-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathREADME.md.gotmpl
160 lines (137 loc) · 4.78 KB
/
README.md.gotmpl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
# CTFd Helm Chart
{{ template "chart.badgesSection" . }}
[](https://github.com/ScribblerCoder/CTFd-Helm/actions/workflows/helm-lint-test.yaml)
This is a Helm chart for deploying CTFd on Kubernetes. It deploys the official [CTFd Docker image](ghcr.io/ctfd/ctfd). HA and Autoscaling + MariaDB + Redis + S3 Storage. Also supports using external MariaDB/Redis/S3.
## Add the helm repo
```bash
helm repo add ctfd https://scribblercoder.github.io/CTFd-Helm
```
## Install
```bash
helm install ctfd ctfd/ctfd
# OR
helm install ctfd ctfd/ctfd -f values.yaml
```
## Install from source
Build helm dependencies (MariaDB/Redis/SeaweedFS) before installing the chart.
```bash
helm dependency update
```
Set the values in `values.yaml` to your desired configuration. Then install
```bash
helm install release-name . -f values.yaml --create-namespace --namespace ctfd
```
## Uninstall
```bash
helm uninstall release-name --namespace ctfd
```
## Info
- CTFd `SECRET_KEY` is automatically generated during installation/upgrade. You can find it in the secret `release-name-ctfd-secret-key`. This secret is injected as environment variable in all CTFd pods.
- Redis in this chart uses single master with multiple workers.
- This chart deploys SeaweedFS S3 as an uploadprovider. You can use AWS S3 or any other external S3 compatible storage as an upload provider. Just set `seaweedfs.enabled` to `false` and configure the external S3 provider in `ctfd.uploadprovider.s3`.
- This chart intentionally refrains from supporting `filesystem` uploadprovider. This needs `ReadWriteMany` PVCs which are expensive in cloud providers and not recommended for production use. S3 is fast and cheap.
## Values examples
### Deploy Bitnami MariaDB/Redis and SeaweedFS S3
```yaml
ctfd:
image:
tag: "latest"
autoscaling:
enabled: true
minReplicas: 2
maxReplicas: 10
mariadb:
enabled: true
architecture: standalone
primary:
size: 2Gi
redis:
enabled: true
seaweedfs:
enabled: true
s3:
enabled: true
```
### Configure your own external DB/Redis/S3
```yaml
ctfd:
image:
tag: "latest"
autoscaling:
enabled: true
minReplicas: 2
maxReplicas: 10
uploadprovider:
s3:
bucket: ""
endpoint_url: ""
secret_access_key: ""
access_key_id: ""
mariadb:
enabled: false
external:
port: 3306
host: ""
username: ""
password: ""
database: ""
redis:
enabled: false
external:
port: 6379
host: ""
username: ""
password: ""
seaweedfs:
enabled: false
```
### Disable CTFd autoscaling
```yaml
ctfd:
image:
tag: "latest"
replicas: 2
autoscaling:
enabled: false
resources:
limits:
cpu: "2"
memory: 2Gi
requests:
cpu: "1"
memory: 1Gi
```
## Features
- [x] HA and horizontal autoscaling with CPU and memory metrics
- [x] Configurable CPU/memory requests and limits
- [x] Deploys bitnami Redis, bitnami MariaDB and SeaweedFS S3 as Helm dependencies
- [X] Option to use AWS S3 or any other external S3 compatible storage as an upload provider
- [x] Option to use external Redis and MariaDB (e.g., AWS RDS, ElastiCache)
- [x] Customizable CTFd configuration
- [x] Adjustable configurations for Redis and MariaDB
- [x] Integration with external storage as upload provider (AWS S3 or SeaweedFS or any S3 compatible storage)
- [x] Liveness and Readiness checks
- [x] Affinity/Toleration/nodeSelector rules
- [x] Automatically rolls out config updates to CTFd pods (Using checksum annotation)
- [ ] Deploys self-hosted mail server for CTFd email notifications as a helm dependency
- [ ] Automated backups (CTFd export. This could be done with batch/v1 CronJob)
- [ ] Deploys postgres db as a helm dependency (ctfd.io doesn't actively support it so this is a low priority)
- [ ] Support for custom CTFd themes/plugin (using initContainers?)
## To Do
- [ ] Performance testing to verify autoscaling capabilities + e2e testing for verification
- [x] Fine tune cpu/mem requests and limits
- [ ] Chaos testing to verify HA capabilities
- [x] Add Pod Disruption budget and rolling strategy
- [ ] Security testing to verify deployment security
- [x] Helm linting and testing with GitHub Actions
- [ ] Publish Helm chart to Artifact Hub or to Github Pages
- [x] Custom NOTES.txt (post-installation message)
- [ ] Support custom metrics for autoscaling
- [x] README.md with badges and detailed information
- [x] Add Chart Values table to README.md
- [ ] Support custom CTFd themes/plugin
{{ template "chart.maintainersSection" . }}
{{ template "chart.sourcesSection" . }}
{{ template "chart.requirementsSection" . }}
{{ template "chart.valuesSection" . }}
Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)