From 5bad2311175db6413040be3bf2c8a520605c064e Mon Sep 17 00:00:00 2001 From: Stavros Kois <47820033+stavros-k@users.noreply.github.com> Date: Mon, 11 Jul 2022 12:40:49 +0300 Subject: [PATCH] feat(solr): add solr as dep (#3120) * feat(solr): add solr as dep * it would be nice if i don't try to healtcheck my local machien * fix user and probe * rofs false * runas root * also try group 0 instead * runas * hmm * bin * whoops * 1001 user * check probe * test again * fix UI * add opts * add note * bump common dep * Update charts/dependency/solr/Chart.yaml --- charts/dependency/solr/Chart.yaml | 30 ++ charts/dependency/solr/questions.yaml | 274 +++++++++++++++++++ charts/dependency/solr/templates/common.yaml | 2 + charts/dependency/solr/values.yaml | 137 ++++++++++ 4 files changed, 443 insertions(+) create mode 100644 charts/dependency/solr/Chart.yaml create mode 100644 charts/dependency/solr/questions.yaml create mode 100644 charts/dependency/solr/templates/common.yaml create mode 100644 charts/dependency/solr/values.yaml diff --git a/charts/dependency/solr/Chart.yaml b/charts/dependency/solr/Chart.yaml new file mode 100644 index 0000000000000..914cf6f119560 --- /dev/null +++ b/charts/dependency/solr/Chart.yaml @@ -0,0 +1,30 @@ +apiVersion: v2 +appVersion: "14.4.0" +dependencies: +- name: common + repository: https://library-charts.truecharts.org + version: 10.4.2 +deprecated: false +description: Apache Solr +home: https://github.com/truecharts/apps/tree/master/charts/dependency/solr +icon: https://truecharts.org/_static/img/appicons/solr.png +keywords: +- solr +- apache +- search +kubeVersion: '>=1.16.0-0' +maintainers: +- email: info@truecharts.org + name: TrueCharts + url: https://truecharts.org +name: solr +sources: +- https://github.com/apache/solr +- https://hub.docker.com/r/bitnami/solr/ +type: application +version: 0.0.1 +annotations: + truecharts.org/catagories: | + - search + truecharts.org/SCALE-support: "true" + truecharts.org/grade: U diff --git a/charts/dependency/solr/questions.yaml b/charts/dependency/solr/questions.yaml new file mode 100644 index 0000000000000..7bdd039735ffc --- /dev/null +++ b/charts/dependency/solr/questions.yaml @@ -0,0 +1,274 @@ +# Include{groups} +questions: + - variable: portal + group: "Container Image" + label: "Configure Portal Button" + schema: + type: dict + hidden: true + attrs: + - variable: enabled + label: "Enable" + description: "enable the portal button" + schema: + hidden: true + editable: false + type: boolean + default: false +# Include{global} + - variable: controller + group: "Controller" + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: advanced + label: "Show Advanced Controller Settings" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: type + description: "Please specify type of workload to deploy" + label: "(Advanced) Controller Type" + schema: + type: string + default: "statefulset" + required: true + enum: + - value: "deployment" + description: "Deployment" + - value: "statefulset" + description: "Statefulset" + - value: "daemonset" + description: "Daemonset" + - variable: replicas + description: "Number of desired pod replicas" + label: "Desired Replicas" + schema: + type: int + default: 1 + required: true + - variable: strategy + description: "Please specify type of workload to deploy" + label: "(Advanced) Update Strategy" + schema: + type: string + default: "RollingUpdate" + required: true + enum: + - value: "Recreate" + description: "Recreate: Kill existing pods before creating new ones" + - value: "RollingUpdate" + description: "RollingUpdate: Create new pods and then kill old ones" + - value: "OnDelete" + description: "(Legacy) OnDelete: ignore .spec.template changes" +# Include{controllerExpert} + +# Include{containerConfig} + + - variable: solrCores + group: "App Configuration" + label: "Solr Cores" + schema: + type: string + default: "testcore" + required: true + - variable: solrUsername + group: "App Configuration" + label: "Solr Admin Username" + schema: + type: string + default: "test" + required: true + - variable: solrPassword + group: "App Configuration" + label: "Solr Admin Password" + schema: + type: string + default: "" + required: true + - variable: solrOpts + group: "App Configuration" + label: "Solr Opts" + schema: + type: string + default: "" + + - variable: service + group: "Networking and Services" + label: "Configure Service(s)" + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "Main Service" + description: "The Primary service on which the healthcheck runs, often the webUI" + schema: + additional_attrs: true + type: dict + attrs: +# Include{serviceSelector} + - variable: main + label: "Main Service Port Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: "Port" + description: "This port exposes the container port on the service" + schema: + type: int + default: 8983 + required: true + - variable: advanced + label: "Show Advanced settings" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: protocol + label: "Port Type" + schema: + type: string + default: "TCP" + enum: + - value: HTTP + description: "HTTP" + - value: "HTTPS" + description: "HTTPS" + - value: TCP + description: "TCP" + - value: "UDP" + description: "UDP" + - variable: nodePort + label: "Node Port (Optional)" + description: "This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer" + schema: + type: int + min: 9000 + max: 65535 + - variable: targetPort + label: "Target Port" + description: "The internal(!) port on the container the Application runs on" + schema: + type: int + default: 8983 + + - variable: serviceexpert + group: "Networking and Services" + label: "Show Expert Config" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: hostNetwork + group: "Networking and Services" + label: "Host-Networking (Complicated)" + schema: + type: boolean + default: false + +# Include{serviceExpert} + +# Include{serviceList} + + - variable: volumeClaimTemplates + label: "Integrated Persistent Storage" + description: "Integrated Persistent Storage" + group: "Storage and Persistence" + schema: + additional_attrs: true + type: dict + attrs: + - variable: db + label: "DB Storage" + description: "Stores the old Application Database." + schema: + type: dict + hidden: true + attrs: +# Include{persistenceBasic} +# Include{persistenceAdvanced} + + +# Include{persistenceList} + +# Include{ingressList} + +# Include{security} + + - variable: advancedSecurity + label: "Show Advanced Security Settings" + group: "Security and Permissions" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: securityContext + label: "Security Context" + schema: + additional_attrs: true + type: dict + attrs: + - variable: privileged + label: "Privileged mode" + schema: + type: boolean + default: false + - variable: readOnlyRootFilesystem + label: "ReadOnly Root Filesystem" + schema: + type: boolean + default: false + - variable: allowPrivilegeEscalation + label: "Allow Privilege Escalation" + schema: + type: boolean + default: false + - variable: runAsNonRoot + label: "runAsNonRoot" + schema: + type: boolean + default: false +# Include{securityContextAdvanced} + + - variable: podSecurityContext + group: "Security and Permissions" + label: "Pod Security Context" + schema: + additional_attrs: true + type: dict + attrs: + - variable: runAsUser + label: "runAsUser" + description: "The UserID of the user running the application" + schema: + type: int + default: 1001 + - variable: runAsGroup + label: "runAsGroup" + description: "The groupID this App of the user running the application" + schema: + type: int + default: 0 + - variable: fsGroup + label: "fsGroup" + description: "The group that should own ALL storage." + schema: + type: int + default: 568 +# Include{podSecurityContextAdvanced} + +# Include{resources} + +# Include{advanced} + +# Include{addons} diff --git a/charts/dependency/solr/templates/common.yaml b/charts/dependency/solr/templates/common.yaml new file mode 100644 index 0000000000000..76759c7a0c92a --- /dev/null +++ b/charts/dependency/solr/templates/common.yaml @@ -0,0 +1,2 @@ + +{{ include "tc.common.loader.all" . }} diff --git a/charts/dependency/solr/values.yaml b/charts/dependency/solr/values.yaml new file mode 100644 index 0000000000000..878a93896e5c5 --- /dev/null +++ b/charts/dependency/solr/values.yaml @@ -0,0 +1,137 @@ +image: + repository: bitnami/solr + pullPolicy: IfNotPresent + tag: 9.0.0@sha256:16adc0e1ded3b4e1c7dec3b47c739f41cafc9088be639c18bd4aab8e8efc80fa + +controller: + # -- Set the controller type. + # Valid options are deployment, daemonset or statefulset + type: statefulset + # -- Number of desired pods + replicas: 1 + # -- Set the controller upgrade strategy + # For Deployments, valid values are Recreate (default) and RollingUpdate. + # For StatefulSets, valid values are OnDelete and RollingUpdate (default). + # DaemonSets ignore this. + strategy: RollingUpdate + rollingUpdate: + # -- Set deployment RollingUpdate max unavailable + unavailable: 1 + # -- Set deployment RollingUpdate max surge + surge: + # -- Set statefulset RollingUpdate partition + partition: + # -- ReplicaSet revision history limit + revisionHistoryLimit: 3 + +podSecurityContext: + runAsUser: 1001 + runAsGroup: 0 +securityContext: + runAsNonRoot: false + readOnlyRootFilesystem: false + +service: + main: + ports: + main: + port: 8983 + targetPort: 8983 + +volumeClaimTemplates: + db: + enabled: true + mountPath: "/bitnami/solr" + +# -- Probe configuration +# -- [[ref]](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) +# @default -- See below +probes: + # -- Liveness probe configuration + # @default -- See below + liveness: + # -- Enable the liveness probe + enabled: true + # -- Set this to `true` if you wish to specify your own livenessProbe + custom: true + # -- The spec field contains the values for the default livenessProbe. + # If you selected `custom: true`, this field holds the definition of the livenessProbe. + # @default -- See below + spec: + exec: + command: + - /bin/bash + - -ec + - | + if [ "$SOLR_ENABLE_AUTHENTICATION" == "yes" ]; then + until curl --fail --user "${SOLR_ADMIN_USERNAME}":"${SOLR_ADMIN_PASSWORD}" localhost:8983/solr/"${SOLR_CORES}"/admin/ping; do sleep 2; done + else + until curl --fail localhost:8983/solr/"${SOLR_CORES}"/admin/ping; do sleep 2; done + fi; + + # -- Redainess probe configuration + # @default -- See below + readiness: + # -- Enable the readiness probe + enabled: true + # -- Set this to `true` if you wish to specify your own readinessProbe + custom: true + # -- The spec field contains the values for the default readinessProbe. + # If you selected `custom: true`, this field holds the definition of the readinessProbe. + # @default -- See below + spec: + exec: + command: + - /bin/bash + - -ec + - | + if [ "$SOLR_ENABLE_AUTHENTICATION" == "yes" ]; then + until curl --fail --user "${SOLR_ADMIN_USERNAME}":"${SOLR_ADMIN_PASSWORD}" localhost:8983/solr/"${SOLR_CORES}"/admin/ping; do sleep 2; done + else + until curl --fail localhost:8983/solr/"${SOLR_CORES}"/admin/ping; do sleep 2; done + fi; + # -- Startup probe configuration + # @default -- See below + startup: + # -- Enable the startup probe + enabled: true + custom: true + # -- The spec field contains the values for the default livenessProbe. + # If you selected `custom: true`, this field holds the definition of the livenessProbe. + # @default -- See below + spec: + exec: + command: + - /bin/bash + - -ec + - | + if [ "$SOLR_ENABLE_AUTHENTICATION" == "yes" ]; then + until curl --fail --user "${SOLR_ADMIN_USERNAME}":"${SOLR_ADMIN_PASSWORD}" localhost:8983/solr/"${SOLR_CORES}"/admin/ping; do sleep 2; done + else + until curl --fail localhost:8983/solr/"${SOLR_CORES}"/admin/ping; do sleep 2; done + fi; + +# Currently only single core is supported, with multiple cores, probes will fail. +solrCores: "testcore" +solrEnableAuthentication: "yes" +solrUsername: "test" +solrPassword: "testpass" +# Used to pass a comma separated list of optional options like '-XX:G1HeapRegionSize=8m' +solrOpts: "" +existingSecret: "" + +secret: + credentials: + enabled: true + data: + solr-password: '{{ ( .Values.solrPassword | default "empty" ) }}' + +env: + SOLR_CORES: "{{ .Values.solrCores }}" + SOLR_ENABLE_AUTHENTICATION: "{{ .Values.solrEnableAuthentication }}" + SOLR_ADMIN_USERNAME: "{{ .Values.solrUsername }}" + SOLR_OPTS: "{{ .Values.solrOpts }}" + SOLR_ADMIN_PASSWORD: + secretKeyRef: + name: '{{ .Values.existingSecret | default ( printf "%s-credentials" ( include "tc.common.names.fullname" . ) ) }}' + key: "solr-password"