diff --git a/deploy/services/helm-charts/dss/README.md b/deploy/services/helm-charts/dss/README.md new file mode 100644 index 000000000..584cd2528 --- /dev/null +++ b/deploy/services/helm-charts/dss/README.md @@ -0,0 +1,21 @@ +# DSS Helm Chart +This [Helm Chart](https://helm.sh/) deploys the DSS and cockroachdb kubernetes resources. + +## Requirements +1. A Kubernetes cluster should be running and you should be properly authenticated. +Requirements and instructions to create a new Kubernetes cluster can be found [here](../../../infrastructure/README.md). +2. Create the certificates and apply them to the cluster using the instructions of [section 6 and 7](../../../../build/README.md) +3. Install [Helm](https://helm.sh/) version 3.11.3 or higher + +## Usage +1. Edit `values.example.yaml`. See `values.schema.json` for schema definition. (Note that the key `cockroachdb` supports all values supported by the [`cockroachdb` Chart](https://github.com/cockroachdb/helm-charts/tree/master/cockroachdb#configuration)) +2. Validate the configuration: `helm lint -f values.example.yaml .` +3. Set a RELEASE_NAME, example: `export RELEASE_NAME=dss` +4. Set the kube client context of your , example: `export KUBE_CONTEXT=gke_interuss-deploy-example_europe-west6-a_dss-dev-w6` +5. Run `helm dep update --kube-context=$KUBE_CONTEXT` +6. Install the chart: `helm install --kube-context=$KUBE_CONTEXT -f values.example.yaml $RELEASE_NAME .` + +### Update the chart +When changing the values in values.example.yaml, values.yaml, the templates or upgrading the helm chart dependencies, changes can be applied to the cluster using the following command: + +1. Run `helm upgrade --kube-context=$KUBE_CONTEXT -f values.example.yaml $RELEASE_NAME .` diff --git a/deploy/services/helm-charts/dss/values.example.yaml b/deploy/services/helm-charts/dss/values.example.yaml new file mode 100644 index 000000000..efd9a996c --- /dev/null +++ b/deploy/services/helm-charts/dss/values.example.yaml @@ -0,0 +1,44 @@ +# See values.schema.json for schema description + +cockroachdb: + # See https://github.com/cockroachdb/helm-charts/blob/master/cockroachdb/values.yaml + fullnameOverride: dss-cockroachdb + conf: + join: [] + cluster-name: interuss-example + single-node: false + locality: zone=interuss-example-google-ew1 + + statefulset: + args: + - --locality-advertise-addr=zone=interuss-example-google-ew1@$(hostname -f) + - --advertise-addr=${HOSTNAME##*-}.db.example.com + + storage: + persistentVolume: + storageClass: standard + +loadBalancers: + cockroachdbNodes: + - ip: 192.168.0.21 +# subnet: subnet-xxx # for aws only + - ip: 192.168.0.22 +# subnet: subnet-xxx # for aws only + - ip: 192.168.0.23 +# subnet: subnet-xxx # for aws only + dssGateway: + ip: 192.168.0.10 +# subnet: subnet-xxx # for aws only +# certName: arn:xxxx # for aws only + +dss: + conf: + pubKeys: + - /test-certs/auth2.pem + jwksEndpoint: '' + jwksKeyIds: [] + hostname: dss.example.com + enableScd: true + +global: + cloudProvider: aws diff --git a/deploy/services/helm-charts/dss/values.schema.json b/deploy/services/helm-charts/dss/values.schema.json new file mode 100644 index 000000000..58dcc3d3a --- /dev/null +++ b/deploy/services/helm-charts/dss/values.schema.json @@ -0,0 +1,184 @@ +{ + "$schema": "https://json-schema.org/draft-07/schema#", + "properties": { + "cockroachdb": { + "description": "Cockroach DB related configuration", + "type": "object", + "properties": { + "image": { + "type": "object", + "properties": { + "repository": { + "type": "string" + }, + "tag": { + "type": "string" + } + } + }, + "fullnameOverride": { + "description": "Name of the internal statefulset", + "type": "string" + }, + "conf": { + "type": "object", + "properties": { + "cluster-name": { + "description": "Name of CockroachDB cluster", + "type": "string" + }, + "join": { + "description": "List of already-existing CockroachDB instances. If empty, the chart will automatically discover the internal nodes. If set to join a DSS Region and other DSS instance, please add the addresses of the statefulset's pod as well.", + "type": "array", + "items": { + "type": "string" + } + }, + "locality": { + "description": "Locality attribute for this deployment. Example: zone=example", + "type": "string" + } + }, + "required": [ + "cluster-name", + "locality" + ] + }, + "statefulset": { + "type": "object", + "properties": { + "args": { + "type": "array", + "description": "Additional argument passed to the statefulset pod command. In the context of the dss deployment it requires the following arguments:\n `--locality-advertise-addr=zone=example@$(hostname -f)`\n`--advertise-addr=${HOSTNAME##*-}.db.example.com`", + "items": { + "type": "string" + }, + "additionalItems": true + } + }, + "required": [ + "args" + ] + }, + "storage": { + "type": "object", + "properties": { + "persistentVolume": { + "properties": { + "storageClass": { + "description": "Storage class depending on your cloud provider.", + "type": "string" + } + } + } + } + } + }, + "required": [ + "image", + "fullnameOverride", + "conf", + "statefulset" + ] + }, + "loadBalancers": { + "description": "Load balancers configuration", + "type": "object", + "properties": { + "cockroachdbNodes": { + "type": "array", + "items": { + "properties": { + "ip": { + "description": "Public ip or cloud resource name.", + "type": "string" + }, + "subnet": { + "description": "Optional: Subnet of the public ip for AWS only", + "type": "string" + } + }, + "required": [ + "ip" + ] + } + }, + "dssGateway": { + "type": "object", + "properties": { + "ip": { + "description": "Public ip or cloud resource name.", + "type": "string" + }, + "subnet": { + "description": "Optional: Subnet of the public ip for AWS only", + "type": "string" + }, + "certName": { + "description": "Optional: ARN of the certificate for AWS only", + "type": "string" + } + }, + "required": [ + "ip" + ] + } + } + }, + "dss": { + "type": "object", + "properties": { + "image": { + "type": "string" + }, + "conf": { + "type": "object", + "properties": { + "pubKeys": { + "type": "array", + "items": { + "type": "string" + } + }, + "jwksEndpoint": { + "type": "string" + }, + "jwksKeyIds": { + "type": "array", + "items": { + "type": "string" + } + }, + "enableScd": { + "type": "boolean" + }, + "hostname": { + "type": "string", + "description": "Public hostname of the dss. Example: dss.example.com" + } + }, + "required": ["hostname"] + } + }, + "required": ["image", "conf"] + }, + "global": { + "type": "object", + "properties": { + "cloudProvider": { + "description": "Cloud provider identifier. `aws` or `google`", + "type": "string" + } + }, + "required": ["cloudProvider"] + } + }, + "required": [ + "cockroachdb", + "loadBalancers", + "dss", + "global" + ], + "title": "Values", + "type": "object" +} \ No newline at end of file diff --git a/deploy/services/helm-charts/dss/values.yaml b/deploy/services/helm-charts/dss/values.yaml new file mode 100644 index 000000000..ea1a53e67 --- /dev/null +++ b/deploy/services/helm-charts/dss/values.yaml @@ -0,0 +1,19 @@ +# Default configuration +cockroachdb: + # See https://github.com/cockroachdb/helm-charts/blob/master/cockroachdb/values.yaml + image: + repository: cockroachdb/cockroach + tag: v21.2.7 + tls: + certs: + provided: true + nodeSecret: cockroachdb.node + clientRootSecret: cockroachdb.client.root + tlsSecret: cockroachdb.tls + selfSigner: + enabled: false + ingress: + enabled: false + +dss: + image: docker.io/interuss/dss:v0.7.0 \ No newline at end of file