diff --git a/deploy.sh b/deploy.sh deleted file mode 100755 index 8cae3ad..0000000 --- a/deploy.sh +++ /dev/null @@ -1,213 +0,0 @@ -#!/bin/bash -# -# NAME -# -# deploy.sh -# -# SYNPOSIS -# -# deploy.sh [-h] -# [-O ] \ -# [-N ] \ -# [-T ] \ -# [-P ] \ -# [-S ] \ -# [up|down] -# -# DESC -# -# 'deploy.sh' script will depending on the argument deploy the pfcon set -# of services in production or tear down the system. -# -# TYPICAL CASES: -# -# Deploy pfcon services into a Swarm cluster: -# -# deploy.sh up -# -# -# Deploy pfcon services into a Kubernetes cluster: -# -# deploy.sh -O kubernetes up -# -# ARGS -# -# -# -h -# -# Optional print usage help. -# -# -O -# -# Explicitly set the orchestrator. Default is swarm. -# -# -N -# -# Explicitly set the kubernetes namespace to . Default is chris. -# Not used for swarm. -# -# -T -# -# Explicitly set the storage type for the STOREBASE dir. Default is host. -# Note: The nfs storage type is not implemented for swarm orchestrator yet. -# -# -P -# -# Set the IP address of the NFS server. Required when storage type is set to 'nfs'. -# Not used for 'host' storage type. -# -# -S -# -# Explicitly set the STOREBASE dir to . This is the remote ChRIS -# filesystem where pfcon and plugins share data (usually externally mounted NFS). -# -# [up|down] (optional, default = 'up') -# -# Denotes whether to fire up or tear down the production set of services. -# -# - - -source ./decorate.sh -source ./cparse.sh - -declare -i STEP=0 -ORCHESTRATOR=swarm -NAMESPACE=chris -STORAGE_TYPE=host -HERE=$(pwd) - -print_usage () { - echo "Usage: ./deploy.sh [-h] [-O ] [-N ] [-T ] - [-P ] [-S ] [up|down]" - exit 1 -} - -while getopts ":hO:N:T:P:S:" opt; do - case $opt in - h) print_usage - ;; - O) ORCHESTRATOR=$OPTARG - if ! [[ "$ORCHESTRATOR" =~ ^(swarm|kubernetes)$ ]]; then - echo "Invalid value for option -- O" - print_usage - fi - ;; - N) NAMESPACE=$OPTARG - ;; - T) STORAGE_TYPE=$OPTARG - if ! [[ "$STORAGE_TYPE" =~ ^(host|nfs)$ ]]; then - echo "Invalid value for option -- T" - print_usage - fi - ;; - P) NFS_SERVER=$OPTARG - ;; - S) STOREBASE=$OPTARG - ;; - \?) echo "Invalid option -- $OPTARG" - print_usage - ;; - :) echo "Option requires an argument -- $OPTARG" - print_usage - ;; - esac -done -shift $(($OPTIND - 1)) - -if [[ $STORAGE_TYPE == nfs ]]; then - if [[ $ORCHESTRATOR == swarm ]]; then - echo -e "Sorry, nfs storage type is not supported for swarm orchestrator yet" | ./boxes.sh - exit 1 - fi - if [ -z ${NFS_SERVER+x} ]; then - echo "-P (the NFS server ip address) must be specified or the shell - environment variable NFS_SERVER must be set when using nfs storage type" - print_usage - fi - if [ -z ${STOREBASE+x} ]; then - echo "-S must be specified or the shell environment variable STOREBASE - must be set when using nfs storage type" - print_usage - fi -fi - -COMMAND=up -if (( $# == 1 )) ; then - COMMAND=$1 - if ! [[ "$COMMAND" =~ ^(up|down)$ ]]; then - echo "Invalid value $COMMAND" - print_usage - fi -fi - -title -d 1 "Setting global exports..." - if [[ $STORAGE_TYPE == host ]]; then - if [ -z ${STOREBASE+x} ]; then - if [[ ! -d CHRIS_REMOTE_FS ]] ; then - mkdir CHRIS_REMOTE_FS - fi - STOREBASE=$HERE/CHRIS_REMOTE_FS - else - if [[ ! -d $STOREBASE ]] ; then - mkdir -p $STOREBASE - fi - fi - fi - echo -e "ORCHESTRATOR=$ORCHESTRATOR" | ./boxes.sh - echo -e "exporting STORAGE_TYPE=$STORAGE_TYPE" | ./boxes.sh - export STORAGE_TYPE=$STORAGE_TYPE - if [[ $STORAGE_TYPE == nfs ]]; then - echo -e "exporting NFS_SERVER=$NFS_SERVER" | ./boxes.sh - export NFS_SERVER=$NFS_SERVER - fi - echo -e "exporting STOREBASE=$STOREBASE" | ./boxes.sh - export STOREBASE=$STOREBASE - if [[ $ORCHESTRATOR == kubernetes ]]; then - echo -e "exporting NAMESPACE=$NAMESPACE" | ./boxes.sh - export NAMESPACE=$NAMESPACE - fi -windowBottom - -if [[ "$COMMAND" == 'up' ]]; then - - title -d 1 "Starting pfcon containerized prod environment on $ORCHESTRATOR" - if [[ $ORCHESTRATOR == swarm ]]; then - echo "docker stack deploy -c swarm/prod/docker-compose.yml pfcon_stack" | ./boxes.sh ${LightCyan} - docker stack deploy -c swarm/prod/docker-compose.yml pfcon_stack - elif [[ $ORCHESTRATOR == kubernetes ]]; then - echo "kubectl create namespace $NAMESPACE" | ./boxes.sh ${LightCyan} - namespace=$(kubectl get namespaces $NAMESPACE --no-headers -o custom-columns=:metadata.name 2> /dev/null) - if [ -z "$namespace" ]; then - kubectl create namespace $NAMESPACE - else - echo "$NAMESPACE namespace already exists, skipping creation" - fi - if [[ $STORAGE_TYPE == host ]]; then - echo "kubectl kustomize kubernetes/prod/overlays/host | envsubst | kubectl apply -f -" | ./boxes.sh ${LightCyan} - kubectl kustomize kubernetes/prod/overlays/host | envsubst | kubectl apply -f - - else - echo "kubectl kustomize kubernetes/prod/overlays/nfs | envsubst | kubectl apply -f -" | ./boxes.sh ${LightCyan} - kubectl kustomize kubernetes/prod/overlays/nfs | envsubst | kubectl apply -f - - fi - fi - windowBottom -fi - -if [[ "$COMMAND" == 'down' ]]; then - - title -d 1 "Destroying pfcon containerized prod environment on $ORCHESTRATOR" - if [[ $ORCHESTRATOR == swarm ]]; then - echo "docker stack rm pfcon_stack" | ./boxes.sh ${LightCyan} - docker stack rm pfcon_stack - elif [[ $ORCHESTRATOR == kubernetes ]]; then - if [[ $STORAGE_TYPE == host ]]; then - echo "kubectl kustomize kubernetes/prod/overlays/host | envsubst | kubectl delete -f -" | ./boxes.sh ${LightCyan} - kubectl kustomize kubernetes/prod/overlays/host | envsubst | kubectl delete -f - - else - echo "kubectl kustomize kubernetes/prod/overlays/nfs | envsubst | kubectl delete -f -" | ./boxes.sh ${LightCyan} - kubectl kustomize kubernetes/prod/overlays/nfs | envsubst | kubectl delete -f - - fi - fi - windowBottom -fi diff --git a/kubernetes/prod/base/kustomization.yaml b/kubernetes/prod/base/kustomization.yaml deleted file mode 100755 index 6492b2a..0000000 --- a/kubernetes/prod/base/kustomization.yaml +++ /dev/null @@ -1,20 +0,0 @@ -kind: Kustomization - -namespace: ${NAMESPACE} - -configMapGenerator: -- name: pfcon-config - env: secrets/.pfcon.env -- name: pman-config - env: secrets/.pman.env - -resources: -- resources/pfcon.yaml -- resources/pman.yaml - -vars: -- name: PMAN_SERVICE_NAME - objref: - kind: Service - name: pman - apiVersion: v1 diff --git a/kubernetes/prod/base/resources/pfcon.yaml b/kubernetes/prod/base/resources/pfcon.yaml deleted file mode 100755 index 01b86ca..0000000 --- a/kubernetes/prod/base/resources/pfcon.yaml +++ /dev/null @@ -1,64 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: pfcon - labels: - app: pfcon - env: production -spec: - type: NodePort - selector: - app: pfcon - env: production - ports: - - port: 30005 - targetPort: 30005 - nodePort: 30005 - ---- - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: pfcon - labels: - app: pfcon - env: production -spec: - replicas: 1 - selector: - matchLabels: - app: pfcon - env: production - template: - metadata: - name: pfcon - labels: - app: pfcon - env: production - spec: - initContainers: - - name: init-pfcon - image: busybox:1.32 - command: [ "sh", "-c", "until wget --spider -S -T 2 http://$(PMAN_SERVICE_NAME):5010/api/v1/ 2>&1 | grep '200 OK'; do echo waiting for pman; done" ] - containers: - - name: pfcon - image: fnndsc/pfcon - ports: - - containerPort: 30005 - env: - - name: COMPUTE_SERVICE_URL - value: http://$(PMAN_SERVICE_NAME):5010/api/v1/ - envFrom: - - configMapRef: - name: pfcon-config - command: ["gunicorn"] - args: ["-w", "5", "-b", "0.0.0.0:30005", "-t", "200", "pfcon.wsgi:application"] - volumeMounts: - - name: storebase - mountPath: "/var/local/storeBase" - # Mount a persistent volume onto pfcon's key store (shared data volume with plugins) - volumes: - - name: storebase - persistentVolumeClaim: - claimName: storebase diff --git a/kubernetes/prod/base/resources/pman.yaml b/kubernetes/prod/base/resources/pman.yaml deleted file mode 100755 index fe2e81e..0000000 --- a/kubernetes/prod/base/resources/pman.yaml +++ /dev/null @@ -1,55 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: pman - labels: - app: pman - env: production -spec: - selector: - app: pman - env: production - ports: - - port: 5010 - targetPort: 5010 - ---- - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: pman - labels: - app: pman - env: production -spec: - replicas: 1 - selector: - matchLabels: - app: pman - env: production - template: - metadata: - name: pman - labels: - app: pman - env: production - spec: - containers: - - name: pman - image: fnndsc/pman - ports: - - containerPort: 5010 - # Since pman spins off containers of its own it needs to mount storeBase dir - # (where pfcon shares the data) into the spawned container. This directory is - # passed in the STOREBASE env variable. - env: - - name: STOREBASE - value: ${STOREBASE} - - name: CONTAINER_ENV - value: kubernetes - - name: JOB_NAMESPACE - value: ${NAMESPACE} - envFrom: - - configMapRef: - name: pman-config diff --git a/kubernetes/prod/base/secrets/.pfcon.env b/kubernetes/prod/base/secrets/.pfcon.env deleted file mode 100755 index 690fad7..0000000 --- a/kubernetes/prod/base/secrets/.pfcon.env +++ /dev/null @@ -1,5 +0,0 @@ -# Compose supports declaring default environment variables in an environment file - -SECRET_KEY= -PFCON_USER= -PFCON_PASSWORD= diff --git a/kubernetes/prod/base/secrets/.pman.env b/kubernetes/prod/base/secrets/.pman.env deleted file mode 100755 index 3ecb9f9..0000000 --- a/kubernetes/prod/base/secrets/.pman.env +++ /dev/null @@ -1,3 +0,0 @@ -# Compose supports declaring default environment variables in an environment file - -SECRET_KEY= diff --git a/kubernetes/prod/overlays/host/kustomization.yaml b/kubernetes/prod/overlays/host/kustomization.yaml deleted file mode 100755 index 3d445dc..0000000 --- a/kubernetes/prod/overlays/host/kustomization.yaml +++ /dev/null @@ -1,10 +0,0 @@ -kind: Kustomization - -namespace: ${NAMESPACE} - -bases: -- ../../base - -resources: -- resources/storebase-pvc.yaml -- resources/storebase-pv.yaml diff --git a/kubernetes/prod/overlays/host/resources/storebase-pv.yaml b/kubernetes/prod/overlays/host/resources/storebase-pv.yaml deleted file mode 100755 index 820fde4..0000000 --- a/kubernetes/prod/overlays/host/resources/storebase-pv.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: storebase - labels: - volume: storebase -spec: - accessModes: - - ReadWriteOnce - capacity: - storage: 10Gi - # Mount a physical dir in the HOST onto the key store in pfcon. This dir - # is given by the STOREBASE env variable substitution. - hostPath: - path: ${STOREBASE} diff --git a/kubernetes/prod/overlays/host/resources/storebase-pvc.yaml b/kubernetes/prod/overlays/host/resources/storebase-pvc.yaml deleted file mode 100755 index ff51d11..0000000 --- a/kubernetes/prod/overlays/host/resources/storebase-pvc.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: storebase -spec: - accessModes: - - ReadWriteOnce - storageClassName: "" - resources: - requests: - storage: 10Gi - selector: - matchLabels: - volume: storebase diff --git a/kubernetes/prod/overlays/nfs/kustomization.yaml b/kubernetes/prod/overlays/nfs/kustomization.yaml deleted file mode 100755 index fa281cf..0000000 --- a/kubernetes/prod/overlays/nfs/kustomization.yaml +++ /dev/null @@ -1,13 +0,0 @@ -kind: Kustomization - -namespace: ${NAMESPACE} - -bases: -- ../../base - -resources: -- resources/storebase-pvc.yaml -- resources/storebase-pv.yaml - -patches: -- patches/pman-env.yaml diff --git a/kubernetes/prod/overlays/nfs/patches/pman-env.yaml b/kubernetes/prod/overlays/nfs/patches/pman-env.yaml deleted file mode 100755 index b9891be..0000000 --- a/kubernetes/prod/overlays/nfs/patches/pman-env.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: pman -spec: - template: - spec: - containers: - - name: pman - # NFS needs additional env variables - env: - - name: STORAGE_TYPE - value: ${STORAGE_TYPE} - - name: NFS_SERVER - value: ${NFS_SERVER} diff --git a/kubernetes/prod/overlays/nfs/resources/storebase-pv.yaml b/kubernetes/prod/overlays/nfs/resources/storebase-pv.yaml deleted file mode 100755 index 409ab9a..0000000 --- a/kubernetes/prod/overlays/nfs/resources/storebase-pv.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: storebase - labels: - volume: storebase -spec: - accessModes: - - ReadWriteMany - capacity: - storage: 10Gi - nfs: - # The key store in pfcon beacomes a path in the NFS drive - server: ${NFS_SERVER} - path: ${STOREBASE} diff --git a/kubernetes/prod/overlays/nfs/resources/storebase-pvc.yaml b/kubernetes/prod/overlays/nfs/resources/storebase-pvc.yaml deleted file mode 100755 index 2afb342..0000000 --- a/kubernetes/prod/overlays/nfs/resources/storebase-pvc.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: storebase -spec: - accessModes: - - ReadWriteMany - storageClassName: "" - resources: - requests: - storage: 10Gi - selector: - matchLabels: - volume: storebase diff --git a/openshift/README.rst b/openshift/README.rst deleted file mode 100755 index 472a2c5..0000000 --- a/openshift/README.rst +++ /dev/null @@ -1,95 +0,0 @@ -############## -Setup: -############## - -pfcon could be run with swift and local storage (using hostPath) as backend. We typically use hostPath for testing locally. - -Assuming oc cluster up has been run. - -.. code-block:: bash - - # Changes for using hostPath in container. These are not needed, if you want to use swift as backend storage. - mkdir /tmp/share # Create a directory that could be mounted in container. This is mounted as /share in container. - chcon -R -t svirt_sandbox_file_t /tmp/share/ # Change selinux label so that containers can read/write from/to directory. - sudo oc login -u system:admin - sudo oc edit scc restricted # Update allowHostDirVolumePlugin to true and runAsUser type to RunAsAny - # To set the passwords, follow the instructions in the "Setting up authorization" section. Simply editing example-config.cfg DOES NOT DO ANYTHING. - oc create -f example-secret.yml # Uses the default password ("password") - -************************* -Setting up authorization -************************* -1) Edit the configuration file: - -.. code-block:: bash - - #example-config.cfg - [AUTH TOKENS] - examplekey1 = examplepassword1 - examplekey2 = examplepassword2 - -2) Convert the configuration to base64: - -.. code-block:: bash - - cat example-config.cfg | base64 - -3) Place the output in a new file: - -.. code-block:: bash - - apiVersion: v1 - kind: Secret - metadata: - name: pfcon-config - type: Opaque - data: - pfcon_config.cfg: - -################################################################## -Swift Object Store. (Ignore this section if you are using hostDir) -################################################################## - -The OpenStack Object Store project, known as Swift, offers cloud storage software so that you can store and retrieve lots of data with a simple API. It's built for scale and optimized for durability, availability, and concurrency across the entire data set. Swift is ideal for storing unstructured data that can grow without bound. - -To enable Swift Object store option for pfcon, start pfcon with --swift-storage option (this has been already taken care of if you are using the OpenShift template available in this repo). - -.. code-block:: bash - - pfcon --forever --httpResponse --swift-storage --createDirsAsNeeded - -The pushPath and pullPath operations are same as mentioned for mounting directories method. - -The credentials file for Swift should be stored in a **secret**, mounted at /etc/swift in the pod with the name ‘swift-credentials.cfg’. It should contain the swift credentials in the following format: - - -.. code-block:: bash - - [AUTHORIZATION] - osAuthUrl = - - [SECRET] - applicationId = - applicationSecret = - - -************************************ -Creating a secret and running pfcon. -************************************ -1) Create a text file with the name swift-credentials.cfg as shown above (ignore this step if you are running locally). - - -2) Now run the following command to create a secret (ignore this step if you are running locally). - -.. code-block:: bash - - oc create secret generic swift-credentials --from-file=/swift-credentials.cfg - - -3) Run pfcon. - -.. code-block:: bash - - oc new-app openshift/pfcon-openshift-template.json # if you are using swift backend - oc new-app openshift/pfcon-openshift-template-without-swift.json # if you are using local storage - diff --git a/openshift/example-config.cfg b/openshift/example-config.cfg deleted file mode 100755 index 5e5daf6..0000000 --- a/openshift/example-config.cfg +++ /dev/null @@ -1,2 +0,0 @@ -[AUTH TOKENS] -token = password diff --git a/openshift/example-secret.yml b/openshift/example-secret.yml deleted file mode 100755 index e42e195..0000000 --- a/openshift/example-secret.yml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: pfcon-config -type: Opaque -data: - pfcon_config.cfg: W0FVVEggVE9LRU5TXQp0b2tlbiA9IHBhc3N3b3JkCg== diff --git a/openshift/pfcon-openshift-template-without-swift.json b/openshift/pfcon-openshift-template-without-swift.json deleted file mode 100755 index ae1e796..0000000 --- a/openshift/pfcon-openshift-template-without-swift.json +++ /dev/null @@ -1,166 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "name": "pfcon-openshift", - "creationTimestamp": null, - "annotations": { - "description": "Creates pfcon on OpenShift", - "tags": "" - } - }, - "objects": [{ - "apiVersion": "v1", - "kind": "DeploymentConfig", - "metadata": { - "creationTimestamp": null, - "generation": 1, - "labels": { - "app": "pfcon" - }, - "name": "pfcon" - }, - "spec": { - "replicas": 1, - "selector": { - "app": "pfcon", - "deploymentconfig": "pfcon" - }, - "strategy": { - "activeDeadlineSeconds": 21600, - "resources": {}, - "rollingParams": { - "intervalSeconds": 1, - "maxSurge": "25%", - "maxUnavailable": "25%", - "timeoutSeconds": 600, - "updatePeriodSeconds": 1 - }, - "type": "Rolling" - }, - "template": { - "metadata": { - "creationTimestamp": null, - "labels": { - "app": "pfcon", - "deploymentconfig": "pfcon" - } - }, - "spec": { - "containers": [{ - "command": [ - "/usr/bin/pfcon", - "--forever", - "--httpResponse", - "--storeBase=/share", - "--createDirsAsNeeded", - "--enableTokenAuth", - "--tokenPath=/etc/pfcon/auth/pfcon_config.cfg" - ], - "image": "fnndsc/pfcon", - "imagePullPolicy": "Always", - "name": "pfcon", - "ports": [{ - "containerPort": 5005, - "protocol": "TCP" - }], - "resources": { - "limits": { - "memory": "1024Mi", - "cpu": "2000m" - }, - "requests": { - "memory": "150Mi", - "cpu": "250m" - } - }, - "terminationMessagePath": "/dev/termination-log", - "volumeMounts": [{ - "name": "shared-volume", - "mountPath": "/share" - }, - { - "name": "pfcon-config", - "mountPath": "/etc/pfcon/auth", - "read-only": "true" - } - ] - }], - "dnsPolicy": "ClusterFirst", - "restartPolicy": "Always", - "terminationGracePeriodSeconds": 30, - "volumes": [{ - "name": "shared-volume", - "hostPath": { - "path": "/tmp/share" - } - }, - { - "name": "pfcon-config", - "secret":{ - "secretName": "pfcon-config" - } - }] - } - }, - "test": false, - "triggers": [{ - "type": "ConfigChange" - }] - } - }, - { - "apiVersion": "v1", - "kind": "Service", - "metadata": { - "creationTimestamp": null, - "labels": { - "app": "pfcon" - }, - "name": "pfcon" - }, - "spec": { - "ports": [{ - "name": "5005-tcp", - "port": 5005, - "protocol": "TCP", - "targetPort": 5005 - }], - "selector": { - "app": "pfcon", - "deploymentconfig": "pfcon" - }, - "sessionAffinity": "None", - "type": "ClusterIP" - } - }, - { - "apiVersion": "v1", - "kind": "Route", - "metadata": { - "annotations": { - "openshift.io/host.generated": "true" - }, - "creationTimestamp": null, - "name": "pfcon" - }, - "spec": { - "port": { - "targetPort": "5005-tcp" - }, - "to": { - "kind": "Service", - "name": "pfcon", - "weight": 100 - }, - "wildcardPolicy": "None" - } - } - ], - "parameters": [ - - ], - "labels": { - "template": "application-template-pfcon-openshift" - } -} diff --git a/openshift/pfcon-openshift-template.json b/openshift/pfcon-openshift-template.json deleted file mode 100755 index 9bef333..0000000 --- a/openshift/pfcon-openshift-template.json +++ /dev/null @@ -1,189 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "name": "pfcon-openshift", - "annotations": { - "description": "Creates pfcon on OpenShift", - "tags": "" - } - }, - "objects": [{ - "apiVersion": "v1", - "kind": "DeploymentConfig", - "metadata": { - "labels": { - "app": "pfcon" - }, - "name": "pfcon" - }, - "spec": { - "replicas": 1, - "selector": { - "app": "pfcon", - "deploymentconfig": "pfcon" - }, - "strategy": { - "activeDeadlineSeconds": 21600, - "resources": {}, - "rollingParams": { - "maxSurge": "25%", - "maxUnavailable": "25%", - "timeoutSeconds": 600 - }, - "type": "Rolling" - }, - "template": { - "metadata": { - "labels": { - "app": "pfcon", - "deploymentconfig": "pfcon" - } - }, - "spec": { - "containers": [{ - "command": [ - "/usr/local/bin/pfcon", - "--verbosity=5", - "--port=5005" - ], - "image": "ghcr.io/sandip117/pfcon:flask", - "imagePullPolicy": "Always", - "name": "pfcon", - "ports": [{ - "containerPort": 5005, - "protocol": "TCP" - }], - "resources": { - "limits": { - "memory": "1024Mi", - "cpu": "2000m" - }, - "requests": { - "memory": "150Mi", - "cpu": "250m" - } - }, - "terminationMessagePath": "/dev/termination-log", - "volumeMounts": [{ - "name": "kubecfg-volume", - "mountPath": "/tmp/.kube/", - "readOnly": true - }, - { - "name": "gluster-vol1", - "mountPath": "/tmp" - }, - { - "mountPath": "/etc/swift", - "name": "swift-credentials", - "readOnly": true - }, - { - "mountPath": "/local", - "name": "local-volume" - } - ], - "env": [{ - "name": "KUBECFG_PATH", - "value": "/tmp/.kube/config" - }, - { - "name": "OPENSHIFTMGR_PROJECT", - "value": "test-moc" - }, - { - "name": "COMPUTE_SERVICE_URL", - "value": "http://pman-test-moc.k-apps.osh.massopen.cloud/api/v1/" - }, - { - "name": "STORAGE_ENV", - "value": "swift" - }, - { - "name":"APPLICATION_MODE", - "value":"local" - } - ] - - }], - "dnsPolicy": "ClusterFirst", - "restartPolicy": "Always", - "terminationGracePeriodSeconds": 30, - "volumes": [{ - "name": "kubecfg-volume", - "secret": { - "secretName": "kubecfg" - } - }, - { - "name": "gluster-vol1", - "persistentVolumeClaim": { - "claimName": "gluster1" - } - }, - { - "name": "swift-credentials", - "secret": { - "defaultMode": 420, - "secretName": "swift-credentials" - } - }, - { - "name": "local-volume", - "emptyDir": {} - } - ] - - } - }, - "test": false, - "triggers": [{ - "type": "ConfigChange" - }] - } - }, - { - "apiVersion": "v1", - "kind": "Service", - "metadata": { - "labels": { - "app": "pfcon" - }, - "name": "pfcon" - }, - "spec": { - "ports": [{ - "name": "5005-tcp", - "port": 5005, - "protocol": "TCP", - "targetPort": 5005 - }], - "selector": { - "app": "pfcon", - "deploymentconfig": "pfcon" - } - } - }, - { - "apiVersion": "v1", - "kind": "Route", - "metadata": { - "name": "pfcon" - }, - "spec": { - "port": { - "targetPort": "5005-tcp" - }, - "to": { - "kind": "Service", - "name": "pfcon", - "weight": 100 - } - } - } - ], - "labels": { - "template": "application-template-pfcon-openshift" - } -} diff --git a/swarm/prod/docker-compose.yml b/swarm/prod/docker-compose.yml deleted file mode 100755 index dbcd0d9..0000000 --- a/swarm/prod/docker-compose.yml +++ /dev/null @@ -1,63 +0,0 @@ -# https://docs.docker.com/compose/yml/ -# Each service defined in docker-compose.yml must specify exactly one of -# image or build. Other keys are optional, and are analogous to their -# docker run command-line counterparts. -# -# As with docker run, options specified in the Dockerfile (e.g., CMD, -# EXPOSE, VOLUME, ENV) are respected by default - you don't need to -# specify them again in docker-compose.yml. -# - -version: '3.7' - -services: - pfcon: - image: fnndsc/pfcon - environment: - - COMPUTE_SERVICE_URL=http://pman:5010/api/v1/ - env_file: - - secrets/.pfcon.env - # We need to mount a physical dir in the HOST onto the key store in pfcon. This dir - # is given by the STOREBASE env variable substitution. - volumes: - - ${STOREBASE:?}:/var/local/storeBase - ports: - - "30005:30005" - command: ["gunicorn", "-w", "5", "-b", "0.0.0.0:30005", "-t", "200", "pfcon.wsgi:application"] - depends_on: - - pman - deploy: - restart_policy: - condition: on-failure - networks: - - remote - labels: - name: "pfcon" - role: "pfcon service" - - pman: - image: fnndsc/pman - # Since pman spins off containers of its own it needs to mount storeBase dir (where - # pfcon shares the data) into the spawned container. This directory is passed in the - # STOREBASE env variable. - environment: - - STOREBASE - - CONTAINER_ENV=swarm - env_file: - - secrets/.pman.env - volumes: - - /var/run/docker.sock:/var/run/docker.sock - deploy: - restart_policy: - condition: on-failure - placement: - constraints: - - "node.role==manager" - networks: - - remote - labels: - name: "pman" - role: "pman service" - -networks: - remote: diff --git a/swarm/prod/secrets/.pfcon.env b/swarm/prod/secrets/.pfcon.env deleted file mode 100755 index 690fad7..0000000 --- a/swarm/prod/secrets/.pfcon.env +++ /dev/null @@ -1,5 +0,0 @@ -# Compose supports declaring default environment variables in an environment file - -SECRET_KEY= -PFCON_USER= -PFCON_PASSWORD= diff --git a/swarm/prod/secrets/.pman.env b/swarm/prod/secrets/.pman.env deleted file mode 100755 index 3ecb9f9..0000000 --- a/swarm/prod/secrets/.pman.env +++ /dev/null @@ -1,3 +0,0 @@ -# Compose supports declaring default environment variables in an environment file - -SECRET_KEY=