,7 +26,7 @@ proxy: trace: enabled: false endpoint: # url to Jaeger or other open trace provider - address: "http://localhost:9669" # Chorus proxy s3 api address + address: http://localhost:9669 # Chorus proxy s3 api address port: 9669 cors: enabled: false @@ -36,15 +36,15 @@ proxy: allowV2Signature: false useStorage: # use credentials from one of configured storages custom: # use custom credentials for proxy s3 endpoint - # - accessKeyID: - # secretAccessKey: - # - accessKeyID: - # secretAccessKey: + # - accessKeyID: + # secretAccessKey: + # - accessKeyID: + # secretAccessKey: worker: replicas: 2 image: repository: harbor.clyso.com/chorus/worker - tag: latest + tag: "" # Chart appVersion will be used if empty pullPolicy: Always resources: limits: @@ -100,7 +100,7 @@ commonConfig: acl: true storage: createRouting: true # create roting rules to route proxy requests to main storage - createReplication: false # create replication rules to replicate data from main to other storages + createReplication: false # create replication rules to replicate data from main to other storages storages: one: address: s3.clyso.com @@ -111,6 +111,37 @@ commonConfig: address: office.clyso.cloud provider: Ceph isSecure: true +agent: + enabled: false + image: + repository: harbor.clyso.com/chorus/agent + tag: "" # Chart appVersion will be used if empty + pullPolicy: Always + replicas: 1 + resources: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 50m + memory: 64Mi + agentService: + portHttp: + port: 9673 + targetPort: http + type: ClusterIP + config: + metrics: + enabled: false + log: + json: true + level: info + trace: + enabled: false + endpoint: # url to Jaeger or other open trace provider + port: 9673 # agent port to listen incoming notifications + url: http://localhost:9673 # REQUIRED: url to be used by s3 storage to send notifications. The URL should be reachable for s3 storage. + fromStorage: "" # REQUIRED: notifications source storage name from Chorus config. Normally name of the main storage from storage config. existingSecret: "" # set name of existing secret with storage credentials or secret: "" # set storage credentials here to create secret: # Example @@ -147,13 +178,12 @@ redis: auth: existingSecret: redis-secret existingSecretPasswordKey: password - imagePullSecrets: serviceAccount: # Specifies whether a service account should be created create: true # Annotations to add to the service account - annotations: { } + annotations: {} # The name of the service account to use. # If not set and create is true, a name is generated using the fullname template name: ""