Skip to content

Commit

Permalink
Adding information to stac-fastapi README, adding PVC and secrets (#83)
Browse files Browse the repository at this point in the history
  • Loading branch information
@hectormachin
hectormachin authored Aug 18, 2023
1 parent 0d50360 commit 6ecc291
Show file tree
Hide file tree
Showing 10 changed files with 955 additions and 46 deletions.
5 changes: 5 additions & 0 deletions charts/stac-fastapi/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,3 +7,8 @@ keywords:
- stac-fastapi
sources:
home:
dependencies:
- name: local-path-provisioner
condition: local-path-provisioner.enabled
version: "0.0.25"
repository: "https://element84.github.io/filmdrop-k8s-helm-charts/"
770 changes: 769 additions & 1 deletion charts/stac-fastapi/README.md
View file

Large diffs are not rendered by default.

17 changes: 17 additions & 0 deletions charts/stac-fastapi/templates/pgstac-claim0-persistentvolumeclaim.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
{{- if and .Values.pgStac.enabled .Values.pgStac.storage.retainPersistentVolume -}}
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
creationTimestamp: null
labels:
{{- include "pgstac.labels" . | nindent 6 }}
name: pgstac-claim0
spec:
storageClassName: {{ .Values.pgStac.storage.storageClassName }}
accessModes:
- ReadWriteOnce
resources:
requests:
storage: {{ .Values.pgStac.storage.size }}
status: {}
{{- end }}
36 changes: 20 additions & 16 deletions charts/stac-fastapi/templates/pgstac-deployment.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
{{- if .Values.pgStac.enabled -}}
apiVersion: apps/v1
kind: Deployment
metadata:
Expand All @@ -24,39 +25,42 @@ spec:
- "500"
env:
- name: PGDATABASE
valueFrom:
secretKeyRef:
name: stac-fastapi-secret
key: pg_dbname
value: {{.Values.pgStac.dbName}}
- name: PGPASSWORD
valueFrom:
secretKeyRef:
name: stac-fastapi-secret
key: pg_password
name: {{ .Values.pgStac.passwordSecret.name }}
key: {{ .Values.pgStac.passwordSecret.key }}
- name: PGUSER
valueFrom:
secretKeyRef:
name: stac-fastapi-secret
key: pg_username
name: {{ .Values.pgStac.userNameSecret.name }}
key: {{ .Values.pgStac.userNameSecret.key }}
- name: POSTGRES_DB
valueFrom:
secretKeyRef:
name: stac-fastapi-secret
key: img_dbname
value: {{.Values.pgStac.dbName}}
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: stac-fastapi-secret
key: img_password
name: {{ .Values.pgStac.passwordSecret.name }}
key: {{ .Values.pgStac.passwordSecret.key }}
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: stac-fastapi-secret
key: img_username
name: {{ .Values.pgStac.userNameSecret.name }}
key: {{ .Values.pgStac.userNameSecret.key }}
image: "{{ .Values.pgStac.image.repository }}:{{ .Values.pgStac.image.tag }}"
name: {{ .Values.pgStac.deployment.name }}
ports:
- containerPort: {{ .Values.pgStac.container.port }}
resources: {}
volumeMounts:
- mountPath: /pgstac
name: pgstac-claim0
workingDir: /pgstac
restartPolicy: Always
volumes:
- name: pgstac-claim0
persistentVolumeClaim:
claimName: pgstac-claim0
status: {}
{{- end }}
4 changes: 3 additions & 1 deletion charts/stac-fastapi/templates/pgstac-service.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
{{- if .Values.pgStac.enabled -}}
apiVersion: v1
kind: Service
metadata:
Expand All @@ -7,10 +8,11 @@ metadata:
name: {{ .Values.pgStac.service.name }}
spec:
ports:
- name: "5439"
- name: "{{ .Values.pgStac.service.port }}"
port: {{ .Values.pgStac.service.port }}
targetPort: {{ .Values.pgStac.service.targetPort }}
selector:
{{- include "pgstac.labels" . | nindent 6 }}
status:
loadBalancer: {}
{{- end }}
11 changes: 11 additions & 0 deletions charts/stac-fastapi/templates/pgstac-storage-class.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
{{- if and .Values.pgStac.enabled .Values.pgStac.storage.retainPersistentVolume -}}
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
labels:
{{- include "pgstac.labels" . | nindent 6 }}
name: pgstac-retain
provisioner: {{ .Values.pgStac.storage.provisioner }}
reclaimPolicy: Retain
volumeBindingMode: {{ .Values.pgStac.storage.volumeBindingMode }}
{{- end }}
70 changes: 70 additions & 0 deletions charts/stac-fastapi/templates/stac-fastapi-crds.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,70 @@
{{- if .Values.pgStac.enabled -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Values.stacFastApi.service.serviceAccount }}
namespace: {{ .Release.Namespace }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: {{ .Values.stacFastApi.service.serviceAccount }}-migration-reader
rules:
rules:
- apiGroups:
- '*'
resources:
- statefulsets
- services
- replicationcontrollers
- replicasets
- podtemplates
- podsecuritypolicies
- pods
- pods/log
- pods/exec
- podpreset
- poddisruptionbudget
- persistentvolumes
- persistentvolumeclaims
- jobs
- endpoints
- deployments
- deployments/scale
- daemonsets
- cronjobs
- configmaps
- namespaces
- events
- secrets
verbs:
- create
- get
- watch
- delete
- list
- patch
- update
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- watch
- update
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: {{ .Values.stacFastApi.service.serviceAccount }}-migration-reader
subjects:
- kind: ServiceAccount
name: {{ .Values.stacFastApi.service.serviceAccount }}
roleRef:
kind: Role
name: {{ .Values.stacFastApi.service.serviceAccount }}-migration-reader
apiGroup: rbac.authorization.k8s.io
apiVersion: rbac.authorization.k8s.io/v1
{{- end }}
43 changes: 26 additions & 17 deletions charts/stac-fastapi/templates/stac-fastapi-pgstac-deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,16 @@ spec:
labels:
app: stac-fastapi-pgstac
spec:
{{ if .Values.pgStac.enabled }}
serviceAccountName: {{ .Values.stacFastApi.service.serviceAccount }}
initContainers:
- name: wait-for-pgstac
image: ghcr.io/groundnuty/k8s-wait-for:v2.0
imagePullPolicy: Always
args:
- "service"
- "-lapp={{.Values.pgStac.service.name}}"
{{ end }}
containers:
- env:
- name: APP_HOST
Expand All @@ -32,32 +42,31 @@ spec:
- name: GDAL_HTTP_MERGE_CONSECUTIVE_RANGES
value: "YES"
- name: POSTGRES_DBNAME
valueFrom:
secretKeyRef:
name: stac-fastapi-secret
key: img_dbname
value: {{.Values.pgStac.dbName}}
- name: POSTGRES_HOST_READER
valueFrom:
secretKeyRef:
name: stac-fastapi-secret
key: img_hostrw
{{ if .Values.pgStac.enabled }}
value: "{{.Values.pgStac.service.name}}.{{.Release.Namespace}}"
{{ else }}
value: {{.Values.pgStac.dbHost}}
{{ end}}
- name: POSTGRES_HOST_WRITER
valueFrom:
secretKeyRef:
name: stac-fastapi-secret
key: img_hostrw
{{ if .Values.pgStac.enabled }}
value: "{{.Values.pgStac.service.name}}.{{.Release.Namespace}}"
{{ else }}
value: {{.Values.pgStac.dbHost}}
{{ end}}
- name: POSTGRES_PASS
valueFrom:
secretKeyRef:
name: stac-fastapi-secret
key: img_password
name: {{ .Values.pgStac.passwordSecret.name }}
key: {{ .Values.pgStac.passwordSecret.key }}
- name: POSTGRES_PORT
value: "5439"
value: "{{ .Values.pgStac.service.port }}"
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: stac-fastapi-secret
key: img_username
name: {{ .Values.pgStac.userNameSecret.name }}
key: {{ .Values.pgStac.userNameSecret.key }}
- name: USE_API_HYDRATE
value: "FALSE"
- name: VSI_CACHE
Expand Down
11 changes: 4 additions & 7 deletions charts/stac-fastapi/templates/stac-fastapi-secret.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,10 @@
{{- if .Values.pgStac.createPgStacSecret -}}
apiVersion: v1
kind: Secret
metadata:
name: stac-fastapi-secret
type: Opaque
data:
img_dbname: cG9zdGdpcw==
img_hostrw: cGdzdGFj
img_password: cGFzc3dvcmQ=
img_username: dXNlcm5hbWU=
pg_dbname: cG9zdGdpcw==
pg_password: cGFzc3dvcmQ=
pg_username: dXNlcm5hbWU=
username: {{ .Values.pgStac.dbUser }}
password: {{ .Values.pgStac.dbPassword }}
{{- end }}
34 changes: 30 additions & 4 deletions charts/stac-fastapi/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,17 @@
nameOverride: ""
fullnameOverride: ""

local-path-provisioner:
enabled: true
storageClass:
provisionerName: filmdrop.io/local-pgstac-path-provisioner
name: local-path-class

pgStac:
enabled: true
image:
repository: ghcr.io/stac-utils/pgstac
tag: v0.7.1
tag: v0.7.10
container:
port: 5432
service:
Expand All @@ -17,18 +24,37 @@ pgStac:
name: pgstac
deployment:
name: pgstac
createPgStacSecret: true
userNameSecret:
name: stac-fastapi-secret
key: username
passwordSecret:
name: stac-fastapi-secret
key: password
dbUser: dXNlcm5hbWU=
dbPassword: cGFzc3dvcmQ=
dbName: postgis
dbHost: pgstac.default
serviceAccount:
storage:
size: 1Gi
volumeBindingMode: WaitForFirstConsumer
provisioner: filmdrop.io/local-pgstac-path-provisioner
retainPersistentVolume: true
storageClassName: pgstac-retain
replicaCount: 1

stacFastApi:
image:
repository: ghcr.io/stac-utils/stac-fastapi
tag: main-pgstac
repository: ghcr.io/stac-utils/stac-fastapi-pgstac
tag: main
container:
port: 8080
service:
port: 8080
targetPort: 8080
name: stac-fastapi-pgstac
serviceAccount: stac-fastapi-pgstac
deployment:
name: stac-fastapi-pgstac
replicaCount: 1
replicaCount: 1

0 comments on commit 6ecc291

Please sign in to comment.