-
Notifications
You must be signed in to change notification settings - Fork 6
fix(Helm)!: Refresh helm #880
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Changes from all commits
b22c8ff
7f6db96
09bd101
fd19e3e
5c4c5f7
1ccb17f
d8259bf
b87ddf5
cecf616
8c2f287
95cc1c2
c384692
20592e3
764b411
d02760b
0553dce
87faaf4
daf2461
a693fce
94de2cb
16cb19d
5bb0927
a275362
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,55 @@ | ||
# blueapi | ||
|
||
A Helm chart deploying a worker pod that runs Bluesky plans | ||
|
||
**Homepage:** <https://github.com/DiamondLightSource/blueapi> | ||
|
||
## Values | ||
|
||
| Key | Type | Default | Description | | ||
|-----|------|---------|-------------| | ||
| affinity | object | `{}` | May be required to run on specific nodes (e.g. the control machine) | | ||
| debug.enabled | bool | `false` | If enabled, disables liveness and readiness probes, and does not start the service on startup This allows connecting to the pod and starting the service manually to allow debugging on the cluster | | ||
| extraEnvVars | list | `[]` | Additional envVars to mount to the pod | | ||
| fullnameOverride | string | `""` | | | ||
| hostNetwork | bool | `false` | May be needed for EPICS depending on gateway configuration | | ||
| image.pullPolicy | string | `"IfNotPresent"` | | | ||
| image.repository | string | `"ghcr.io/diamondlightsource/blueapi"` | To use a container image that extends the blueapi one, set it here | | ||
| image.tag | string | `""` | | | ||
| imagePullSecrets | list | `[]` | | | ||
| ingress | object | `{"annotations":{},"className":"nginx","enabled":false,"hosts":[{"host":"example.diamond.ac.uk","paths":[{"path":"/","pathType":"Prefix"}]}],"tls":[]}` | Configuring and enabling an ingress allows blueapi to be served at a nicer address, e.g. ixx-blueapi.diamond.ac.uk | | ||
| ingress.hosts[0] | object | `{"host":"example.diamond.ac.uk","paths":[{"path":"/","pathType":"Prefix"}]}` | Request a host from https://jira.diamond.ac.uk/servicedesk/customer/portal/2/create/91 of the form ixx-blueapi.diamond.ac.uk. Note: pathType: Prefix is required in Diamond's clusters | | ||
| initContainer | object | `{"enabled":false,"persistentVolume":{"enabled":false,"existingClaimName":""}}` | Configure the initContainer that checks out the scratch configuration repositories | | ||
| initContainer.persistentVolume.enabled | bool | `false` | Whether to use a persistent volume in the cluster or check out onto the mounted host filesystem If persistentVolume.enabled: False, mounts scratch.root as scratch.root in the container | | ||
| initContainer.persistentVolume.existingClaimName | string | `""` | May be set to an existing persistent volume claim to re-use the volume, else a new one is created for each blueapi release | | ||
| livenessProbe | object | `{"failureThreshold":3,"httpGet":{"path":"/healthz","port":"http"},"periodSeconds":10}` | Liveness probe, if configured kubernetes will kill the pod and start a new one if failed consecutively. This is automatically disabled when in debug mode. | | ||
| nameOverride | string | `""` | | | ||
| nodeSelector | object | `{}` | May be required to run on specific nodes (e.g. the control machine) | | ||
| podAnnotations | object | `{}` | | | ||
| podLabels | object | `{}` | | | ||
| podSecurityContext | object | `{}` | | | ||
| readinessProbe | object | `{"failureThreshold":2,"httpGet":{"path":"/healthz","port":"http"},"periodSeconds":10}` | Readiness probe, if configured kubernetes will not route traffic to this pod if failed consecutively. This could allow the service time to recover if it is being overwhelmed by traffic, but without the to ability to load balance or scale up/outwards, upstream services will need to know to back off. This is automatically disabled when in debug mode. | | ||
| resources | object | `{"limits":{"cpu":"2000m","memory":"4000Mi"},"requests":{"cpu":"200m","memory":"400Mi"}}` | Sets the compute resources available to the pod. These defaults are appropriate when using debug mode or an internal PVC and therefore running VS Code server in the pod. In the Diamond cluster, requests must be >= 0.1*limits When not using either of the above, the limits may be lowered. When idle but connected, blueapi consumes ~400MB of memory and 1% cpu and may struggle when allocated less. | | ||
| restartOnConfigChange | bool | `true` | If enabled the blueapi pod will restart on changes to `worker` | | ||
| securityContext.runAsNonRoot | bool | `true` | | | ||
| securityContext.runAsUser | int | `1000` | | | ||
| service.port | int | `80` | | | ||
| service.type | string | `"ClusterIP"` | To make blueapi available on an IP outside of the cluster prior to an Ingress being created, change this to LoadBalancer | | ||
| serviceAccount.annotations | object | `{}` | | | ||
| serviceAccount.automount | bool | `true` | | | ||
| serviceAccount.create | bool | `false` | | | ||
| serviceAccount.name | string | `""` | | | ||
| startupProbe | object | `{"failureThreshold":5,"httpGet":{"path":"/healthz","port":"http"},"periodSeconds":10}` | A more lenient livenessProbe to allow the service to start fully. This is automatically disabled when in debug mode. | | ||
| tolerations | list | `[]` | May be required to run on specific nodes (e.g. the control machine) | | ||
| tracing | object | `{"otlp":{"enabled":false,"protocol":"http/protobuf","server":{"host":"http://opentelemetry-collector.tracing","port":4318}}}` | Configure tracing: opentelemetry-collector.tracing should be available in all Diamond clusters | | ||
| volumeMounts | list | `[{"mountPath":"/config","name":"worker-config","readOnly":true}]` | Additional volumeMounts on the output StatefulSet definition. Define how volumes are mounted to the container referenced by using the same name. | | ||
| volumes | list | `[]` | Additional volumes on the output StatefulSet definition. Define volumes from e.g. Secrets, ConfigMaps or the Filesystem | | ||
| worker | object | `{"api":{"url":"http://0.0.0.0:8000/"},"env":{"sources":[{"kind":"planFunctions","module":"dodal.plans"},{"kind":"planFunctions","module":"dodal.plan_stubs.wrapped"}]},"logging":{"graylog":{"enabled":false,"url":"http://graylog-log-target.diamond.ac.uk:12232/"},"level":"INFO"},"scratch":{"repositories":[],"root":"/blueapi-plugins/scratch"},"stomp":{"auth":{"password":"guest","username":"guest"},"enabled":false,"url":"http://rabbitmq:61613/"}}` | Config for the worker goes here, will be mounted into a config file | | ||
| worker.api.url | string | `"http://0.0.0.0:8000/"` | 0.0.0.0 required to allow non-loopback traffic If using hostNetwork, the port must be free on the host | | ||
| worker.env.sources | list | `[{"kind":"planFunctions","module":"dodal.plans"},{"kind":"planFunctions","module":"dodal.plan_stubs.wrapped"}]` | modules (must be installed in the venv) to fetch devices/plans from | | ||
| worker.logging | object | `{"graylog":{"enabled":false,"url":"http://graylog-log-target.diamond.ac.uk:12232/"},"level":"INFO"}` | Configures logging. Port 12231 is the `dodal` input on graylog which will be renamed `blueapi` | | ||
| worker.scratch | object | `{"repositories":[],"root":"/blueapi-plugins/scratch"}` | If initContainer is enabled the default branch of python projects in this section are installed into the venv *without their dependencies* | | ||
| worker.stomp | object | `{"auth":{"password":"guest","username":"guest"},"enabled":false,"url":"http://rabbitmq:61613/"}` | Message bus configuration for returning status to GDA/forwarding documents downstream Password may be in the form ${ENV_VAR} to be fetched from an environment variable e.g. mounted from a SealedSecret | | ||
|
||
---------------------------------------------- | ||
Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Is there a way to not have generated code in the repo or a way to ensure it stays up to date without someone having to remember to update it? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. The linting will fail if the output should have changed, as it's run as a pre-commit hook |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
{{ template "chart.header" . }} | ||
{{ template "chart.deprecationWarning" . }} | ||
|
||
{{ template "chart.description" . }} | ||
|
||
{{ template "chart.homepageLine" . }} | ||
|
||
{{ template "chart.maintainersSection" . }} | ||
|
||
{{ template "chart.sourcesSection" . }} | ||
|
||
{{ template "chart.requirementsSection" . }} | ||
|
||
{{ template "chart.valuesSection" . }} | ||
|
||
{{ template "helm-docs.versionFooter" . }} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,25 @@ | ||
1. Worker will be deployed with the following config: | ||
Worker will be deployed with the following config: | ||
{{- .Values.worker }} | ||
|
||
1. Get the application URL by running these commands: | ||
{{- if .Values.ingress.enabled }} | ||
{{- range $host := .Values.ingress.hosts }} | ||
{{- range .paths }} | ||
http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} | ||
{{- end }} | ||
{{- end }} | ||
{{- else if contains "NodePort" .Values.service.type }} | ||
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "blueapi.fullname" . }}) | ||
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") | ||
echo http://$NODE_IP:$NODE_PORT | ||
{{- else if contains "LoadBalancer" .Values.service.type }} | ||
NOTE: It may take a few minutes for the LoadBalancer IP to be available. | ||
You can watch its status by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "blueapi.fullname" . }}' | ||
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "blueapi.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") | ||
echo http://$SERVICE_IP:{{ .Values.service.port }} | ||
{{- else if contains "ClusterIP" .Values.service.type }} | ||
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "blueapi.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") | ||
export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") | ||
echo "Visit http://127.0.0.1:8080 to use your application" | ||
kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT | ||
{{- end }} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,22 +1,43 @@ | ||
{{- if .Values.ingress.create -}} | ||
{{- if .Values.ingress.enabled -}} | ||
apiVersion: networking.k8s.io/v1 | ||
kind: Ingress | ||
metadata: | ||
name: {{ include "blueapi.fullname" . }} | ||
labels: | ||
{{- include "blueapi.labels" . | nindent 4 }} | ||
{{- with .Values.ingress.annotations }} | ||
annotations: | ||
{{- toYaml . | nindent 4 }} | ||
{{- end }} | ||
spec: | ||
ingressClassName: nginx | ||
{{- with .Values.ingress.className }} | ||
ingressClassName: {{ . }} | ||
{{- end }} | ||
{{- if .Values.ingress.tls }} | ||
tls: | ||
- hosts: | ||
- {{ required "A valid hostname must be provided" .Values.ingress.host }} | ||
{{- range .Values.ingress.tls }} | ||
- hosts: | ||
{{- range .hosts }} | ||
- {{ . | quote }} | ||
{{- end }} | ||
secretName: {{ .secretName }} | ||
{{- end }} | ||
{{- end }} | ||
DiamondJoseph marked this conversation as resolved.
Show resolved
Hide resolved
|
||
rules: | ||
- host: {{ required "A valid hostname must be provided" .Values.ingress.host }} | ||
http: | ||
paths: | ||
- path: / | ||
pathType: Prefix | ||
backend: | ||
service: | ||
name: {{ include "blueapi.fullname" . }} | ||
port: | ||
number: {{ .Values.service.port }} | ||
{{- range .Values.ingress.hosts }} | ||
- host: {{ .host | quote }} | ||
http: | ||
paths: | ||
{{- range .paths }} | ||
- path: {{ .path }} | ||
{{- with .pathType }} | ||
pathType: {{ . }} | ||
{{- end }} | ||
backend: | ||
service: | ||
name: {{ include "blueapi.fullname" $ }} | ||
port: | ||
number: {{ $.Values.service.port }} | ||
{{- end }} | ||
{{- end }} | ||
{{- end }} |
This file was deleted.
Uh oh!
There was an error while loading. Please reload this page.