From c4573661010d3bac0d41346b8c77c8662ea7c60d Mon Sep 17 00:00:00 2001
From: "f.eremeev" <f.eremeev@haut.ai>
Date: Thu, 25 Mar 2021 20:03:13 +0300
Subject: [PATCH 01/19] init helm chart

---
 .idea/.gitignore                              |   8 +
 .idea/cvat.iml                                |  27 ++++
 .idea/inspectionProfiles/Project_Default.xml  |  19 +++
 .../inspectionProfiles/profiles_settings.xml  |   6 +
 .idea/misc.xml                                |   4 +
 .idea/modules.xml                             |   8 +
 .idea/vcs.xml                                 |   6 +
 kubernetes-templates/cvat/.helmignore         |  23 +++
 kubernetes-templates/cvat/.idea/.gitignore    |   8 +
 kubernetes-templates/cvat/.idea/cvat.iml      |  15 ++
 .../inspectionProfiles/Project_Default.xml    |  19 +++
 .../inspectionProfiles/profiles_settings.xml  |   6 +
 kubernetes-templates/cvat/.idea/misc.xml      |   4 +
 kubernetes-templates/cvat/.idea/modules.xml   |   8 +
 kubernetes-templates/cvat/.idea/vcs.xml       |   6 +
 kubernetes-templates/cvat/Chart.yaml          |  24 +++
 .../cvat/templates/_helpers.tpl               |  62 +++++++
 .../templates/cvat_backend/deployment.yml     | 102 ++++++++++++
 .../cvat/templates/cvat_backend/service.yml   |  20 +++
 .../cvat/templates/cvat_backend/storage.yml   |  12 ++
 .../templates/cvat_frontend/deployment.yml    |  33 ++++
 .../cvat/templates/cvat_frontend/service.yml  |  18 +++
 .../cvat/templates/cvat_proxy/configmap.yml   | 153 ++++++++++++++++++
 .../cvat/templates/cvat_proxy/deployment.yml  |  52 ++++++
 .../cvat/templates/cvat_proxy/service.yml     |  20 +++
 .../cvat/templates/database/deployment.yml    |  67 ++++++++
 .../cvat/templates/database/secrets.yml       |  15 ++
 .../cvat/templates/database/service.yml       |  20 +++
 .../cvat/templates/database/storage.yml       |  14 ++
 .../cvat/templates/redis/deployment.yml       |  35 ++++
 .../cvat/templates/redis/service.yml          |  20 +++
 kubernetes-templates/cvat/values.yaml         |  46 ++++++
 32 files changed, 880 insertions(+)
 create mode 100644 .idea/.gitignore
 create mode 100644 .idea/cvat.iml
 create mode 100644 .idea/inspectionProfiles/Project_Default.xml
 create mode 100644 .idea/inspectionProfiles/profiles_settings.xml
 create mode 100644 .idea/misc.xml
 create mode 100644 .idea/modules.xml
 create mode 100644 .idea/vcs.xml
 create mode 100644 kubernetes-templates/cvat/.helmignore
 create mode 100644 kubernetes-templates/cvat/.idea/.gitignore
 create mode 100644 kubernetes-templates/cvat/.idea/cvat.iml
 create mode 100644 kubernetes-templates/cvat/.idea/inspectionProfiles/Project_Default.xml
 create mode 100644 kubernetes-templates/cvat/.idea/inspectionProfiles/profiles_settings.xml
 create mode 100644 kubernetes-templates/cvat/.idea/misc.xml
 create mode 100644 kubernetes-templates/cvat/.idea/modules.xml
 create mode 100644 kubernetes-templates/cvat/.idea/vcs.xml
 create mode 100644 kubernetes-templates/cvat/Chart.yaml
 create mode 100644 kubernetes-templates/cvat/templates/_helpers.tpl
 create mode 100644 kubernetes-templates/cvat/templates/cvat_backend/deployment.yml
 create mode 100644 kubernetes-templates/cvat/templates/cvat_backend/service.yml
 create mode 100644 kubernetes-templates/cvat/templates/cvat_backend/storage.yml
 create mode 100644 kubernetes-templates/cvat/templates/cvat_frontend/deployment.yml
 create mode 100644 kubernetes-templates/cvat/templates/cvat_frontend/service.yml
 create mode 100644 kubernetes-templates/cvat/templates/cvat_proxy/configmap.yml
 create mode 100644 kubernetes-templates/cvat/templates/cvat_proxy/deployment.yml
 create mode 100644 kubernetes-templates/cvat/templates/cvat_proxy/service.yml
 create mode 100644 kubernetes-templates/cvat/templates/database/deployment.yml
 create mode 100644 kubernetes-templates/cvat/templates/database/secrets.yml
 create mode 100644 kubernetes-templates/cvat/templates/database/service.yml
 create mode 100644 kubernetes-templates/cvat/templates/database/storage.yml
 create mode 100644 kubernetes-templates/cvat/templates/redis/deployment.yml
 create mode 100644 kubernetes-templates/cvat/templates/redis/service.yml
 create mode 100644 kubernetes-templates/cvat/values.yaml

diff --git a/.idea/.gitignore b/.idea/.gitignore
new file mode 100644
index 000000000000..73f69e095861
--- /dev/null
+++ b/.idea/.gitignore
@@ -0,0 +1,8 @@
+# Default ignored files
+/shelf/
+/workspace.xml
+# Datasource local storage ignored files
+/dataSources/
+/dataSources.local.xml
+# Editor-based HTTP Client requests
+/httpRequests/
diff --git a/.idea/cvat.iml b/.idea/cvat.iml
new file mode 100644
index 000000000000..9f8c1b9d8e7a
--- /dev/null
+++ b/.idea/cvat.iml
@@ -0,0 +1,27 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<module type="PYTHON_MODULE" version="4">
+  <component name="FacetManager">
+    <facet type="django" name="Django">
+      <configuration>
+        <option name="rootFolder" value="$MODULE_DIR$" />
+        <option name="settingsModule" value="settings.py" />
+        <option name="manageScript" value="$MODULE_DIR$/manage.py" />
+        <option name="environment" value="&lt;map/&gt;" />
+        <option name="doNotUseTestRunner" value="false" />
+        <option name="trackFilePattern" value="migrations" />
+      </configuration>
+    </facet>
+  </component>
+  <component name="NewModuleRootManager">
+    <content url="file://$MODULE_DIR$" />
+    <orderEntry type="inheritedJdk" />
+    <orderEntry type="sourceFolder" forTests="false" />
+  </component>
+  <component name="TemplatesService">
+    <option name="TEMPLATE_FOLDERS">
+      <list>
+        <option value="$MODULE_DIR$/cvat/apps/restrictions/templates" />
+      </list>
+    </option>
+  </component>
+</module>
\ No newline at end of file
diff --git a/.idea/inspectionProfiles/Project_Default.xml b/.idea/inspectionProfiles/Project_Default.xml
new file mode 100644
index 000000000000..04efdf2d16ea
--- /dev/null
+++ b/.idea/inspectionProfiles/Project_Default.xml
@@ -0,0 +1,19 @@
+<component name="InspectionProjectProfileManager">
+  <profile version="1.0">
+    <option name="myName" value="Project Default" />
+    <inspection_tool class="Eslint" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="PyPackageRequirementsInspection" enabled="true" level="WARNING" enabled_by_default="true">
+      <option name="ignoredPackages">
+        <value>
+          <list size="3">
+            <item index="0" class="java.lang.String" itemvalue="google.cloud.storage" />
+            <item index="1" class="java.lang.String" itemvalue="numpy" />
+            <item index="2" class="java.lang.String" itemvalue="haut_ai.claire.algorithms.algorithm_base" />
+          </list>
+        </value>
+      </option>
+    </inspection_tool>
+    <inspection_tool class="TaskProblemsInspection" enabled="false" level="ERROR" enabled_by_default="false" />
+    <inspection_tool class="TsLint" enabled="true" level="WARNING" enabled_by_default="true" />
+  </profile>
+</component>
\ No newline at end of file
diff --git a/.idea/inspectionProfiles/profiles_settings.xml b/.idea/inspectionProfiles/profiles_settings.xml
new file mode 100644
index 000000000000..105ce2da2d64
--- /dev/null
+++ b/.idea/inspectionProfiles/profiles_settings.xml
@@ -0,0 +1,6 @@
+<component name="InspectionProjectProfileManager">
+  <settings>
+    <option name="USE_PROJECT_PROFILE" value="false" />
+    <version value="1.0" />
+  </settings>
+</component>
\ No newline at end of file
diff --git a/.idea/misc.xml b/.idea/misc.xml
new file mode 100644
index 000000000000..7ba73c25da22
--- /dev/null
+++ b/.idea/misc.xml
@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="ProjectRootManager" version="2" project-jdk-name="Python 2.7" project-jdk-type="Python SDK" />
+</project>
\ No newline at end of file
diff --git a/.idea/modules.xml b/.idea/modules.xml
new file mode 100644
index 000000000000..51b59d8e9909
--- /dev/null
+++ b/.idea/modules.xml
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="ProjectModuleManager">
+    <modules>
+      <module fileurl="file://$PROJECT_DIR$/.idea/cvat.iml" filepath="$PROJECT_DIR$/.idea/cvat.iml" />
+    </modules>
+  </component>
+</project>
\ No newline at end of file
diff --git a/.idea/vcs.xml b/.idea/vcs.xml
new file mode 100644
index 000000000000..94a25f7f4cb4
--- /dev/null
+++ b/.idea/vcs.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="VcsDirectoryMappings">
+    <mapping directory="$PROJECT_DIR$" vcs="Git" />
+  </component>
+</project>
\ No newline at end of file
diff --git a/kubernetes-templates/cvat/.helmignore b/kubernetes-templates/cvat/.helmignore
new file mode 100644
index 000000000000..0e8a0eb36f4c
--- /dev/null
+++ b/kubernetes-templates/cvat/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/kubernetes-templates/cvat/.idea/.gitignore b/kubernetes-templates/cvat/.idea/.gitignore
new file mode 100644
index 000000000000..73f69e095861
--- /dev/null
+++ b/kubernetes-templates/cvat/.idea/.gitignore
@@ -0,0 +1,8 @@
+# Default ignored files
+/shelf/
+/workspace.xml
+# Datasource local storage ignored files
+/dataSources/
+/dataSources.local.xml
+# Editor-based HTTP Client requests
+/httpRequests/
diff --git a/kubernetes-templates/cvat/.idea/cvat.iml b/kubernetes-templates/cvat/.idea/cvat.iml
new file mode 100644
index 000000000000..8c8b8cf9d673
--- /dev/null
+++ b/kubernetes-templates/cvat/.idea/cvat.iml
@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<module type="PYTHON_MODULE" version="4">
+  <component name="NewModuleRootManager">
+    <content url="file://$MODULE_DIR$" />
+    <orderEntry type="inheritedJdk" />
+    <orderEntry type="sourceFolder" forTests="false" />
+  </component>
+  <component name="TemplatesService">
+    <option name="TEMPLATE_FOLDERS">
+      <list>
+        <option value="$MODULE_DIR$/templates" />
+      </list>
+    </option>
+  </component>
+</module>
\ No newline at end of file
diff --git a/kubernetes-templates/cvat/.idea/inspectionProfiles/Project_Default.xml b/kubernetes-templates/cvat/.idea/inspectionProfiles/Project_Default.xml
new file mode 100644
index 000000000000..04efdf2d16ea
--- /dev/null
+++ b/kubernetes-templates/cvat/.idea/inspectionProfiles/Project_Default.xml
@@ -0,0 +1,19 @@
+<component name="InspectionProjectProfileManager">
+  <profile version="1.0">
+    <option name="myName" value="Project Default" />
+    <inspection_tool class="Eslint" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="PyPackageRequirementsInspection" enabled="true" level="WARNING" enabled_by_default="true">
+      <option name="ignoredPackages">
+        <value>
+          <list size="3">
+            <item index="0" class="java.lang.String" itemvalue="google.cloud.storage" />
+            <item index="1" class="java.lang.String" itemvalue="numpy" />
+            <item index="2" class="java.lang.String" itemvalue="haut_ai.claire.algorithms.algorithm_base" />
+          </list>
+        </value>
+      </option>
+    </inspection_tool>
+    <inspection_tool class="TaskProblemsInspection" enabled="false" level="ERROR" enabled_by_default="false" />
+    <inspection_tool class="TsLint" enabled="true" level="WARNING" enabled_by_default="true" />
+  </profile>
+</component>
\ No newline at end of file
diff --git a/kubernetes-templates/cvat/.idea/inspectionProfiles/profiles_settings.xml b/kubernetes-templates/cvat/.idea/inspectionProfiles/profiles_settings.xml
new file mode 100644
index 000000000000..105ce2da2d64
--- /dev/null
+++ b/kubernetes-templates/cvat/.idea/inspectionProfiles/profiles_settings.xml
@@ -0,0 +1,6 @@
+<component name="InspectionProjectProfileManager">
+  <settings>
+    <option name="USE_PROJECT_PROFILE" value="false" />
+    <version value="1.0" />
+  </settings>
+</component>
\ No newline at end of file
diff --git a/kubernetes-templates/cvat/.idea/misc.xml b/kubernetes-templates/cvat/.idea/misc.xml
new file mode 100644
index 000000000000..7ba73c25da22
--- /dev/null
+++ b/kubernetes-templates/cvat/.idea/misc.xml
@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="ProjectRootManager" version="2" project-jdk-name="Python 2.7" project-jdk-type="Python SDK" />
+</project>
\ No newline at end of file
diff --git a/kubernetes-templates/cvat/.idea/modules.xml b/kubernetes-templates/cvat/.idea/modules.xml
new file mode 100644
index 000000000000..51b59d8e9909
--- /dev/null
+++ b/kubernetes-templates/cvat/.idea/modules.xml
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="ProjectModuleManager">
+    <modules>
+      <module fileurl="file://$PROJECT_DIR$/.idea/cvat.iml" filepath="$PROJECT_DIR$/.idea/cvat.iml" />
+    </modules>
+  </component>
+</project>
\ No newline at end of file
diff --git a/kubernetes-templates/cvat/.idea/vcs.xml b/kubernetes-templates/cvat/.idea/vcs.xml
new file mode 100644
index 000000000000..b2bdec2d71b6
--- /dev/null
+++ b/kubernetes-templates/cvat/.idea/vcs.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="VcsDirectoryMappings">
+    <mapping directory="$PROJECT_DIR$/../.." vcs="Git" />
+  </component>
+</project>
\ No newline at end of file
diff --git a/kubernetes-templates/cvat/Chart.yaml b/kubernetes-templates/cvat/Chart.yaml
new file mode 100644
index 000000000000..97b3d5621d70
--- /dev/null
+++ b/kubernetes-templates/cvat/Chart.yaml
@@ -0,0 +1,24 @@
+apiVersion: v2
+name: cvat
+description: A Helm chart for Kubernetes
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "1.16.0"
diff --git a/kubernetes-templates/cvat/templates/_helpers.tpl b/kubernetes-templates/cvat/templates/_helpers.tpl
new file mode 100644
index 000000000000..2209271df2d7
--- /dev/null
+++ b/kubernetes-templates/cvat/templates/_helpers.tpl
@@ -0,0 +1,62 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "cvat.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "cvat.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "cvat.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "cvat.labels" -}}
+helm.sh/chart: {{ include "cvat.chart" . }}
+{{ include "cvat.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "cvat.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "cvat.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "cvat.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "cvat.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
diff --git a/kubernetes-templates/cvat/templates/cvat_backend/deployment.yml b/kubernetes-templates/cvat/templates/cvat_backend/deployment.yml
new file mode 100644
index 000000000000..29f5a8e7468c
--- /dev/null
+++ b/kubernetes-templates/cvat/templates/cvat_backend/deployment.yml
@@ -0,0 +1,102 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ .Release.Name }}-backend
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: cvat-app
+    tier: backend
+spec:
+  replicas: 1
+  strategy:
+    type: Recreate
+  selector:
+    matchLabels:
+      app: cvat-app
+      tier: backend
+  template:
+    metadata:
+      labels:
+        app: cvat-app
+        tier: backend
+    spec:
+      containers:
+        - name: cvat-backend-app-container
+          image: openvino/cvat_server:v1.2.0
+          imagePullPolicy: Always
+          resources:
+            requests:
+              cpu: 10m
+              memory: 100Mi
+          env:
+          - name: DJANGO_MODWSGI_EXTRA_ARGS
+            value: ""
+          - name: UI_PORT
+            value: "80"
+          - name: UI_HOST
+            value: "cvat-frontend-service"
+          - name: ALLOWED_HOSTS
+            value: "*"
+          {{- if .Values.redis.enabled }}
+          - name: CVAT_REDIS_HOST
+            value: "cvat-redis-service"
+          {{- end }}
+          {{- if .Values.redis.enabled }}
+          - name: CVAT_POSTGRES_HOST
+            value: "cvat-postgres-service"
+          - name: CVAT_POSTGRES_USER
+            valueFrom:
+              secretKeyRef:
+                name: cvat-postgres-secret
+                key: POSTGRES_USER
+          - name: CVAT_POSTGRES_DBNAME
+            valueFrom:
+              secretKeyRef:
+                name: cvat-postgres-secret
+                key: POSTGRES_DB
+          - name: CVAT_POSTGRES_PASSWORD
+            valueFrom:
+              secretKeyRef:
+                name: cvat-postgres-secret
+                key: POSTGRES_PASSWORD
+          {{- end }}
+          ports:
+          - containerPort: 8080
+          volumeMounts:
+          - mountPath: /home/django/data
+            name: cvat-backend-data
+            subPath: data
+          - mountPath: /home/django/keys
+            name: cvat-backend-data
+            subPath: keys
+          - mountPath: /home/django/logs
+            name: cvat-backend-data
+            subPath: logs
+          - mountPath: /home/django/models
+            name: cvat-backend-data
+            subPath: models
+      initContainers:
+        - name: user-data-permission-fix
+          image: busybox
+          command: ["/bin/chmod", "-R", "777", "/home/django"]
+          volumeMounts:
+          - mountPath: /home/django/data
+            name: cvat-backend-data
+            subPath: data
+          - mountPath: /home/django/keys
+            name: cvat-backend-data
+            subPath: keys
+          - mountPath: /home/django/logs
+            name: cvat-backend-data
+            subPath: logs
+          - mountPath: /home/django/models
+            name: cvat-backend-data
+            subPath: models
+      volumes:
+        - name: cvat-backend-data
+          persistentVolumeClaim:
+            claimName: cvat-backend-data
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
diff --git a/kubernetes-templates/cvat/templates/cvat_backend/service.yml b/kubernetes-templates/cvat/templates/cvat_backend/service.yml
new file mode 100644
index 000000000000..db78044c76e8
--- /dev/null
+++ b/kubernetes-templates/cvat/templates/cvat_backend/service.yml
@@ -0,0 +1,20 @@
+{{- if .Values.database.enabled -}}
+apiVersion: v1
+kind: Service
+metadata:
+  name: cvat-backend-service
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: cvat-app
+    tier: backend
+spec:
+  type: ClusterIP
+  selector:
+      app: cvat-app
+      tier: backend
+  ports:
+    - port: 8080
+      targetPort: 8080
+      protocol: TCP
+      name: http
+{{- end }}
diff --git a/kubernetes-templates/cvat/templates/cvat_backend/storage.yml b/kubernetes-templates/cvat/templates/cvat_backend/storage.yml
new file mode 100644
index 000000000000..1ccb77c5a830
--- /dev/null
+++ b/kubernetes-templates/cvat/templates/cvat_backend/storage.yml
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: cvat-backend-data
+  namespace: {{ .Release.Namespace }}
+spec:
+  accessModes:
+    - ReadWriteOnce
+  storageClassName: standard
+  resources:
+    requests:
+      storage: 20Gi
diff --git a/kubernetes-templates/cvat/templates/cvat_frontend/deployment.yml b/kubernetes-templates/cvat/templates/cvat_frontend/deployment.yml
new file mode 100644
index 000000000000..6a91630f67e2
--- /dev/null
+++ b/kubernetes-templates/cvat/templates/cvat_frontend/deployment.yml
@@ -0,0 +1,33 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: cvat-frontend
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: cvat-app
+    tier: frontend
+spec:
+  replicas: 1
+  strategy:
+    type: Recreate
+  selector:
+    matchLabels:
+      app: cvat-app
+      tier: frontend
+  template:
+    metadata:
+      labels:
+        app: cvat-app
+        tier: frontend
+    spec:
+      containers:
+        - name: cvat-frontend-app-container
+          image: openvino/cvat_ui:v1.2.0
+          imagePullPolicy: Always
+          ports:
+          - containerPort: 80
+          resources: {}
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
diff --git a/kubernetes-templates/cvat/templates/cvat_frontend/service.yml b/kubernetes-templates/cvat/templates/cvat_frontend/service.yml
new file mode 100644
index 000000000000..88e45a0b9a94
--- /dev/null
+++ b/kubernetes-templates/cvat/templates/cvat_frontend/service.yml
@@ -0,0 +1,18 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: cvat-frontend-service
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: cvat-app
+    tier: frontend
+spec:
+  type: ClusterIP
+  selector:
+      app: cvat-app
+      tier: frontend
+  ports:
+    - port: 80
+      targetPort: 80
+      protocol: TCP
+      name: http
diff --git a/kubernetes-templates/cvat/templates/cvat_proxy/configmap.yml b/kubernetes-templates/cvat/templates/cvat_proxy/configmap.yml
new file mode 100644
index 000000000000..61f1eed9a40d
--- /dev/null
+++ b/kubernetes-templates/cvat/templates/cvat_proxy/configmap.yml
@@ -0,0 +1,153 @@
+{{- if .Values.cvat_proxy.enabled -}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: cvat-nginx-conf
+  namespace: {{ .Release.Namespace }}
+data:
+  nginx.conf: |
+    worker_processes 2;
+
+    error_log /dev/stdout info;
+
+    events {
+        worker_connections  1024;
+    }
+
+    http {
+        include       mime.types;
+        default_type  application/octet-stream;
+        sendfile      on;
+        keepalive_timeout  65;
+        # For long domain names (e.g. AWS hosts)
+        server_names_hash_bucket_size 128;
+
+        include /etc/nginx/cvat.d/*.conf;
+        client_max_body_size 0;
+    }
+  cvat.conf: |
+    server {
+        listen       80;
+        server_name  _ default;
+        return       404;
+    }
+
+    server {
+        listen       80;
+        server_name  {MY_SERVER_URL_COM};
+
+        proxy_pass_header       X-CSRFToken;
+        proxy_set_header        Host $http_host;
+        proxy_pass_header       Set-Cookie;
+
+        location ~* /api/.*|git/.*|tensorflow/.*|auto_annotation/.*|analytics/.*|static/.*|admin|admin/.*|documentation/.*|dextr/.*|reid/.*  {
+            proxy_pass              http://cvat-backend-service:8080;
+        }
+
+        # workaround for match location by arguments
+        location = / {
+            error_page 418 = @annotation_ui;
+
+            if ( $query_string ~ "^id=\d+.*" ) { return 418; }
+            proxy_pass              http://cvat-frontend-service:80;
+        }
+
+        location / {
+            proxy_pass              http://cvat-frontend-service:80;
+        }
+
+        # old annotation ui, will be removed in the future.
+        location @annotation_ui {
+            proxy_pass              http://cvat-backend-service:8080;
+        }
+    }
+  mime.types: |
+    types {
+      text/html                             html htm shtml;
+      text/css                              css;
+      text/xml                              xml;
+      image/gif                             gif;
+      image/jpeg                            jpeg jpg;
+      application/javascript                js;
+      application/atom+xml                  atom;
+      application/rss+xml                   rss;
+
+      text/mathml                           mml;
+      text/plain                            txt;
+      text/vnd.sun.j2me.app-descriptor      jad;
+      text/vnd.wap.wml                      wml;
+      text/x-component                      htc;
+
+      image/png                             png;
+      image/tiff                            tif tiff;
+      image/vnd.wap.wbmp                    wbmp;
+      image/x-icon                          ico;
+      image/x-jng                           jng;
+      image/x-ms-bmp                        bmp;
+      image/svg+xml                         svg svgz;
+      image/webp                            webp;
+
+      application/font-woff                 woff;
+      application/java-archive              jar war ear;
+      application/json                      json;
+      application/mac-binhex40              hqx;
+      application/msword                    doc;
+      application/pdf                       pdf;
+      application/postscript                ps eps ai;
+      application/rtf                       rtf;
+      application/vnd.apple.mpegurl         m3u8;
+      application/vnd.ms-excel              xls;
+      application/vnd.ms-fontobject         eot;
+      application/vnd.ms-powerpoint         ppt;
+      application/vnd.wap.wmlc              wmlc;
+      application/vnd.google-earth.kml+xml  kml;
+      application/vnd.google-earth.kmz      kmz;
+      application/x-7z-compressed           7z;
+      application/x-cocoa                   cco;
+      application/x-java-archive-diff       jardiff;
+      application/x-java-jnlp-file          jnlp;
+      application/x-makeself                run;
+      application/x-perl                    pl pm;
+      application/x-pilot                   prc pdb;
+      application/x-rar-compressed          rar;
+      application/x-redhat-package-manager  rpm;
+      application/x-sea                     sea;
+      application/x-shockwave-flash         swf;
+      application/x-stuffit                 sit;
+      application/x-tcl                     tcl tk;
+      application/x-x509-ca-cert            der pem crt;
+      application/x-xpinstall               xpi;
+      application/xhtml+xml                 xhtml;
+      application/xspf+xml                  xspf;
+      application/zip                       zip;
+
+      application/octet-stream              bin exe dll;
+      application/octet-stream              deb;
+      application/octet-stream              dmg;
+      application/octet-stream              iso img;
+      application/octet-stream              msi msp msm;
+
+      application/vnd.openxmlformats-officedocument.wordprocessingml.document    docx;
+      application/vnd.openxmlformats-officedocument.spreadsheetml.sheet          xlsx;
+      application/vnd.openxmlformats-officedocument.presentationml.presentation  pptx;
+
+      audio/midi                            mid midi kar;
+      audio/mpeg                            mp3;
+      audio/ogg                             ogg;
+      audio/x-m4a                           m4a;
+      audio/x-realaudio                     ra;
+
+      video/3gpp                            3gpp 3gp;
+      video/mp2t                            ts;
+      video/mp4                             mp4;
+      video/mpeg                            mpeg mpg;
+      video/quicktime                       mov;
+      video/webm                            webm;
+      video/x-flv                           flv;
+      video/x-m4v                           m4v;
+      video/x-mng                           mng;
+      video/x-ms-asf                        asx asf;
+      video/x-ms-wmv                        wmv;
+      video/x-msvideo                       avi;
+    }
+{{- end}}
diff --git a/kubernetes-templates/cvat/templates/cvat_proxy/deployment.yml b/kubernetes-templates/cvat/templates/cvat_proxy/deployment.yml
new file mode 100644
index 000000000000..9fd51f7f5095
--- /dev/null
+++ b/kubernetes-templates/cvat/templates/cvat_proxy/deployment.yml
@@ -0,0 +1,52 @@
+{{- if .Values.cvat_proxy.enabled -}}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: cvat-nginx
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: cvat-app
+    tier: proxy
+spec:
+  replicas: 1
+  strategy:
+    type: Recreate
+  selector:
+    matchLabels:
+      app: cvat-app
+      tier: proxy
+  template:
+    metadata:
+      labels:
+        app: cvat-app
+        tier: proxy
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      containers:
+      - name: nginx
+        image: nginx
+        ports:
+        - containerPort: 80
+        volumeMounts:
+        - mountPath: /etc/nginx
+          readOnly: true
+          name: cvat-nginx-conf
+        - mountPath: /var/log/nginx
+          name: log
+      volumes:
+      - name: cvat-nginx-conf
+        configMap:
+          name: cvat-nginx-conf
+          items:
+            - key: nginx.conf
+              path: nginx.conf
+            - key: mime.types
+              path: mime.types
+            - key: cvat.conf
+              path: cvat.d/cvat.conf
+      - name: log
+        emptyDir: {}
+{{- end }}
diff --git a/kubernetes-templates/cvat/templates/cvat_proxy/service.yml b/kubernetes-templates/cvat/templates/cvat_proxy/service.yml
new file mode 100644
index 000000000000..6ce5b97eacf4
--- /dev/null
+++ b/kubernetes-templates/cvat/templates/cvat_proxy/service.yml
@@ -0,0 +1,20 @@
+{{- if .Values.cvat_proxy.enabled -}}
+apiVersion: v1
+kind: Service
+metadata:
+  name: cvat-proxy-service
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: cvat-app
+    tier: proxy
+spec:
+  type: NodePort
+  selector:
+      app: cvat-app
+      tier: proxy
+  ports:
+    - port: 80
+      targetPort: 80
+      protocol: TCP
+      name: http
+{{- end}}
diff --git a/kubernetes-templates/cvat/templates/database/deployment.yml b/kubernetes-templates/cvat/templates/database/deployment.yml
new file mode 100644
index 000000000000..e84a3d7b7216
--- /dev/null
+++ b/kubernetes-templates/cvat/templates/database/deployment.yml
@@ -0,0 +1,67 @@
+{{- if .Values.database.enabled -}}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: cvat-postgres
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: cvat-app
+    tier: db
+spec:
+  replicas: 1
+  strategy:
+    type: Recreate
+  selector:
+    matchLabels:
+      app: cvat-app
+      tier: db
+  template:
+    metadata:
+      labels:
+        app: cvat-app
+        tier: db
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      containers:
+        - name: cvat-postgres
+          image: postgres:10.3-alpine
+          imagePullPolicy: "IfNotPresent"
+          env:
+          - name: POSTGRES_DB
+            valueFrom:
+              secretKeyRef:
+                name: cvat-postgres-secret
+                key: POSTGRES_DB
+          - name: POSTGRES_USER
+            valueFrom:
+              secretKeyRef:
+                name: cvat-postgres-secret
+                key: POSTGRES_USER
+          - name: POSTGRES_PASSWORD
+            valueFrom:
+              secretKeyRef:
+                name: cvat-postgres-secret
+                key: POSTGRES_PASSWORD
+          ports:
+          - containerPort: 5432
+          readinessProbe:
+            exec:
+              command:
+                - sh
+                - -c
+                - su - postgres -c "pg_isready --host=$POD_IP"
+            initialDelaySeconds: 15
+            timeoutSeconds: 2
+          resources: {}
+          volumeMounts:
+            - mountPath: /var/lib/postgresql/data
+              name: postgredb
+              subPath: postgres
+      volumes:
+        - name: postgredb
+          persistentVolumeClaim:
+            claimName: cvat-postgres-data
+{{- end }}
diff --git a/kubernetes-templates/cvat/templates/database/secrets.yml b/kubernetes-templates/cvat/templates/database/secrets.yml
new file mode 100644
index 000000000000..e3ad16c49f55
--- /dev/null
+++ b/kubernetes-templates/cvat/templates/database/secrets.yml
@@ -0,0 +1,15 @@
+{{- if .Values.database.enabled -}}
+apiVersion: v1
+kind: Secret
+type: Opaque
+metadata:
+  name: cvat-postgres-secret
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: cvat-app
+    tier: db
+stringData:
+  POSTGRES_DB: cvat
+  POSTGRES_USER: root
+  POSTGRES_PASSWORD: POSTGRES_ADMIN_PW
+{{- end}}
diff --git a/kubernetes-templates/cvat/templates/database/service.yml b/kubernetes-templates/cvat/templates/database/service.yml
new file mode 100644
index 000000000000..fec43922788b
--- /dev/null
+++ b/kubernetes-templates/cvat/templates/database/service.yml
@@ -0,0 +1,20 @@
+{{- if .Values.database.enabled -}}
+apiVersion: v1
+kind: Service
+metadata:
+  name: cvat-postgres-service
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: cvat-app
+    tier: db
+spec:
+  type: ClusterIP
+  selector:
+      app: cvat-app
+      tier: db
+  ports:
+    - port: 5432
+      targetPort: 5432
+      protocol: TCP
+      name: http
+{{- end }}
diff --git a/kubernetes-templates/cvat/templates/database/storage.yml b/kubernetes-templates/cvat/templates/database/storage.yml
new file mode 100644
index 000000000000..d028ca3b3240
--- /dev/null
+++ b/kubernetes-templates/cvat/templates/database/storage.yml
@@ -0,0 +1,14 @@
+{{- if .Values.database.enabled -}}
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: cvat-postgres-data
+  namespace: {{ .Release.Namespace }}
+spec:
+  accessModes:
+    - ReadWriteOnce
+  storageClassName: standard
+  resources:
+    requests:
+      storage: 20Gi
+{{- end }}
diff --git a/kubernetes-templates/cvat/templates/redis/deployment.yml b/kubernetes-templates/cvat/templates/redis/deployment.yml
new file mode 100644
index 000000000000..524b9f438347
--- /dev/null
+++ b/kubernetes-templates/cvat/templates/redis/deployment.yml
@@ -0,0 +1,35 @@
+{{- if .Values.redis.enabled -}}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: cvat-redis
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: cvat-app
+    tier: redis-app
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: cvat-app
+      tier: redis-app
+  template:
+    metadata:
+      labels:
+        app: cvat-app
+        tier: redis-app
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      containers:
+      - image: redis:4.0.5-alpine
+        name: cvat-redis
+        imagePullPolicy: Always
+        ports:
+        - containerPort: 6379
+        resources:
+          limits:
+            cpu: "0.1"
+{{- end }}
diff --git a/kubernetes-templates/cvat/templates/redis/service.yml b/kubernetes-templates/cvat/templates/redis/service.yml
new file mode 100644
index 000000000000..8605c316338e
--- /dev/null
+++ b/kubernetes-templates/cvat/templates/redis/service.yml
@@ -0,0 +1,20 @@
+{{- if .Values.redis.enabled -}}
+apiVersion: v1
+kind: Service
+metadata:
+  name: cvat-redis-service
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: cvat-app
+    tier: redis-app
+spec:
+  type: ClusterIP
+  selector:
+      app: cvat-app
+      tier: redis-app
+  ports:
+    - port: 6379
+      targetPort: 6379
+      protocol: TCP
+      name: http
+{{- end}}
diff --git a/kubernetes-templates/cvat/values.yaml b/kubernetes-templates/cvat/values.yaml
new file mode 100644
index 000000000000..b738038d7372
--- /dev/null
+++ b/kubernetes-templates/cvat/values.yaml
@@ -0,0 +1,46 @@
+# Default values for cvat.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+  repository: nginx
+  pullPolicy: IfNotPresent
+  # Overrides the image tag whose default is the chart appVersion.
+  tag: ""
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+service:
+  type: ClusterIP
+  port: 80
+
+database:
+    enabled: true
+    image: ""
+    tag: ""
+    service: {}
+
+redis:
+    enabled: true
+    image: ""
+    tag: ""
+    service: {}
+
+cvat:
+    proxy:
+        image: ""
+        tag: ""
+        enabled: true
+        service: {}
+    backend:
+        image: ""
+        tag: ""
+        service: {}
+    frontend:
+        image: ""
+        tag: ""
+        service: {}

From 77882bff126500d06513b502702b475c5f317608 Mon Sep 17 00:00:00 2001
From: "f.eremeev" <f.eremeev@haut.ai>
Date: Thu, 25 Mar 2021 20:06:04 +0300
Subject: [PATCH 02/19] update git ignore

---
 .gitignore | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.gitignore b/.gitignore
index e985f4efe802..53fbd4f44369 100644
--- a/.gitignore
+++ b/.gitignore
@@ -34,3 +34,4 @@ yarn-error.log*
 #Ignore Cypress tests temp files
 /tests/cypress/fixtures
 /tests/cypress/screenshots
+.idea/

From 4048bd0aa4268866cf1864a88898b4ea2b7770f6 Mon Sep 17 00:00:00 2001
From: "f.eremeev" <f.eremeev@haut.ai>
Date: Thu, 25 Mar 2021 20:09:07 +0300
Subject: [PATCH 03/19] rm idea

---
 .idea/.gitignore                              |  8 ------
 .idea/cvat.iml                                | 27 -------------------
 .idea/inspectionProfiles/Project_Default.xml  | 19 -------------
 .../inspectionProfiles/profiles_settings.xml  |  6 -----
 .idea/misc.xml                                |  4 ---
 .idea/modules.xml                             |  8 ------
 .idea/vcs.xml                                 |  6 -----
 kubernetes-templates/cvat/.idea/.gitignore    |  8 ------
 kubernetes-templates/cvat/.idea/cvat.iml      | 15 -----------
 .../inspectionProfiles/Project_Default.xml    | 19 -------------
 .../inspectionProfiles/profiles_settings.xml  |  6 -----
 kubernetes-templates/cvat/.idea/misc.xml      |  4 ---
 kubernetes-templates/cvat/.idea/modules.xml   |  8 ------
 kubernetes-templates/cvat/.idea/vcs.xml       |  6 -----
 14 files changed, 144 deletions(-)
 delete mode 100644 .idea/.gitignore
 delete mode 100644 .idea/cvat.iml
 delete mode 100644 .idea/inspectionProfiles/Project_Default.xml
 delete mode 100644 .idea/inspectionProfiles/profiles_settings.xml
 delete mode 100644 .idea/misc.xml
 delete mode 100644 .idea/modules.xml
 delete mode 100644 .idea/vcs.xml
 delete mode 100644 kubernetes-templates/cvat/.idea/.gitignore
 delete mode 100644 kubernetes-templates/cvat/.idea/cvat.iml
 delete mode 100644 kubernetes-templates/cvat/.idea/inspectionProfiles/Project_Default.xml
 delete mode 100644 kubernetes-templates/cvat/.idea/inspectionProfiles/profiles_settings.xml
 delete mode 100644 kubernetes-templates/cvat/.idea/misc.xml
 delete mode 100644 kubernetes-templates/cvat/.idea/modules.xml
 delete mode 100644 kubernetes-templates/cvat/.idea/vcs.xml

diff --git a/.idea/.gitignore b/.idea/.gitignore
deleted file mode 100644
index 73f69e095861..000000000000
--- a/.idea/.gitignore
+++ /dev/null
@@ -1,8 +0,0 @@
-# Default ignored files
-/shelf/
-/workspace.xml
-# Datasource local storage ignored files
-/dataSources/
-/dataSources.local.xml
-# Editor-based HTTP Client requests
-/httpRequests/
diff --git a/.idea/cvat.iml b/.idea/cvat.iml
deleted file mode 100644
index 9f8c1b9d8e7a..000000000000
--- a/.idea/cvat.iml
+++ /dev/null
@@ -1,27 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<module type="PYTHON_MODULE" version="4">
-  <component name="FacetManager">
-    <facet type="django" name="Django">
-      <configuration>
-        <option name="rootFolder" value="$MODULE_DIR$" />
-        <option name="settingsModule" value="settings.py" />
-        <option name="manageScript" value="$MODULE_DIR$/manage.py" />
-        <option name="environment" value="&lt;map/&gt;" />
-        <option name="doNotUseTestRunner" value="false" />
-        <option name="trackFilePattern" value="migrations" />
-      </configuration>
-    </facet>
-  </component>
-  <component name="NewModuleRootManager">
-    <content url="file://$MODULE_DIR$" />
-    <orderEntry type="inheritedJdk" />
-    <orderEntry type="sourceFolder" forTests="false" />
-  </component>
-  <component name="TemplatesService">
-    <option name="TEMPLATE_FOLDERS">
-      <list>
-        <option value="$MODULE_DIR$/cvat/apps/restrictions/templates" />
-      </list>
-    </option>
-  </component>
-</module>
\ No newline at end of file
diff --git a/.idea/inspectionProfiles/Project_Default.xml b/.idea/inspectionProfiles/Project_Default.xml
deleted file mode 100644
index 04efdf2d16ea..000000000000
--- a/.idea/inspectionProfiles/Project_Default.xml
+++ /dev/null
@@ -1,19 +0,0 @@
-<component name="InspectionProjectProfileManager">
-  <profile version="1.0">
-    <option name="myName" value="Project Default" />
-    <inspection_tool class="Eslint" enabled="true" level="WARNING" enabled_by_default="true" />
-    <inspection_tool class="PyPackageRequirementsInspection" enabled="true" level="WARNING" enabled_by_default="true">
-      <option name="ignoredPackages">
-        <value>
-          <list size="3">
-            <item index="0" class="java.lang.String" itemvalue="google.cloud.storage" />
-            <item index="1" class="java.lang.String" itemvalue="numpy" />
-            <item index="2" class="java.lang.String" itemvalue="haut_ai.claire.algorithms.algorithm_base" />
-          </list>
-        </value>
-      </option>
-    </inspection_tool>
-    <inspection_tool class="TaskProblemsInspection" enabled="false" level="ERROR" enabled_by_default="false" />
-    <inspection_tool class="TsLint" enabled="true" level="WARNING" enabled_by_default="true" />
-  </profile>
-</component>
\ No newline at end of file
diff --git a/.idea/inspectionProfiles/profiles_settings.xml b/.idea/inspectionProfiles/profiles_settings.xml
deleted file mode 100644
index 105ce2da2d64..000000000000
--- a/.idea/inspectionProfiles/profiles_settings.xml
+++ /dev/null
@@ -1,6 +0,0 @@
-<component name="InspectionProjectProfileManager">
-  <settings>
-    <option name="USE_PROJECT_PROFILE" value="false" />
-    <version value="1.0" />
-  </settings>
-</component>
\ No newline at end of file
diff --git a/.idea/misc.xml b/.idea/misc.xml
deleted file mode 100644
index 7ba73c25da22..000000000000
--- a/.idea/misc.xml
+++ /dev/null
@@ -1,4 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4">
-  <component name="ProjectRootManager" version="2" project-jdk-name="Python 2.7" project-jdk-type="Python SDK" />
-</project>
\ No newline at end of file
diff --git a/.idea/modules.xml b/.idea/modules.xml
deleted file mode 100644
index 51b59d8e9909..000000000000
--- a/.idea/modules.xml
+++ /dev/null
@@ -1,8 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4">
-  <component name="ProjectModuleManager">
-    <modules>
-      <module fileurl="file://$PROJECT_DIR$/.idea/cvat.iml" filepath="$PROJECT_DIR$/.idea/cvat.iml" />
-    </modules>
-  </component>
-</project>
\ No newline at end of file
diff --git a/.idea/vcs.xml b/.idea/vcs.xml
deleted file mode 100644
index 94a25f7f4cb4..000000000000
--- a/.idea/vcs.xml
+++ /dev/null
@@ -1,6 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4">
-  <component name="VcsDirectoryMappings">
-    <mapping directory="$PROJECT_DIR$" vcs="Git" />
-  </component>
-</project>
\ No newline at end of file
diff --git a/kubernetes-templates/cvat/.idea/.gitignore b/kubernetes-templates/cvat/.idea/.gitignore
deleted file mode 100644
index 73f69e095861..000000000000
--- a/kubernetes-templates/cvat/.idea/.gitignore
+++ /dev/null
@@ -1,8 +0,0 @@
-# Default ignored files
-/shelf/
-/workspace.xml
-# Datasource local storage ignored files
-/dataSources/
-/dataSources.local.xml
-# Editor-based HTTP Client requests
-/httpRequests/
diff --git a/kubernetes-templates/cvat/.idea/cvat.iml b/kubernetes-templates/cvat/.idea/cvat.iml
deleted file mode 100644
index 8c8b8cf9d673..000000000000
--- a/kubernetes-templates/cvat/.idea/cvat.iml
+++ /dev/null
@@ -1,15 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<module type="PYTHON_MODULE" version="4">
-  <component name="NewModuleRootManager">
-    <content url="file://$MODULE_DIR$" />
-    <orderEntry type="inheritedJdk" />
-    <orderEntry type="sourceFolder" forTests="false" />
-  </component>
-  <component name="TemplatesService">
-    <option name="TEMPLATE_FOLDERS">
-      <list>
-        <option value="$MODULE_DIR$/templates" />
-      </list>
-    </option>
-  </component>
-</module>
\ No newline at end of file
diff --git a/kubernetes-templates/cvat/.idea/inspectionProfiles/Project_Default.xml b/kubernetes-templates/cvat/.idea/inspectionProfiles/Project_Default.xml
deleted file mode 100644
index 04efdf2d16ea..000000000000
--- a/kubernetes-templates/cvat/.idea/inspectionProfiles/Project_Default.xml
+++ /dev/null
@@ -1,19 +0,0 @@
-<component name="InspectionProjectProfileManager">
-  <profile version="1.0">
-    <option name="myName" value="Project Default" />
-    <inspection_tool class="Eslint" enabled="true" level="WARNING" enabled_by_default="true" />
-    <inspection_tool class="PyPackageRequirementsInspection" enabled="true" level="WARNING" enabled_by_default="true">
-      <option name="ignoredPackages">
-        <value>
-          <list size="3">
-            <item index="0" class="java.lang.String" itemvalue="google.cloud.storage" />
-            <item index="1" class="java.lang.String" itemvalue="numpy" />
-            <item index="2" class="java.lang.String" itemvalue="haut_ai.claire.algorithms.algorithm_base" />
-          </list>
-        </value>
-      </option>
-    </inspection_tool>
-    <inspection_tool class="TaskProblemsInspection" enabled="false" level="ERROR" enabled_by_default="false" />
-    <inspection_tool class="TsLint" enabled="true" level="WARNING" enabled_by_default="true" />
-  </profile>
-</component>
\ No newline at end of file
diff --git a/kubernetes-templates/cvat/.idea/inspectionProfiles/profiles_settings.xml b/kubernetes-templates/cvat/.idea/inspectionProfiles/profiles_settings.xml
deleted file mode 100644
index 105ce2da2d64..000000000000
--- a/kubernetes-templates/cvat/.idea/inspectionProfiles/profiles_settings.xml
+++ /dev/null
@@ -1,6 +0,0 @@
-<component name="InspectionProjectProfileManager">
-  <settings>
-    <option name="USE_PROJECT_PROFILE" value="false" />
-    <version value="1.0" />
-  </settings>
-</component>
\ No newline at end of file
diff --git a/kubernetes-templates/cvat/.idea/misc.xml b/kubernetes-templates/cvat/.idea/misc.xml
deleted file mode 100644
index 7ba73c25da22..000000000000
--- a/kubernetes-templates/cvat/.idea/misc.xml
+++ /dev/null
@@ -1,4 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4">
-  <component name="ProjectRootManager" version="2" project-jdk-name="Python 2.7" project-jdk-type="Python SDK" />
-</project>
\ No newline at end of file
diff --git a/kubernetes-templates/cvat/.idea/modules.xml b/kubernetes-templates/cvat/.idea/modules.xml
deleted file mode 100644
index 51b59d8e9909..000000000000
--- a/kubernetes-templates/cvat/.idea/modules.xml
+++ /dev/null
@@ -1,8 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4">
-  <component name="ProjectModuleManager">
-    <modules>
-      <module fileurl="file://$PROJECT_DIR$/.idea/cvat.iml" filepath="$PROJECT_DIR$/.idea/cvat.iml" />
-    </modules>
-  </component>
-</project>
\ No newline at end of file
diff --git a/kubernetes-templates/cvat/.idea/vcs.xml b/kubernetes-templates/cvat/.idea/vcs.xml
deleted file mode 100644
index b2bdec2d71b6..000000000000
--- a/kubernetes-templates/cvat/.idea/vcs.xml
+++ /dev/null
@@ -1,6 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4">
-  <component name="VcsDirectoryMappings">
-    <mapping directory="$PROJECT_DIR$/../.." vcs="Git" />
-  </component>
-</project>
\ No newline at end of file

From 9d3c95a4bb1c9dcf3e130494e4dcd7fd6359f6d8 Mon Sep 17 00:00:00 2001
From: Michael Kirpichev <m.kirpichev@haut.ai>
Date: Mon, 19 Apr 2021 15:34:00 +0300
Subject: [PATCH 04/19] Add cvat helm chart proto

---
 .gitignore                                    |   5 +
 .../cvat => helm-chart}/.helmignore           |   0
 .../cvat => helm-chart}/Chart.yaml            |  10 ++
 .../templates/_helpers.tpl                    |   0
 helm-chart/templates/cvat-postgres-secret.yml |  17 ++
 .../templates/cvat_backend/deployment.yml     |  64 ++++++--
 .../templates/cvat_backend/service.yml        |   6 +-
 .../templates/cvat_backend/storage.yml        |   6 +-
 .../templates/cvat_frontend/deployment.yml    |  61 +++++++
 .../templates/cvat_frontend/service.yml       |   4 +-
 helm-chart/templates/ingress.yaml             |  41 +++++
 helm-chart/values.yaml                        | 134 +++++++++++++++
 .../templates/cvat_frontend/deployment.yml    |  33 ----
 .../cvat/templates/cvat_proxy/configmap.yml   | 153 ------------------
 .../cvat/templates/cvat_proxy/deployment.yml  |  52 ------
 .../cvat/templates/cvat_proxy/service.yml     |  20 ---
 .../cvat/templates/database/deployment.yml    |  67 --------
 .../cvat/templates/database/secrets.yml       |  15 --
 .../cvat/templates/database/service.yml       |  20 ---
 .../cvat/templates/database/storage.yml       |  14 --
 .../cvat/templates/redis/deployment.yml       |  35 ----
 .../cvat/templates/redis/service.yml          |  20 ---
 kubernetes-templates/cvat/values.yaml         |  46 ------
 23 files changed, 327 insertions(+), 496 deletions(-)
 rename {kubernetes-templates/cvat => helm-chart}/.helmignore (100%)
 rename {kubernetes-templates/cvat => helm-chart}/Chart.yaml (80%)
 rename {kubernetes-templates/cvat => helm-chart}/templates/_helpers.tpl (100%)
 create mode 100644 helm-chart/templates/cvat-postgres-secret.yml
 rename {kubernetes-templates/cvat => helm-chart}/templates/cvat_backend/deployment.yml (53%)
 rename {kubernetes-templates/cvat => helm-chart}/templates/cvat_backend/service.yml (62%)
 rename {kubernetes-templates/cvat => helm-chart}/templates/cvat_backend/storage.yml (60%)
 create mode 100644 helm-chart/templates/cvat_frontend/deployment.yml
 rename {kubernetes-templates/cvat => helm-chart}/templates/cvat_frontend/service.yml (66%)
 create mode 100644 helm-chart/templates/ingress.yaml
 create mode 100644 helm-chart/values.yaml
 delete mode 100644 kubernetes-templates/cvat/templates/cvat_frontend/deployment.yml
 delete mode 100644 kubernetes-templates/cvat/templates/cvat_proxy/configmap.yml
 delete mode 100644 kubernetes-templates/cvat/templates/cvat_proxy/deployment.yml
 delete mode 100644 kubernetes-templates/cvat/templates/cvat_proxy/service.yml
 delete mode 100644 kubernetes-templates/cvat/templates/database/deployment.yml
 delete mode 100644 kubernetes-templates/cvat/templates/database/secrets.yml
 delete mode 100644 kubernetes-templates/cvat/templates/database/service.yml
 delete mode 100644 kubernetes-templates/cvat/templates/database/storage.yml
 delete mode 100644 kubernetes-templates/cvat/templates/redis/deployment.yml
 delete mode 100644 kubernetes-templates/cvat/templates/redis/service.yml
 delete mode 100644 kubernetes-templates/cvat/values.yaml

diff --git a/.gitignore b/.gitignore
index 53fbd4f44369..79995c836684 100644
--- a/.gitignore
+++ b/.gitignore
@@ -35,3 +35,8 @@ yarn-error.log*
 /tests/cypress/fixtures
 /tests/cypress/screenshots
 .idea/
+
+#Ignore helm-related files
+/helm-chart/Chart.lock
+/helm-chart/values.override.yaml
+/helm-chart/charts/*
diff --git a/kubernetes-templates/cvat/.helmignore b/helm-chart/.helmignore
similarity index 100%
rename from kubernetes-templates/cvat/.helmignore
rename to helm-chart/.helmignore
diff --git a/kubernetes-templates/cvat/Chart.yaml b/helm-chart/Chart.yaml
similarity index 80%
rename from kubernetes-templates/cvat/Chart.yaml
rename to helm-chart/Chart.yaml
index 97b3d5621d70..74665f581150 100644
--- a/kubernetes-templates/cvat/Chart.yaml
+++ b/helm-chart/Chart.yaml
@@ -22,3 +22,13 @@ version: 0.1.0
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
 appVersion: "1.16.0"
+
+dependencies:
+    - name: redis
+      version: "12.9.*"
+      repository: https://charts.bitnami.com/bitnami
+      condition: redis.enabled
+    - name: postgresql
+      version: "10.3.*"
+      repository: https://charts.bitnami.com/bitnami
+      condition: postgresql.enabled
diff --git a/kubernetes-templates/cvat/templates/_helpers.tpl b/helm-chart/templates/_helpers.tpl
similarity index 100%
rename from kubernetes-templates/cvat/templates/_helpers.tpl
rename to helm-chart/templates/_helpers.tpl
diff --git a/helm-chart/templates/cvat-postgres-secret.yml b/helm-chart/templates/cvat-postgres-secret.yml
new file mode 100644
index 000000000000..4e8e12746793
--- /dev/null
+++ b/helm-chart/templates/cvat-postgres-secret.yml
@@ -0,0 +1,17 @@
+{{- if .Values.postgresql.secret.create }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: "{{ .Release.Name }}-{{ .Values.postgresql.secret.name }}"
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "cvat.labels" . | nindent 4 }}
+type: generic
+stringData:
+  postgresql-hostname: "{{ .Release.Name }}-postgresql"
+  postgresql-database: {{ .Values.postgresql.postgresqlDatabase }}
+  postgresql-username: {{ .Values.postgresql.postgresqlUsername }}
+  postgresql-password: {{ .Values.postgresql.secret.password }}
+  postgresql-postgres-password: {{ .Values.postgresql.secret.postgres_password }}
+  postgresql-replication-password: {{ .Values.postgresql.secret.replication_password }}
+{{- end }}
diff --git a/kubernetes-templates/cvat/templates/cvat_backend/deployment.yml b/helm-chart/templates/cvat_backend/deployment.yml
similarity index 53%
rename from kubernetes-templates/cvat/templates/cvat_backend/deployment.yml
rename to helm-chart/templates/cvat_backend/deployment.yml
index 29f5a8e7468c..0c3fb3a74bfd 100644
--- a/kubernetes-templates/cvat/templates/cvat_backend/deployment.yml
+++ b/helm-chart/templates/cvat_backend/deployment.yml
@@ -4,14 +4,16 @@ metadata:
   name: {{ .Release.Name }}-backend
   namespace: {{ .Release.Namespace }}
   labels:
+    {{- include "cvat.labels" . | nindent 4 }}
     app: cvat-app
     tier: backend
 spec:
-  replicas: 1
+  replicas: {{ .Values.cvat.backend.replicas }}
   strategy:
     type: Recreate
   selector:
     matchLabels:
+      {{- include "cvat.labels" . | nindent 6 }}
       app: cvat-app
       tier: backend
   template:
@@ -19,46 +21,57 @@ spec:
       labels:
         app: cvat-app
         tier: backend
+        {{- include "cvat.labels" . | nindent 8 }}
+        {{- with .Values.cvat.backend.labels }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- with .Values.cvat.backend.annotations }}
+      annotations:
+      {{- toYaml . | nindent 8 }}
+      {{- end }}
     spec:
       containers:
         - name: cvat-backend-app-container
-          image: openvino/cvat_server:v1.2.0
-          imagePullPolicy: Always
+          image: {{ .Values.cvat.backend.image }}:{{ .Values.cvat.backend.tag }}
+          {{- with .Values.cvat.backend.resources }}
           resources:
-            requests:
-              cpu: 10m
-              memory: 100Mi
+          {{- toYaml . | nindent 12 }}
+          {{- end }}
           env:
           - name: DJANGO_MODWSGI_EXTRA_ARGS
             value: ""
           - name: UI_PORT
             value: "80"
           - name: UI_HOST
-            value: "cvat-frontend-service"
+            value: "{{ .Release.Name }}-frontend-service"
           - name: ALLOWED_HOSTS
             value: "*"
           {{- if .Values.redis.enabled }}
           - name: CVAT_REDIS_HOST
-            value: "cvat-redis-service"
+            value: "{{ .Release.Name }}-redis-master"
           {{- end }}
-          {{- if .Values.redis.enabled }}
           - name: CVAT_POSTGRES_HOST
-            value: "cvat-postgres-service"
+            valueFrom:
+              secretKeyRef:
+                name: "{{ .Release.Name }}-{{ .Values.postgresql.secret.name }}"
+                key: postgresql-hostname
           - name: CVAT_POSTGRES_USER
             valueFrom:
               secretKeyRef:
-                name: cvat-postgres-secret
-                key: POSTGRES_USER
+                name: "{{ .Release.Name }}-{{ .Values.postgresql.secret.name }}"
+                key: postgresql-username
           - name: CVAT_POSTGRES_DBNAME
             valueFrom:
               secretKeyRef:
-                name: cvat-postgres-secret
-                key: POSTGRES_DB
+                name: "{{ .Release.Name }}-{{ .Values.postgresql.secret.name }}"
+                key: postgresql-database
           - name: CVAT_POSTGRES_PASSWORD
             valueFrom:
               secretKeyRef:
-                name: cvat-postgres-secret
-                key: POSTGRES_PASSWORD
+                name: "{{ .Release.Name }}-{{ .Values.postgresql.secret.name }}"
+                key: postgresql-password
+          {{- with .Values.cvat.backend.additionalEnv }}
+          {{- toYaml . | nindent 10 }}
           {{- end }}
           ports:
           - containerPort: 8080
@@ -75,10 +88,17 @@ spec:
           - mountPath: /home/django/models
             name: cvat-backend-data
             subPath: models
+          {{- with .Values.cvat.backend.additionalVolumeMounts }}
+          {{- toYaml . | nindent 10 }}
+          {{- end }}
       initContainers:
         - name: user-data-permission-fix
           image: busybox
           command: ["/bin/chmod", "-R", "777", "/home/django"]
+          {{- with .Values.cvat.backend.resources }}
+          resources:
+          {{- toYaml . | nindent 12 }}
+          {{- end }}
           volumeMounts:
           - mountPath: /home/django/data
             name: cvat-backend-data
@@ -92,10 +112,20 @@ spec:
           - mountPath: /home/django/models
             name: cvat-backend-data
             subPath: models
+          {{- with .Values.cvat.backend.additionalVolumeMounts }}
+          {{- toYaml . | nindent 10 }}
+          {{- end }}
+      {{- with .Values.cvat.frontend.affinity }}
+      affinity:
+      {{- toYaml . | nindent 8 }}
+      {{- end }}
       volumes:
         - name: cvat-backend-data
           persistentVolumeClaim:
-            claimName: cvat-backend-data
+            claimName: "{{ .Release.Name }}-backend-data"
+        {{- with .Values.cvat.backend.additionalVolumes }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
       {{- with .Values.imagePullSecrets }}
       imagePullSecrets:
         {{- toYaml . | nindent 8 }}
diff --git a/kubernetes-templates/cvat/templates/cvat_backend/service.yml b/helm-chart/templates/cvat_backend/service.yml
similarity index 62%
rename from kubernetes-templates/cvat/templates/cvat_backend/service.yml
rename to helm-chart/templates/cvat_backend/service.yml
index db78044c76e8..e5e7c038facb 100644
--- a/kubernetes-templates/cvat/templates/cvat_backend/service.yml
+++ b/helm-chart/templates/cvat_backend/service.yml
@@ -1,15 +1,17 @@
-{{- if .Values.database.enabled -}}
+{{- if .Values.postgresql.enabled -}}
 apiVersion: v1
 kind: Service
 metadata:
-  name: cvat-backend-service
+  name: {{ .Release.Name }}-backend-service
   namespace: {{ .Release.Namespace }}
   labels:
+    {{- include "cvat.labels" . | nindent 4 }}
     app: cvat-app
     tier: backend
 spec:
   type: ClusterIP
   selector:
+      {{- include "cvat.labels" . | nindent 6 }}
       app: cvat-app
       tier: backend
   ports:
diff --git a/kubernetes-templates/cvat/templates/cvat_backend/storage.yml b/helm-chart/templates/cvat_backend/storage.yml
similarity index 60%
rename from kubernetes-templates/cvat/templates/cvat_backend/storage.yml
rename to helm-chart/templates/cvat_backend/storage.yml
index 1ccb77c5a830..ae03be4359d8 100644
--- a/kubernetes-templates/cvat/templates/cvat_backend/storage.yml
+++ b/helm-chart/templates/cvat_backend/storage.yml
@@ -1,8 +1,12 @@
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
-  name: cvat-backend-data
+  name: {{ .Release.Name }}-backend-data
   namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "cvat.labels" . | nindent 4 }}
+    app: cvat-app
+    tier: backend
 spec:
   accessModes:
     - ReadWriteOnce
diff --git a/helm-chart/templates/cvat_frontend/deployment.yml b/helm-chart/templates/cvat_frontend/deployment.yml
new file mode 100644
index 000000000000..dc01c17f51dd
--- /dev/null
+++ b/helm-chart/templates/cvat_frontend/deployment.yml
@@ -0,0 +1,61 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ .Release.Name }}-frontend
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "cvat.labels" . | nindent 4 }}
+    app: cvat-app
+    tier: frontend
+spec:
+  replicas: {{ .Values.cvat.frontend.replicas }}
+  strategy:
+    type: Recreate
+  selector:
+    matchLabels:
+      {{- include "cvat.labels" . | nindent 6 }}
+      app: cvat-app
+      tier: frontend
+  template:
+    metadata:
+      labels:
+        {{- include "cvat.labels" . | nindent 8 }}
+        app: cvat-app
+        tier: frontend
+        {{- with .Values.cvat.backend.labels }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.cvat.backend.annotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+    spec:
+      containers:
+        - name: cvat-frontend-app-container
+          image: {{ .Values.cvat.frontend.image }}:{{ .Values.cvat.frontend.tag }}
+          {{- with .Values.cvat.frontend.resources }}
+          resources:
+          {{- toYaml . | nindent 12 }}
+          {{- end }}
+          ports:
+          - containerPort: 80
+          {{- with .Values.cvat.frontend.additionalEnv }}
+          env:
+          {{- toYaml . | nindent 10 }}
+          {{- end }}
+          {{- with .Values.cvat.frontend.additionalVolumeMounts }}
+          volumeMounts:
+          {{- toYaml . | nindent 10 }}
+          {{- end }}
+        {{- with .Values.cvat.frontend.additionalVolumes }}
+      volumes:
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.cvat.frontend.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
diff --git a/kubernetes-templates/cvat/templates/cvat_frontend/service.yml b/helm-chart/templates/cvat_frontend/service.yml
similarity index 66%
rename from kubernetes-templates/cvat/templates/cvat_frontend/service.yml
rename to helm-chart/templates/cvat_frontend/service.yml
index 88e45a0b9a94..46dfc85199d6 100644
--- a/kubernetes-templates/cvat/templates/cvat_frontend/service.yml
+++ b/helm-chart/templates/cvat_frontend/service.yml
@@ -1,14 +1,16 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: cvat-frontend-service
+  name: {{ .Release.Name }}-frontend-service
   namespace: {{ .Release.Namespace }}
   labels:
+    {{- include "cvat.labels" . | nindent 4 }}
     app: cvat-app
     tier: frontend
 spec:
   type: ClusterIP
   selector:
+      {{- include "cvat.labels" . | nindent 6 }}
       app: cvat-app
       tier: frontend
   ports:
diff --git a/helm-chart/templates/ingress.yaml b/helm-chart/templates/ingress.yaml
new file mode 100644
index 000000000000..1e1f77dc0c84
--- /dev/null
+++ b/helm-chart/templates/ingress.yaml
@@ -0,0 +1,41 @@
+{{- if .Values.ingress.enabled -}}
+{{- $fullName := include "cvat.fullname" . -}}
+{{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1beta1
+{{- else -}}
+apiVersion: extensions/v1beta1
+{{- end }}
+kind: Ingress
+metadata:
+  name: {{ $fullName }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "cvat.labels" . | nindent 4 }}
+  {{- with .Values.ingress.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+{{- if .Values.ingress.tls }}
+  tls:
+  {{- range .Values.ingress.tls }}
+    - hosts:
+      {{- range .hosts }}
+        - {{ . | quote }}
+      {{- end }}
+      secretName: {{ .secretName }}
+  {{- end }}
+{{- end }}
+  rules:
+  {{- range .Values.ingress.hosts }}
+    - host: {{ .host | quote }}
+      http:
+        paths:
+        {{- range .paths }}
+          - path: {{ .match }}
+            backend:
+              serviceName: {{ .service.name }}
+              servicePort: {{ .service.port }}
+        {{- end }}
+  {{- end }}
+{{- end }}
diff --git a/helm-chart/values.yaml b/helm-chart/values.yaml
new file mode 100644
index 000000000000..7c13a3ce51b6
--- /dev/null
+++ b/helm-chart/values.yaml
@@ -0,0 +1,134 @@
+# Default values for cvat.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+cvat:
+    backend:
+        replicas: 1
+        image: openvino/cvat_server
+        tag: latest
+        labels: {}
+        #  test: test
+        annotations: {}
+        # test.io/test: test
+        resources: {}
+        affinity: {}
+        # nodeAffinity:
+        #   requiredDuringSchedulingIgnoredDuringExecution:
+        #     nodeSelectorTerms:
+        #     - matchExpressions:
+        #       - key: kubernetes.io/e2e-az-name
+        #         operator: In
+        #         values:
+        #         - e2e-az1
+        #         - e2e-az2
+        additionalEnv: []
+        # Example:
+        #  - name: volume-from-secret
+        # - name: TEST
+        #  value: "test"
+        additionalVolumes: []
+        # Example(assumes that pvc was already created):
+        # - name: tmp
+        #   persistentVolumeClaim:
+        #       claimName: tmp
+        additionalVolumeMounts: []
+        # Example:
+        # -   mountPath: /tmp
+        #     name: tmp
+        #     subPath: test
+        service: {}
+    frontend:
+        replicas: 1
+        image: openvino/cvat_ui
+        tag: latest
+        labels: {}
+        #  test: test
+        annotations: {}
+        # test.io/test: test
+        resources: {}
+        affinity: {}
+        # nodeAffinity:
+        #   requiredDuringSchedulingIgnoredDuringExecution:
+        #     nodeSelectorTerms:
+        #     - matchExpressions:
+        #       - key: kubernetes.io/e2e-az-name
+        #         operator: In
+        #         values:
+        #         - e2e-az1
+        #         - e2e-az2
+        additionalEnv: []
+        # Example:
+        #  - name: volume-from-secret
+        # - name: TEST
+        #  value: "test"
+        additionalVolumes: []
+        # Example(assumes that pvc was already created):
+        # - name: tmp
+        #   persistentVolumeClaim:
+        #       claimName: tmp
+        additionalVolumeMounts: []
+        # Example:
+        # -   mountPath: /tmp
+        #     name: tmp
+        #     subPath: test
+        service: {}
+
+postgresql:
+    #See https://github.com/bitnami/charts/blob/master/bitnami/postgresql/ for more info
+    enabled: true # false for external db
+    external:
+        host: 127.0.0.1
+        port: 5432
+        user: postgres
+        password: postgres
+        dbname: cvat
+
+    # If not external follwoing config will apply by default
+    global:
+        postgresql:
+            existingSecret: cvt-test-postgres-secret
+    secret:
+        create: true
+        name: postgres-secret
+        password: cvat_postgresql
+        postgres_password: cvat_postgresql_postgres
+        replication_password: cvat_postgresql_replica
+    postgresqlDatabase: cvat
+    postgresqlUsername: cvat
+    service:
+        port: 5432
+
+redis:
+    #See https://github.com/bitnami/charts/blob/master/bitnami/redis/ for more info
+    enabled: true
+    usePassword: false
+    cluster:
+        enabled: false
+
+ingress:
+    enabled: false
+#    annotations:
+#        kubernetes.io/ingress.class: nginx
+#        # cert-manager.io/cluster-issuer:"your-issuer-name"
+#        ingress.kubernetes.io/ssl-redirect: "true"
+#    hosts:
+#        - host: cvat.example.com
+#          paths:
+#            - match: "/api/.*|git/.*|tensorflow/.*|auto_annotation/.*|analytics/.*|static/.*|admin|admin/.*|documentation/.*|dextr/.*|reid/.*"
+#              service:
+#                  name: cvat-backend-service
+#                  port: 8080
+#            - match : "/"
+#              service:
+#                  name: cvat-frontend-service
+#                  port: 80
+#    tls:
+#        - hosts:
+#              - cvat.example.com
+#          secretName: ingress-tls-cvat
diff --git a/kubernetes-templates/cvat/templates/cvat_frontend/deployment.yml b/kubernetes-templates/cvat/templates/cvat_frontend/deployment.yml
deleted file mode 100644
index 6a91630f67e2..000000000000
--- a/kubernetes-templates/cvat/templates/cvat_frontend/deployment.yml
+++ /dev/null
@@ -1,33 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: cvat-frontend
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app: cvat-app
-    tier: frontend
-spec:
-  replicas: 1
-  strategy:
-    type: Recreate
-  selector:
-    matchLabels:
-      app: cvat-app
-      tier: frontend
-  template:
-    metadata:
-      labels:
-        app: cvat-app
-        tier: frontend
-    spec:
-      containers:
-        - name: cvat-frontend-app-container
-          image: openvino/cvat_ui:v1.2.0
-          imagePullPolicy: Always
-          ports:
-          - containerPort: 80
-          resources: {}
-      {{- with .Values.imagePullSecrets }}
-      imagePullSecrets:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
diff --git a/kubernetes-templates/cvat/templates/cvat_proxy/configmap.yml b/kubernetes-templates/cvat/templates/cvat_proxy/configmap.yml
deleted file mode 100644
index 61f1eed9a40d..000000000000
--- a/kubernetes-templates/cvat/templates/cvat_proxy/configmap.yml
+++ /dev/null
@@ -1,153 +0,0 @@
-{{- if .Values.cvat_proxy.enabled -}}
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: cvat-nginx-conf
-  namespace: {{ .Release.Namespace }}
-data:
-  nginx.conf: |
-    worker_processes 2;
-
-    error_log /dev/stdout info;
-
-    events {
-        worker_connections  1024;
-    }
-
-    http {
-        include       mime.types;
-        default_type  application/octet-stream;
-        sendfile      on;
-        keepalive_timeout  65;
-        # For long domain names (e.g. AWS hosts)
-        server_names_hash_bucket_size 128;
-
-        include /etc/nginx/cvat.d/*.conf;
-        client_max_body_size 0;
-    }
-  cvat.conf: |
-    server {
-        listen       80;
-        server_name  _ default;
-        return       404;
-    }
-
-    server {
-        listen       80;
-        server_name  {MY_SERVER_URL_COM};
-
-        proxy_pass_header       X-CSRFToken;
-        proxy_set_header        Host $http_host;
-        proxy_pass_header       Set-Cookie;
-
-        location ~* /api/.*|git/.*|tensorflow/.*|auto_annotation/.*|analytics/.*|static/.*|admin|admin/.*|documentation/.*|dextr/.*|reid/.*  {
-            proxy_pass              http://cvat-backend-service:8080;
-        }
-
-        # workaround for match location by arguments
-        location = / {
-            error_page 418 = @annotation_ui;
-
-            if ( $query_string ~ "^id=\d+.*" ) { return 418; }
-            proxy_pass              http://cvat-frontend-service:80;
-        }
-
-        location / {
-            proxy_pass              http://cvat-frontend-service:80;
-        }
-
-        # old annotation ui, will be removed in the future.
-        location @annotation_ui {
-            proxy_pass              http://cvat-backend-service:8080;
-        }
-    }
-  mime.types: |
-    types {
-      text/html                             html htm shtml;
-      text/css                              css;
-      text/xml                              xml;
-      image/gif                             gif;
-      image/jpeg                            jpeg jpg;
-      application/javascript                js;
-      application/atom+xml                  atom;
-      application/rss+xml                   rss;
-
-      text/mathml                           mml;
-      text/plain                            txt;
-      text/vnd.sun.j2me.app-descriptor      jad;
-      text/vnd.wap.wml                      wml;
-      text/x-component                      htc;
-
-      image/png                             png;
-      image/tiff                            tif tiff;
-      image/vnd.wap.wbmp                    wbmp;
-      image/x-icon                          ico;
-      image/x-jng                           jng;
-      image/x-ms-bmp                        bmp;
-      image/svg+xml                         svg svgz;
-      image/webp                            webp;
-
-      application/font-woff                 woff;
-      application/java-archive              jar war ear;
-      application/json                      json;
-      application/mac-binhex40              hqx;
-      application/msword                    doc;
-      application/pdf                       pdf;
-      application/postscript                ps eps ai;
-      application/rtf                       rtf;
-      application/vnd.apple.mpegurl         m3u8;
-      application/vnd.ms-excel              xls;
-      application/vnd.ms-fontobject         eot;
-      application/vnd.ms-powerpoint         ppt;
-      application/vnd.wap.wmlc              wmlc;
-      application/vnd.google-earth.kml+xml  kml;
-      application/vnd.google-earth.kmz      kmz;
-      application/x-7z-compressed           7z;
-      application/x-cocoa                   cco;
-      application/x-java-archive-diff       jardiff;
-      application/x-java-jnlp-file          jnlp;
-      application/x-makeself                run;
-      application/x-perl                    pl pm;
-      application/x-pilot                   prc pdb;
-      application/x-rar-compressed          rar;
-      application/x-redhat-package-manager  rpm;
-      application/x-sea                     sea;
-      application/x-shockwave-flash         swf;
-      application/x-stuffit                 sit;
-      application/x-tcl                     tcl tk;
-      application/x-x509-ca-cert            der pem crt;
-      application/x-xpinstall               xpi;
-      application/xhtml+xml                 xhtml;
-      application/xspf+xml                  xspf;
-      application/zip                       zip;
-
-      application/octet-stream              bin exe dll;
-      application/octet-stream              deb;
-      application/octet-stream              dmg;
-      application/octet-stream              iso img;
-      application/octet-stream              msi msp msm;
-
-      application/vnd.openxmlformats-officedocument.wordprocessingml.document    docx;
-      application/vnd.openxmlformats-officedocument.spreadsheetml.sheet          xlsx;
-      application/vnd.openxmlformats-officedocument.presentationml.presentation  pptx;
-
-      audio/midi                            mid midi kar;
-      audio/mpeg                            mp3;
-      audio/ogg                             ogg;
-      audio/x-m4a                           m4a;
-      audio/x-realaudio                     ra;
-
-      video/3gpp                            3gpp 3gp;
-      video/mp2t                            ts;
-      video/mp4                             mp4;
-      video/mpeg                            mpeg mpg;
-      video/quicktime                       mov;
-      video/webm                            webm;
-      video/x-flv                           flv;
-      video/x-m4v                           m4v;
-      video/x-mng                           mng;
-      video/x-ms-asf                        asx asf;
-      video/x-ms-wmv                        wmv;
-      video/x-msvideo                       avi;
-    }
-{{- end}}
diff --git a/kubernetes-templates/cvat/templates/cvat_proxy/deployment.yml b/kubernetes-templates/cvat/templates/cvat_proxy/deployment.yml
deleted file mode 100644
index 9fd51f7f5095..000000000000
--- a/kubernetes-templates/cvat/templates/cvat_proxy/deployment.yml
+++ /dev/null
@@ -1,52 +0,0 @@
-{{- if .Values.cvat_proxy.enabled -}}
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: cvat-nginx
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app: cvat-app
-    tier: proxy
-spec:
-  replicas: 1
-  strategy:
-    type: Recreate
-  selector:
-    matchLabels:
-      app: cvat-app
-      tier: proxy
-  template:
-    metadata:
-      labels:
-        app: cvat-app
-        tier: proxy
-    spec:
-      {{- with .Values.imagePullSecrets }}
-      imagePullSecrets:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      containers:
-      - name: nginx
-        image: nginx
-        ports:
-        - containerPort: 80
-        volumeMounts:
-        - mountPath: /etc/nginx
-          readOnly: true
-          name: cvat-nginx-conf
-        - mountPath: /var/log/nginx
-          name: log
-      volumes:
-      - name: cvat-nginx-conf
-        configMap:
-          name: cvat-nginx-conf
-          items:
-            - key: nginx.conf
-              path: nginx.conf
-            - key: mime.types
-              path: mime.types
-            - key: cvat.conf
-              path: cvat.d/cvat.conf
-      - name: log
-        emptyDir: {}
-{{- end }}
diff --git a/kubernetes-templates/cvat/templates/cvat_proxy/service.yml b/kubernetes-templates/cvat/templates/cvat_proxy/service.yml
deleted file mode 100644
index 6ce5b97eacf4..000000000000
--- a/kubernetes-templates/cvat/templates/cvat_proxy/service.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- if .Values.cvat_proxy.enabled -}}
-apiVersion: v1
-kind: Service
-metadata:
-  name: cvat-proxy-service
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app: cvat-app
-    tier: proxy
-spec:
-  type: NodePort
-  selector:
-      app: cvat-app
-      tier: proxy
-  ports:
-    - port: 80
-      targetPort: 80
-      protocol: TCP
-      name: http
-{{- end}}
diff --git a/kubernetes-templates/cvat/templates/database/deployment.yml b/kubernetes-templates/cvat/templates/database/deployment.yml
deleted file mode 100644
index e84a3d7b7216..000000000000
--- a/kubernetes-templates/cvat/templates/database/deployment.yml
+++ /dev/null
@@ -1,67 +0,0 @@
-{{- if .Values.database.enabled -}}
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: cvat-postgres
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app: cvat-app
-    tier: db
-spec:
-  replicas: 1
-  strategy:
-    type: Recreate
-  selector:
-    matchLabels:
-      app: cvat-app
-      tier: db
-  template:
-    metadata:
-      labels:
-        app: cvat-app
-        tier: db
-    spec:
-      {{- with .Values.imagePullSecrets }}
-      imagePullSecrets:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      containers:
-        - name: cvat-postgres
-          image: postgres:10.3-alpine
-          imagePullPolicy: "IfNotPresent"
-          env:
-          - name: POSTGRES_DB
-            valueFrom:
-              secretKeyRef:
-                name: cvat-postgres-secret
-                key: POSTGRES_DB
-          - name: POSTGRES_USER
-            valueFrom:
-              secretKeyRef:
-                name: cvat-postgres-secret
-                key: POSTGRES_USER
-          - name: POSTGRES_PASSWORD
-            valueFrom:
-              secretKeyRef:
-                name: cvat-postgres-secret
-                key: POSTGRES_PASSWORD
-          ports:
-          - containerPort: 5432
-          readinessProbe:
-            exec:
-              command:
-                - sh
-                - -c
-                - su - postgres -c "pg_isready --host=$POD_IP"
-            initialDelaySeconds: 15
-            timeoutSeconds: 2
-          resources: {}
-          volumeMounts:
-            - mountPath: /var/lib/postgresql/data
-              name: postgredb
-              subPath: postgres
-      volumes:
-        - name: postgredb
-          persistentVolumeClaim:
-            claimName: cvat-postgres-data
-{{- end }}
diff --git a/kubernetes-templates/cvat/templates/database/secrets.yml b/kubernetes-templates/cvat/templates/database/secrets.yml
deleted file mode 100644
index e3ad16c49f55..000000000000
--- a/kubernetes-templates/cvat/templates/database/secrets.yml
+++ /dev/null
@@ -1,15 +0,0 @@
-{{- if .Values.database.enabled -}}
-apiVersion: v1
-kind: Secret
-type: Opaque
-metadata:
-  name: cvat-postgres-secret
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app: cvat-app
-    tier: db
-stringData:
-  POSTGRES_DB: cvat
-  POSTGRES_USER: root
-  POSTGRES_PASSWORD: POSTGRES_ADMIN_PW
-{{- end}}
diff --git a/kubernetes-templates/cvat/templates/database/service.yml b/kubernetes-templates/cvat/templates/database/service.yml
deleted file mode 100644
index fec43922788b..000000000000
--- a/kubernetes-templates/cvat/templates/database/service.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- if .Values.database.enabled -}}
-apiVersion: v1
-kind: Service
-metadata:
-  name: cvat-postgres-service
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app: cvat-app
-    tier: db
-spec:
-  type: ClusterIP
-  selector:
-      app: cvat-app
-      tier: db
-  ports:
-    - port: 5432
-      targetPort: 5432
-      protocol: TCP
-      name: http
-{{- end }}
diff --git a/kubernetes-templates/cvat/templates/database/storage.yml b/kubernetes-templates/cvat/templates/database/storage.yml
deleted file mode 100644
index d028ca3b3240..000000000000
--- a/kubernetes-templates/cvat/templates/database/storage.yml
+++ /dev/null
@@ -1,14 +0,0 @@
-{{- if .Values.database.enabled -}}
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  name: cvat-postgres-data
-  namespace: {{ .Release.Namespace }}
-spec:
-  accessModes:
-    - ReadWriteOnce
-  storageClassName: standard
-  resources:
-    requests:
-      storage: 20Gi
-{{- end }}
diff --git a/kubernetes-templates/cvat/templates/redis/deployment.yml b/kubernetes-templates/cvat/templates/redis/deployment.yml
deleted file mode 100644
index 524b9f438347..000000000000
--- a/kubernetes-templates/cvat/templates/redis/deployment.yml
+++ /dev/null
@@ -1,35 +0,0 @@
-{{- if .Values.redis.enabled -}}
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: cvat-redis
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app: cvat-app
-    tier: redis-app
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: cvat-app
-      tier: redis-app
-  template:
-    metadata:
-      labels:
-        app: cvat-app
-        tier: redis-app
-    spec:
-      {{- with .Values.imagePullSecrets }}
-      imagePullSecrets:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      containers:
-      - image: redis:4.0.5-alpine
-        name: cvat-redis
-        imagePullPolicy: Always
-        ports:
-        - containerPort: 6379
-        resources:
-          limits:
-            cpu: "0.1"
-{{- end }}
diff --git a/kubernetes-templates/cvat/templates/redis/service.yml b/kubernetes-templates/cvat/templates/redis/service.yml
deleted file mode 100644
index 8605c316338e..000000000000
--- a/kubernetes-templates/cvat/templates/redis/service.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- if .Values.redis.enabled -}}
-apiVersion: v1
-kind: Service
-metadata:
-  name: cvat-redis-service
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app: cvat-app
-    tier: redis-app
-spec:
-  type: ClusterIP
-  selector:
-      app: cvat-app
-      tier: redis-app
-  ports:
-    - port: 6379
-      targetPort: 6379
-      protocol: TCP
-      name: http
-{{- end}}
diff --git a/kubernetes-templates/cvat/values.yaml b/kubernetes-templates/cvat/values.yaml
deleted file mode 100644
index b738038d7372..000000000000
--- a/kubernetes-templates/cvat/values.yaml
+++ /dev/null
@@ -1,46 +0,0 @@
-# Default values for cvat.
-# This is a YAML-formatted file.
-# Declare variables to be passed into your templates.
-
-replicaCount: 1
-
-image:
-  repository: nginx
-  pullPolicy: IfNotPresent
-  # Overrides the image tag whose default is the chart appVersion.
-  tag: ""
-
-imagePullSecrets: []
-nameOverride: ""
-fullnameOverride: ""
-
-service:
-  type: ClusterIP
-  port: 80
-
-database:
-    enabled: true
-    image: ""
-    tag: ""
-    service: {}
-
-redis:
-    enabled: true
-    image: ""
-    tag: ""
-    service: {}
-
-cvat:
-    proxy:
-        image: ""
-        tag: ""
-        enabled: true
-        service: {}
-    backend:
-        image: ""
-        tag: ""
-        service: {}
-    frontend:
-        image: ""
-        tag: ""
-        service: {}

From f8d6ab36d1d4a3931db4f7a7ef1a715e395cc3e3 Mon Sep 17 00:00:00 2001
From: Michael Kirpichev <m.kirpichev@haut.ai>
Date: Tue, 20 Apr 2021 14:45:31 +0300
Subject: [PATCH 05/19] Fixes according review

---
 helm-chart/Chart.yaml                         |  16 +-
 .../templates/cvat_backend/deployment.yml     |  29 +-
 helm-chart/templates/cvat_backend/service.yml |  17 +-
 helm-chart/templates/cvat_backend/storage.yml |   4 +-
 .../templates/cvat_frontend/service.yml       |  15 +-
 helm-chart/values.yaml                        | 255 ++++++++++--------
 6 files changed, 183 insertions(+), 153 deletions(-)

diff --git a/helm-chart/Chart.yaml b/helm-chart/Chart.yaml
index 74665f581150..124885d2bb52 100644
--- a/helm-chart/Chart.yaml
+++ b/helm-chart/Chart.yaml
@@ -24,11 +24,11 @@ version: 0.1.0
 appVersion: "1.16.0"
 
 dependencies:
-    - name: redis
-      version: "12.9.*"
-      repository: https://charts.bitnami.com/bitnami
-      condition: redis.enabled
-    - name: postgresql
-      version: "10.3.*"
-      repository: https://charts.bitnami.com/bitnami
-      condition: postgresql.enabled
+  - name: redis
+    version: "12.9.*"
+    repository: https://charts.bitnami.com/bitnami
+    condition: redis.enabled
+  - name: postgresql
+    version: "10.3.*"
+    repository: https://charts.bitnami.com/bitnami
+    condition: postgresql.enabled
diff --git a/helm-chart/templates/cvat_backend/deployment.yml b/helm-chart/templates/cvat_backend/deployment.yml
index 0c3fb3a74bfd..9a35c3434a62 100644
--- a/helm-chart/templates/cvat_backend/deployment.yml
+++ b/helm-chart/templates/cvat_backend/deployment.yml
@@ -4,9 +4,16 @@ metadata:
   name: {{ .Release.Name }}-backend
   namespace: {{ .Release.Namespace }}
   labels:
-    {{- include "cvat.labels" . | nindent 4 }}
     app: cvat-app
     tier: backend
+    {{- include "cvat.labels" . | nindent 4 }}
+    {{- with .Values.cvat.backend.labels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- with .Values.cvat.backend.annotations }}
+  annotations:
+  {{- toYaml . | nindent 4 }}
+  {{- end }}
 spec:
   replicas: {{ .Values.cvat.backend.replicas }}
   strategy:
@@ -14,6 +21,9 @@ spec:
   selector:
     matchLabels:
       {{- include "cvat.labels" . | nindent 6 }}
+      {{- with .Values.cvat.backend.labels }}
+      {{- toYaml . | nindent 6 }}
+      {{- end }}
       app: cvat-app
       tier: backend
   template:
@@ -39,16 +49,19 @@ spec:
           {{- end }}
           env:
           - name: DJANGO_MODWSGI_EXTRA_ARGS
-            value: ""
-          - name: UI_PORT
-            value: "80"
+            value: {{ .Values.cvat.backend.envs.DJANGO_MODWSGI_EXTRA_ARGS}}
+          - name: ALLOWED_HOSTS
+            value: {{ .Values.cvat.backend.envs.ALLOWED_HOSTS | squote}}
           - name: UI_HOST
             value: "{{ .Release.Name }}-frontend-service"
-          - name: ALLOWED_HOSTS
-            value: "*"
+          - name: UI_PORT
+            value: "{{ .Values.cvat.frontend.service.ports }}"
           {{- if .Values.redis.enabled }}
           - name: CVAT_REDIS_HOST
             value: "{{ .Release.Name }}-redis-master"
+          {{- else }}
+          - name: CVAT_REDIS_HOST
+            value: "{{ .Values.redis.external.host }}"
           {{- end }}
           - name: CVAT_POSTGRES_HOST
             valueFrom:
@@ -100,6 +113,7 @@ spec:
           {{- toYaml . | nindent 12 }}
           {{- end }}
           volumeMounts:
+          {{- if .Values.cvat.backend.defaultStorage.enabled }}
           - mountPath: /home/django/data
             name: cvat-backend-data
             subPath: data
@@ -112,6 +126,7 @@ spec:
           - mountPath: /home/django/models
             name: cvat-backend-data
             subPath: models
+          {{- end }}
           {{- with .Values.cvat.backend.additionalVolumeMounts }}
           {{- toYaml . | nindent 10 }}
           {{- end }}
@@ -120,9 +135,11 @@ spec:
       {{- toYaml . | nindent 8 }}
       {{- end }}
       volumes:
+        {{- if .Values.cvat.backend.defaultStorage.enabled }}
         - name: cvat-backend-data
           persistentVolumeClaim:
             claimName: "{{ .Release.Name }}-backend-data"
+        {{- end }}
         {{- with .Values.cvat.backend.additionalVolumes }}
         {{- toYaml . | nindent 8 }}
         {{- end }}
diff --git a/helm-chart/templates/cvat_backend/service.yml b/helm-chart/templates/cvat_backend/service.yml
index e5e7c038facb..88e1dfee09ff 100644
--- a/helm-chart/templates/cvat_backend/service.yml
+++ b/helm-chart/templates/cvat_backend/service.yml
@@ -1,4 +1,3 @@
-{{- if .Values.postgresql.enabled -}}
 apiVersion: v1
 kind: Service
 metadata:
@@ -9,14 +8,10 @@ metadata:
     app: cvat-app
     tier: backend
 spec:
-  type: ClusterIP
   selector:
-      {{- include "cvat.labels" . | nindent 6 }}
-      app: cvat-app
-      tier: backend
-  ports:
-    - port: 8080
-      targetPort: 8080
-      protocol: TCP
-      name: http
-{{- end }}
+    app: cvat-app
+    tier: backend
+    {{- include "cvat.labels" . | nindent 4 }}
+  {{- with .Values.cvat.backend.service }}
+  {{- toYaml . | nindent 2 }}
+  {{- end }}
diff --git a/helm-chart/templates/cvat_backend/storage.yml b/helm-chart/templates/cvat_backend/storage.yml
index ae03be4359d8..41b0bf85e1e8 100644
--- a/helm-chart/templates/cvat_backend/storage.yml
+++ b/helm-chart/templates/cvat_backend/storage.yml
@@ -1,3 +1,4 @@
+{{- if .Values.cvat.backend.defaultStorage.enabled }}
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
@@ -13,4 +14,5 @@ spec:
   storageClassName: standard
   resources:
     requests:
-      storage: 20Gi
+      storage: {{ .Values.cvat.backend.defaultStorage.size }}
+{{- end}}
diff --git a/helm-chart/templates/cvat_frontend/service.yml b/helm-chart/templates/cvat_frontend/service.yml
index 46dfc85199d6..568ada66d79d 100644
--- a/helm-chart/templates/cvat_frontend/service.yml
+++ b/helm-chart/templates/cvat_frontend/service.yml
@@ -8,13 +8,10 @@ metadata:
     app: cvat-app
     tier: frontend
 spec:
-  type: ClusterIP
   selector:
-      {{- include "cvat.labels" . | nindent 6 }}
-      app: cvat-app
-      tier: frontend
-  ports:
-    - port: 80
-      targetPort: 80
-      protocol: TCP
-      name: http
+    app: cvat-app
+    tier: frontend
+    {{- include "cvat.labels" . | nindent 4 }}
+  {{- with .Values.cvat.frontend.service }}
+  {{- toYaml . | nindent 2 }}
+  {{- end }}
diff --git a/helm-chart/values.yaml b/helm-chart/values.yaml
index 7c13a3ce51b6..38762a4cb53d 100644
--- a/helm-chart/values.yaml
+++ b/helm-chart/values.yaml
@@ -8,127 +8,146 @@ nameOverride: ""
 fullnameOverride: ""
 
 cvat:
-    backend:
-        replicas: 1
-        image: openvino/cvat_server
-        tag: latest
-        labels: {}
-        #  test: test
-        annotations: {}
-        # test.io/test: test
-        resources: {}
-        affinity: {}
-        # nodeAffinity:
-        #   requiredDuringSchedulingIgnoredDuringExecution:
-        #     nodeSelectorTerms:
-        #     - matchExpressions:
-        #       - key: kubernetes.io/e2e-az-name
-        #         operator: In
-        #         values:
-        #         - e2e-az1
-        #         - e2e-az2
-        additionalEnv: []
-        # Example:
-        #  - name: volume-from-secret
-        # - name: TEST
-        #  value: "test"
-        additionalVolumes: []
-        # Example(assumes that pvc was already created):
-        # - name: tmp
-        #   persistentVolumeClaim:
-        #       claimName: tmp
-        additionalVolumeMounts: []
-        # Example:
-        # -   mountPath: /tmp
-        #     name: tmp
-        #     subPath: test
-        service: {}
-    frontend:
-        replicas: 1
-        image: openvino/cvat_ui
-        tag: latest
-        labels: {}
-        #  test: test
-        annotations: {}
-        # test.io/test: test
-        resources: {}
-        affinity: {}
-        # nodeAffinity:
-        #   requiredDuringSchedulingIgnoredDuringExecution:
-        #     nodeSelectorTerms:
-        #     - matchExpressions:
-        #       - key: kubernetes.io/e2e-az-name
-        #         operator: In
-        #         values:
-        #         - e2e-az1
-        #         - e2e-az2
-        additionalEnv: []
-        # Example:
-        #  - name: volume-from-secret
-        # - name: TEST
-        #  value: "test"
-        additionalVolumes: []
-        # Example(assumes that pvc was already created):
-        # - name: tmp
-        #   persistentVolumeClaim:
-        #       claimName: tmp
-        additionalVolumeMounts: []
-        # Example:
-        # -   mountPath: /tmp
-        #     name: tmp
-        #     subPath: test
-        service: {}
+  backend:
+    replicas: 1
+    image: openvino/cvat_server
+    tag: latest
+    labels: {}
+    #  test: test
+    annotations: {}
+    # test.io/test: test
+    resources: {}
+    affinity: {}
+    # nodeAffinity:
+    #   requiredDuringSchedulingIgnoredDuringExecution:
+    #     nodeSelectorTerms:
+    #     - matchExpressions:
+    #       - key: kubernetes.io/e2e-az-name
+    #         operator: In
+    #         values:
+    #         - e2e-az1
+    #         - e2e-az2
+    envs:
+        ALLOWED_HOSTS: "*"
+        DJANGO_MODWSGI_EXTRA_ARGS: ""
+    additionalEnv: []
+    # Example:
+    #  - name: volume-from-secret
+    # - name: TEST
+    #  value: "test"
+    additionalVolumes: []
+    # Example(assumes that pvc was already created):
+    # - name: tmp
+    #   persistentVolumeClaim:
+    #       claimName: tmp
+    additionalVolumeMounts: []
+    # Example:
+    # -   mountPath: /tmp
+    #     name: tmp
+    #     subPath: test
+    service:
+      type: ClusterIP
+      ports:
+        - port: 8080
+          targetPort: 8080
+          protocol: TCP
+          name: http
+    defaultStorage:
+        enabled: true
+        size: 20Gi
+  frontend:
+    replicas: 1
+    image: openvino/cvat_ui
+    tag: latest
+    labels: {}
+    #  test: test
+    annotations: {}
+    # test.io/test: test
+    resources: {}
+    affinity: {}
+    # nodeAffinity:
+    #   requiredDuringSchedulingIgnoredDuringExecution:
+    #     nodeSelectorTerms:
+    #     - matchExpressions:
+    #       - key: kubernetes.io/e2e-az-name
+    #         operator: In
+    #         values:
+    #         - e2e-az1
+    #         - e2e-az2
+    additionalEnv: []
+    # Example:
+    #  - name: volume-from-secret
+    # - name: TEST
+    #  value: "test"
+    additionalVolumes: []
+    # Example(assumes that pvc was already created):
+    # - name: tmp
+    #   persistentVolumeClaim:
+    #       claimName: tmp
+    additionalVolumeMounts: []
+    # Example:
+    # -   mountPath: /tmp
+    #     name: tmp
+    #     subPath: test
+    service:
+      type: ClusterIP
+      ports:
+        - port: 80
+          targetPort: 80
+          protocol: TCP
+          name: http
 
 postgresql:
-    #See https://github.com/bitnami/charts/blob/master/bitnami/postgresql/ for more info
-    enabled: true # false for external db
-    external:
-        host: 127.0.0.1
-        port: 5432
-        user: postgres
-        password: postgres
-        dbname: cvat
-
-    # If not external follwoing config will apply by default
-    global:
-        postgresql:
-            existingSecret: cvt-test-postgres-secret
-    secret:
-        create: true
-        name: postgres-secret
-        password: cvat_postgresql
-        postgres_password: cvat_postgresql_postgres
-        replication_password: cvat_postgresql_replica
-    postgresqlDatabase: cvat
-    postgresqlUsername: cvat
-    service:
-        port: 5432
+  #See https://github.com/bitnami/charts/blob/master/bitnami/postgresql/ for more info
+  enabled: true # false for external db
+  external:
+    host: 127.0.0.1
+    port: 5432
+    user: postgres
+    password: postgres
+    dbname: cvat
+ # If not external following config will be applied by default
+  global:
+    postgresql:
+      existingSecret: cvat-postgres-secret
+  secret:
+    create: true
+    name: postgres-secret
+    password: cvat_postgresql
+    postgres_password: cvat_postgresql_postgres
+    replication_password: cvat_postgresql_replica
+  postgresqlDatabase: cvat
+  postgresqlUsername: cvat
+  service:
+    port: 5432
 
 redis:
-    #See https://github.com/bitnami/charts/blob/master/bitnami/redis/ for more info
-    enabled: true
-    usePassword: false
-    cluster:
-        enabled: false
+  #See https://github.com/bitnami/charts/blob/master/bitnami/redis/ for more info
+  enabled: true
+  external:
+      host: 127.0.0.1
+  usePassword: false
+  cluster:
+    enabled: false
 
 ingress:
-    enabled: false
-#    annotations:
-#        kubernetes.io/ingress.class: nginx
-#        # cert-manager.io/cluster-issuer:"your-issuer-name"
-#        ingress.kubernetes.io/ssl-redirect: "true"
-#    hosts:
-#        - host: cvat.example.com
-#          paths:
-#            - match: "/api/.*|git/.*|tensorflow/.*|auto_annotation/.*|analytics/.*|static/.*|admin|admin/.*|documentation/.*|dextr/.*|reid/.*"
-#              service:
-#                  name: cvat-backend-service
-#                  port: 8080
-#            - match : "/"
-#              service:
-#                  name: cvat-frontend-service
-#                  port: 80
-#    tls:
-#        - hosts:
-#              - cvat.example.com
-#          secretName: ingress-tls-cvat
+  enabled: false
+#  annotations:
+#    kubernetes.io/ingress.class: nginx
+#    # cert-manager.io/cluster-issuer:"your-issuer-name"
+#    ingress.kubernetes.io/ssl-redirect: "true"
+#  hosts:
+#    - host: cvat.example.com
+#      paths:
+#        - match: "/api/.*|git/.*|tensorflow/.*|auto_annotation/.*|analytics/.*|static/.*|admin|admin/.*|documentation/.*|dextr/.*|reid/.*"
+#          service:
+#            name: cvat-backend-service
+#            port: 8080
+#        - match : "/"
+#          service:
+#            name: cvat-frontend-service
+#            port: 80
+#  tls:
+#    - hosts:
+#      - cvat.example.com
+#      secretName: ingress-tls-cvat

From 69ad2356d7e1da221460c851777d4e871ac0f21a Mon Sep 17 00:00:00 2001
From: Michael Kirpichev <m.kirpichev@haut.ai>
Date: Tue, 20 Apr 2021 14:56:52 +0300
Subject: [PATCH 06/19] Add notes

---
 CHANGELOG.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 62042ab38a58..0352d7584bc4 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -12,6 +12,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Documentation on mask annotation (<https://github.com/openvinotoolkit/cvat/pull/3044>)
 - Hotkeys to switch a label of existing object or to change default label (for objects created with N) (<https://github.com/openvinotoolkit/cvat/pull/3070>)
 - A script to convert some kinds of DICOM files to regular images (<https://github.com/openvinotoolkit/cvat/pull/3095>)
+- helm chart prototype (https://github.com/openvinotoolkit/cvat/pull/3102)
+
 
 ### Changed
 

From 00f0973e705811d7d14f827d0de9724ebea57eb5 Mon Sep 17 00:00:00 2001
From: Michael Kirpichev <m.kirpichev@haut.ai>
Date: Wed, 21 Apr 2021 14:56:47 +0300
Subject: [PATCH 07/19] Add ingress fix

---
 helm-chart/templates/ingress.yaml |  5 +++-
 helm-chart/values.yaml            | 44 ++++++++++++++++++-------------
 2 files changed, 29 insertions(+), 20 deletions(-)

diff --git a/helm-chart/templates/ingress.yaml b/helm-chart/templates/ingress.yaml
index 1e1f77dc0c84..cab76c1353d7 100644
--- a/helm-chart/templates/ingress.yaml
+++ b/helm-chart/templates/ingress.yaml
@@ -32,7 +32,10 @@ spec:
       http:
         paths:
         {{- range .paths }}
-          - path: {{ .match }}
+          - path: {{ .path }}
+            {{- if .pathType }}
+            pathType: {{ .pathType }}
+            {{- end }}
             backend:
               serviceName: {{ .service.name }}
               servicePort: {{ .service.port }}
diff --git a/helm-chart/values.yaml b/helm-chart/values.yaml
index 38762a4cb53d..2cb41a8a5236 100644
--- a/helm-chart/values.yaml
+++ b/helm-chart/values.yaml
@@ -132,22 +132,28 @@ redis:
 
 ingress:
   enabled: false
-#  annotations:
-#    kubernetes.io/ingress.class: nginx
-#    # cert-manager.io/cluster-issuer:"your-issuer-name"
-#    ingress.kubernetes.io/ssl-redirect: "true"
-#  hosts:
-#    - host: cvat.example.com
-#      paths:
-#        - match: "/api/.*|git/.*|tensorflow/.*|auto_annotation/.*|analytics/.*|static/.*|admin|admin/.*|documentation/.*|dextr/.*|reid/.*"
-#          service:
-#            name: cvat-backend-service
-#            port: 8080
-#        - match : "/"
-#          service:
-#            name: cvat-frontend-service
-#            port: 80
-#  tls:
-#    - hosts:
-#      - cvat.example.com
-#      secretName: ingress-tls-cvat
+# Example for nginx ingress and cert manager
+#    annotations:
+#        kubernetes.io/ingress.class: nginx
+#        nginx.ingress.kubernetes.io/use-regex: "true"
+#        nginx.ingress.kubernetes.io/secure-backends: "true"
+#        kubernetes.io/tls-acme: "true"
+#        cert-manager.io/cluster-issuer: example.issuer.name
+#        ingress.kubernetes.io/ssl-redirect: "true"
+#    hosts:
+#        - host: cvat.example.com
+#          paths:
+#              - path: "/api/.*|git/.*|tensorflow/.*|auto_annotation/.*|analytics/.*|static/.*|admin|admin/.*|documentation/.*|dextr/.*|reid/.*"
+#                service:
+#                    name: cvt-test-backend-service
+#                    port: 8080
+#              - path : "/"
+#                pathType: "Prefix"
+#                service:
+#                    name: cvt-test-frontend-service
+#                    port: 80
+#
+#    tls:
+#        - hosts:
+#              - cvat.example.com
+#          secretName: ingress-tls-cvat

From 46e01d9881fcc53bcb96193d969a7fb22297cc60 Mon Sep 17 00:00:00 2001
From: Michael Kirpichev <m.kirpichev@haut.ai>
Date: Wed, 21 Apr 2021 15:57:13 +0300
Subject: [PATCH 08/19] Changelog.md fixes

---
 CHANGELOG.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 0352d7584bc4..c7722e62b550 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -12,7 +12,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Documentation on mask annotation (<https://github.com/openvinotoolkit/cvat/pull/3044>)
 - Hotkeys to switch a label of existing object or to change default label (for objects created with N) (<https://github.com/openvinotoolkit/cvat/pull/3070>)
 - A script to convert some kinds of DICOM files to regular images (<https://github.com/openvinotoolkit/cvat/pull/3095>)
-- helm chart prototype (https://github.com/openvinotoolkit/cvat/pull/3102)
+- Helm chart prototype (<https://github.com/openvinotoolkit/cvat/pull/3102>)
 
 
 ### Changed

From 060ded3541f211263f7265dae9067a5675953f8e Mon Sep 17 00:00:00 2001
From: Michael Kirpichev <m.kirpichev@haut.ai>
Date: Wed, 21 Apr 2021 16:21:21 +0300
Subject: [PATCH 09/19] Fix default storage

---
 helm-chart/templates/cvat_backend/storage.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/helm-chart/templates/cvat_backend/storage.yml b/helm-chart/templates/cvat_backend/storage.yml
index 41b0bf85e1e8..f30b768ca39b 100644
--- a/helm-chart/templates/cvat_backend/storage.yml
+++ b/helm-chart/templates/cvat_backend/storage.yml
@@ -11,7 +11,6 @@ metadata:
 spec:
   accessModes:
     - ReadWriteOnce
-  storageClassName: standard
   resources:
     requests:
       storage: {{ .Values.cvat.backend.defaultStorage.size }}

From e70cdf35eccc3e629b22664c32bbec08129ff6ac Mon Sep 17 00:00:00 2001
From: Michael Kirpichev <m.kirpichev@haut.ai>
Date: Tue, 27 Apr 2021 14:16:29 +0300
Subject: [PATCH 10/19] Fixes according review

---
 helm-chart/Chart.yaml |  5 +++--
 helm-chart/README.md  | 29 +++++++++++++++++++++++++++++
 2 files changed, 32 insertions(+), 2 deletions(-)
 create mode 100644 helm-chart/README.md

diff --git a/helm-chart/Chart.yaml b/helm-chart/Chart.yaml
index 124885d2bb52..567bb5e4d0b8 100644
--- a/helm-chart/Chart.yaml
+++ b/helm-chart/Chart.yaml
@@ -15,13 +15,14 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.1.0
+version: 0.2.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "1.16.0"
+appVersion: latest
+# We dont use it, so you can override it using values.override.yaml
 
 dependencies:
   - name: redis
diff --git a/helm-chart/README.md b/helm-chart/README.md
new file mode 100644
index 000000000000..c0412fc5f4b6
--- /dev/null
+++ b/helm-chart/README.md
@@ -0,0 +1,29 @@
+# FAQ
+## What should be configured before installation?
+1. You should have configured connection to existed k8s cluster
+2. Helm must be installed
+3. You should download chart external dependencies, using following commands:
+   `helm repo add bitnami https://charts.bitnami.com/bitnami`
+   `helm repo update`
+   `helm dependency update`
+4. (Optional) Install ingress of your choice (for example: https://github.com/kubernetes/ingress-nginx)
+5. (Optional) Create certificates for https  (for example: https://github.com/jetstack/cert-manager/ )
+6. (Optional) Create values.override.yaml and override there parameters you want
+7. Deploy cvat using command below
+## How to deploy new version of chart to cluster?
+Execute following command:
+`helm upgrade <release_name> --install ./helm-chart -f ./helm-chart/values.yaml  -f values.override.yaml(if exists) --namespace <desired namespace>`
+## How to understand what diff will be inflicted by 'helm upgrade'?
+You can use https://github.com/databus23/helm-diff#install for that
+## I want to use my own postgresql/redis with your chart.
+Just set postgresql.enabled or redis.enabled to false, as described below.
+Then - put your instance params to "external" field
+## I want to override some settings in values.yaml.
+Just create file values.override.yaml and place your changes here, using same stracture as in values.yaml.
+Then reference it in helm update/install command using -f
+## Why you used external charts to provide redis and postgres?
+Because they defenetly know what they do better then we are, so we are getting more qulity and less support
+## What is kubernetes and how it is working?
+See https://kubernetes.io/
+## What is helm and how it is working?
+See https://helm.sh/

From 139f9c08644aeb35e990f3bbd0d45dcf091d153a Mon Sep 17 00:00:00 2001
From: Michael Kirpichev <m.kirpichev@haut.ai>
Date: Tue, 27 Apr 2021 16:09:27 +0300
Subject: [PATCH 11/19] Fixes according review

---
 helm-chart/README.md   | 5 +++++
 helm-chart/values.yaml | 7 +++++--
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/helm-chart/README.md b/helm-chart/README.md
index c0412fc5f4b6..e5b8f57e8c4b 100644
--- a/helm-chart/README.md
+++ b/helm-chart/README.md
@@ -13,6 +13,11 @@
 ## How to deploy new version of chart to cluster?
 Execute following command:
 `helm upgrade <release_name> --install ./helm-chart -f ./helm-chart/values.yaml  -f values.override.yaml(if exists) --namespace <desired namespace>`
+## How to create superuser?
+`HELM_RELEASE_NAMESPACE="<insert>" &&
+HELM_RELEASE_NAME="<insert>" &&
+BACKEND_POD_NAME=$(kubectl get pod --namespace $HELM_RELEASE_NAMESPACE -l tier=backend,app.kubernetes.io/instance=$HELM_RELEASE_NAME -o jsonpath='{.items[0].metadata.name}') &&
+kubectl exec -it --namespace $HELM_RELEASE_NAMESPACE $BACKEND_POD_NAME -c cvat-backend-app-container -- python manage.py createsuperuser`
 ## How to understand what diff will be inflicted by 'helm upgrade'?
 You can use https://github.com/databus23/helm-diff#install for that
 ## I want to use my own postgresql/redis with your chart.
diff --git a/helm-chart/values.yaml b/helm-chart/values.yaml
index 2cb41a8a5236..62fbf44827fb 100644
--- a/helm-chart/values.yaml
+++ b/helm-chart/values.yaml
@@ -135,11 +135,14 @@ ingress:
 # Example for nginx ingress and cert manager
 #    annotations:
 #        kubernetes.io/ingress.class: nginx
+#        kubernetes.io/tls-acme: "true"
+#        ingress.kubernetes.io/ssl-redirect: "true"
 #        nginx.ingress.kubernetes.io/use-regex: "true"
 #        nginx.ingress.kubernetes.io/secure-backends: "true"
-#        kubernetes.io/tls-acme: "true"
+#        nginx.ingress.kubernetes.io/proxy-body-size: "0"
+#        nginx.ingress.kubernetes.io/proxy-send-timeout: "120"
+#        nginx.ingress.kubernetes.io/proxy-read-timeout: "120"
 #        cert-manager.io/cluster-issuer: example.issuer.name
-#        ingress.kubernetes.io/ssl-redirect: "true"
 #    hosts:
 #        - host: cvat.example.com
 #          paths:

From efe82d7258ca8001b5a4f49a29518145b97e51fd Mon Sep 17 00:00:00 2001
From: Michael Kirpichev <m.kirpichev@haut.ai>
Date: Tue, 27 Apr 2021 16:32:29 +0300
Subject: [PATCH 12/19] Fix according review

---
 helm-chart/README.md | 38 +++++++++++++++++++++++++++++++-------
 1 file changed, 31 insertions(+), 7 deletions(-)

diff --git a/helm-chart/README.md b/helm-chart/README.md
index e5b8f57e8c4b..0b347bddf193 100644
--- a/helm-chart/README.md
+++ b/helm-chart/README.md
@@ -3,21 +3,45 @@
 1. You should have configured connection to existed k8s cluster
 2. Helm must be installed
 3. You should download chart external dependencies, using following commands:
-   `helm repo add bitnami https://charts.bitnami.com/bitnami`
-   `helm repo update`
-   `helm dependency update`
+```
+   helm repo add bitnami https://charts.bitnami.com/bitnami
+   helm repo update
+   helm dependency update
+```
 4. (Optional) Install ingress of your choice (for example: https://github.com/kubernetes/ingress-nginx)
 5. (Optional) Create certificates for https  (for example: https://github.com/jetstack/cert-manager/ )
 6. (Optional) Create values.override.yaml and override there parameters you want
+7. Change postgresql password as described below
+8. Add ingress to values.override.yaml(example also below)
 7. Deploy cvat using command below
 ## How to deploy new version of chart to cluster?
 Execute following command:
 `helm upgrade <release_name> --install ./helm-chart -f ./helm-chart/values.yaml  -f values.override.yaml(if exists) --namespace <desired namespace>`
 ## How to create superuser?
-`HELM_RELEASE_NAMESPACE="<insert>" &&
-HELM_RELEASE_NAME="<insert>" &&
-BACKEND_POD_NAME=$(kubectl get pod --namespace $HELM_RELEASE_NAMESPACE -l tier=backend,app.kubernetes.io/instance=$HELM_RELEASE_NAME -o jsonpath='{.items[0].metadata.name}') &&
-kubectl exec -it --namespace $HELM_RELEASE_NAMESPACE $BACKEND_POD_NAME -c cvat-backend-app-container -- python manage.py createsuperuser`
+```
+HELM_RELEASE_NAMESPACE="<insert>" &&\
+HELM_RELEASE_NAME="<insert>" &&\
+BACKEND_POD_NAME=$(kubectl get pod --namespace $HELM_RELEASE_NAMESPACE -l tier=backend,app.kubernetes.io/instance=$HELM_RELEASE_NAME -o jsonpath='{.items[0].metadata.name}') &&\
+kubectl exec -it --namespace $HELM_RELEASE_NAMESPACE $BACKEND_POD_NAME -c cvat-backend-app-container -- python manage.py createsuperuser
+```
+## How to change embedded postgresql password?
+There are several passwords used here, for security reasons - better change them all.
+```
+postgresql:
+  secret:
+    password: cvat_postgresql
+    postgres_password: cvat_postgresql_postgres
+    replication_password: cvat_postgresql_replica
+```
+Or, if you know how to work with k8s - you could create your own secret and use it here:
+```
+postgresql:
+   global:
+     postgresql:
+       existingSecret: cvat-postgres-secret
+```
+## How to describe ingress:
+  Just set `ingress.enabled:` to 'true', then copy example, uncomment it and change values there
 ## How to understand what diff will be inflicted by 'helm upgrade'?
 You can use https://github.com/databus23/helm-diff#install for that
 ## I want to use my own postgresql/redis with your chart.

From 8b62beb130f0b8bc98295377f06b5b2d07b81865 Mon Sep 17 00:00:00 2001
From: Michael Kirpichev <m.kirpichev@haut.ai>
Date: Tue, 27 Apr 2021 16:39:40 +0300
Subject: [PATCH 13/19] fix values.yaml ignore

---
 .gitignore | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.gitignore b/.gitignore
index 79995c836684..ab8d42c83a3f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -38,5 +38,6 @@ yarn-error.log*
 
 #Ignore helm-related files
 /helm-chart/Chart.lock
-/helm-chart/values.override.yaml
+/helm-chart/values.*.yaml
+/helm-chart/*.values.yaml
 /helm-chart/charts/*

From e4ce77714c17265d177872ae7d31f8df054ab115 Mon Sep 17 00:00:00 2001
From: Kirpichev Michael <Mihon@bk.ru>
Date: Tue, 27 Apr 2021 16:42:31 +0300
Subject: [PATCH 14/19] Update helm-chart/README.md

Co-authored-by: eremeevfd <dartfedor@mail.ru>
---
 helm-chart/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/helm-chart/README.md b/helm-chart/README.md
index 0b347bddf193..57447e363ef1 100644
--- a/helm-chart/README.md
+++ b/helm-chart/README.md
@@ -16,7 +16,7 @@
 7. Deploy cvat using command below
 ## How to deploy new version of chart to cluster?
 Execute following command:
-`helm upgrade <release_name> --install ./helm-chart -f ./helm-chart/values.yaml  -f values.override.yaml(if exists) --namespace <desired namespace>`
+```helm upgrade <release_name> --install ./helm-chart -f ./helm-chart/values.yaml  -f values.override.yaml(if exists) --namespace <desired namespace>```
 ## How to create superuser?
 ```
 HELM_RELEASE_NAMESPACE="<insert>" &&\

From 9d7c431cd18ff47a17b1bad81a6af2996ef627f7 Mon Sep 17 00:00:00 2001
From: Kirpichev Michael <Mihon@bk.ru>
Date: Tue, 27 Apr 2021 16:42:39 +0300
Subject: [PATCH 15/19] Update helm-chart/README.md

Co-authored-by: eremeevfd <dartfedor@mail.ru>
---
 helm-chart/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/helm-chart/README.md b/helm-chart/README.md
index 57447e363ef1..a2ec1e1ab536 100644
--- a/helm-chart/README.md
+++ b/helm-chart/README.md
@@ -41,7 +41,7 @@ postgresql:
        existingSecret: cvat-postgres-secret
 ```
 ## How to describe ingress:
-  Just set `ingress.enabled:` to 'true', then copy example, uncomment it and change values there
+  Just set `ingress.enabled:` to `true`, then copy example, uncomment it and change values there
 ## How to understand what diff will be inflicted by 'helm upgrade'?
 You can use https://github.com/databus23/helm-diff#install for that
 ## I want to use my own postgresql/redis with your chart.

From 8a6adb29b1a92f8d7c0755316739279cccfb320a Mon Sep 17 00:00:00 2001
From: Kirpichev Michael <Mihon@bk.ru>
Date: Tue, 27 Apr 2021 16:43:35 +0300
Subject: [PATCH 16/19] Update helm-chart/README.md

Co-authored-by: eremeevfd <dartfedor@mail.ru>
---
 helm-chart/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/helm-chart/README.md b/helm-chart/README.md
index a2ec1e1ab536..27c8cfcaba09 100644
--- a/helm-chart/README.md
+++ b/helm-chart/README.md
@@ -45,7 +45,7 @@ postgresql:
 ## How to understand what diff will be inflicted by 'helm upgrade'?
 You can use https://github.com/databus23/helm-diff#install for that
 ## I want to use my own postgresql/redis with your chart.
-Just set postgresql.enabled or redis.enabled to false, as described below.
+Just set `postgresql.enabled` or `redis.enabled` to `false`, as described below.
 Then - put your instance params to "external" field
 ## I want to override some settings in values.yaml.
 Just create file values.override.yaml and place your changes here, using same stracture as in values.yaml.

From ecc3c64f48ffc089e9ce3e673724eaf4e4a11429 Mon Sep 17 00:00:00 2001
From: Kirpichev Michael <Mihon@bk.ru>
Date: Tue, 27 Apr 2021 16:43:45 +0300
Subject: [PATCH 17/19] Update helm-chart/README.md

Co-authored-by: eremeevfd <dartfedor@mail.ru>
---
 helm-chart/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/helm-chart/README.md b/helm-chart/README.md
index 27c8cfcaba09..7986f44dd0f2 100644
--- a/helm-chart/README.md
+++ b/helm-chart/README.md
@@ -51,7 +51,7 @@ Then - put your instance params to "external" field
 Just create file values.override.yaml and place your changes here, using same stracture as in values.yaml.
 Then reference it in helm update/install command using -f
 ## Why you used external charts to provide redis and postgres?
-Because they defenetly know what they do better then we are, so we are getting more qulity and less support
+Because they definitely know what they do better then we are, so we are getting more quality and less support
 ## What is kubernetes and how it is working?
 See https://kubernetes.io/
 ## What is helm and how it is working?

From e5c47b05fc7e68ef90db2df469077384752fdcc5 Mon Sep 17 00:00:00 2001
From: Kirpichev Michael <Mihon@bk.ru>
Date: Tue, 27 Apr 2021 16:43:51 +0300
Subject: [PATCH 18/19] Update helm-chart/README.md

Co-authored-by: eremeevfd <dartfedor@mail.ru>
---
 helm-chart/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/helm-chart/README.md b/helm-chart/README.md
index 7986f44dd0f2..b7aa453a9fa8 100644
--- a/helm-chart/README.md
+++ b/helm-chart/README.md
@@ -49,7 +49,7 @@ Just set `postgresql.enabled` or `redis.enabled` to `false`, as described below.
 Then - put your instance params to "external" field
 ## I want to override some settings in values.yaml.
 Just create file values.override.yaml and place your changes here, using same stracture as in values.yaml.
-Then reference it in helm update/install command using -f
+Then reference it in helm update/install command using `-f` flag
 ## Why you used external charts to provide redis and postgres?
 Because they definitely know what they do better then we are, so we are getting more quality and less support
 ## What is kubernetes and how it is working?

From 5cd57f3cf21f53207270a238023c7c77b220fc01 Mon Sep 17 00:00:00 2001
From: Kirpichev Michael <Mihon@bk.ru>
Date: Tue, 27 Apr 2021 16:43:58 +0300
Subject: [PATCH 19/19] Update helm-chart/README.md

Co-authored-by: eremeevfd <dartfedor@mail.ru>
---
 helm-chart/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/helm-chart/README.md b/helm-chart/README.md
index b7aa453a9fa8..4b74ac738f31 100644
--- a/helm-chart/README.md
+++ b/helm-chart/README.md
@@ -48,7 +48,7 @@ You can use https://github.com/databus23/helm-diff#install for that
 Just set `postgresql.enabled` or `redis.enabled` to `false`, as described below.
 Then - put your instance params to "external" field
 ## I want to override some settings in values.yaml.
-Just create file values.override.yaml and place your changes here, using same stracture as in values.yaml.
+Just create file `values.override.yaml` and place your changes here, using same structure as in `values.yaml`.
 Then reference it in helm update/install command using `-f` flag
 ## Why you used external charts to provide redis and postgres?
 Because they definitely know what they do better then we are, so we are getting more quality and less support