diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 714157b8b851b1552ede9993f4efda7953bb9874..18ddf3f2a69999e698b9ffeb948740c5ce73ddaf 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,5 +1,6 @@
variables:
GITLAB_PASTEUR_PROJECT_ID: 6531
+ PROJECT_NAME: nyxui
stages:
- build
@@ -72,20 +73,27 @@ build dev on gitlab.pasteur.fr:
--docker-email=kubernetes@pasteur.fr
--dry-run=client
-n "$NAMESPACE" -o yaml | kubectl apply -f -
- - cd $CI_PROJECT_DIR/nyxui
- - helm upgrade --install --debug nyxui . --namespace="$NAMESPACE"
- --set front.image.tag=$CI_COMMIT_SHORT_SHA
- --set ingress.hosts[0].host="$PUBLIC_URL"
- --set ingress.hosts[0].paths[0].path="/"
- --set ingress.hosts[0].paths[0].pathType="Prefix"
+ # - cd $CI_PROJECT_DIR/nyxui
+ - helmfile lint
+ - helmfile template
+ - helmfile sync
rules:
- if: $CI_PROJECT_ID == $GITLAB_PASTEUR_PROJECT_ID # gitlab.pasteur.fr only
deploy to pasteur.cloud:
- extends: .deploy-with-manifests
+ extends: .deploy-with-helm
variables:
- NAMESPACE: "nyx-prod"
+ IMAGE_URL: "registry-gitlab.pasteur.fr/nyx/nyxui.jl/front"
+ SERVICE_TARGET_PORT: "8080"
+ IMAGE_SECRETS: "registry-gitlab"
+ KUBE_NAMESPACE: "nyx-prod"
PUBLIC_URL: "nyx.pasteur.cloud"
+ INGRESS_CLASS: "internal"
+ INGRESS_URL: "nyx.pasteur.cloud"
+ SERVICE_PORT: "80"
+ LIMITS_CPU: "2"
+ LIMITS_MEMORY: "4Gi"
+ LIMITS_STORAGE: "1Gi"
environment:
name: k8sprod-02/nyx-prod
url: https://nyx.pasteur.cloud
@@ -94,13 +102,23 @@ deploy to pasteur.cloud:
when: manual
deploy to dev.pasteur.cloud:
- extends: .deploy-with-manifests
+ extends: .deploy-with-helm
variables:
- NAMESPACE: "nyx-dev"
+ IMAGE_URL: "registry-gitlab.pasteur.fr/nyx/nyxui.jl/front"
+ SERVICE_TARGET_PORT: "8080"
+ IMAGE_SECRETS: "registry-gitlab"
+ KUBE_NAMESPACE: "nyx-dev"
PUBLIC_URL: "nyx.dev.pasteur.cloud"
+ INGRESS_CLASS: "internal"
+ INGRESS_URL: "nyx.dev.pasteur.cloud"
+ SERVICE_PORT: "80"
+ LIMITS_CPU: "2"
+ LIMITS_MEMORY: "4Gi"
+ LIMITS_STORAGE: "1Gi"
environment:
name: k8sdev-01/nyx-dev
url: https://nyx.dev.pasteur.cloud
rules:
- if: $CI_COMMIT_BRANCH == "dev"
+ when: manual
diff --git a/front/Manifest.toml b/front/Manifest.toml
index 2a3032ac5593df4f0a853e1f87a2c9892c418687..eead5c8a00b39085359de72b2b85bfd8c44b1f67 100644
--- a/front/Manifest.toml
+++ b/front/Manifest.toml
@@ -27,9 +27,9 @@ version = "0.1.9"
[[deps.Bonito]]
deps = ["Base64", "CodecZlib", "Colors", "Dates", "Deno_jll", "HTTP", "Hyperscript", "LinearAlgebra", "Markdown", "MsgPack", "Observables", "RelocatableFolders", "SHA", "Sockets", "Tables", "ThreadPools", "URIs", "UUIDs", "WidgetsBase"]
-git-tree-sha1 = "262f58917d5d9644d16ec6f53480e11a6e128db2"
+git-tree-sha1 = "534820940e4359c09adc615f8bd06ca90d508ba6"
uuid = "824d6782-a2ef-11e9-3a09-e5662e0c26f8"
-version = "4.0.0"
+version = "4.0.1"
[[deps.CSTParser]]
deps = ["Tokenize"]
@@ -438,11 +438,11 @@ version = "1.0.0"
[[deps.NyxPlots]]
deps = ["Bonito", "Observables", "PlotlyBase"]
-git-tree-sha1 = "08f7db5d9fe0d084773c96b15ac0ef69f2b6e283"
+git-tree-sha1 = "3d54e1c527baaf6a003e0d7a4fce5fcb9d3dd775"
repo-rev = "main"
repo-url = "https://gitlab.com/dbc-nyx/NyxPlots.jl"
uuid = "e8b8ccdb-0776-4145-b74f-57bbbfff4409"
-version = "0.1.1"
+version = "0.1.2"
[[deps.NyxWidgets]]
deps = ["Bonito", "Colors", "Format", "LazyArtifacts", "Observables"]
diff --git a/helmfile.yaml b/helmfile.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..bf74d576d800241b2043700f26d9822fa26bd107
--- /dev/null
+++ b/helmfile.yaml
@@ -0,0 +1,9 @@
+helmDefaults:
+ createNamespace: false
+releases:
+ - name: nyxui
+ chart: ./nyxui
+ namespace: {{ requiredEnv "KUBE_NAMESPACE" }}
+ installed: true
+ values:
+ - ./values-yaml.gotmpl
diff --git a/k8s/front-deployment.yaml b/k8s/front-deployment.yaml
index 732a71f8c25d341ca2980bd0a6d0b75b7209433a..6cdee87c1596605c2b807c2f750e789a7403b48f 100644
--- a/k8s/front-deployment.yaml
+++ b/k8s/front-deployment.yaml
@@ -18,6 +18,15 @@ spec:
containers:
- name: $APP_NAME
image: $FQ_IMAGE_NAME
+ resources:
+ limits:
+ cpu: "2"
+ ephemeral-storage: 1Gi
+ memory: 4Gi
+ requests:
+ cpu: "2"
+ ephemeral-storage: 1Gi
+ memory: 4Gi
ports:
- name: http
containerPort: 8080
@@ -26,4 +35,4 @@ spec:
allowPrivilegeEscalation: false
capabilities:
drop:
- - ALL
+ - ALL
\ No newline at end of file
diff --git a/nyxui/templates/_helpers.tpl b/nyxui/templates/_helpers.tpl
index 125531c06952395d6ab6f6de924551ec54a8e226..773eca2628ab1c5458380f1ef95ba5b858c9d6b8 100644
--- a/nyxui/templates/_helpers.tpl
+++ b/nyxui/templates/_helpers.tpl
@@ -55,7 +55,7 @@ Create the name of the service account to use
*/}}
{{- define "nyxui.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
-{{- default (include "nyxui.fullname" .) .Values.serviceAccount.name }}
+{{- default (include "nyxui.name" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
diff --git a/nyxui/templates/deployment-front.yaml b/nyxui/templates/deployment-front.yaml
index 7c126b79d441b5df3844bf0446912f85500e0bf0..0085804d1dc5f8ebaae87de93b4055313f33e136 100644
--- a/nyxui/templates/deployment-front.yaml
+++ b/nyxui/templates/deployment-front.yaml
@@ -1,7 +1,7 @@
apiVersion: apps/v1
kind: Deployment
metadata:
- name: {{ include "nyxui.fullname" . }}
+ name: {{ include "nyxui.name" . }}
labels:
{{- include "nyxui.labels" . | nindent 4 }}
spec:
diff --git a/nyxui/templates/hpa.yaml b/nyxui/templates/hpa.yaml
index 0b7c7d49f87fe8fd7016978b77e9c127014479f6..4835fd88cad216fbe50d2a03bb75e61ad12b4004 100644
--- a/nyxui/templates/hpa.yaml
+++ b/nyxui/templates/hpa.yaml
@@ -2,14 +2,14 @@
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
- name: {{ include "nyxui.fullname" . }}
+ name: {{ include "nyxui.name" . }}
labels:
{{- include "nyxui.labels" . | nindent 4 }}
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
- name: {{ include "nyxui.fullname" . }}
+ name: {{ include "nyxui.name" . }}
minReplicas: {{ .Values.autoscaling.minReplicas }}
maxReplicas: {{ .Values.autoscaling.maxReplicas }}
metrics:
diff --git a/nyxui/templates/ingress.yaml b/nyxui/templates/ingress.yaml
index 1e8b4d4a3bc20a71199d72e290a8e9f860e5891a..6a2749ed80aaa8c139287b18ab85ee31ec62f117 100644
--- a/nyxui/templates/ingress.yaml
+++ b/nyxui/templates/ingress.yaml
@@ -1,5 +1,5 @@
{{- if .Values.ingress.enabled -}}
-{{- $fullName := include "nyxui.fullname" . -}}
+{{- $fullName := include "nyxui.name" . -}}
{{- $svcPort := .Values.service.port -}}
{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
{{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
@@ -15,9 +15,9 @@ apiVersion: extensions/v1beta1
{{- end }}
kind: Ingress
metadata:
- name: {{ $fullName }}
+ name: {{ .Values.ingress.name }}
labels:
- {{- include "nyxui.labels" . | nindent 4 }}
+ app: {{ .Values.ingress.name }}
{{- with .Values.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
@@ -49,11 +49,11 @@ spec:
backend:
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
service:
- name: {{ $fullName }}
+ name: {{ $fullName }}-front
port:
number: {{ $svcPort }}
{{- else }}
- serviceName: {{ $fullName }}
+ serviceName: {{ $fullName }}-front
servicePort: {{ $svcPort }}
{{- end }}
{{- end }}
diff --git a/nyxui/templates/service.yaml b/nyxui/templates/service.yaml
index f27ec2454928759ba141fe06387524388aa2d759..60862517ccbf08121aa79a056685be0af95c2916 100644
--- a/nyxui/templates/service.yaml
+++ b/nyxui/templates/service.yaml
@@ -1,7 +1,7 @@
apiVersion: v1
kind: Service
metadata:
- name: {{ include "nyxui.fullname" . }}
+ name: {{ include "nyxui.name" . }}
labels:
{{- include "nyxui.labels" . | nindent 4 }}
spec:
diff --git a/nyxui/templates/tests/test-connection.yaml b/nyxui/templates/tests/test-connection.yaml
index 94ce042f9f0e6e3dcdd04a233f37ad3c3bc89e07..99f08c826cfd767d9c6a9d6ae55eb82ad93f205a 100644
--- a/nyxui/templates/tests/test-connection.yaml
+++ b/nyxui/templates/tests/test-connection.yaml
@@ -1,7 +1,7 @@
apiVersion: v1
kind: Pod
metadata:
- name: "{{ include "nyxui.fullname" . }}-test-connection"
+ name: "{{ include "nyxui.name" . }}-test-connection"
labels:
{{- include "nyxui.labels" . | nindent 4 }}
annotations:
@@ -11,5 +11,5 @@ spec:
- name: wget
image: busybox
command: ['wget']
- args: ['{{ include "nyxui.fullname" . }}:{{ .Values.service.port }}']
+ args: ['{{ include "nyxui.name" . }}:{{ .Values.service.port }}']
restartPolicy: Never
diff --git a/nyxui/values.yaml b/nyxui/values.yaml
index 0a56e70df5fd29d2617cff6b1e0a7316cef3fbaf..71c9bc07c3119286a913e8c18a0d0befbe76f8a8 100644
--- a/nyxui/values.yaml
+++ b/nyxui/values.yaml
@@ -49,12 +49,14 @@ service:
ingress:
enabled: true
- className: ""
+ className: internal
+ name: nyxui
annotations:
- kubernetes.io/ingress.class: internal
- # kubernetes.io/tls-acme: "true"
+ meta.helm.sh/release-name: nyxui
+ meta.helm.sh/release-namespace: nyxui-dev
+ nginx.ingress.kubernetes.io/proxy-body-size: "0"
hosts:
- - host: nyx.pasteur.cloud
+ - host: nyx.dev.pasteur.cloud
paths:
- path: /
pathType: Prefix
@@ -63,17 +65,15 @@ ingress:
# hosts:
# - chart-example.local
-resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
+resources:
+ limits:
+ cpu: "2"
+ memory: 4Gi
+ ephemeral-storage: 1Gi
+ requests:
+ cpu: "2"
+ memory: 4Gi
+ ephemeral-storage: 1Gi
autoscaling:
enabled: false
diff --git a/values-yaml.gotmpl b/values-yaml.gotmpl
new file mode 100644
index 0000000000000000000000000000000000000000..dcd9efadd04e8a49bd6f38651e5385657e315a7b
--- /dev/null
+++ b/values-yaml.gotmpl
@@ -0,0 +1,102 @@
+# Default values for nyxui.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+front:
+ image:
+ repository: {{ requiredEnv "IMAGE_URL" }}
+ pullPolicy: IfNotPresent
+ # Overrides the image tag whose default is the chart appVersion.
+ tag: ""
+ service:
+ targetPort: {{ requiredEnv "SERVICE_TARGET_PORT" }}
+
+imagePullSecrets:
+ - name: {{ requiredEnv "IMAGE_SECRETS" }}
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+ # Specifies whether a service account should be created
+ create: true
+ # Automatically mount a ServiceAccount's API credentials?
+ automount: true
+ # Annotations to add to the service account
+ annotations: {}
+ # The name of the service account to use.
+ # If not set and create is true, a name is generated using the fullname template
+ name: ""
+
+podAnnotations: {}
+podLabels: {}
+
+podSecurityContext: {}
+ # fsGroup: 2000
+
+securityContext: {}
+ # capabilities:
+ # drop:
+ # - ALL
+ # readOnlyRootFilesystem: true
+ # runAsNonRoot: true
+ # runAsUser: 1000
+
+service:
+ type: ClusterIP
+ port: {{ requiredEnv "SERVICE_PORT" }}
+
+ingress:
+ enabled: true
+ name: nyxui
+ className: {{ requiredEnv "INGRESS_CLASS" }}
+ annotations:
+ meta.helm.sh/release-name: {{ requiredEnv "INGRESS_CLASS" }}
+ meta.helm.sh/release-namespace: {{ requiredEnv "KUBE_NAMESPACE" }}
+ nginx.ingress.kubernetes.io/proxy-body-size: "0"
+ hosts:
+ - host: {{ requiredEnv "INGRESS_URL" }}
+ paths:
+ - path: /
+ pathType: Prefix
+ tls: []
+ # - secretName: chart-example-tls
+ # hosts:
+ # - chart-example.local
+
+resources:
+ limits:
+ cpu: {{ requiredEnv "LIMITS_CPU" }}
+ memory: {{ requiredEnv "LIMITS_MEMORY" }}
+ ephemeral-storage: {{ requiredEnv "LIMITS_STORAGE" }}
+ requests:
+ cpu: {{ requiredEnv "LIMITS_CPU" }}
+ memory: {{ requiredEnv "LIMITS_MEMORY" }}
+ ephemeral-storage: {{ requiredEnv "LIMITS_STORAGE" }}
+
+autoscaling:
+ enabled: false
+ minReplicas: 1
+ maxReplicas: 1
+ targetCPUUtilizationPercentage: 80
+ # targetMemoryUtilizationPercentage: 80
+
+# Additional volumes on the output Deployment definition.
+volumes: []
+# - name: foo
+# secret:
+# secretName: mysecret
+# optional: false
+
+# Additional volumeMounts on the output Deployment definition.
+volumeMounts: []
+# - name: foo
+# mountPath: "/etc/foo"
+# readOnly: true
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}