Merge pull request #119 from Cingulara/develop

Updated Documentation for 0.14
Cingulara · May 16, 2020 · 3120e05 · 3120e05
2 parents 9bfcc2f + 12a7435
commit 3120e05
Show file tree

Hide file tree

Showing 10 changed files with 579 additions and 26 deletions.
diff --git a/deployments/README.md b/deployments/README.md
@@ -26,7 +26,7 @@ namespace you made in step 1 are the same!
 2. Apply the file(s), i.e. `kubectl apply -f <path-to-where-your-helm-YAML-files-are> -n <namespace-you-specified>`
 
 ## Kubernetes
-For a straight kubernetes (k8s) installation w/o helm go to the [kubernetes](./kubernetes) folder and make the namespace with the . Then deploy all the pieces locally. You may have to adjust the services based on your setup.
+For a straight kubernetes (k8s) installation w/o helm go to the [kubernetes](./kubernetes) folder and make the namespace with the `kubectl apply -f ./namespace.yaml`. Then deploy all the pieces locally. You may have to adjust the services based on your setup.
 
 ## Jaeger
 These APIs push out tracing information to Jaeger in Kubernetes. Based on https://github.com/jaegertracing/jaeger-kubernetes you need to run the below to put the Jaeger operator in place. When it is done you can run ` kubectl get service jaeger-query ` to see the URL for it. The APIs right now will fail if they do not have Jaeger specifics setup. We will in the future put an option in the helm chart to use / not use them. 
@@ -103,4 +103,4 @@ Please read up on https://docs.aws.amazon.com/eks/latest/userguide/metrics-serve
 * Run `kubectl get deployment metrics-server -n kube-system`
 
 ## Using Network Policies on EKS
-You need to look to kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/release-1.5/config/v1.5/calico.yaml as an example to enable network separation and tenant isolation. There are some starting NetworkPolicy YAML files in the OpenRMF chart. But you need something like Calico or Cilium or other CNI plugins setup on your EKS Cluster. 
+You need to look to kubectl apply -f kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/release-1.6/config/v1.6/calico.yaml as an example to enable network separation and tenant isolation. There are some starting NetworkPolicy YAML files in the OpenRMF chart. But you need something like Calico or Cilium or other CNI plugins setup on your EKS Cluster. 
diff --git a/deployments/chart/openrmf/README.md b/deployments/chart/openrmf/README.md
@@ -173,9 +173,7 @@ spec:
 ```
 
 ## Prometheus Operator
-There is a section in the Helm chart Values.yaml file that is for the Prometheus Operator available at 
-https://github.com/helm/charts/tree/master/stable/prometheus-operator and 
-https://github.com/coreos/prometheus-operator. If you use this in Kubernetes, and I highly recommend that you do,
+There is a section in the Helm chart Values.yaml file that is for the Prometheus Operator available at https://github.com/helm/charts/tree/master/stable/prometheus-operator. If you use this in Kubernetes, and I highly recommend that you do,
 you can set the "use" to true and then the matchLabels part of your Prometheus setup you have
 in your cluster can go in here to quickly match the YAML for monitoring. See the 2 URLs for more 
 information.

diff --git a/deployments/chart/openrmf/templates/nats.yaml b/deployments/chart/openrmf/templates/nats.yaml
@@ -98,7 +98,7 @@ spec:
     spec:
       containers:
       - name: openrmf-natspromexporter
-        image: synadia/prometheus-nats-exporter:latest
+        image: synadia/prometheus-nats-exporter:0.6.2
         args: ["-varz", "http://natsserver:8222"]
         ports:
         - containerPort: 7777
@@ -141,7 +141,7 @@ apiVersion: monitoring.coreos.com/v1
 kind: ServiceMonitor
 metadata:
   name: openrmf-nats-metrics
-  namespace: openrmf
+  namespace: {{.Values.namespace}}
   labels:
     app.kubernetes.io/name: openrmf
     helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version }}
@@ -161,5 +161,104 @@ spec:
     path: /metrics
   namespaceSelector:
     matchNames:
-    - openrmf
+    - {{.Values.namespace}}
 {{ end }}
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: openrmf-natsclientpromexporter
+  namespace: {{.Values.namespace}}
+  labels:
+    app.kubernetes.io/name: openrmf
+    helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version }}
+    app.kubernetes.io/component: nats-client-prometheus-exporter
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/revision: "{{ .Release.Revision }}"
+    app.kubernetes.io/version: {{ .Chart.AppVersion }}
+    app.kubernetes.io/managed-by: helm
+spec:
+  selector:
+    matchLabels:
+      run: openrmf-natsclientpromexporter
+  replicas: 1
+  strategy:
+    type: Recreate
+  template:
+    metadata:
+      labels:
+        run: openrmf-natsclientpromexporter
+    spec:
+      containers:
+      - name: openrmf-natsclientpromexporter
+        image: cingulara/nats-client-metrics:1.0.1
+        ports:
+        - containerPort: 7777
+          protocol: TCP
+        env:
+        - name: ASPNETCORE_ENVIRONMENT
+          value: Development
+        - name: ASPNETCORE_URLS
+          value: http://*:7778
+        - name: NATSMETRICSURL
+          value: http://natsserver:8222
+        resources:
+          limits:
+            memory: "250Mi"
+            cpu: "250m"
+          requests:
+            memory: "125Mi"
+            cpu: "125m"
+      restartPolicy: Always
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: openrmf-natsclientpromexporter
+  namespace: {{.Values.namespace}}
+  labels:
+    app.kubernetes.io/name: openrmf
+    helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version }}
+    app.kubernetes.io/component: openrmf-natsclientpromexporter
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/revision: "{{ .Release.Revision }}"
+    app.kubernetes.io/version: {{ .Chart.AppVersion }}
+    app.kubernetes.io/managed-by: helm
+spec:
+  ports:
+  - name: natsclientpromexporter
+    port: 7778
+    protocol: TCP
+    targetPort: 7778
+  selector:
+    run: openrmf-natsclientpromexporter
+  sessionAffinity: None
+  clusterIP: None
+{{ if .Values.useprometheusoperator }}
+---
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: openrmf-nats-client-metrics
+  namespace: {{.Values.namespace}}
+  labels:
+    app.kubernetes.io/name: openrmf
+    helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version }}
+    app.kubernetes.io/component: nats-client-metrics-1.0.1
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/revision: "{{ .Release.Revision }}"
+    app.kubernetes.io/version: {{ .Chart.AppVersion }}
+    app.kubernetes.io/managed-by: helm
+    {{ .Values.servicemonitormatchlabelname }}: {{ .Values.servicemonitormatchlabelvalue }}
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/component: openrmf-natsclientpromexporter
+  endpoints:
+  - port: natsclientpromexporter
+    interval: 15s
+    path: /metrics
+  namespaceSelector:
+    matchNames:
+    - {{.Values.namespace}}
+{{ end }}
diff --git a/deployments/chart/openrmf/templates/report-db-connection-policy.yaml b/deployments/chart/openrmf/templates/report-db-connection-policy.yaml
@@ -0,0 +1,19 @@
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  namespace: {{.Values.namespace}}
+  name: report-db-connection-policy
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/component: report-mongodb
+  ingress:
+  - ports:
+    - port: 27017
+    from:
+    - podSelector:
+        matchLabels:
+          app.kubernetes.io/component: report-nats-message-client
+    - podSelector:
+        matchLabels:
+          app.kubernetes.io/component: report-api
diff --git a/deployments/chart/openrmf/templates/report.yaml b/deployments/chart/openrmf/templates/report.yaml
@@ -0,0 +1,200 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: openrmf-report
+  namespace: {{.Values.namespace}}
+  labels:
+    app.kubernetes.io/name: openrmf
+    helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version }}
+    app.kubernetes.io/component: report-api
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/revision: "{{ .Release.Revision }}"
+    app.kubernetes.io/version: {{ .Chart.AppVersion }}
+    app.kubernetes.io/managed-by: helm
+spec:
+  selector:
+    matchLabels:
+      run: openrmf-report
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        run: openrmf-report
+    spec:
+      containers:
+      - name: openrmf-report
+        image: cingulara/openrmf-api-report:{{.Values.reportImage}}
+        ports:
+        - name: web-port
+          containerPort: 8080
+        readinessProbe:
+          tcpSocket:
+            port: web-port
+          initialDelaySeconds: 5
+          periodSeconds: 30
+        livenessProbe:
+          httpGet:
+            path: /healthz
+            port: web-port
+          initialDelaySeconds: 3
+          periodSeconds: 30
+        env:
+        - name: ASPNETCORE_ENVIRONMENT
+          value: Development
+        - name: ASPNETCORE_URLS
+          value: http://*:8080
+        - name: REPORTMONGODBCONNECTION
+          valueFrom:  
+            secretKeyRef:
+              name: reportdbsecret
+              key: appConnection
+        - name: REPORTMONGODB
+          valueFrom:  
+            secretKeyRef:
+              name: reportdbsecret
+              key: initDBName
+        - name: NATSSERVERURL
+          value: nats://natsserver:4222
+        - name: JWT-AUTHORITY
+          value: {{.Values.identityProviderURL}}/realms/{{.Values.identityProviderRealm}}
+        - name: JWT-CLIENT
+          value: {{.Values.identityProviderClientId}}
+        - name: JAEGER_AGENT_HOST
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        - name: JAEGER_AGENT_PORT
+          value: "6831"
+        - name: JAEGER_SERVICE_NAME
+          value: openrmfapi-report
+        - name: JAEGER_SAMPLER_TYPE
+          value: {{.Values.jaegerSamplerType}}
+        - name: JAEGER_SAMPLER_PARAM
+          value: "{{.Values.jaegerSamplerParam}}"
+        resources:
+          limits:
+            memory: "750Mi"
+            cpu: "500m"
+          requests:
+            memory: "250Mi"
+            cpu: "100m"
+{{/* Use this service definition and NGINX controller setup if minikube */}}
+{{ if and .Values.installType (eq .Values.installType "minikube") }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: openrmf-report
+  namespace: {{.Values.namespace}}
+  labels:
+    app.kubernetes.io/name: openrmf
+    helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version }}
+    app.kubernetes.io/component: report-api
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/revision: "{{ .Release.Revision }}"
+    app.kubernetes.io/version: {{ .Chart.AppVersion }}
+    app.kubernetes.io/managed-by: helm
+spec:
+  ports:
+  - name: http
+    port: 8080
+    protocol: TCP
+    targetPort: 8080
+  selector:
+    run: openrmf-report
+  sessionAffinity: None
+  type: {{.Values.serviceType}}
+---
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: openrmf-report-ingress
+  namespace: {{.Values.namespace}}
+  labels:
+    app.kubernetes.io/name: openrmf
+    helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version }}
+    app.kubernetes.io/component: report-api-ingress
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/revision: "{{ .Release.Revision }}"
+    app.kubernetes.io/version: {{ .Chart.AppVersion }}
+    app.kubernetes.io/managed-by: helm
+  annotations:
+    kubernetes.io/ingress.class: nginx
+    nginx.ingress.kubernetes.io/rewrite-target: /$2
+    nginx.ingress.kubernetes.io/cors-allow-methods: "GET, POST, PUT, OPTIONS"
+spec:
+  rules:
+  - host: {{.Values.dnsName}}
+    http:
+      paths:
+      - path: /report(/|$)(.*)
+        backend:
+          serviceName: openrmf-report
+          servicePort: 8080
+{{ end }}
+{{/* Use this service definition and Load Balancer type setup if AWS EKS */}}
+{{ if and .Values.installType (eq .Values.installType "awseks") }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: openrmf-report
+  namespace: {{.Values.namespace}}
+  labels:
+    app.kubernetes.io/name: openrmf
+    helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version }}
+    app.kubernetes.io/component: report-api
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/revision: "{{ .Release.Revision }}"
+    app.kubernetes.io/version: {{ .Chart.AppVersion }}
+    app.kubernetes.io/managed-by: helm
+  annotations:
+    # Note that the backend talks over HTTP.
+    service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http
+    # The ARN of your certificate.
+    service.beta.kubernetes.io/aws-load-balancer-ssl-cert: {{.Values.awsACM}}
+    # Only run SSL on the port named "https" below.
+    service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "https"
+spec:
+  ports:
+  - name: http
+    port: 80
+    protocol: TCP
+    targetPort: 8080
+  - name: https
+    port: 443
+    protocol: TCP
+    targetPort: 8080
+  selector:
+    run: openrmf-report
+  sessionAffinity: None
+  type: {{.Values.serviceTypeAWS | default "LoadBalancer"}}
+{{ end }}
+{{ if .Values.useprometheusoperator }}
+---
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: openrmf-report-api-metrics
+  namespace: {{.Values.namespace}}
+  labels:
+    app.kubernetes.io/name: openrmf
+    helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version }}
+    app.kubernetes.io/component: report-api
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/revision: "{{ .Release.Revision }}"
+    app.kubernetes.io/version: {{ .Chart.AppVersion }}
+    app.kubernetes.io/managed-by: helm
+    {{ .Values.servicemonitormatchlabelname }}: {{ .Values.servicemonitormatchlabelvalue }}
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/component: report-api
+  endpoints:
+  - port: https
+    interval: 15s
+    path: /metrics
+  namespaceSelector:
+    matchNames:
+    - {{.Values.namespace}}
+{{ end }}