Skip to content

Commit

Permalink
change templates
Browse files Browse the repository at this point in the history
  • Loading branch information
@KireevDmitry
KireevDmitry committed Mar 21, 2022
1 parent 401e2f7 commit 7a52000
Show file tree
Hide file tree
Showing 4 changed files with 230 additions and 24 deletions.
81 changes: 81 additions & 0 deletions charts/documentserver/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,81 @@
{{/*
Get the PostgreSQL password secret
*/}}
{{- define "ds.postgresql.secretName" -}}
{{- if .Values.connections.dbPassword -}}
{{- printf "%s-postgresql" .Release.Name -}}
{{- else if .Values.connections.dbExistingSecret -}}
{{- printf "%s" (tpl .Values.connections.dbExistingSecret $) -}}
{{- end -}}
{{- end -}}

{{/*
Return true if a secret object should be created for PostgreSQL
*/}}
{{- define "ds.postgresql.createSecret" -}}
{{- if or .Values.connections.dbPassword (not .Values.connections.dbExistingSecret) -}}
{{- true -}}
{{- end -}}
{{- end -}}

{{/*
Return PostgreSQL password
*/}}
{{- define "ds.postgresql.password" -}}
{{- if not (empty .Values.connections.dbPassword) }}
{{- .Values.connections.dbPassword }}
{{- else }}
{{- required "A PostgreSQL Password is required!" .Values.connections.dbPassword }}
{{- end }}
{{- end -}}

{{/*
Get the RabbitMQ password secret
*/}}
{{- define "ds.rabbitmq.secretName" -}}
{{- if .Values.connections.amqpPassword -}}
{{- printf "%s-rabbitmq" .Release.Name -}}
{{- else if .Values.connections.amqpExistingSecret -}}
{{- printf "%s" (tpl .Values.connections.amqpExistingSecret $) -}}
{{- end -}}
{{- end -}}

{{/*
Return true if a secret object should be created for RabbitMQ
*/}}
{{- define "ds.rabbitmq.createSecret" -}}
{{- if or .Values.connections.amqpPassword (not .Values.connections.amqpExistingSecret) -}}
{{- true -}}
{{- end -}}
{{- end -}}

{{/*
Return RabbitMQ password
*/}}
{{- define "ds.rabbitmq.password" -}}
{{- if not (empty .Values.connections.amqpPassword) }}
{{- .Values.connections.amqpPassword }}
{{- else }}
{{- required "A RabbitMQ Password is required!" .Values.connections.amqpPassword }}
{{- end }}
{{- end -}}

{{/*
Get the PVC name
*/}}
{{- define "ds.pvc.name" -}}
{{- if .Values.persistence.existingClaim -}}
{{- printf "%s" (tpl .Values.persistence.existingClaim $) -}}
{{- else }}
{{- printf "ds-files" -}}
{{- end -}}
{{- end -}}

{{/*
Return true if a pvc object should be created
*/}}
{{- define "ds.pvc.create" -}}
{{- if empty .Values.persistence.existingClaim }}
{{- true -}}
{{- end -}}
{{- end -}}
52 changes: 44 additions & 8 deletions charts/documentserver/templates/deployments/converter.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,31 +14,62 @@ spec:
labels:
app: converter
spec:
# securityContext:
# runAsUser: 101
# runAsGroup: 101
{{ if .Values.securityContext.enabled }}
securityContext:
runAsUser: {{ .Values.securityContext.converter.runAsUser }}
runAsGroup: {{ .Values.securityContext.converter.runAsGroup }}
{{ end }}
affinity:
podAntiAffinity:
{{- if eq .Values.antiAffinity.type "soft" }}
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: app
operator: In
values:
- converter
topologyKey: {{ .Values.antiAffinity.topologyKey }}
weight: {{ .Values.antiAffinity.weight }}
{{- else if eq .Values.antiAffinity.type "hard" }}
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: app
operator: In
values:
- converter
topologyKey: {{ .Values.antiAffinity.topologyKey }}
{{- end }}
volumes:
- name: ds-files
persistentVolumeClaim:
claimName: ds-files
claimName: {{ template "ds.pvc.name" . }}
- name: ds-license
secret:
secretName: license
{{ if .Values.extraConf.configMap }}
- name: custom-file
configMap:
name: {{ .Values.extraConf.configMap }}
{{ end }}
containers:
- name: converter
image: {{ .Values.converter.containerImage }}
imagePullPolicy: {{ .Values.converter.imagePullPolicy }}
resources: {{- toYaml .Values.converter.resources | nindent 12 }}
env:
- name: DB_PWD
valueFrom:
secretKeyRef:
name: postgresql
key: postgresql-password
name: {{ template "ds.postgresql.secretName" . }}
key: {{ .Values.connections.dbSecretKeyName }}
- name: AMQP_PWD
valueFrom:
secretKeyRef:
name: rabbitmq
key: rabbitmq-password
name: {{ template "ds.rabbitmq.secretName" . }}
key: {{ .Values.connections.amqpSecretKeyName }}
envFrom:
- secretRef:
name: jwt
Expand All @@ -50,3 +81,8 @@ spec:
- name: ds-license
mountPath: /var/www/{{ .Values.product.name }}/Data
readOnly: true
{{ if .Values.extraConf.configMap }}
- name: custom-file
mountPath: /etc/{{ .Values.product.name }}/documentserver/{{ .Values.extraConf.filename }}
subPath: {{ .Values.extraConf.filename }}
{{ end }}
53 changes: 45 additions & 8 deletions charts/documentserver/templates/deployments/docservice.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,26 +16,57 @@ spec:
labels:
app: docservice
spec:
# securityContext:
# runAsUser: 101
# runAsGroup: 101
{{ if .Values.securityContext.enabled }}
securityContext:
runAsUser: {{ .Values.securityContext.docservice.runAsUser }}
runAsGroup: {{ .Values.securityContext.docservice.runAsGroup }}
{{ end }}
# topologySpreadConstraints:
# - maxSkew: 1
# topologyKey: doks.digitalocean.com/node-pool
# whenUnsatisfiable: DoNotSchedule
# labelSelector:
# matchLabels:
# app: docservice
affinity:
podAntiAffinity:
{{- if eq .Values.antiAffinity.type "soft" }}
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: app
operator: In
values:
- docservice
topologyKey: {{ .Values.antiAffinity.topologyKey }}
weight: {{ .Values.antiAffinity.weight }}
{{- else if eq .Values.antiAffinity.type "hard" }}
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: app
operator: In
values:
- docservice
topologyKey: {{ .Values.antiAffinity.topologyKey }}
{{- end }}
volumes:
- name: ds-files
persistentVolumeClaim:
claimName: ds-files
claimName: {{ template "ds.pvc.name" . }}
- name: ds-license
secret:
secretName: license
{{ if .Values.extraConf.configMap }}
- name: custom-file
configMap:
name: {{ .Values.extraConf.configMap }}
{{ end }}
containers:
- name: proxy
image: {{ .Values.proxy.proxyContainerImage }}
imagePullPolicy: {{ .Values.proxy.imagePullPolicy }}
ports:
- containerPort: 8888
{{ if .Values.proxy.livenessProbeEnabled }}
Expand All @@ -54,6 +85,7 @@ spec:

- name: docservice
image: {{ .Values.docservice.containerImage }}
imagePullPolicy: {{ .Values.docservice.imagePullPolicy }}
ports:
- containerPort: 8000
{{ if .Values.docservice.readinessProbeEnabled }}
Expand All @@ -70,13 +102,13 @@ spec:
- name: DB_PWD
valueFrom:
secretKeyRef:
name: postgresql
key: postgresql-password
name: {{ template "ds.postgresql.secretName" . }}
key: {{ .Values.connections.dbSecretKeyName }}
- name: AMQP_PWD
valueFrom:
secretKeyRef:
name: rabbitmq
key: rabbitmq-password
name: {{ template "ds.rabbitmq.secretName" . }}
key: {{ .Values.connections.amqpSecretKeyName }}
envFrom:
- secretRef:
name: jwt
Expand All @@ -88,3 +120,8 @@ spec:
- name: ds-license
mountPath: /var/www/{{ .Values.product.name }}/Data
readOnly: true
{{ if .Values.extraConf.configMap }}
- name: custom-file
mountPath: /etc/{{ .Values.product.name }}/documentserver/{{ .Values.extraConf.filename }}
subPath: {{ .Values.extraConf.filename }}
{{ end }}
68 changes: 60 additions & 8 deletions charts/documentserver/values.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,29 +1,62 @@
product:
name: onlyoffice


connections:
dbHost: postgresql
dbUser: postgres
dbPort: "5432"
dbName: postgres
dbExistingSecret: postgresql
dbSecretKeyName: postgres-password
dbPassword: ""
redisHost: redis-master
amqpHost: rabbitmq
amqpUser: user
amqpProto: amqp
amqpExistingSecret: rabbitmq
amqpSecretKeyName: rabbitmq-password
amqpPassword: ""

persistence:
existingClaim: ""
storageClass: "nfs"
size: 8Gi

log:
level: WARN

metrics:
enabled: false
host: statsd-exporter-prometheus-statsd-exporter
port: "8125"
prefix: ds.

example:
enabled: true
containerImage: onlyoffice/docs-example:6.4.2.6
enabled: false
containerImage: onlyoffice/docs-example:7.0.1.37
imagePullPolicy: IfNotPresent
resources:
##Example:
##requests:
## memory: "128Mi"
## cpu: "100m"
requests: {}
##limits:
## memory: "128Mi"
## cpu: "250m"
limits: {}

extraConf:
configMap: ""
filename: local.json

antiAffinity:
type: "soft"
topologyKey: kubernetes.io/hostname
weight: "100"

docservice:
replicas: 3
replicas: 2
readinessProbeEnabled: true
readinessProbe:
failureThreshold: 2
Expand All @@ -49,7 +82,8 @@ docservice:
port: 8000
failureThreshold: 30
periodSeconds: 10
containerImage: onlyoffice/docs-docservice-de:6.4.2.6
containerImage: onlyoffice/docs-docservice-de:7.0.1.37
imagePullPolicy: IfNotPresent
resources:
##Example:
##requests:
Expand All @@ -62,6 +96,7 @@ docservice:
limits: {}

proxy:
gzipProxied: "off"
livenessProbeEnabled: true
livenessProbe:
failureThreshold: 3
Expand All @@ -78,7 +113,8 @@ proxy:
port: 8888
failureThreshold: 30
periodSeconds: 10
proxyContainerImage: onlyoffice/docs-proxy-de:6.4.2.6
proxyContainerImage: onlyoffice/docs-proxy-de:7.0.1.37
imagePullPolicy: IfNotPresent
resources:
##Example:
##requests:
Expand All @@ -92,7 +128,8 @@ proxy:

converter:
replicas: 2
containerImage: onlyoffice/docs-converter-de:6.4.2.6
containerImage: onlyoffice/docs-converter-de:7.0.1.37
imagePullPolicy: IfNotPresent
resources:
##Example:
##requests:
Expand All @@ -107,16 +144,31 @@ converter:
jwt:
enabled: true
secret: MYSECRET
header: Authorization
inBody: false

service:
type: ClusterIP
port: 8888

ingress:
enabled: false
host: ""
ssl:
enabled: false
host: example.com
secret: tls

grafana_ingress:
enabled: false

securityContext:
enabled: false
converter:
runAsUser: 101
runAsGroup: 101
docservice:
runAsUser: 101
runAsGroup: 101
example:
runAsUser: 1001
runAsGroup: 1001

0 comments on commit 7a52000

Please sign in to comment.