RND-18206 create helm chart

helm/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

helm/Chart.yaml

@@ -0,0 +1,6 @@
+apiVersion: v2
+name: uv-portal-desktop
+description: A Helm chart for Kubernetes
+type: application
+version: 0.0.1
+appVersion: "0.0.1"

helm/templates/NOTES.txt

@@ -0,0 +1 @@
+1. Get the application URL by running these commands:

helm/templates/_helpers.tpl

@@ -0,0 +1,71 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "uv-portal-desktop.name" -}}
+uv-portal-desktop
+{{- end }}
+
+{{- define "uv-portal-desktop.db.name" -}}
+uvportal-postgres
+{{- end }}
+
+{{- define "uv-portal-desktop.namespace" -}}
+  {{- default .Release.Namespace .Values.namespace -}}
+{{- end }}
+
+{{- define "uv-portal-desktop.matchLabels" -}}
+k8s-app: {{ include "uv-portal-desktop.name" . }}
+app.kubernetes.io/name: {{ include "uv-portal-desktop.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end -}}
+
+{{- define "uv-portal-desktop.common.metaLabels" -}}
+app.kubernetes.io/version: {{ .Chart.AppVersion }}
+helm.sh/chart: {{ include "uv-portal-desktop.chart" . }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+app.kubernetes.io/part-of: {{ include "uv-portal-desktop.name" . }}
+{{- with .Values.commonMetaLabels}}
+{{ toYaml . }}
+{{- end }}
+{{- end -}}
+
+{{- define "uv-portal-desktop.labels" -}}
+{{ include "uv-portal-desktop.matchLabels" . }}
+{{ include "uv-portal-desktop.common.metaLabels" . }}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "uv-portal-desktop.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "uv-portal-desktop.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "uv-portal-desktop.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "uv-portal-desktop.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}

helm/templates/cm.yaml

@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  labels:
+    {{- include "uv-portal-desktop.labels"  . | nindent 4 }}
+  name: system-consts
+  namespace: {{ include "uv-portal-desktop.namespace" . }}
+data:
+{{- .Values.systemConsts.configMapData | toYaml | nindent 2 }}

helm/templates/deploy.yaml

@@ -0,0 +1,87 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    {{- include "uv-portal-desktop.labels" . | nindent 4 }}
+    {{- if .Values.labels }}
+    {{ toYaml .Values.labels | nindent 4 }}
+    {{- end}}
+  name: {{ include "uv-portal-desktop.name" . }}
+  namespace: {{ include "uv-portal-desktop.namespace" . }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  selector:
+    matchLabels:
+      {{- include "uv-portal-desktop.matchLabels" . | nindent 6 }}
+  serviceName: {{ include "uv-portal-desktop.name" . }}
+  template:
+    metadata:
+      labels:
+        {{- include "uv-portal-desktop.matchLabels" . | nindent 8 }}
+      name: {{ include "uv-portal-desktop.name" . }}
+    spec:
+      {{- with .Values.affinity }}
+      affinity:
+      {{- toYaml . | nindent 8 }}
+      {{- end }}
+      hostAliases:
+        - ip: 10.43.100.100
+          hostnames:
+            - uvportal.uveye.local
+      containers:
+        - name: {{ include "uv-portal-desktop.name" . }}
+          ports:
+            - containerPort: 5900
+              name: vnc
+            - containerPort: 6080
+              name: http
+          env:
+            {{- toYaml .Values.env | nindent 10 }}
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: IfNotPresent
+          {{- with .Values.livenessProbe }}
+          livenessProbe:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          {{- with .Values.readinessProbe }}
+          readinessProbe:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          {{- with .Values.resources }}
+          resources:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          volumeMounts:
+            - name: x11-unix
+              mountPath: /tmp/.X11-unix
+            - name: x11-xkb
+              mountPath: /usr/share/X11/xkb
+            - name: xserver
+              mountPath: /root/.Xauthority
+            - name: {{ include "uv-portal-desktop.name" . }}
+              mountPath: /etc/supervisor/conf.d/
+            - name: cache-volume
+              mountPath: /dev/shm
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccount: {{ include "uv-portal-desktop.name" . }}
+      volumes:
+        - name: x11-unix
+          hostPath:
+            path: /tmp/.X11-unix
+        - name: x11-xkb
+          hostPath:
+            path: /usr/share/X11/xkb
+        - configMap:
+            name: {{ include "uv-portal-desktop.name" . }}
+          name: {{ include "uv-portal-desktop.name" . }}
+        - name: xserver
+          hostPath:
+            path: /home/uvadmin/.Xauthority
+            type: File
+        - name: cache-volume
+          emptyDir:
+            medium: Memory
+            sizeLimit: 512Mi

helm/templates/svc.yaml

@@ -0,0 +1,29 @@
+{{- if .Values.service.enabled -}}
+apiVersion: v1
+kind: Service
+metadata:
+{{- if .Values.service.annotations }}
+  annotations:
+{{ toYaml .Values.service.annotations | indent 4 }}
+{{- end }}
+  labels:
+    {{- include "uv-portal-desktop.labels" . | nindent 4 }}
+{{- if .Values.service.labels }}
+{{ toYaml .Values.service.labels | indent 4 }}
+{{- end }}
+  name: {{ include "uv-portal-desktop.name" . }}
+  namespace: {{ include "uv-portal-desktop.namespace" . }}
+spec:
+  ports:
+    - name: http
+      port: 30080
+      nodePort: 30080
+      targetPort: http
+    - name: vnc
+      port: 5900
+      nodePort: 30590
+      targetPort: vnc
+  selector:
+    {{- include "uv-portal-desktop.matchLabels" . | nindent 4 }}
+  type: "{{ .Values.service.type }}"
+{{- end -}}

helm/values.yaml

@@ -0,0 +1,118 @@
+replicaCount: 1
+
+imagePullSecrets:
+  - name: regcred
+
+image:
+  repository: 230690759643.dkr.ecr.eu-west-1.amazonaws.com/vnc-desktop
+  tag: ''
+
+namespace: uveye
+
+resources:
+  limits:
+    memory: 4096Mi
+    cpu: "2"
+  requests:
+    memory: 512Mi
+    cpu: "0.4"
+    
+affinity:
+  nodeAffinity:
+    requiredDuringSchedulingIgnoredDuringExecution:
+      nodeSelectorTerms:
+        - matchExpressions:
+            - key: node-role.kubernetes.io/master
+              operator: In
+              values:
+                - "true"
+
+service:
+  enabled: true
+  type: LoadBalancer
+
+env:
+  - name: USER
+    value: uvdesk
+  - name: VNC_PASSWORD
+    valueFrom:
+      secretKeyRef:
+        name: secrets-uv-portal-vnc-desktop
+        key: password
+  - name: HTTP_PASSWORD
+    valueFrom:
+      secretKeyRef:
+        name: secrets-uv-portal-vnc-desktop
+        key: password
+  - name: PASSWORD
+    valueFrom:
+      secretKeyRef:
+        name: secrets-uv-portal-vnc-desktop
+        key: password
+  - name: DISPLAY
+    value: ":1.0"
+
+livenessProbe: {}
+readinessProbe: {}
+
+systemConsts:
+  configMapData:
+    supervisord.conf: |-
+        [supervisord]
+        redirect_stderr=true
+        stopsignal=QUIT
+        autorestart=true
+        directory=/root
+        #
+        [program:nginx]
+        priority=10
+        command=nginx -c /etc/nginx/nginx.conf -g 'daemon off;'
+        #
+        [program:web]
+        priority=10
+        directory=/usr/local/lib/web/backend
+        command=/usr/local/lib/web/backend/run.py
+        stdout_logfile=/dev/fd/1
+        stdout_logfile_maxbytes=0
+        stderr_logfile=/dev/fd/1
+        stderr_logfile_maxbytes=0
+        #
+        #
+        [group:x]
+        programs=xvfb,wm,lxpanel,pcmanfm,x11vnc,novnc
+        #
+        [program:wm]
+        priority=15
+        command=/usr/bin/openbox
+        environment=DISPLAY=":1",HOME="/root",USER="root"
+        #
+        [program:lxpanel]
+        priority=15
+        directory=/home/uvdesk
+        command=/usr/bin/lxpanel --profile LXDE
+        user=uvdesk
+        environment=DISPLAY=":1",HOME="/home/uvdesk",USER="uvdesk"
+        #
+        [program:pcmanfm]
+        priority=15
+        directory=/home/uvdesk
+        command=/usr/bin/pcmanfm --desktop --profile LXDE
+        user=uvdesk
+        environment=DISPLAY=":1",HOME="/home/uvdesk",USER="uvdesk"
+        #
+        [program:xvfb]
+        priority=10
+        command=/usr/local/bin/xvfb.sh
+        stopsignal=KILL
+        #
+        [program:x11vnc]
+        priority=20
+        command=x11vnc -display :1 -xkb -forever -shared -repeat -capslock -rfbauth /.password2
+        #
+        [program:novnc]
+        priority=25
+        directory=/usr/local/lib/web/frontend/static/novnc
+        command=bash /usr/local/lib/web/frontend/static/novnc/utils/launch.sh --listen 6081
+        stopasgroup=true
+        #
+