diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index b21480d..fff2691 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1 +1 @@ -.github/** @dannielshalev @eladso @ilchemla @it-uveye +.github/** @dannielshalev @eladso @stav-uveye @it-uveye diff --git a/helm/.helmignore b/helm/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/helm/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/Chart.yaml b/helm/Chart.yaml new file mode 100644 index 0000000..ee40f7e --- /dev/null +++ b/helm/Chart.yaml @@ -0,0 +1,6 @@ +apiVersion: v2 +name: uv-portal-desktop +description: A Helm chart for Kubernetes +type: application +version: 0.0.1 +appVersion: "0.0.1" diff --git a/helm/templates/NOTES.txt b/helm/templates/NOTES.txt new file mode 100644 index 0000000..7d790da --- /dev/null +++ b/helm/templates/NOTES.txt @@ -0,0 +1 @@ +1. Get the application URL by running these commands: diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl new file mode 100644 index 0000000..d91acb7 --- /dev/null +++ b/helm/templates/_helpers.tpl @@ -0,0 +1,71 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "uv-portal-desktop.name" -}} +uv-portal-desktop +{{- end }} + +{{- define "uv-portal-desktop.db.name" -}} +uvportal-postgres +{{- end }} + +{{- define "uv-portal-desktop.namespace" -}} + {{- default .Release.Namespace .Values.namespace -}} +{{- end }} + +{{- define "uv-portal-desktop.matchLabels" -}} +k8s-app: {{ include "uv-portal-desktop.name" . }} +app.kubernetes.io/name: {{ include "uv-portal-desktop.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end -}} + +{{- define "uv-portal-desktop.common.metaLabels" -}} +app.kubernetes.io/version: {{ .Chart.AppVersion }} +helm.sh/chart: {{ include "uv-portal-desktop.chart" . }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +app.kubernetes.io/part-of: {{ include "uv-portal-desktop.name" . }} +{{- with .Values.commonMetaLabels}} +{{ toYaml . }} +{{- end }} +{{- end -}} + +{{- define "uv-portal-desktop.labels" -}} +{{ include "uv-portal-desktop.matchLabels" . }} +{{ include "uv-portal-desktop.common.metaLabels" . }} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "uv-portal-desktop.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "uv-portal-desktop.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "uv-portal-desktop.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "uv-portal-desktop.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/templates/cm.yaml b/helm/templates/cm.yaml new file mode 100644 index 0000000..692ab21 --- /dev/null +++ b/helm/templates/cm.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + {{- include "uv-portal-desktop.labels" . | nindent 4 }} + name: system-consts + namespace: {{ include "uv-portal-desktop.namespace" . }} +data: +{{- .Values.systemConsts.configMapData | toYaml | nindent 2 }} diff --git a/helm/templates/deploy.yaml b/helm/templates/deploy.yaml new file mode 100644 index 0000000..f22413e --- /dev/null +++ b/helm/templates/deploy.yaml @@ -0,0 +1,87 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + {{- include "uv-portal-desktop.labels" . | nindent 4 }} + {{- if .Values.labels }} + {{ toYaml .Values.labels | nindent 4 }} + {{- end}} + name: {{ include "uv-portal-desktop.name" . }} + namespace: {{ include "uv-portal-desktop.namespace" . }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + {{- include "uv-portal-desktop.matchLabels" . | nindent 6 }} + serviceName: {{ include "uv-portal-desktop.name" . }} + template: + metadata: + labels: + {{- include "uv-portal-desktop.matchLabels" . | nindent 8 }} + name: {{ include "uv-portal-desktop.name" . }} + spec: + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + hostAliases: + - ip: 10.43.100.100 + hostnames: + - uvportal.uveye.local + containers: + - name: {{ include "uv-portal-desktop.name" . }} + ports: + - containerPort: 5900 + name: vnc + - containerPort: 6080 + name: http + env: + {{- toYaml .Values.env | nindent 10 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: IfNotPresent + {{- with .Values.livenessProbe }} + livenessProbe: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.readinessProbe }} + readinessProbe: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + volumeMounts: + - name: x11-unix + mountPath: /tmp/.X11-unix + - name: x11-xkb + mountPath: /usr/share/X11/xkb + - name: xserver + mountPath: /root/.Xauthority + - name: {{ include "uv-portal-desktop.name" . }} + mountPath: /etc/supervisor/conf.d/ + - name: cache-volume + mountPath: /dev/shm + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccount: {{ include "uv-portal-desktop.name" . }} + volumes: + - name: x11-unix + hostPath: + path: /tmp/.X11-unix + - name: x11-xkb + hostPath: + path: /usr/share/X11/xkb + - configMap: + name: {{ include "uv-portal-desktop.name" . }} + name: {{ include "uv-portal-desktop.name" . }} + - name: xserver + hostPath: + path: /home/uvadmin/.Xauthority + type: File + - name: cache-volume + emptyDir: + medium: Memory + sizeLimit: 512Mi diff --git a/helm/templates/svc.yaml b/helm/templates/svc.yaml new file mode 100644 index 0000000..7b2dd9b --- /dev/null +++ b/helm/templates/svc.yaml @@ -0,0 +1,29 @@ +{{- if .Values.service.enabled -}} +apiVersion: v1 +kind: Service +metadata: +{{- if .Values.service.annotations }} + annotations: +{{ toYaml .Values.service.annotations | indent 4 }} +{{- end }} + labels: + {{- include "uv-portal-desktop.labels" . | nindent 4 }} +{{- if .Values.service.labels }} +{{ toYaml .Values.service.labels | indent 4 }} +{{- end }} + name: {{ include "uv-portal-desktop.name" . }} + namespace: {{ include "uv-portal-desktop.namespace" . }} +spec: + ports: + - name: http + port: 30080 + nodePort: 30080 + targetPort: http + - name: vnc + port: 5900 + nodePort: 30590 + targetPort: vnc + selector: + {{- include "uv-portal-desktop.matchLabels" . | nindent 4 }} + type: "{{ .Values.service.type }}" +{{- end -}} diff --git a/helm/values.yaml b/helm/values.yaml new file mode 100644 index 0000000..eb662c2 --- /dev/null +++ b/helm/values.yaml @@ -0,0 +1,118 @@ +replicaCount: 1 + +imagePullSecrets: + - name: regcred + +image: + repository: 230690759643.dkr.ecr.eu-west-1.amazonaws.com/vnc-desktop + tag: '' + +namespace: uveye + +resources: + limits: + memory: 4096Mi + cpu: "2" + requests: + memory: 512Mi + cpu: "0.4" + +affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node-role.kubernetes.io/master + operator: In + values: + - "true" + +service: + enabled: true + type: LoadBalancer + +env: + - name: USER + value: uvdesk + - name: VNC_PASSWORD + valueFrom: + secretKeyRef: + name: secrets-uv-portal-vnc-desktop + key: password + - name: HTTP_PASSWORD + valueFrom: + secretKeyRef: + name: secrets-uv-portal-vnc-desktop + key: password + - name: PASSWORD + valueFrom: + secretKeyRef: + name: secrets-uv-portal-vnc-desktop + key: password + - name: DISPLAY + value: ":1.0" + +livenessProbe: {} +readinessProbe: {} + +systemConsts: + configMapData: + supervisord.conf: |- + [supervisord] + redirect_stderr=true + stopsignal=QUIT + autorestart=true + directory=/root + # + [program:nginx] + priority=10 + command=nginx -c /etc/nginx/nginx.conf -g 'daemon off;' + # + [program:web] + priority=10 + directory=/usr/local/lib/web/backend + command=/usr/local/lib/web/backend/run.py + stdout_logfile=/dev/fd/1 + stdout_logfile_maxbytes=0 + stderr_logfile=/dev/fd/1 + stderr_logfile_maxbytes=0 + # + # + [group:x] + programs=xvfb,wm,lxpanel,pcmanfm,x11vnc,novnc + # + [program:wm] + priority=15 + command=/usr/bin/openbox + environment=DISPLAY=":1",HOME="/root",USER="root" + # + [program:lxpanel] + priority=15 + directory=/home/uvdesk + command=/usr/bin/lxpanel --profile LXDE + user=uvdesk + environment=DISPLAY=":1",HOME="/home/uvdesk",USER="uvdesk" + # + [program:pcmanfm] + priority=15 + directory=/home/uvdesk + command=/usr/bin/pcmanfm --desktop --profile LXDE + user=uvdesk + environment=DISPLAY=":1",HOME="/home/uvdesk",USER="uvdesk" + # + [program:xvfb] + priority=10 + command=/usr/local/bin/xvfb.sh + stopsignal=KILL + # + [program:x11vnc] + priority=20 + command=x11vnc -display :1 -xkb -forever -shared -repeat -capslock -rfbauth /.password2 + # + [program:novnc] + priority=25 + directory=/usr/local/lib/web/frontend/static/novnc + command=bash /usr/local/lib/web/frontend/static/novnc/utils/launch.sh --listen 6081 + stopasgroup=true + # +