chore(deploy):add helm charts (#439)

* chore(deploy):add helm charts

* chore(deploy):update charts readme

* chore(deploy):update charts readme

* chore(deploy):typo defaule -> default

* chore(playground):deplete kubecompose generate file

* chore(deployment):add zh-cn readme and set default readme to zh-cn

* chore(deployment):set existing  mysql and guacd replicas

* chore(deployment):update readme

* chore(deployment):update readme add thanks

* fix:remove dep and update reademe

Author: NeverTeaser

deploy/charts/Chart.lock

@@ -0,0 +1,12 @@
+dependencies:
+- name: common
+  repository: oci://registry-1.docker.io/bitnamicharts
+  version: 2.14.1
+- name: nfs-subdir-external-provisioner
+  repository: https://kubernetes-sigs.github.io/nfs-subdir-external-provisioner
+  version: 4.0.18
+- name: mysql
+  repository: oci://registry-1.docker.io/bitnamicharts
+  version: 9.16.1
+digest: sha256:a4237a0269eaef0f8f6e58f8da6913f2f9c865b51ac7380971656221151a571e
+generated: "2024-01-14T21:47:18.234376962+08:00"

deploy/charts/Chart.yaml

@@ -0,0 +1,45 @@
+apiVersion: v2
+name: next-terminal
+description: Next-terminal Helm chart for Kubernetes
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "1.16.0"
+
+dependencies:
+  - name: common
+    repository: oci://registry-1.docker.io/bitnamicharts
+    tags:
+      - bitnami-common
+    version: 2.14.1
+  - name: nfs-subdir-external-provisioner
+    alias: nfs
+    condition: nfs.enabled
+    repository: https://kubernetes-sigs.github.io/nfs-subdir-external-provisioner
+    tags:
+      - nfs-subdir
+    version: 4.0.18
+  - name: mysql
+    alias: mysql
+    condition: mysql.enabled
+    repository: oci://registry-1.docker.io/bitnamicharts
+    version: 9.16.1
+    tags:
+      - mysql

deploy/charts/README.md

@@ -0,0 +1,87 @@
+# Next-Terminal helm charts
+
+## 版本要求
+
+- Helm 3.8.0+
+- Kubernetes 1.23+
+- Existing NFS Share
+--- 
+[ENGLISH](https://github.com/dushixiang/next-terminal/blob/add-helm-charts/deploy/charts/README_en.md)
+
+[source](https://github.com/NeverTeaser/next-terminal-charts)
+
+## 默认安装组件
+- [nfs-subdir-external-provisioner](https://artifacthub.io/packages/helm/nfs-subdir-external-provisioner/nfs-subdir-external-provisioner/4.0.18)
+- [mysql](https://artifacthub.io/packages/helm/bitnami/mysql/9.17.0)
+
+
+## 安装
+```
+helm repo add next-terminal https://1mtrue.com/next-terminal-charts/
+helm install my-next-terminal next-terminal/next-terminal --version 0.1.0
+```
+## nfs 
+
+当前版本(1.3.9) next-terminal 需要guacd 和web 后端之间共享目录，所以使用了nfs pvc 来实现pod 间文件共享， 你也可以使用已有的支持ReadWriteMany 的PVC 来替换，需要修改`value.yaml` 里的下列内容
+```
+nfs:
+  enabled: false
+  existingClaim:
+```
+
+
+如果启用NFS，请修改 `value.yaml` 的地址和目录
+``` yaml
+nfs:
+  nfs:
+    server: 192.168.88.82 
+    path: "/root/nfs-data"
+    
+```
+## mysql
+
+next-terminal on Kubernetes 不建议使用（也不支持）使用SQLite作为后端数据库， 我们更推荐使用MySQL来作为后端存储数据库
+安全起见，安装时请修改`value.yaml` 中的认证信息
+```
+mysql:
+  auth:
+    rootPassword: next-terminal
+    username: next-terminal
+    password: next-terminal
+    database: next-terminal
+```
+如果想用一个已有MySQL 作为后端存储，可以修改`value.yaml`  里的这些配置来使用已有的MySQL
+```
+mysql:
+  enabled: false
+  existing:
+    auth:
+      username: existing-next-terminal
+      password: existing-next-terminal
+      database: existing-next-terminal
+      host: "existing.test.mysql"
+      ports: 3306
+```
+
+## 本地安装
+
+```
+helm install my-release -f value.yaml  ./
+```
+## 配置
+
+更多配置参见 value.yaml
+
+## 已知问题
+
+- next-terminal 后端自身有一些local cache 所以多实例的情况下会出现数据错乱，暂时只支持一个副本。
+- 当前版本不提供Ingress 如果需要提供稳定的对外服务， 请自行配置Ingress 
+
+## 感谢
+
+- [bitnami-common](https://github.com/bitnami/charts)
+- [nfs-subdir-external-provisioner](https://github.com/kubernetes-sigs/nfs-subdir-external-provisioner/tree/master)
+
+<!-- | Parameter                            | Description                                                                                           | Default                                                       |
+| ------------------------------------ | ----------------------------------------------------------------------------------------------------- | ------------------------------------------------------------- |
+| `replicaCount`                       | Number of provisioner instances to deployed                                                           | `1`                                                           | -->

deploy/charts/README_en.md

@@ -0,0 +1,52 @@
+# Next-Terminal helm charts
+
+## Prerequisites
+
+- Helm 3.8.0+
+- Kubernetes 1.23+
+- Existing NFS Share
+
+
+## nfs 
+
+next-terminal need share file between guacd and web backend server, so we use nfs.  default enable  you can disable  in `value.yaml` and set existingClaim name.
+```
+nfs:
+  enabled: false
+  existingClaim:
+```
+
+
+or you can set "configured" nfs server in  `value.yaml`
+```
+nfs:
+  nfs:
+    server: 192.168.88.82
+    path: "/root/nfs-data"
+    
+```
+## mysql
+
+mysql default enabled ,change you password  for security
+
+```
+mysql:
+  auth:
+    rootPassword: next-terminal
+    username: next-terminal
+    password: next-terminal
+    database: next-terminal
+```
+
+if you have  existing mysql server, modify value.yaml
+```
+mysql:
+  enabled: false
+  existing:
+    auth:
+      username: existing-next-terminal
+      password: existing-next-terminal
+      database: existing-next-terminal
+      host: "existing.test.mysql"
+      ports: 3306
+```

deploy/charts/templates/_helpers.tpl

@@ -0,0 +1,78 @@
+{{/*
+Copyright VMware, Inc.
+SPDX-License-Identifier: APACHE-2.0
+*/}}
+
+{{- define "next-terminal.fullname" -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+
+
+{{- define "next-terminal.mysql.fullname" -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- printf "%s-mysql-headless" .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{- /*
+ define the next-terminal release namespace
+*/ -}}
+{{- define "release_namespace" -}}
+{{- if .Values.namespaceOverride -}}
+{{- .Values.namespaceOverride -}}
+{{- else -}}
+{{- .Release.Namespace -}}
+{{- end -}}
+{{- end -}}
+
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "next-terminal.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+
+{{- /*
+next-terminal.labels generates the standard Helm labels.
+*/ -}}
+{{- define "next-terminal.labels" -}}
+app.kubernetes.io/name: {{ template "next-terminal.name" . }}
+helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+app.kubernetes.io/version: {{ .Chart.AppVersion }}
+{{- end -}}
+
+
+{{- define "next-terminal.imagePullSecrets" -}}
+{{- include "common.images.renderPullSecrets" (dict "images" (list .Values.image) "context" $) -}}
+{{- end -}}
+
+
+{{- define "next-terminal.guacd.fullname" -}}
+{{- printf "%s-%s" (include "common.names.fullname" .) "guacd" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+
+{{- define "next-terminal.web.fullname" -}}
+{{- printf "%s-%s" (include "common.names.fullname" .) "web" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+
+
+{{- define "next-terminal.web.sshd.secretName" -}}
+{{- if .Values.web.sshd.existingSecret -}}
+    {{- .Values.web.sshd.existingSecret -}}
+{{- else }}
+    {{- include "next-terminal.web.fullname" .  -}}
+{{- end -}}
+{{- end -}}
+
+
+
+{{- define "next-terminal.pvc" -}}
+{{- .Values.nfs.existingClaim | default (include "common.names.fullname" .) -}}
+{{- end -}}

deploy/charts/templates/guacd/deployment.yaml

@@ -0,0 +1,86 @@
+{{ if .Values.guacd.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ .Release.Name }}-guacd
+  namespace: {{ include "release_namespace" . }}
+  labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.guacd.commonLabels "context" $ ) | nindent 4 }}
+  {{- if .Values.commonAnnotations }}
+  annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.guacd.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
+
+spec: 
+  replicas: {{ .value.guacd.replicas }}
+  {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.guacd.podLabels .Values.guacd.commonLabels ) "context" . ) }}
+  selector:
+    matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }}
+  template:
+    metadata:
+      annotations:
+        {{- if .Values.podAnnotations }}
+        {{- include "common.tplvalues.render" (dict "value" .Values.guacd.podAnnotations "context" $) | nindent 8 }}
+        {{- end }}
+      labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }}
+        app.kubernetes.io/component: guacd
+        app.kubernetes.io/part-of: next-terminal
+    spec:
+      {{- include "next-terminal.imagePullSecrets" . | nindent 6 }}
+      {{- if .Values.affinity }}
+      affinity: {{- include "common.tplvalues.render" (dict "value" .Values.guacd.affinity "context" $) | nindent 8 }}
+      {{- else }}
+      affinity:
+        podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.guacd.podAffinityPreset "customLabels" $podLabels "context" $) | nindent 10 }}
+        podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.guacd.podAntiAffinityPreset "customLabels" $podLabels "context" $) | nindent 10 }}
+        nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.guacd.nodeAffinityPreset.type "key" .Values.guacd.nodeAffinityPreset.key "values" .Values.guacd.nodeAffinityPreset.values) | nindent 10 }}
+      {{- end }}
+      {{- if .Values.guacd.nodeSelector }}
+      nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.guacd.nodeSelector "context" $) | nindent 8 }}
+      {{- end }}
+      {{- if .Values.guacd.tolerations }}
+      tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.guacd.tolerations "context" $) | nindent 8 }}
+      {{- end }}
+      {{- if .Values.guacd.priorityClassName }}
+      priorityClassName: {{ .Values.guacd.priorityClassName | quote }}
+      {{- end }}
+      {{- if .Values.guacd.podSecurityContext.enabled }}
+      securityContext: {{- omit .Values.guacd.podSecurityContext "enabled" | toYaml | nindent 8 }}
+      {{- end }}
+      containers:
+        - name: guacd
+          image: {{ include "common.images.image" (dict "imageRoot" .Values.guacd.image "global" .Values.global) }}
+          imagePullPolicy: {{ .Values.guacd.image.pullPolicy | quote }}
+          {{- if .Values.guacd.resources }}
+          resources: {{- toYaml .Values.guacd.resources | nindent 12 }}
+          {{- end }}
+          {{ if .Values.guacd.command }}
+          command: {{- include "common.tplvalues.render" (dict "value" .Values.guacd.command "context" $) | nindent 12 }}
+          {{- end }}
+          env: 
+            - name: GUACD_LOG_LEVEL
+              value: {{ if .Values.guacd.debug }}debug{{ else }}info{{ end }}
+          ports:
+          - containerPort: {{ .Values.guacd.servicePort }}
+            name: guacd
+          livenessProbe:
+            tcpSocket:
+              port: {{ .Values.guacd.servicePort }}
+            initialDelaySeconds: 15
+            periodSeconds: 20
+          readinessProbe:
+            tcpSocket:
+              port: {{ .Values.guacd.servicePort }}
+            initialDelaySeconds: 5
+            periodSeconds: 10
+          {{- if .Values.nfs.enabled }}
+          volumeMounts:
+              - name: guacd-data
+                mountPath:  {{ .Values.web.dataPath }}
+          {{- end }}
+      {{- if .Values.nfs.enabled }}
+      restartPolicy: {{ .Values.guacd.restartPolicy | quote }}
+      volumes:
+        - name: guacd-data
+          persistentVolumeClaim:
+            claimName: {{ include "next-terminal.pvc" . }}
+      {{- end  }}
+{{ end }}

deploy/charts/templates/guacd/pvc.yaml

@@ -0,0 +1,19 @@
+{{- if and .Values.nfs.enabled  }}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: {{ include "common.names.fullname" . }}
+  namespace: {{ include "common.names.namespace" . | quote }}
+  labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
+  {{- if or .Values.nfs.annotations .Values.commonAnnotations }}
+  {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.nfs.annotations .Values.commonAnnotations ) "context" . ) }}
+  annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }}
+  {{- end }}
+spec:
+  accessModes: 
+    - {{ .Values.nfs.storageClass.accessModes }}
+  resources:
+    requests:
+      storage: {{ .Values.nfs.size | quote }}
+  storageClassName:  {{ .Values.nfs.storageClass.name }}
+{{- end -}}