diff --git a/CHANGELOG.md b/CHANGELOG.md index 64c8cd5a..a51bb2c2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,17 @@ # GraphDB Helm chart release notes +## Version 10.0 + +### Breaking +New major release that isn't compatible with the old chart, due to major breaking changes in Graphdb 10. +Migration steps can be found [here](README.md#cluster-migration-from-graphdb-9x-to-100). + +### New +- Changed to work with the new GraphDB 10. +- Removed Kong. +- Moved from multiple stateful sets with 1 replica to statefulsets with multiple replicas. +- Configurable liveness, readiness, startup probes. +- Can use standalone without license by default. Don't forget to set your license for a working cluster and connectors! +- New overridable configmaps for users, settings and logback. ## Version 9.9.0 diff --git a/Chart.yaml b/Chart.yaml index c2f7da76..381c4cd7 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -1,9 +1,9 @@ # -# Helm chart for GraphDB Free/SE/EE +# Helm chart for GraphDB # apiVersion: v2 name: graphdb -description: Helm chart for GraphDB Free/SE/EE +description: Helm chart for GraphDB type: application version: 10.0.0 appVersion: 10.0.0 diff --git a/README.md b/README.md index fb3713ff..6bdeec5f 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,4 @@ -# Helm charts for GraphDB EE - -## WARNING - -This is a basic experimental Helm chart for GraphDB. We're working on some features that are missing at the moment such as: - -- Autoscaling +# Helm charts for GraphDB ## Install ### Prerequisites @@ -43,7 +37,7 @@ resolve loop in some Linux distributions. **Resources** -It's important to define resource limitations for the Minikube environment. Otherwise it will +It's important to define resource limitations for the Minikube environment, otherwise it will default to limits that may not be sufficient to deploy the whole chart. The default resource limitations require around **12GB** of RAM. This is configurable per service in @@ -85,7 +79,7 @@ The chart is deployed with a Kubernetes ingress service that is configured to li on a specific hostname. Any other requests are not handled. This hostname is specified in [values.yaml](values.yaml) under `deployment.host`. -By default it configured for `localhost` which is suitable for the `none` Minikube driver. +By default, it's configured for `localhost` which is suitable for the `none` Minikube driver. In every other case you have to reconfigure it to a hostname that is DNS resolvable. Some options are: @@ -111,29 +105,115 @@ about modifying the hosts file in different OS. #### Secrets -After obtaining a GraphDB license from our sales team, create a secret with a `graphdb.license` +If you have a GraphDB license, create a secret with a `graphdb.license` data entry: ```bash kubectl create secret generic graphdb-license --from-file graphdb.license ``` +then add the secret name to the values.yaml file as `graphdb.node.license` **Note**: Secret names can differ from the given examples in the [values.yaml](values.yaml), but their configurations should be updated -to refer to the correct ones. Note that the licenses can be set for all masters/workers instances and also per instance. Please setup correctly according to the licensing agreements. +to refer to the correct ones. Note that the licenses can be set for all node instances. Please setup correctly according to the licensing agreements. #### Updating an expired GraphDB license -When the helm chart is installed the license will be provisioned through the `graphdb-license`. -When a license expires you'll have to update the secret, so each new GraphDB instance can be provisioned with the new license. -In order NOT to restart your current GraphDB instances, you can copy your new license named `graphdb.license` in your GraphDB pods in folder `/opt/graphdb/home/conf`. +When the helm chart is installed the license will be provisioned through the secret set in the `graphdb.node.license` value. +When a license expires you'll have to update the secret, so GraphDB instances don't get provisioned with the old license. +In order NOT to restart your current GraphDB instances, you can copy your new license named `graphdb.license` in your GraphDB pods in folder `/opt/graphdb/home/work`. It's important to name your file exactly `graphdb.license`! ```bash kubectl delete secret graphdb-license kubectl create secret generic graphdb-license --from-file graphdb.license -kubectl cp graphdb.license graphdb-master-1-0:/opt/graphdb/home/conf +kubectl cp graphdb.license graphdb-node-0:/opt/graphdb/home/work ``` +**Note**: If you use a standalone GraphDB you can also change it through the workbench, but if you don't update the secret next restart will provision the old license. +### Cluster migration from GraphDB 9.x to 10.0 + +**Warning**: Before starting the migration change your master into read only mode. The process is irreversible and full backup is HIGHLY advisable. At minimum backup the PV of the worker you are planing to use for migration. + +The Helm chart is completely new and not backwards-compatible. + +1. Make all masters read only, you can use the workbench. +2. Using the workbench disconnect all repositories of the worker which we are going to use to migrate to 10.0. +If you've used the official GraphDB helm chart you can select any worker. In case of a custom implementation select one that can easily be scaled down. + + **Note**: Only the repositories that are on the worker will be migrated into the new cluster! +3. Get the PV information of the worker, noting down the capacity and the access mode: + ```bash + kubectl get pv + ``` +4. Note down the resource limits of the worker node: + ```bash + kubectl get pod graphdb-worker- -o yaml | grep -B 2 memory + ``` +5. Make sure all the important settings saved in the settings.js of the master are present in the worker's. Their only difference + should be the lack of locations in the worker's settings. + ```bash + kubectl cp graphdb-master-1-0:/opt/graphdb/home/work/workbench/settings.js settings_m.js + kubectl cp graphdb-worker-:/opt/graphdb/home/work/workbench/settings.js settings_w.js + diff settings_m.js settings_w.js + ``` + If anything other than the locations is different between the files assume that the master's file is correct and copy it to the worker: + ```bash + kubectl cp settings_m.js graphdb-worker-:/opt/graphdb/home/work/workbench/settings.js + ``` +6. During a replication of a node GraphDB 10 can take double the storage which 9.x takes, so you might need to increase your PV size! To do this + we recommend checking the documentation of your cloud service provider but in general the procedure is: + - Make sure `allowVolumeExpansion: true` is set in your used storageClass. + - Request a change in volume capacity by editing your PVC's `spec.resources.requests.storage` + - Verify the change has taken effect with `get pvc -o yaml` and checking the `status.capacity` field. +7. Scale down the selected worker. In the official GraphDB every worker has it's' own statefulset. + List all the statefulsets to find the name of the worker you want to scale down: + ```bash + kubectl get statefulsets + ``` + Then change the number of replicas to 0: + ```bash + kubectl scale statefulsets --replicas=0 + ``` +8. Once the worker is down patch the worker's PV with `"persistentVolumeReclaimPolicy":"Retain"`: + ```bash + kubectl patch pv -p '{"spec":{"persistentVolumeReclaimPolicy":"Retain"}}' + ``` +9. Delete the worker's PVC. + ```bash + kubectl delete pvc + ``` +10. Patch the PV with `"claimRef":null` so it can go from status Released to Available: + ```bash + kubectl patch pv -p '{"spec":{"claimRef":null}}' + ``` +11. Patch the PV with `claimRef` matching the PVC that will be generated by the `volumeClaimTemplates`: + ```bash + kubectl patch pv -p '{"spec":{"claimRef":{"name":"graphdb-node-data-dynamic-pvc-graphdb-node-0"}}}' + ``` +12. Create a namespace for the GraphDB 10 helm chart, so we can deploy it without having to delete our 9.x cluster: + ```bash + kubectl create namespace + ``` +13. Patch/Move the worker's PV to the new namespace: + ```bash + kubectl patch pv -p '{"spec":{"claimRef":{"namespace":""}}}' + ``` +14. Create a secret with your license in the new namespace: + ```bash + graphdb-license --from-file graphdb.license -n + ``` +15. Install the 10.0.0 Helm chart. Remember to edit: +- `graphdb.node.resources.limits.memory` and `graphdb.node.resources.requests.memory` to the ones used by the old workers. +- `graphdb.nodesCount:` The raft protocol recommends an odd amount of nodes. Set to the amount of workers you had in the old cluster. +- `graphdb.node.persistance.volumeClaimTemplateSpec.accessModes` and `graphdb.node.persistance.volumeClaimTemplateSpec.resources.requests.storage` to the ones used by the old PVs. +- `graphdb.clusetConfig.clusterCreationTimeout` high enough so the data from the old worker has time to replicate to all the new nodes. This depends on network speed between the nodes and the read/write performance of the storage. If the replication is expected to take more than 5 minutes add an equivalent `--timeout XXm` to the helm install command. +- `deployment.host` to temporary address where you can test everything is working. + +16. Once you confirm everything has migrated and works as expected you can free up the old `deployment.host` and upgrade the new cluster to it. + +**Note**: If you decide to revert to 9.x and don't have a backup of the worker's PV, you won't be able to use the old PV as GraphDB 10's repositories and settings aren't backward compatible. +Your best course of action would be to make sure it will provision a new clean PV, scale the replica back from 0, recreate the worker repositories and reconnect them to the old master repositories letting GraphDB replicate the data. + ### Quick Start The Helm chart includes an example repository configuration TTLs. @@ -141,7 +221,7 @@ The Helm chart includes an example repository configuration TTLs. To install the GraphDB on `graphdb.local`: ```bash -helm install --set deployment.host=graphdb.local graphdb-ee . +helm install --set deployment.host=graphdb.local graphdb . ``` After a few seconds, Helm will print out the result from installing GraphDB. @@ -149,15 +229,15 @@ You should see the following output: ``` --------------------------------------------------------------------------------------------- - ____ _ ____ ____ _____ _____ - / ___|_ __ __ _ _ __ | |__ | _ \| __ ) | ____| ____| - | | _| '__/ _` | '_ \| '_ \| | | | _ \ | _| | _| - | |_| | | | (_| | |_) | | | | |_| | |_) | | |___| |___ - \____|_| \__,_| .__/|_| |_|____/|____/ |_____|_____| - |_| --------------------------------------------------------------------------------------------- -version: 9.8.0 +------------------------------------------------------------------------------- + ____ _ ____ ____ + / ___|_ __ __ _ _ __ | |__ | _ \| __ ) + | | _| '__/ _` | '_ \| '_ \| | | | _ \ + | |_| | | | (_| | |_) | | | | |_| | |_) | + \____|_| \__,_| .__/|_| |_|____/|____/ + |_| +------------------------------------------------------------------------------- +version: 10.0.0 GDB cluster: true ** Please be patient while the chart is being deployed and services are available ** @@ -171,7 +251,7 @@ Endpoints: ## Persistence -By default, the Helm chart is deploying persistent volumes that stores data on the host path. +By default, the Helm chart is deploying persistent volumes that store data on the host path. This is useful for local Minikube deployments. However, in a cloud environment with multiple node cluster this would lead to rescheduling and **data loss**. @@ -179,7 +259,7 @@ See https://kubernetes.io/docs/concepts/storage/volumes/. ### Local deployment -Local persistent volumes are configured with `deployment.storage` from [values.yaml](values.yaml). +Local persistent volumes are configured with `graphdb.node.persistence` from [values.yaml](values.yaml). ### Cloud deployment @@ -190,16 +270,10 @@ component has a section `persistence` that has to be updated. ## API Gateway -The services are proxied using Kong API gateway. By default, it is configured to route: +The services are proxied using nginx Ingress gateway. By default, it is configured to route: - GraphDB Workbench -- GraphDB Workbench workers if the cluster deployment is enabled - -See the default declarative -[configuration](files/kong.dbless.yaml) of Kong to understand what and how is proxied. - -To learn about the declarative syntax, see -https://docs.konghq.com/1.5.x/db-less-admin-api/#declarative-configuration. +- GraphDB cluster proxy if the cluster deployment is enabled ## Customizing @@ -207,34 +281,9 @@ Every component in configured with sensible defaults. Some of them are applied f [values.yaml](values.yaml). Make sure you read it thoroughly, understand each property and the impact of changing any one of them. -The properties are used across configuration maps and secrets and most of the components allow -the overriding of their configuration maps and secrets from [values.yaml](values.yaml). -See `.configmap` and `.secret`. - -**Note**: If you are familiar with Kubernetes, you could modify the components configuration +**Note**: If you are familiar with Kubernetes, you could modify the component's configuration templates directly. - -### GraphDB repositories - -By default, the provisioning creates a default repository in GraphDB. This repo is provided by -`graphdb-master-repo-default-configmap` for master instances and `graphdb-worker-repo-default-configmap` for worker instances. -The repositories are created using .ttl repository configuration files, by default those are [worker.default.ttl](files/config/graphdb-repo.default.ttl) and [master.default.ttl](files/config/master.default.ttl). - -Provisioning of multiple repositories is also supported. If the configmaps contain more than one .ttl file, the provisioning will create the repositories from all .ttl files contained in the configmap. -Note that `master` and `worker` repositories are different and must be supplied correctly in a cluster environment. -Also note that when standalone GraphDB instance is used, the master configmap is used, but with a `worker` `config.ttl`! - -To change the default TTL, you can prepare another configuration map containing a -`config.ttl` file(s) entry: - -```bash -kubectl create configmap graphdb-repo-configmap --from-file=config.ttl -``` - -After that, update the property `graphdb.masters.repositoryConfigmap` / `graphdb.workers.repositoryConfigmap` from -[values.yaml](values.yaml) to refer to the new configuration map. - #### Ontop repositories Ontop repositories require a jdbc driver. To use this type of repository, you have to provide a jdbc driver named `jdbc-driver.jar`. @@ -246,65 +295,19 @@ The directory is part of the GraphDB home directory which is persistent, so the GraphDB's Helm chart is made to be highly customizable regarding GraphDB's specific options and properties. There are 3 important configuration sections: - GraphDB cluster configuration -- Cluster instances (masters/workers) configuration -- Backup, restore and cleanup options +- GraphDB node configuration +- GraphDB cluster proxy configuration #### GraphDB cluster configuration -By default the Helm chart supports the 3 topologies that we recommend in our documentation. This is configured by setting `graphdb.topology` -Possible values: `standalone, 1m_3w, 2m3w_rw_ro, 2m3w_muted`. Masters and workers count in cluster modes are controlled by mastersCount and workersCount properties - -**standalone** - Launches single instance of GraphDB with a preconfigured worker repository. - -**1m_3w** - 1 master and multiple workers. https://graphdb.ontotext.com/documentation/enterprise/ee/setting-up-a-cluster-with-one-master.html - -**2m3w_rw_ro** - 2 masters, one of which is read only and multiple workers. https://graphdb.ontotext.com/documentation/enterprise/ee/setting-up-a-cluster-with-a-second-readonly-master.html +With the release of GraphDB 10, master nodes are no longer needed for a cluster, so the size of the cluster is controlled by just one property: `graphdb.clusterConfig.nodesCount`. +You will need at least three GraphDB installations to create a fully functional cluster. Remember that the Raft algorithm recommends an odd number of nodes, so a cluster of five nodes is a good choice. -**2m3w_muted** - 2 masters, one of which is muted and multiple workers. https://graphdb.ontotext.com/documentation/enterprise/ee/setting-up-a-cluster-with-multiple-masters-with-dedicated-workers.html +Note: If "1" is selected as node count, the launched node will be standalone and no instances of the cluster proxy will be deployed! -Note: If "standalone" is selected, the launched instance will use master-1 properties, but a worker repository will be created! +- The section `graphdb.clusterConfig` can be used to configure a GraphDB cluster. -- The section `graphdb.clusterConfig` can be used to configure a GraphDB cluster. It's responsible for the connections between the cluster instances and their settings (muted, readonly). -- The subsection `graphdb.clusterConfig.masterWorkerMapping` describes which GraphDB instances will be linked. The format must be `master-X -> worker-Y`. Required only for `2m3w_muted` topology. -- The subsection `graphdb.clusterConfig.readOnlyMasters` describes which GraphDB master instances will be set as read only. The format must be `master-X`. Required only for `2m3w_rw_ro` topology. -- The subsection `graphdb.clusterConfig.mutedMasters` describes which GraphDB master instances will be linked as sync peer. The format must be `master-X <-> master-Y`. Required for `2m3w_rw_ro` and `2m3w_muted` topology. - -`graphdb.clusterConfig.workersCount` and `graphdb.clusterConfig.mastersCount` tell the chart how many worker instances and how many masters instances to be launched. - -See more about the cluster topologies here: https://graphdb.ontotext.com/documentation/enterprise/ee/cluster-topologies.html - -#### Cluster instances (masters/workers) configuration - -GraphDB's Helm chart allows some configurations to be set for all masters or all workers instances. It also allows overrides of some configurations for each worker instance or each master instance. -The global configurations for all masters/workers instances are placed in the section `graphdb.masters.*` and `graphdb.workers.*`. - -Each configuration can be overridden for each master/worker node. The overrides are described in `graphdb.masters.nodes.*` and `graphdb.workers.nodes.*`. In those subsections specific configurations for each cluster node can be specified in the format: - -```bash -nodes: - - name: master-1 - java_args: " -Xmx4G -XX:MaxRAMPercentage=70 -XX:+UseContainerSupport" - nodeSelector: {} - license: graphdb-license -``` - -For now the supported configurations are `java_args`, `nodeSelector`, `license`, `affinity`, `tolerations`, `topologySpreadConstraints` - -For more information about node scheduling options see https://kubernetes.io/docs/concepts/scheduling-eviction - -It is also possible to set additional JMX attributes after the cluster is initialized. This applies only to the master nodes and is configured using the `graphdb.masters.additionalJmxArrtibutes`. -This is a map in which the key is the attribute name and the value - the attribute value. - -For example if you wish to set the maximum transaction log size, you can do so by setting the following in `values.yaml`: - -```yaml -graphdb: - masters: - additionalJmxArrtibutes: - LogMaxSize: 10 -``` - -A list of available JMX attributes can be found [here](https://graphdb.ontotext.com/documentation/enterprise/ee/attributes.html) +See more about the cluster here: https://graphdb.ontotext.com/documentation/10.0-M3/cluster-basics.html #### Deploying GraphDB with security @@ -319,7 +322,7 @@ Note that the `provisioning` user is required when security is turned on! By default, if the security is turned on, GraphDB's basic security method is used. More complicated security configurations can be configured using additional configurations in `graphdb.properties`. -See https://graphdb.ontotext.com/documentation/enterprise/access-control.html +See https://graphdb.ontotext.com/documentation/10.0-M3/access-control.html Prior to GraphDB 10.0.0 the users and their settings were saved in the `settings.js` file. @@ -340,73 +343,18 @@ GraphDB uses logback to configure logging using the `logback.xml` file. The file can be provisioned before GraphDB's startup with the `logbackConfigMap` configmap or left to default. It can be overridden with other configmap containing the `logback.xml` file. -Since GraphDB 9.10.1 the Jolokia access is managed using the `jolokia-access.xml` file. -The file can be provisioned before GraphDB's startup with the `jolokiaAccessConfigmap` configmap or left to default. -It can be overridden with other configmap containing the `jolokia-access.xml` file. - -See https://graphdb.ontotext.com/documentation/enterprise/configuring-graphdb.html?highlight=properties -See https://graphdb.ontotext.com/documentation/enterprise/access-control.html - -#### Backup, restore and cleanup options - -GraphDB's Helm chart supports automatic backup, restore and cleanup procedures. There are a few options that are used to describe the required jobs that handle those tasks. - -Those options are described in the subsection `graphdb.backupRestore.*` and they are: -- auto_backup - cron Schedule for auto backup. Creates an automatic backup, stored in a dynamically provisioned PV/PVC using `volumeClaimTemplates` (default folder - /data/graphdb-backups). The backups are saved in format repositoryName-YYYY-MM-DD-hh-mm -- cleanup_cron - cleans up the backups directory. Makes sure that there is a limit of the stored backups. Each or both of `backups_count` and `backups_max_age` could be used. **NOTE: This will work only with certain types of storage classes that support ReadWriteMany!** -- backups_count - max number of backup dirs saved. -- backup_max_age - max number of days for backups. -- trigger_backup - a future date at which we want to trigger a backup. Must be given in format YYYY-MM-DD hh:mm. Please bear in mind that there could be a time difference with the kubernetes environment -- trigger_restore - a future date at which we want to trigger a restore. Works only with a cluster with workers. For a standalone the restore is called from an init container. Must be given in format YYYY-MM-DD hh:mm -- restore_from_backup - the name of the backup directory we want to restore. Must be given in format YYYY-MM-DD hh:mm, where YYYY-MM-DD hh:mm is your backup directory -- restore_repository - the name of the repository that we want to restore. +See https://graphdb.ontotext.com/documentation/10.0-M3/configuring-graphdb.html?highlight=properties +See https://graphdb.ontotext.com/documentation/10.0-M3/access-control.html #### Importing data from existing persistent volume GraphDB supports attaching a folder as an import directory. The directory's content s visible in the Workbench and can be imported. In the Helm chart you can use existing PV as an import directory. This is done through `graphdb.import_directory_mount` using a `volumeClaimTemplateSpec`. This way a dynamic PV/PVC can be provisioned, or you can use an existing PV. If an existing PV is used, have in mind that the dynamically provisioned PVC name is `graphdb-server-import-dir-graphdb-master-1-0`, so an appropriate `claimRef` must be added to the existing PV. -#### Preload, LoadRDF, Storage tools -GraphDB's Helm chart supports preload and LoadRDF tools for preloading data. It also supports Storage tool for scanning and repairing data. There are a few options that are used to run the needed commands. - -Those options are described in the subsection `graphdb.tools.*` and they are: - -- resources - to set the needed resources in order to run the tools. Bear in mind that if you don't give the init containers enough resources, the tools might fail. -```bash -resources: - limits: - cpu: 4 - memory: "10Gi" - requests: - cpu: 4 - memory: "10Gi" -``` -- preload - tool to preload data in a chosen repository. - - trigger - If trigger is set to true, then the preload tool will be run while initializing the deployment. - - flags - options to add to the command. The possible options are "-f", "-p", "-r". If you use the "-f" option, the tool will override the repository and could lose some data. - - rdfDataFile - the file that is added in the mounted directory. - -For more information about the Preload tool see: https://graphdb.ontotext.com/documentation/enterprise/loading-data-using-preload.html - -- loadrdf - tool to preload data in a chosen repository. - - trigger - if trigger is set to true, then the loadrdf tool will be run while initializing the deployment. - - flags - options to add to the command. The possible options are "-f", "-p". If you use the "-f" option, the tool will override the repository and could lose some data. - - rdfDataFile - the file that is added in the mounted directory. - -For more information about the LoadRDF tool see: https://graphdb.ontotext.com/documentation/enterprise/loading-data-using-the-loadrdf-tool.html - -- storage_tool - tool for scanning and repairing data. - - trigger - if trigger is set to true, then the storage tool will be run while initializing the deployment. - - command - the command to run the storage-tool with. - - repository - repo to run command on. - - options - additional options to run the storage-tool with. - -For more information about the Storage tool see https://graphdb.ontotext.com/documentation/enterprise/storage-tool.html - ### Networking -By default, GraphDB's Helm chart comes with a default Ingress and also Kong for more flexibility in configuring instances paths. -Both the Ingress and Kong can be disabled by switching `kong.enabled` and `ingress.enabled`. +By default, GraphDB's Helm chart comes with a default Ingress. +The Ingress =can be disabled by switching `ingress.enabled` to false. ### Cloud deployments specifics @@ -414,13 +362,16 @@ Some cloud kubernetes clusters have some specifics that should be noted. Here ar ##### Google cloud -In Google's k8s cluster services, the root directory is not writable. By default GraphDB's chart uses `/data` directory to store instances data. +In Google's k8s cluster services, the root directory is not writable. By default, GraphDB's chart uses `/data` directory to store instances data. If you're using Google cloud, please change this path to something else, not located on the root level. +By default, the ingress used in the helm chart utilizes NGINX as ingress.class. +The easiest way to make it work inside the GKE is by deploying a NGINX ingress controller. Information on how that can be achieved can be found here: https://cloud.google.com/community/tutorials/nginx-ingress-gke + ##### Microsoft Azure We recommend not to use the Microsoft Azure storage of type `azurefile`. The write speeds of this storage type when used in a Kubernetes cluster is -not good enough for GraphDB and we recommend not to use it in production environments. +not good enough for GraphDB, and we recommend against using it in production environments. See https://github.com/Azure/AKS/issues/223 @@ -432,21 +383,21 @@ See https://helm.sh/docs/chart_template_guide/values_files/. - Preparing another *values.yaml*: ```bash -helm install graphdb-ee . -f overrides.yaml +helm install graphdb . -f overrides.yaml ``` - Overriding specific values: ```bash -helm install graphdb-ee . --set monitoring.enabled=false --set security.enabled=false +helm install graphdb . --set deployment.host=graphdb.local --set security.enabled=true ``` ### Deployment -Some of the important properties to update according to your deployment are: +Some important properties to update according to your deployment are: * `deployment.protocol` and `deployment.host` - configure the ingress -controller and some of components on which they are accessible. The `deployment.host` must be a +controller and some components on which they are accessible. The `deployment.host` must be a resolvable hostname and not an IP address. * `deployment.storage` configures components where to store their persistent data on the host system running the Kubernetes environment. @@ -468,113 +419,69 @@ about defining resource limits. ## Values -| Key | Type | Default | Description | -|-----|------|---------|-------------| -| global.imagePullSecrets | list | [] | List of additional image pull secrets. This will be concatenated with anything at a lower level | -| global.imageRegistry | string | docker.io | This is used as a global override for the image registry. If defined it takes precedence over `images.XYZ.registry` | -| global.storageClass | string | standard | Used as a default storage class when one is not provided explicitly at a lower level | -| global.deployment.host / global.ingressHost | string | Overrides the hostname at which graphdb will be exposed. The order of precedence is global.deplyment.host -> global.ingressHost -> deployment.host | - -| Key | Type | Default | Description | -|-----|------|---------|-------------| -| deployment.host | string | `"localhost"` | | -| deployment.imagePullPolicy | string | `"IfNotPresent"` | Defines the policy with which components will request their image. | -| deployment.ingress | object | `{"maxRequestSize":"512M","timeout":{"connect":5,"read":60,"send":60}}` | Ingress related configurations | -| deployment.ingress.maxRequestSize | string | `"512M"` | Sets the maximum size for all requests to the underlying Nginx | -| deployment.ingress.timeout | object | `{"connect":5,"read":60,"send":60}` | Default timeouts in seconds for the underlying Nginx. | -| deployment.protocol | string | `"http"` | The hostname and protocol at which the graphdb will be accessible. Needed to configure ingress as well as some components require it to properly render their UIs | -| deployment.storage | string | `"/data"` | The storage place where components will read/write their persistent data in case the default persistent volumes are used. They use the node's file system. | -| deployment.tls.enabled | bool | `false` | Feature toggle for SSL termination. Disabled by default. | -| deployment.tls.secretName | string | `nil` | Name of a Kubernetes secret object with the key and certificate. If TLS is enabled, it's required to be provided, depending on the deployment. | -| graphdb.backupRestore.auto_backup | string | `"*/5 * * * *"` | Cron Schedule for auto backup. Creates an automatic backup, stored in the graphdb-backup-pv (default folder - /data/graphdb-backups). The backups are saved in format MM-DD-YYYY-hh-mm in UTC! | -| graphdb.backupRestore.backup_max_age | string | `"2"` | Max number of days for backups. | -| graphdb.backupRestore.backups_count | string | `"2"` | Max number of backup dirs saved. | -| graphdb.backupRestore.cleanup_cron | string | `"*/2 * * * *"` | Cleans up the backups directory. Makes sure that there is a limit of the stored backups. Each or both of backups_count and backups_max_age could be used. | -| graphdb.backupRestore.enable_automatic_backups_cleanup | bool | `false` | Enables cleanup of the backups directory. WARNING!!! This can be used only by storage classes that have access mode ReadWriteMany because the backups PVC must be attached to a second pod. | -| graphdb.backupRestore.enable_backups | bool | `false` | Enable auto/manual backups. | -| graphdb.backupRestore.enable_restore | bool | `true` | Trigger restore at a given time from a given file. | -| graphdb.backupRestore.persistence.volumeClaimTemplateSpec.accessModes[0] | string | `"ReadWriteOnce"` | | -| graphdb.backupRestore.persistence.volumeClaimTemplateSpec.resources.requests.storage | string | `"10Gi"` | | -| graphdb.backupRestore.persistence.volumeClaimTemplateSpec.storageClassName | string | `"standard"` | | -| graphdb.backupRestore.repositories[0] | string | `"default"` | | -| graphdb.backupRestore.restore_from_backup | string | `"2021-06-24-12-59"` | The name of the backup directory we want to restore. Must be given in format YYYY-DD-MM-hh-mm, where YYYY-DD-MM-hh-mm is your backup directory. The backup directory name contains the repository name too, but it must be omitted here. | -| graphdb.backupRestore.restore_repository | string | `"default"` | The name of the repository we want to restore. | -| graphdb.backupRestore.trigger_backup | string | `""` | A future date at which we want to trigger a backup. Must be given in format YYYY-DD-MM hh:mm NOTE: UTC TIME IS USED! | -| graphdb.backupRestore.trigger_restore | string | `"2021-06-24 13:28"` | A future date at which we want to trigger a restore. Works only with a cluster with workers. For a standalone the restore is called from an init container. Must be given in format YYYY-DD-MM hh:mm NOTE: UTC TIME IS USED! | -| graphdb.clusterConfig.clusterSecret | string | `"s3cr37"` | A secret used for secure communication amongst the nodes in the cluster. | -| graphdb.clusterConfig.masterWorkerMapping | list | `["master-1 -> worker-1","master-1 -> worker-2","master-2 -> worker-3"]` | Describes how the masters and workers are linked in the format master-X -> worker-Y. Required only for 2m3w_muted topology. | -| graphdb.clusterConfig.mastersCount | int | `1` | | -| graphdb.clusterConfig.mutedMasters | list | `["master-2"]` | Describes which masters will be set as muted. Required only for 2m3w_muted topology. | -| graphdb.clusterConfig.readOnlyMasters | list | `["master-2"]` | Describes which masters will be set as read only. Required only for 2m3w_rw_ro topology. | -| graphdb.clusterConfig.syncPeersMapping | list | `["master-1 <-> master-2"]` | Describes which masters will be linked as sync peer. Required for 2m3w_rw_ro and 2m3w_muted topology. | -| graphdb.clusterConfig.workersCount | int | `2` | | -| graphdb.configs.jolokiaAccessConfigMap | string | `"graphdb-jolokia-access-configmap"` | Reference to a configmap used to overwrite the default GraphDB jolokia-access.xml, with an externally provided jolokia-access.xml. For reference see https://graphdb.ontotext.com/documentation/standard/configuring-graphdb.html -| graphdb.configs.logbackConfigMap | string | `"graphdb-logback-configmap"` | Reference to a configmap used to overwrite the default GraphDB logback.xml, with an externally provided logback.xml. For reference see https://graphdb.ontotext.com/documentation/standard/configuring-graphdb.html -| graphdb.configs.propertiesConfigMap | string | `"graphdb-properties-configmap"` | Reference to a configmap used to overwrite the default graphdb.properties, with an externally provided graphdb.properties. For reference see https://graphdb.ontotext.com/documentation/standard/configuring-graphdb.html -| graphdb.configs.settingsConfigMap | string | `"graphdb-settings-configmap"` | Reference to a configmap used to overwrite the default GraphDB settings.js, with an externally provided settings.js. Even if left to default if security is enabled the configmap will be used to enable GraphDB's security. For reference see https://graphdb.ontotext.com/documentation/standard/configuring-graphdb.html -| graphdb.configs.usersConfigMap | string | `"graphdb-users-configmap"` | Reference to a configmap used to overwrite the default GraphDB users.js, with an externally provided users.js. Even if left to default if security is enabled the configmap will be used to add a provisioning user. For reference see https://graphdb.ontotext.com/documentation/standard/configuring-graphdb.html -| graphdb.masters.java_args | string | `"-XX:MaxRAMPercentage=70 -XX:+UseContainerSupport -Ddefault.min.distinct.threshold=100m -Dgraphdb.home.work=/mnt/graphdb"` | Java arguments with which master instances will be launched. GraphDB configuration properties can also be passed here in the format -Dprop=value | -| graphdb.masters.license | string | `"graphdb-license"` | Reference to a secret containing 'graphdb.license' file to be used by master nodes. Can be set to "" (no license) if this GraphDB instance is used only with a "master" repository! Important: Must be created beforehand | -| graphdb.masters.nodes[0].java_args | string | `"-XX:MaxRAMPercentage=70 -XX:+UseContainerSupport -Ddefault.min.distinct.threshold=100m"` | | -| graphdb.masters.nodes[0].license | string | `"graphdb-license"` | | -| graphdb.masters.nodes[0].name | string | `"master-1"` | | -| graphdb.masters.persistence | object | `{"storage":"10G","storageClassName":"standard","volumeNamePrefix":"graphdb-default-master"}` | Persistence configurations. By default, Helm will use a PV that reads and writes to the host file system. | -| graphdb.masters.persistence.storage | string | `"10G"` | Storage size request for each master. The persistent volume has to be able to satisfy the size. | -| graphdb.masters.persistence.volumeNamePrefix | string | `"graphdb-default-master"` | Name reference of a persistent volume to which the claim will try to attach. If changed, the default PVs won't be used. Example result: graphdb-default-master-1-pv | -| graphdb.masters.repositoryConfigmap | string | `"graphdb-repo-default-configmap"` | Reference to a configuration map containing one or more .ttl files used for repository initialization in the post install hook. For reference see https://graphdb.ontotext.com/documentation/standard/configuring-a-repository.html | -| graphdb.masters.resources | object | `{"limits":{"memory":"1Gi"},"requests":{"memory":"1Gi"}}` | Below are minimum requirements for data sets of up to 50 million RDF triples For resizing, refer according to your GraphDB version documentation For EE see http://graphdb.ontotext.com/documentation/enterprise/requirements.html | -| graphdb.security.enabled | bool | `false` | | -| graphdb.security.provisioningPassword | string | `"iHaveSuperpowers"` | | -| graphdb.security.provisioningUsername | string | `"provisioner"` | | -| graphdb.tools | object | `{"loadrdf":{"flags":"-f","rdfDataFile":"geonames_europe.ttl","trigger":false},"persistence":{"storage":"10G","storageClassName":"standard"},"preload":{"flags":"-f","rdfDataFile":"geonames_europe.ttl","trigger":false},"resources":{"limits":{"memory":"10G"},"requests":{"memory":"10G"}},"storage_tool":{"command":"scan","options":"","repository":"repo-test-1","trigger":false}}` | Tools for loading, scanning and repairing data in repos | -| graphdb.tools.loadrdf | object | `{"flags":"-f","rdfDataFile":"geonames_europe.ttl","trigger":false}` | Tool to preload data in a chosen repo https://graphdb.ontotext.com/documentation/enterprise/loading-data-using-the-loadrdf-tool.html | -| graphdb.tools.loadrdf.flags | string | `"-f"` | Options to add to the command possible flags: -f, -p If you use the "-f" option, the tool will override the repository and could lose some data. | -| graphdb.tools.loadrdf.trigger | bool | `false` | If trigger is set to true, then the loadrdf tool will be run while initializing the deployment Don't forget to add repo config file(should be named config.ttl) and RDF data file to the graphdb-preload-data-pv (default pv is: /data/graphdb-worker-preload-data) | -| graphdb.tools.persistence.storage | string | `"10G"` | Storage size request for the preload/loadrdf pv. The persistent volume has to be able to satisfy the size. | -| graphdb.tools.preload | object | `{"flags":"-f","rdfDataFile":"geonames_europe.ttl","trigger":false}` | Tool to preload data in a chosen repo https://graphdb.ontotext.com/documentation/enterprise/loading-data-using-preload.html | -| graphdb.tools.preload.flags | string | `"-f"` | Options to add to the command possible flags: -f, -p, -r If you use the "-f" option, the tool will override the repository and could lose some data. | -| graphdb.tools.preload.trigger | bool | `false` | If trigger is set to true, then the preload tool will be run while initializing the deployment Don't forget to add repo config file(should be named config.ttl) and RDF data file to the graphdb-preload-data-pv (default pv is: /data/graphdb-worker-preload-data) | -| graphdb.tools.storage_tool | object | `{"command":"scan","options":"","repository":"repo-test-1","trigger":false}` | Tool for scanning and repairing data See https://graphdb.ontotext.com/documentation/enterprise/storage-tool.html | -| graphdb.tools.storage_tool.command | string | `"scan"` | commands to run the storage-tool with | -| graphdb.tools.storage_tool.options | string | `""` | additional options to run the storage-tool with | -| graphdb.tools.storage_tool.repository | string | `"repo-test-1"` | repo to run command on | -| graphdb.tools.storage_tool.trigger | bool | `false` | If trigger is set to true, then the storage tool will be run while initializing the deployment | -| graphdb.topology | string | `"1m_3w"` | Cluster topology to be used. Possible values: standalone, 1m_3w, 2m3w_rw_ro, 2m3w_muted. standalone - Launches single instance of GraphDB with a preconfigured worker repository. Masters and workers count is controlled by mastersCount and workersCount properties 1m_3w - 1 master and multiple workers. https://graphdb.ontotext.com/documentation/enterprise/ee/setting-up-a-cluster-with-one-master.html 2m3w_rw_ro - 2 masters, one of which is read only and multiple workers. https://graphdb.ontotext.com/documentation/enterprise/ee/setting-up-a-cluster-with-a-second-readonly-master.html 2m3w_muted - 2 masters, one of which is muted and multiple workers. https://graphdb.ontotext.com/documentation/enterprise/ee/setting-up-a-cluster-with-multiple-masters-with-dedicated-workers.html Note: If "standalone" is selected, the launched instance will use master-1 properties, but a worker repository will be created! | -| graphdb.workbench.subpath | string | `"/graphdb"` | This is the sub path at which GraphDB workbench can be opened. Should be configured in the API gateway (or any other proxy in front) | -| graphdb.workers.java_args | string | `"-XX:MaxRAMPercentage=70 -Ddefault.min.distinct.threshold=100m -XX:+UseContainerSupport"` | Java arguments with which worker instances will be launched. GraphDB configuration properties can also be passed here in the format -Dprop=value | -| graphdb.workers.license | string | `"graphdb-license"` | Reference to a secret containing 'graphdb.license' file to be used by worker nodes. This is a required secret without which GraphDB won't operate if you use SE/EE editions. Important: Must be created beforehand | -| graphdb.workers.nodes | list | `[{"license":"graphdb-license","name":"worker-1"},{"java_args":"-XX:MaxRAMPercentage=70 -Ddefault.min.distinct.threshold=100m -XX:+UseContainerSupport ","name":"worker-2"}]` | Specific GraphDB worker instances configurations. Supported properties for per node configuration are: license, java_args, graphdb_properties | -| graphdb.workers.persistence | object | `{"storage":"10G","storageClassName":"standard","volumeNamePrefix":"graphdb-default-worker"}` | Persistence configurations. By default, Helm will use a PV that reads and writes to the host file system. | -| graphdb.workers.persistence.storage | string | `"10G"` | Storage size request for each worker. The persistent volume has to be able to satisfy the size. | -| graphdb.workers.persistence.volumeNamePrefix | string | `"graphdb-default-worker"` | Name reference prefix of a persistent volume to which the claim will try to attach. If changed, the default PVs won't be used. Example result: graphdb-default-worker-1-pv | -| graphdb.workers.repositoryConfigmap | string | `"graphdb-worker-repo-default-configmap"` | Reference to a configuration map containing one or more .ttl files used for repository initialization in the post install hook. For reference see https://graphdb.ontotext.com/documentation/standard/configuring-a-repository.html | -| graphdb.workers.resources | object | `{"limits":{"memory":"1Gi"},"requests":{"memory":"1Gi"}}` | Below are minimum requirements for data sets of up to 50 million RDF triples For resizing, refer according to your GraphDB version documentation For EE see http://graphdb.ontotext.com/documentation/enterprise/requirements.html Note: Same as for the master node | -| graphdb.workers.topologySpreadConstraints | string | `nil` | | -| images.busybox | map | `{repository: busybox, tag: "1.31"}` | | -| images.graphdb | map | `{repository: ontotext/graphdb, tag: "9.9.0-ee"}` | | -| images.kong | map | `{repository: kong, tag: "2.1-alpine"}` | | -| ingress.enabled | bool | `true` | | -| kong.configmap | string | `"kong-configmap"` | Reference to a configuration map with Kong configurations as environment variables. Override if you need to further configure Kong's system. See https://docs.konghq.com/2.0.x/configuration/ | -| kong.enabled | bool | `true` | | -| kong.memCacheSize | string | `"64m"` | Memory cache size configuration for Kong in DB-less mode. Tune according to the given resource limits. See https://docs.konghq.com/2.0.x/configuration/#mem_cache_size | -| kong.nodeSelector | object | `{}` | | -| kong.port | object | `{"nodePort":31122}` | Overwrite if you want to deploy Kong on a non-standard port, such as instances where you want to have two different installations on the same hardware. | -| kong.resources.limits.memory | string | `"2048Mi"` | | -| kong.servicesConfigmap | string | `"kong-services-configmap"` | Reference to a configuration map containing declarative Kong configuration for services and routes. This is the DB-less config. See https://docs.konghq.com/1.5.x/db-less-admin-api/#declarative-configuration | -| kong.timeout | object | `{"connect":60000,"read":60000,"write":60000}` | Global timeout configurations for all services. Values are in milliseconds. | -| kong.workers | string | `"auto"` | Amount of Nginx worker processes. This affects how much memory will be consumed. The auto value will determine the workers based on the available CPUs | -| versions.api | string | `"apps/v1"` | | -| versions.configmap | string | `"v1"` | | -| versions.daemon | string | `"apps/v1"` | | -| versions.deployment | string | `"apps/v1"` | | -| versions.ingress | string | `"networking.k8s.io/v1"` | | -| versions.job | string | `"batch/v1"` | | -| versions.pv | string | `"v1"` | | -| versions.pvc | string | `"v1"` | | -| versions.secret | string | `"v1"` | | -| versions.service | string | `"v1"` | | -| versions.statefulset | string | `"apps/v1"` | | -| versions.volume | string | `"v1"` | | +| Key | Type | Default | Description | +|-------------------------|--------|-----------|---------------------------------------------------------------------------------------------------------------------| +| global.imagePullSecrets | list | [] | List of additional image pull secrets. This will be concatenated with anything at a lower level | +| global.imageRegistry | string | docker.io | This is used as a global override for the image registry. If defined it takes precedence over `images.XYZ.registry` | +| global.storageClass | string | standard | Used as a default storage class when one is not provided explicitly at a lower level | + +| Key | Type | Default | Description | +|---------------------------------------------------|--------|--------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| deployment.host | string | `"localhost"` | Overrides the hostname at which graphdb will be exposed. | +| deployment.imagePullPolicy | string | `"IfNotPresent"` | Defines the policy with which components will request their image. | +| deployment.ingress | object | `{"enabled":"true","class":"nginx","maxRequestSize":"512M","timeout":{"connect":5,"read":600,"send":600}}` | Ingress related configurations. | +| deployment.ingress.annotations | object | `{}` | Sets extra ingress annotations. | +| deployment.ingress.class | string | `nginx` | | +| deployment.ingress.enabled | bool | `true` | Toggle to enable or disable the external access to the kubernetes cluster. | +| deployment.ingress.maxRequestSize | string | `"512M"` | Sets the maximum size for all requests to the underlying Nginx. | +| deployment.ingress.timeout | object | `{"connect":5,"read":600,"send":600}` | Default timeouts in seconds for the underlying Nginx. | +| deployment.protocol | string | `"http"` | The hostname and protocol at which the graphdb will be accessible. Needed to configure ingress as well as some components require it to properly render their UIs. | +| deployment.storage | string | `"/data"` | The storage place where components will read/write their persistent data in case the default persistent volumes are used. They use the node's file system. | +| deployment.tls.enabled | bool | `false` | Feature toggle for SSL termination. Disabled by default. | +| deployment.tls.secretName | string | `nil` | Name of a Kubernetes secret object with the key and certificate. If TLS is enabled, it's required to be provided, depending on the deployment. | +| graphdb.clusterConfig.clusterCreationTimeout | int | `60` | Timeout for the cluster creation CURL query. # Note: By default helm waits for Kubernetes commands to complete for 5 minutes. You can increase that by adding "--timeout 10m" to the helm command. | +| graphdb.clusterConfig.clusterSecret | string | `"s3cr37"` | A secret used for secure communication amongst the nodes in the cluster. | +| graphdb.clusterConfig.electionMinTimeout | int | `7000` | The minimum wait time in milliseconds for a heartbeat from a leader. | +| graphdb.clusterConfig.electionRangeTimeout | int | `5000` | The variable portion of each waiting period in milliseconds for a heartbeat. | +| graphdb.clusterConfig.heartbeatInterval | int | `2000` | The interval in milliseconds between each heartbeat that is sent to follower nodes by the leader. | +| graphdb.clusterConfig.messageSize | int | `64` | The size of the data blocks transferred during data replication streaming through the RPC protocol. | +| graphdb.clusterConfig.nodesCount | int | `1` | Number of GraphDB nodes to be used in the cluster. Set value to `1` to run a standalone GraphDB instance. | +| graphdb.clusterConfig.verificationTimeout | int | `1500` | The amount of time in milliseconds a follower node would wait before attempting to verify the last committed entry when the first verification is unsuccessful. | +| graphdb.clusterProxy.livenessProbe | object | `{"httpGet":{"path":{"/proxy/health","port":"gdb-proxy-port"},"initialDelaySeconds":60,"timeoutSeconds":5,"periodSeconds":10}` | Configurations for the GraphDB cluster proxy liveness probe. Misconfigured probe can lead to a failing cluster. | +| graphdb.clusterProxy.readinessProbe | object | `{"httpGet":{"path":{"/proxy/ready","port":"gdb-proxy-port"},"initialDelaySeconds":20,"timeoutSeconds":5,"periodSeconds":10}` | Configurations for the GraphDB cluster proxy readiness probe. Misconfigured probe can lead to a failing cluster. | +| graphdb.clusterProxy.replicas | int | `1` | Number of cluster proxies used to access the GraphDB cluster | +| graphdb.clusterProxy.resources | object | `{"limits":{"memory":"1Gi","cpu":"500m"},"requests":{"memory":"1Gi","cpu":"500m"}}` | Minimum requirements for a successfully running GraphDB cluster proxy | +| graphdb.clusterProxy.startupProbe | object | `{"httpGet":{"path":{"/protocol","port":"gdb-proxy-port"},"initialDelaySeconds":30,"timeoutSeconds":5,"periodSeconds":10}` | Configurations for the GraphDB cluster proxy startup probe. Misconfigured probe can lead to a failing cluster. | +| graphdb.clusterProxy.java_args | string | `"-XX:MaxRAMPercentage=70 -Ddefault.min.distinct.threshold=100m -XX:+UseContainerSupport"` | Java arguments with which cluster proxy instances will be launched. Configuration properties can also be passed here in the format -Dprop=value | +| graphdb.configs.logbackConfigMap | string | `"graphdb-logback-configmap"` | Reference to a configmap used to overwrite the default GraphDB logback.xml, with an externally provided logback.xml. For reference see https://graphdb.ontotext.com/documentation/10.0-M3/configuring-graphdb.html | +| graphdb.configs.propertiesConfigMap | string | `"graphdb-properties-configmap"` | Reference to a configmap used to overwrite the default graphdb.properties, with an externally provided graphdb.properties. For reference see https://graphdb.ontotext.com/documentation/10.0-M3/configuring-graphdb.html | +| graphdb.configs.settingsConfigMap | string | `"graphdb-settings-configmap"` | Reference to a configmap used to overwrite the default GraphDB settings.js, with an externally provided settings.js. Even if left to default if security is enabled the configmap will be used to enable GraphDB's security. For reference see https://graphdb.ontotext.com/documentation/10.0-M3/configuring-graphdb.html | +| graphdb.configs.usersConfigMap | string | `"graphdb-users-configmap"` | Reference to a configmap used to overwrite the default GraphDB users.js, with an externally provided users.js. Even if left to default if security is enabled the configmap will be used to add a provisioning user. For reference see https://graphdb.ontotext.com/documentation/10.0-M3/configuring-graphdb.html | +| graphdb.node.java_args | string | `"-XX:MaxRAMPercentage=70 -Ddefault.min.distinct.threshold=100m -XX:+UseContainerSupport"` | Java arguments with which node instances will be launched. GraphDB configuration properties can also be passed here in the format -Dprop=value | +| graphdb.node.license | string | `` | Reference to a secret containing 'graphdb.license' file to be used by the cluster nodes. This is a required secret without which GraphDB won't operate in a cluster. Important: Must be created beforehand | +| graphdb.node.livenessProbe | object | `{"httpGet":{"path":{"/protocol","port":"graphdb"},"initialDelaySeconds":60,"timeoutSeconds":5,"periodSeconds":10}` | Configurations for the GraphDB node liveness probe. Misconfigured probe can lead to a failing cluster. | +| graphdb.node.persistence.volumeClaimTemplateSpec | object | `{"accessModes":"- ReadWriteOnce","resources":{"requests":{"storage":"5Gi"}}` | VolumeClaimTemplateSpec | +| graphdb.node.readinessProbe | object | `{"httpGet":{"path":{"/protocol","port":"graphdb"},"initialDelaySeconds":5,"timeoutSeconds":5,"periodSeconds":10}` | Configurations for the GraphDB node readiness probe. Misconfigured probe can lead to a failing cluster. | +| graphdb.node.resources | object | `{"limits":{"memory":"2Gi","cpu":"2000m"},"requests":{"memory":"2Gi","cpu":"2000m"}}` | Minimum requirements for data sets of up to 50 million RDF triples. For resizing, refer according to the GraphDB documentation. See http://graphdb.ontotext.com/documentation/10.0-M3/requirements.html | +| graphdb.node.startupProbe | object | `{"httpGet":{"path":{"/protocol","port":"graphdb"},"initialDelaySeconds":30,"timeoutSeconds":5,"periodSeconds":10}` | Configurations for the GraphDB node startup probe. Misconfigured probe can lead to a failing cluster. | +| graphdb.security.enabled | bool | `false` | | +| graphdb.security.provisioningPassword | string | `"iHaveSuperpowers"` | | +| graphdb.security.provisioningUsername | string | `"provisioner"` | | | +| graphdb.workbench.subpath | string | `"/graphdb"` | This is the sub path at which GraphDB workbench can be opened. Should be configured in the API gateway (or any other proxy in front) | +| images.busybox | map | `{repository: busybox, tag: "1.31"}` | | +| images.graphdb | map | `{repository: ontotext/graphdb, tag: "10.0.0"}` | | +| versions.api | string | `"apps/v1"` | | +| versions.configmap | string | `"v1"` | | +| versions.daemon | string | `"apps/v1"` | | +| versions.deployment | string | `"apps/v1"` | | +| versions.ingress | string | `"networking.k8s.io/v1"` | | +| versions.job | string | `"batch/v1"` | | +| versions.pv | string | `"v1"` | | +| versions.pvc | string | `"v1"` | | +| versions.secret | string | `"v1"` | | +| versions.service | string | `"v1"` | | +| versions.statefulset | string | `"apps/v1"` | | +| versions.volume | string | `"v1"` | | ---------------------------------------------- Autogenerated from chart metadata using [helm-docs v1.5.0](https://github.com/norwoodj/helm-docs/releases/v1.5.0) @@ -585,7 +492,7 @@ Autogenerated from chart metadata using [helm-docs v1.5.0](https://github.com/no To remove the deployed GraphDB, use: ```bash -helm uninstall graphdb-ee +helm uninstall graphdb ``` **Note**: It is important to note that this will not remove any data, so the next time it @@ -609,6 +516,6 @@ https://kubernetes.io/docs/tasks/administer-cluster/dns-debugging-resolution/. ## Maintainers -| Name | Email | Url | -| ---- | ------ | --- | -| Ontotext GraphDB team | graphdb-support@ontotext.com | | +| Name | Email | Url | +|-------------------------|------------------------------|-----| +| Ontotext GraphDB team | graphdb-support@ontotext.com | | diff --git a/files/config/cluster-config.json b/files/config/cluster-config.json new file mode 100644 index 00000000..4660fd19 --- /dev/null +++ b/files/config/cluster-config.json @@ -0,0 +1,13 @@ +{ + "electionMinTimeout": {{ $.Values.graphdb.clusterConfig.electionMinTimeout }}, + "electionRangeTimeout": {{ $.Values.graphdb.clusterConfig.electionRangeTimeout }}, + "heartbeatInterval": {{ $.Values.graphdb.clusterConfig.heartbeatInterval }}, + "messageSize": {{ $.Values.graphdb.clusterConfig.messageSize }}, + "verificationTimeout": {{ $.Values.graphdb.clusterConfig.verificationTimeout }}, + "nodes": [ + {{- range $i, $node_index := until ( (int $.Values.graphdb.clusterConfig.nodesCount) )}} + "graphdb-node-{{ $node_index }}.graphdb-node.{{ $.Release.Namespace }}.svc.cluster.local:7300"{{- if gt (sub (int $.Values.graphdb.clusterConfig.nodesCount) 1 ) $node_index }}, + {{- end }} + {{- end }} + ] +} diff --git a/files/config/graphdb-repo.default.ttl b/files/config/graphdb-repo.default.ttl deleted file mode 100644 index 7fbf27bd..00000000 --- a/files/config/graphdb-repo.default.ttl +++ /dev/null @@ -1,54 +0,0 @@ -# -# RDF4J configuration template for a GraphDB EE worker repository -# -@prefix rdfs: . -@prefix rep: . -@prefix sr: . -@prefix sail: . -@prefix graphdb: . -@prefix shacl: . - -[] a rep:Repository ; - rep:repositoryID "default" ; - rdfs:label "GraphDB worker for default" ; - rep:repositoryImpl [ - rep:repositoryType "graphdb:SailRepository" ; - sr:sailImpl [ - sail:sailType "rdf4j:ShaclSail"; - shacl:validationEnabled "true" ; - shacl:logValidationPlans "false" ; - shacl:logValidationViolations "false" ; - shacl:parallelValidation "true" ; - shacl:globalLogValidationExecution "false" ; - shacl:cacheSelectNodes "true" ; - shacl:undefinedTargetValidatesAllSubjects "false" ; - shacl:ignoreNoShapesLoadedException "false" ; - shacl:performanceLogging "false" ; - shacl:rdfsSubClassReasoning "true" ; - shacl:shaclAdvancedFeatures "true" ; - shacl:dashDataShapes "true" ; - sail:delegate [ - sail:sailType "graphdb:Sail"; - graphdb:owlim-license "" ; - graphdb:base-URL "http://example.org/owlim#" ; - graphdb:defaultNS "" ; - graphdb:entity-index-size "10000000" ; - graphdb:entity-id-size "32" ; - graphdb:imports "" ; - graphdb:repository-type "file-repository" ; - graphdb:ruleset "rdfsplus-optimized" ; - graphdb:storage-folder "storage" ; - graphdb:enable-context-index "false" ; - graphdb:enablePredicateList "true" ; - graphdb:in-memory-literal-properties "true" ; - graphdb:enable-literal-index "true" ; - graphdb:check-for-inconsistencies "false" ; - graphdb:disable-sameAs "true" ; - graphdb:query-timeout "0" ; - graphdb:query-limit-results "0" ; - graphdb:throw-QueryEvaluationException-on-timeout "false" ; - graphdb:read-only "false" ; - graphdb:nonInterpretablePredicates "http://www.w3.org/2000/01/rdf-schema#label;http://www.w3.org/1999/02/22-rdf-syntax-ns#type;http://www.ontotext.com/owlim/ces#gazetteerConfig;http://www.ontotext.com/owlim/ces#metadataConfig" ; - ] - ] - ]. diff --git a/files/config/graphdb.properties b/files/config/graphdb.properties index e191cd29..a2ce2e96 100644 --- a/files/config/graphdb.properties +++ b/files/config/graphdb.properties @@ -42,6 +42,12 @@ # graphdb.home.work = # # +# GraphDB external plugins directory. This can be used to add +# additional external plugins outside the distribution's lib/plugins directory. +# +# graphdb.extra.plugins = +# +# # Graphdb global page cache memory parameter. By default the page cache will # allocate 50% of the maximum Java heap memory (-Xmx) for the JVM process. # Setting this value too high will cause OME during the execution of memory intensive queries. @@ -146,6 +152,12 @@ # OpenID issuer URL, used to derive keys, endpoints and token validation. No default value. # graphdb.auth.openid.issuer = https://accounts.example.com # +# OpenID well-known config URL, used to fetch the OpenID configuration of the OpenID provider. +# The default value will be derived by appending /.well-known/openid-configuration to the issuer URL. +# Use this setting if your OpenID does not conform to the specification and the well-known config is +# served on a different URL than the default standard-mandated value. +# graphdb.auth.openid.well_known_config_url = https://openid.example.com/custom/.well-known/openid-configuration +# # OpenID client ID, used to authenticate and validate tokens. No default value. # graphdb.auth.openid.client_id = my-client-id # @@ -166,12 +178,22 @@ # OpenID expected audience in tokens, used to validate tokens. The default value is the same as the client ID. # graphdb.auth.openid.token_audience = my-audience # +# OpenID extra scopes to request. Multiple scopes can be specified by separating them with a space. +# By default GraphDB requests only the 'openid' scope and, if supported, the 'offline_access' scope. +# Scopes are used to request sets of claims, e.g. you might need to set this to a provider-specific value +# in order to obtain the username_name or the roles_claim (if using OAuth as well). The default value is empty. +# graphdb.auth.openid.extra_scopes = profile email +# # OpenID extra parameters for the authorize endpoint. Some OpenID providers require additional parameters sent # to the authorize endpoint (e.g. resource=xxx). This is a URL encoded string where each parameter-value pair # is delimited by &. The string will be appended to the rest of the authorize URL parameters. # The default value is the empty string. # graphdb.auth.openid.authorize_parameters = param1=value%201¶m2=value%202 # +# OpenID Oracle identity domain. Oracle Access Manager has a non-standard OpenID implementation that requires +# an additional parameter: the Oracle identity domain name. If you use OAM set this to your identity domain name. +# graphdb.auth.openid.oracle_domain = my-oracle-domain +# # OpenID use GraphDB as proxy for the JWKS URL and token endpoints. This can be used to bypass an OpenID provider # without a proper CORS configuration. The value is a boolean true/false. False by default. # graphdb.auth.openid.proxy = false @@ -187,6 +209,10 @@ # Enable OAuth authorization. The default value is 'local' corresponding to local users. # graphdb.auth.database = oauth # +# Set case-insensitive validation for user accounts so that users can log in regardless of the case used at login time. +# The default value is false. +# graphdb.auth.database.case_insensitive = false +# # OpenID issuer URL, used to derive keys, endpoints and token validation. No default value. # graphdb.auth.openid.issuer = https://accounts.example.com # @@ -227,6 +253,10 @@ # The prefix will be stripped when the roles are mapped. The default value is the empty string. # graphdb.auth.oauth.roles_prefix = GDB_ # +# OAuth roles suffix to strip. The roles claim may provide the GraphDB roles with some suffix, e.g. ROLE_USER_GDB. +# The suffix will be stripped when the roles are mapped. The default value is the empty string. +# graphdb.auth.oauth.roles_suffix = ROLE_USER_GDB +# # OAuth default roles to assign. It may be convenient to always assign certain roles without listing them in the roles # claim. The value is a comma-delimited list of GraphDB roles. The default value is the empty list. # @@ -241,7 +271,7 @@ # graphdb.auth.database = ldap # graphdb.auth.ldap.url = ldap://localhost:10389/dc=example,dc=org -# Permit access for all users that are part of the “people” unit of the fictional “example.org” organisation. +# Permit access for all users that are part of the \u201Cpeople\u201D unit of the fictional \u201Cexample.org\u201D organisation. # # graphdb.auth.ldap.user.search.base = ou=people # graphdb.auth.ldap.user.search.filter = (cn={0}) @@ -329,3 +359,15 @@ # the request it will be generated randomly in UUID type 5 format. # # graphdb.append.request.id.headers = true + +###### HEAP DUMPS ###### +# +# GraphDB can dump the heap on out of memory errors in order to provide insight to the cause +# for excessive memory usage. +# +# Enable or disable the heap dump (enabled by default) +# graphdb.heapdump.enable = true +# +# File to write the heap dump to, by default this is the file heapdump.hprof in the configured logs directory. +# See also the properties graphdb.home and graphdb.home.logs. +# graphdb.heapdump.path = diff --git a/files/config/jolokia-access.xml b/files/config/jolokia-access.xml deleted file mode 100644 index 502c73f7..00000000 --- a/files/config/jolokia-access.xml +++ /dev/null @@ -1,51 +0,0 @@ - - - - - - read - list - version - search - - - - java.lang:type=Memory - * - gc - - - ReplicationCluster:* - * - * - - - Tomcat:* - * - * - - - ch.qos.logback.classic:* - * - * - - - com.ontotext:* - * - * - - - java.util.logging:type=Logging - * - * - - - - - - jolokia:* - * - * - - - diff --git a/files/config/kong.dbless.yaml b/files/config/kong.dbless.yaml deleted file mode 100644 index 2b6e37c1..00000000 --- a/files/config/kong.dbless.yaml +++ /dev/null @@ -1,66 +0,0 @@ -# Some notes before digging into this configuration -# This is Kong's DB less configuration, i.e. this work without a database. -# The configuration is static and Kong cannot be customized without providing a new declarative configuration. -# See more at https://docs.konghq.com/2.0.x/db-less-and-declarative-config/ -# -# This file is prepared for Helm chart templates. -# See https://helm.sh/docs/chart_template_guide/control_structures/ -# -# Note: to validate this configuration without running the chart, use -# docker run -it --rm -v $(pwd):/tmp/files -e KONG_DATABASE=off kong:2.1-alpine kong config parse /tmp/files/kong.dbless.yaml - -_format_version: "1.1" - -plugins: - # Refer to https://docs.konghq.com/hub/kong-inc/correlation-id/ - # This is configured to trigger for all services/routes and to return it to the client. - - name: correlation-id - config: - # Match the one used by semantic objects - header_name: X-Request-ID - generator: uuid - # Make Kong return the header to the clients - echo_downstream: true - -services: - - name: graphdb-master-1 - url: http://graphdb-master-1:7200 - connect_timeout: {{ .Values.kong.timeout.connect }} - read_timeout: {{ .Values.kong.timeout.read }} - write_timeout: {{ .Values.kong.timeout.write }} - routes: - - name: graphdb-master-1 - paths: ["/graphdb"] - methods: ["GET", "POST", "PUT", "DELETE"] - strip_path: true - preserve_host: false - - # {{ range $i, $master_index := untilStep 2 (add1 $.Values.graphdb.clusterConfig.mastersCount | int) 1 }} - - name: graphdb-master-{{ $master_index }} - url: http://graphdb-master-{{ $master_index }}:7200 - connect_timeout: {{ $.Values.kong.timeout.connect }} - read_timeout: {{ $.Values.kong.timeout.read }} - write_timeout: {{ $.Values.kong.timeout.write }} - routes: - - name: graphdb-master-{{ $master_index }} - paths: ["/graphdb-master-{{ $master_index }}"] - methods: ["GET", "POST", "PUT", "DELETE"] - strip_path: true - preserve_host: false - # {{ end }} - - # {{ if ne .Values.graphdb.topology "standalone" }} - # {{ range $i, $worker_index := untilStep 1 (add1 $.Values.graphdb.clusterConfig.workersCount | int) 1 }} - - name: graphdb-worker-{{ $worker_index }} - url: http://graphdb-worker-{{ $worker_index }}:7200 - connect_timeout: {{ $.Values.kong.timeout.connect }} - read_timeout: {{ $.Values.kong.timeout.read }} - write_timeout: {{ $.Values.kong.timeout.write }} - routes: - - name: graphdb-worker-{{ $worker_index }} - paths: ["/graphdb-worker-{{ $worker_index }}"] - methods: ["GET", "POST", "PUT", "DELETE"] - strip_path: true - preserve_host: false - # {{ end }} range - # {{ end }} cluster diff --git a/files/config/logback.xml b/files/config/logback.xml index 9e85401a..3d62809f 100644 --- a/files/config/logback.xml +++ b/files/config/logback.xml @@ -80,33 +80,6 @@ - - - - ${logDestinationDirectory}/enterprise-log-%d{yyyy-MM-dd}.log - ${keepLogDays} - ${logMaxSize} - true - - - ${defaultPattern} - ${encoding} - - - - - - ${logDestinationDirectory}/http-log-%d{yyyy-MM-dd}.log - ${keepLogDays} - ${logMaxSize} - true - - - ${defaultPattern} - ${encoding} - - - ${logDestinationDirectory}/query-log-%d{yyyy-MM-dd}.log @@ -151,45 +124,26 @@ - - - - - + - - - - - - - - - - - - - - - @@ -207,45 +161,6 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/files/config/master.default.ttl b/files/config/master.default.ttl deleted file mode 100644 index fe02fdf1..00000000 --- a/files/config/master.default.ttl +++ /dev/null @@ -1,15 +0,0 @@ -# -# RDF4J configuration template for a GraphDB EE worker repository -# -@prefix rdfs: . -@prefix rep: . -@prefix sr: . -@prefix sail: . -@prefix owlim: . - -[] a rep:Repository ; - rep:repositoryID "default" ; - rdfs:label "GraphDB master for default" ; - rep:repositoryImpl [ - rep:repositoryType "owlim:ReplicationCluster" ; - ]. diff --git a/files/config/settings.js b/files/config/settings.js index 3f27e802..1fd2365f 100644 --- a/files/config/settings.js +++ b/files/config/settings.js @@ -6,14 +6,5 @@ "security.enabled" : true, {{- end }} "current.location" : "" - }, - "locations" : { - "" : { - "location" : "", - "authType" : "none", - "password" : null, - "username" : null, - "defaultRepository" : null - } } } diff --git a/files/scripts/backup.sh b/files/scripts/backup.sh deleted file mode 100644 index 82846a05..00000000 --- a/files/scripts/backup.sh +++ /dev/null @@ -1,59 +0,0 @@ -#!/usr/bin/env bash -repo_name=$1 -topology=$2 - -function waitService { - address=$1 - - attempt_counter=0 - max_attempts=10 - - echo "Waiting for ${address}" - until $(curl -sSL --output /dev/null --fail ${address}); do - if [[ ${attempt_counter} -eq ${max_attempts} ]];then - echo "Max attempts for ${address} reached" - exit 1 - fi - - printf '.' - attempt_counter=$(($attempt_counter+1)) - sleep 5 - done -} - -waitService http://graphdb-master-1:7200/rest/repositories/${repo_name}/size - -currentDate=$(date +'%Y-%m-%d-%H-%M') -backupDir="${repo_name}-${currentDate}" - -i=0 -if [ ${topology} == 'standalone' ] -then - while [ $i -lt 3 ] - do - curl -o response.json -sSL -H 'content-type: application/json' -d "{\"type\":\"exec\",\"mbean\":\"com.ontotext:type=OwlimRepositoryManager,name=\\\"Repository (/opt/graphdb/home/data/repositories/$repo_name/storage/)\\\"\",\"operation\":\"createZipBackup\",\"arguments\":[\"$backupDir\"]}" http://graphdb-master-1:7200/jolokia/ - if grep -q '"status":200' "response.json"; then - echo "Successfully made a backup for repository ${repo_name} in folder ${backupDir}!" - break - else - echo "Curl command failed, response was:" - cat response.json - sleep 5 - fi - i=$((i+1)) - done -else - while [ $i -lt 3 ] - do - curl -o response.json -sSL -H 'content-type: application/json' -d "{\"type\":\"exec\", \"mbean\":\"ReplicationCluster:name=ClusterInfo\/${repo_name}\", \"operation\":\"backup\", \"arguments\":[\"${backupDir}\"]}" http://graphdb-master-1:7200/jolokia/ - if grep -q '"status":200' "response.json"; then - echo "Successfully made a backup for repository ${repo_name} in folder ${backupDir}!" - break - else - echo "Curl command failed, response was:" - cat response.json - sleep 5 - fi - i=$((i+1)) - done -fi diff --git a/files/scripts/deleteBackup.sh b/files/scripts/deleteBackup.sh deleted file mode 100755 index a3671c70..00000000 --- a/files/scripts/deleteBackup.sh +++ /dev/null @@ -1,23 +0,0 @@ -backup_dir=$1 -repository_name=$2 -backups_max_count=$3 -backup_days_max_count=$4 - -echo "Number of dirs: $(ls $backup_dir | grep $repository_name | wc -w) in $backup_dir" - -if [ ! -z $backup_days_max_count ] && [ ! -z $(find $backup_dir -maxdepth 1 -mindepth 1 -type d -mtime +$backup_days_max_count -name "$repository_name*") ] -then - echo "Removing backups $(find ${backup_dir} -maxdepth 1 -mindepth 1 -type d -mtime +${backup_days_max_count} -name "$repository_name*")" - find ${backup_dir} -maxdepth 1 -mindepth 1 -type d -mtime +${backup_days_max_count} -name "$repository_name*" -exec rm -rf {} \; - echo "Successfully removed old backups for repository $repository_name" -fi - -if [ ! -z ${backups_max_count} ] -then - while [ $( ls ${backup_dir} | wc -w) -gt ${backups_max_count} ] - do - toDel=$( find ${backup_dir} -maxdepth 1 -mindepth 1 -type d -name "$repository_name*" -exec stat -c '%X %n' {} \; | sort -nr | tail -n 1 | cut -d ' ' -f2 ) - echo "Removing ${toDel}" - rm -rf "${toDel}" - done -fi diff --git a/files/scripts/graphdb.sh b/files/scripts/graphdb.sh index 04df3f96..ff7162c1 100755 --- a/files/scripts/graphdb.sh +++ b/files/scripts/graphdb.sh @@ -1,7 +1,42 @@ #!/usr/bin/env bash - set -eu +function createCluster { + waitAllNodes $1 $3 + local configLocation=$2 + local timeout=$4 + echo "Creating cluster" + curl -o response.json -isSL -m $timeout -X POST --header 'Content-Type: application/json' --header 'Accept: */*' -d @"$configLocation" http://graphdb-node-0.graphdb-node:7200/rest/cluster/config + if grep -q 'HTTP/1.1 201' "response.json"; then + echo "Cluster creation successful!" + else if grep -q 'Cluster already exists.\|HTTP/1.1 409' "response.json" ; then + echo "Cluster already exists" + else + echo "Cluster creation failed, received response:" + cat response.json + echo + exit 1 + fi + fi +} + +function updateCluster { +#curl to leader/loadBalancer to update cluster +echo "Not implemented yet." +} + +function deleteCluster { + curl -o response.json -isSL -m 15 -X DELETE --header 'Accept: */*' 'http://graphdb-node:7200/rest/cluster/config?force=false' + if grep -q 'HTTP/1.1 200' "response.json"; then + echo "Cluster deletion successful!" + else + echo "Cluster deletion failed, received response:" + cat response.json + echo + exit 1 + fi +} + function waitService { local address=$1 local token=$2 @@ -17,271 +52,20 @@ function waitService { fi printf '.' - attempt_counter=$(($attempt_counter+1)) + attempt_counter=$((attempt_counter+1)) sleep 5 done } -function waitMasters { - local masters_count=$1 - local master_repo=$2 - local token=$3 - - for (( c=1; c<=$masters_count; c++ )) - do - master_address=http://graphdb-master-$c:7200 - waitService "${master_address}/rest/repositories" $token - waitService "${master_address}/rest/repositories/${master_repo}/size" $token - waitService "${master_address}/rest/cluster/masters/${master_repo}" $token - done -} - -function waitWorkers { - local workers_count=$1 - local workers_repo=$2 - local token=$3 - - for (( c=1; c<=$workers_count; c++ )) - do - local workers_address=http://graphdb-worker-$c:7200 - waitService "${workers_address}/rest/repositories" $token - waitService "${workers_address}/rest/repositories/${workers_repo}/size" $token - done -} - -function linkWorkerToMaster { - local master_address=http://$1:7200 - local master_repo=$2 - local worker_address=http://$3:7200 - local worker_repository=$4 - local token=$5 - - local worker_repo_endpoint="${worker_address}/repositories/${worker_repository}" - waitService "${worker_address}/rest/repositories" $token - waitService "${worker_address}/rest/repositories/${worker_repository}/size" $token - - waitService "${master_address}/rest/repositories" $token - waitService "${master_address}/rest/repositories/${worker_repository}/size" $token - - addInstanceAsRemoteLocation $1 $3 $token - - echo "Linking worker with repo endpoint ${worker_repo_endpoint}" - curl -o response.json -sSL -m 5 -X POST -H "Authorization: Basic ${token}" ${master_address}/jolokia/ \ - --header 'Content-Type: multipart/form-data' \ - --data-raw "{ - \"type\": \"exec\", - \"mbean\": \"ReplicationCluster:name=ClusterInfo/${master_repo}\", - \"operation\": \"addClusterNode\", - \"arguments\": [ - \"${worker_repo_endpoint}\", 0, true - ] - }" - if grep -q '"status":200' "response.json"; then - echo "Linking successfull for worker $worker_address" - else - echo "Linking failed for worker ${worker_address} received response:" - cat response.json - exit 1 - fi - - echo "Worker linked successfully!" -} - -function setInstanceReadOnly { - local instance_address=http://$1:7200 - local repository=$2 - local token=$3 - - echo "Setting instance $instance_address as readonly" - - curl -o response.json -sSL -m 5 -H 'content-type: application/json' -H "Authorization: Basic $token" -d "{\"type\":\"write\",\"mbean\":\"ReplicationCluster:name=ClusterInfo\/$repository\",\"attribute\":\"ReadOnly\",\"value\":true}" $instance_address/jolokia - - if grep -q '"status":200' "response.json"; then - echo "Successfully set instance $instance_address as read only" - else - echo "Failed setting instance read only $instance_address received response:" - cat response.json - exit 1 - fi -} - -function setInstanceMuted { - local instance_address=http://$1:7200 - local repository=$2 - local token=$3 - - echo "Setting instance $instance_address as muted" - - curl -o response.json -sSL -m 5 -H 'content-type: application/json' -H "Authorization: Basic $token" -d "{\"type\":\"write\",\"mbean\":\"ReplicationCluster:name=ClusterInfo\/$repository\",\"attribute\":\"Mode\",\"value\":\"MUTE\"}" $instance_address/jolokia/ - - if grep -q '"status":200' "response.json"; then - echo "Successfully set instance $instance_address as muted" - else - echo "Failed setting instance muted $instance_address received response:" - cat response.json - exit 1 - fi -} - -function addInstanceAsRemoteLocation { - local master_address=http://$1:7200 - local worker_address=http://$2:7200 - local token=$3 - local username=$(echo $token | base64 -d | cut -d':' -f1) - local password=$(echo $token | base64 -d | cut -d':' -f2) - - echo "Adding worker $worker_address as remote location of $master_address" - echo "${username} -> pass ${password}" - echo "{\"uri\":\"${worker_address}\",\"username\":\"${username}\", \"authType\":\"basic\", \"password\":\"${password}\", \"active\":\"false\"}" - curl ${master_address}/rest/locations -sSL -m 5 -o response.json -H "Authorization: Basic $token" -H 'Content-Type:application/json' -H 'Accept: application/json, text/plain, */*' --data-raw "{\"uri\":\"${worker_address}\", \"username\":\"${username}\", \"authType\":\"basic\", \"password\":\"${password}\", \"active\":\"false\"}" - - if grep -q 'Success\|connected' "response.json"; then - echo "Successfully added $worker_address as remote location of $master_address" - else - echo "Failed adding instance $worker_address as remote location of $master_address received response:" - cat response.json - exit 1 - fi -} - -function setSyncPeer { - local instance1_address=http://$1:7200 - local instance2_address=http://$3:7200 - local instance1_repository=$2 - local instance2_repository=$4 - local token=$5 - - addInstanceAsRemoteLocation $1 $3 $token - - echo "Setting $instance2_address as sync peer for $instance1_address" - - curl -o response.json -sSL -m 5 -H 'content-type: application/json' -H "Authorization: Basic $token" -d "{\"type\":\"exec\",\"mbean\":\"ReplicationCluster:name=ClusterInfo\/$instance1_repository\",\"operation\":\"addSyncPeer\",\"arguments\":[\"$instance2_address/repositories/$instance2_repository\",\"$instance2_address/repositories/$instance2_repository\"]}" $instance1_address/jolokia/ - if grep -q '"status":200' "response.json"; then - echo "Successfully set sync peer between $instance1_address and $instance2_address" - else - echo "Failed setting sync peer between $instance1_address and $instance2_address received response:" - cat response.json - exit 1 - fi - - setNodeID $1 $2 $token - setNodeID $3 $4 $token -} - -function linkAllWorkersToMaster { - local worker_repository=$4 - local master_repo=$2 - local workers_count=$3 - local token=$5 - - for (( c=1; c<=$workers_count; c++ )) - do - local worker_address=graphdb-worker-$c - linkWorkerToMaster $1 $master_repo $worker_address $worker_repository $token - done - - echo "Cluster linked successfully!" -} - -function unlinkWorker { - local master_repo=$1 - local master_address=$2 - local worker_address=$3 - local worker_repo=$4 - local token=$5 - - echo "Unlinking $worker_address from $master_address" - curl -X 'DELETE' "http://$master_address:7200/graphdb/rest/cluster/masters/$master_repo/workers?masterLocation=local" -sSL -m 5 -H "Authorization: Basic $token" --data-urlencode "workerURL=http://$worker_address:7200/repositories/$worker_repo" - curl -o response.json -H 'content-type: application/json' -sSL -m 5 -H "Authorization: Basic $token" -d "{\"type\":\"exec\",\"mbean\":\"ReplicationCluster:name=ClusterInfo\/$instance1_repository\",\"operation\":\"addSyncPeer\",\"arguments\":[\"$instance2_address/repositories/$instance2_repository\",\"$instance2_address/repositories/$instance2_repository\"]}" $instance1_address/jolokia/ - if grep -q '"status":200' "response.json"; then - echo "Successfully unlinked $master_address from $worker_address" - else - echo "Failed unlinking $master_address from $worker_address received response:" - cat response.json - exit 1 - fi -} - -function unlinkDownScaledInstances { - local master_repo=$1 - local masters_count=$2 - local workers_count=$3 - local worker_repo=$4 - local token=$5 +function waitAllNodes { + local node_count=$1 + local token=$2 - for (( c=1; c<=$masters_count; c++ )) + for (( c=0; c<$node_count; c++ )) do - local master_address=graphdb-master-$c - curl -o response.json -sSL -m 5 -H 'content-type: application/json' -H "Authorization: Basic $token" -d "{\"type\":\"read\",\"mbean\":\"ReplicationCluster:name=ClusterInfo\/$master_repo\",\"attribute\":\"NodeStatus\"}" http://$master_address:7200/jolokia/ - local linked_workers_count=$(grep -ow ON "response.json" | wc -l) - local missing_workers_count=$(grep -ow ON "response.json" | wc -l) - - if $linked_workers_count != $workers_count ; then - echo "The cluster has instances that are not connected, but they should be. Can't determine workers which must be disconnected from the cluster, please do it manually!" - else - local worker_to_be_unlinked=$linked_workers_count+$missing_workers_count - for (( x=1; x<=$missing_workers_count; x++ )) - do - unlinkWorker $master_repo $master_address graphdb-worker-$worker_to_be_unlinked $worker_repo $token - local worker_to_be_unlinked=$worker_to_be_unlinked-1 - done - fi - linkWorkerToMaster $1 $master_repo $worker_address $worker_repository $token + local node_address=http://graphdb-node-$c.graphdb-node:7200 + waitService "${node_address}/rest/repositories" "$token" done - - echo "Cluster linked successfully!" -} - -function waitAllInstances { - #workersCount, workerRepo, token - waitWorkers $3 $4 $5 - #mastersCount, mastersRepo, token - waitMasters $1 $2 $5 -} - -function link_1m_3w { - #masters count, master repo, workers count, worker repo, token - waitAllInstances $1 $2 $3 $4 $5 - - #1 master, multiple workers. Args: master to link to, master repo, workers count, workers repo, token - linkAllWorkersToMaster graphdb-master-1 $2 $3 $4 $5 -} - -function setNodeID { - local instance_address=http://$1:7200 - local instance_repository=$2 - local token=$3 - echo "Setting NodeID for $instance_address" - curl -o response.json -sSL -m 5 -H 'content-type: application/json' -H "Authorization: Basic $token" -d "{\"type\":\"write\",\"mbean\":\"ReplicationCluster:name=ClusterInfo\/$instance_repository\",\"attribute\":\"NodeID\",\"value\":\"$instance_address/repositories/$instance_repository\"}" $instance_address/jolokia/ - if grep -q '"status":200' "response.json"; then - echo "Successfully set NodeID for $instance_address" - else - echo "Failed setting NodeID for $instance_address received response:" - cat response.json - exit 1 - fi -} - -function setJmxAttribute { - local instance_address=http://$1:7200 - local instance_repository=$2 - local token=$3 - local attrName=$4 - local attrValue=$5 - - echo "Setting JMX attribute $attrName to $attrValue for $instance_address and repository $instance_repository" - curl -o response.json -sSL -m 5 \ - -H 'content-type: application/json' \ - -H "Authorization: Basic $token" \ - -d "{\"type\":\"write\",\"mbean\":\"ReplicationCluster:name=ClusterInfo\/$instance_repository\",\"attribute\":\"$attrName\",\"value\":\"$attrValue\"}" $instance_address/jolokia/ - - if grep -q '"status":200' "response.json"; then - echo "Successfully set JMX attribute $attrName to $attrValue" - else - echo "Failed setting JMX attribute $attrName to $attrValue" - cat response.json - exit 1 - fi } "$@" diff --git a/files/scripts/runManualBackup.sh b/files/scripts/runManualBackup.sh deleted file mode 100755 index b6f346a3..00000000 --- a/files/scripts/runManualBackup.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/usr/bin/env bash - -IFS='.' - -wanted_date=$(echo $1 | tr '.' '-') -repo_name=$2 -topology=$3 -current_date=$(date +'%Y-%m-%d %H:%M') - -echo "Wanted date: $wanted_date" -echo "Current date: $current_date" - -echo "The backup will start on $wanted_date. The script will sleep until then!" - -wanted_date_sec=$(date -d "$wanted_date" +%s) -current_date_sec=$(date -d "$current_date" +%s) - -sleep_seconds=$(( wanted_date_sec - current_date_sec )) -echo $sleep_seconds - -if [ $sleep_seconds -gt 0 ]; then - sleep $sleep_seconds - /usr/local/bin/backup.sh ${repo_name} ${topology} -else - echo "The wanted date is in the past, backup will not be triggered!" -fi diff --git a/files/scripts/runRestoreBackup.sh b/files/scripts/runRestoreBackup.sh deleted file mode 100644 index d0662a1e..00000000 --- a/files/scripts/runRestoreBackup.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/usr/bin/env bash - -wanted_date=$(echo $1 | tr '.' '-') -repo_name=$2 -restore_from_backup=$3 -#in case the user passed the exact folder name, not only the date -restore_from_backup=$(echo $restore_from_backup) -current_date=$(date +'%Y-%m-%d %H:%M') - -echo "Backup to restore from: ${restore_from_backup}" -echo "Wanted date: $wanted_date" -echo "Current date: $current_date" - -echo "The backup will start on $wanted_date. The script will sleep until then!" - -wanted_date_sec=$(date -d "$wanted_date" +%s) -current_date_sec=$(date -d "$current_date" +%s) - -sleep_seconds=$(( wanted_date_sec - current_date_sec )) -echo $sleep_seconds -#In case the backup fails, it will still run if the pod is rescheduled -if [ $sleep_seconds -gt 0 ]; then - sleep $sleep_seconds - -curl -o response.json -H 'content-type: application/json' -d "{\"type\":\"exec\",\"mbean\":\"ReplicationCluster:name=ClusterInfo\/${repo_name}\",\"operation\":\"restoreFromImage\",\"arguments\":[\"$repo_name-$(echo ${restore_from_backup} | rev | cut -d '/' -f1 | rev )\"]}" http://graphdb-master-1:7200/jolokia/ - if grep -q '"status":200' "response.json"; then - echo "Successfully restored" - else - echo "Error during restore: " - cat response.json - fi -else - echo "The wanted date is in the past, restore will not be triggered!" -fi diff --git a/templates/NOTES.txt b/templates/NOTES.txt index d1e89ff7..35f5297c 100644 --- a/templates/NOTES.txt +++ b/templates/NOTES.txt @@ -1,19 +1,23 @@ {{/* A welcome screen showing useful information after installing/upgrading the chart. */}} --------------------------------------------------------------------------------------------- - ____ _ ____ ____ _____ _____ - / ___|_ __ __ _ _ __ | |__ | _ \| __ ) | ____| ____| - | | _| '__/ _` | '_ \| '_ \| | | | _ \ | _| | _| - | |_| | | | (_| | |_) | | | | |_| | |_) | | |___| |___ - \____|_| \__,_| .__/|_| |_|____/|____/ |_____|_____| - |_| --------------------------------------------------------------------------------------------- +------------------------------------------------------------------------------- + ____ _ ____ ____ + / ___|_ __ __ _ _ __ | |__ | _ \| __ ) + | | _| '__/ _` | '_ \| '_ \| | | | _ \ + | |_| | | | (_| | |_) | | | | |_| | |_) | + \____|_| \__,_| .__/|_| |_|____/|____/ + |_| +------------------------------------------------------------------------------- version: {{ .Chart.AppVersion }} -GDB cluster: {{ ne .Values.graphdb.topology "standalone" }} +GDB cluster: {{ gt (int .Values.graphdb.clusterConfig.nodesCount) 1 }} ** Please be patient while the chart is being deployed and services are available ** You can check their status with kubectl get pods +{{- if and (gt (int .Values.graphdb.clusterConfig.nodesCount) 1) (not .Values.graphdb.node.license) }} + +WARNING: You are attempting to make a cluster without providing a license secret! +{{ end }} Endpoints: * GraphDB workbench: {{ .Values.deployment.protocol }}://{{ include "resolveDeploymentHost" . }}{{ .Values.graphdb.workbench.subpath }} diff --git a/templates/_helpers.yaml b/templates/_helpers.yaml index 9db34fc3..3d809668 100644 --- a/templates/_helpers.yaml +++ b/templates/_helpers.yaml @@ -1,55 +1,3 @@ -{{/* -Resolves specific worker node value -Example usage for license: {{ default $.Values.graphdb.workers.license (include "resolveWorkerValue" (dict "nodes" $.Values.graphdb.workers.nodes "value_name" "license" "worker_index" $worker_index )) }} -The example will return the global workers license or a specific worker license IF PRESENT, resolves the following values.yaml syntax: - workers: - license: graphdb-workers-license - nodes: - - name: worker-1 - license: graphdb-worker1-license -*/}} -{{- define "resolveWorkerValue" -}} -{{- $worker_index:=.worker_index }} -{{- $value_name:=.value_name }} - {{- range .nodes }} - {{- if (eq (trimPrefix "worker-" .name | int64) ( $worker_index | int64)) }} - {{- if (hasKey . $value_name) }} - {{- if or (kindIs "map" (get . $value_name)) (kindIs "slice" (get . $value_name)) }} {{- get . $value_name | toYaml }} {{- else }} {{- get . $value_name }} {{- end }} - {{- end }} - {{- end }} - {{- end }} -{{- end }} - -{{/* -Same as above, but for masters nodes -*/}} -{{- define "resolveMasterValue" -}} -{{- $master_index:=.master_index }} -{{- $value_name:=.value_name }} -{{- range .nodes }} - {{- if (eq (trimPrefix "master-" .name | int64) ( $master_index | int64)) }} - {{- if (hasKey . $value_name) }} - {{- if or (kindIs "map" (get . $value_name)) (kindIs "slice" (get . $value_name)) }} {{- get . $value_name | toYaml }} {{- else }} {{- get . $value_name }} {{- end }} - {{- end }} - {{- end }} -{{- end }} -{{- end }} - -{{- define "shouldRenderBackupVolumeClaimTemplate" -}} - {{- if or .backupRestore.enable_backups .backupRestore.enable_restore }} - {{- if and .backupRestore.persistence.volumeClaimTemplateSpec (eq .master_index 1)}} - {{- print true -}} - {{- end }} - {{- end }} -{{- end }} - -{{- define "shouldRenderToolsVolumeClaimTemplate" -}} - {{- if or .tools.preload.trigger .tools.loadrdf.trigger }} - {{- if and .tools.persistence.volumeClaimTemplateSpec (eq .master_index 1)}} - {{- print "true" -}} - {{- end }} - {{- end }} -{{- end }} {{- define "resolveDeploymentHost" -}} {{- $global := .Values.global | default dict -}} @@ -75,6 +23,11 @@ Combined image pull secrets {{- toYaml $secrets -}} {{- end -}} +{{- define "graphdbLicenseSecret"}} + {{- $secret := (lookup "v1" "Secret" "" "graphdb-license") | default dict }} + {{- toYaml $secret}} +{{- end -}} + {{/* Rendenders a volumeClaimTemplate as yaml. If the storage class name is not specified - 'global.storageClass' is checked and if set it is used as the storageClassName for the template. diff --git a/templates/_labels.yaml b/templates/_labels.yaml new file mode 100644 index 00000000..ce419826 --- /dev/null +++ b/templates/_labels.yaml @@ -0,0 +1,54 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "graphdb.name" -}} + {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "graphdb.fullname" -}} + {{- if .Values.fullnameOverride }} + {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} + {{- else }} + {{- $name := default .Chart.Name .Values.nameOverride }} + {{- if contains $name .Release.Name }} + {{- .Release.Name | trunc 63 | trimSuffix "-" }} + {{- else }} + {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} + {{- end }} + {{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "graphdb.chart" -}} + {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "graphdb.labels" -}} +helm.sh/chart: {{ include "graphdb.chart" . }} +{{ include "graphdb.selectorLabels" . }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +app.kubernetes.io/component: graphdb +app.kubernetes.io/part-of: graphdb +{{- if .Values.extraLabels }} +{{ toYaml .Values.extraLabels }} +{{- end }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "graphdb.selectorLabels" -}} +app.kubernetes.io/name: {{ include "graphdb.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} diff --git a/templates/configuration/graphdb-cluster-config-configmap.yaml b/templates/configuration/graphdb-cluster-config-configmap.yaml new file mode 100644 index 00000000..95dd194c --- /dev/null +++ b/templates/configuration/graphdb-cluster-config-configmap.yaml @@ -0,0 +1,11 @@ +# Default configuration map for provisioning the GraphDB cluster configuration. +# To change it, prepare another configuration map and update "graphdb.configs.clusterConfig" +apiVersion: {{ .Values.versions.configmap }} +kind: ConfigMap +metadata: + name: graphdb-cluster-config-configmap + labels: + {{- include "graphdb.labels" . | nindent 4 }} +data: + cluster-config.json: |- +{{ tpl (.Files.Get "files/config/cluster-config.json" | indent 4) . }} diff --git a/templates/configuration/graphdb-cluster-proxy-configmap.yaml b/templates/configuration/graphdb-cluster-proxy-configmap.yaml new file mode 100644 index 00000000..4b10be67 --- /dev/null +++ b/templates/configuration/graphdb-cluster-proxy-configmap.yaml @@ -0,0 +1,16 @@ +{{- if gt (int $.Values.graphdb.clusterConfig.nodesCount) 1 }} +apiVersion: {{ $.Values.versions.configmap }} +kind: ConfigMap +metadata: + name: graphdb-cluster-proxy-configmap + labels: + {{- include "graphdb.labels" . | nindent 4 }} +data: + # >- means replace new line with space and no new lines at the end + GDB_JAVA_OPTS: >- + -Dgraphdb.proxy.hosts={{- range $i, $node_index := until ( (int $.Values.graphdb.clusterConfig.nodesCount) )}}{{ $.Values.deployment.protocol }}://graphdb-node-{{ $node_index }}.graphdb-node.{{ $.Release.Namespace }}.svc.cluster.local:7200{{- if gt (sub (int $.Values.graphdb.clusterConfig.nodesCount) 1 ) $node_index }},{{- end }} + {{- end }} + -Dgraphdb.auth.token.secret={{ $.Values.graphdb.clusterConfig.clusterSecret | quote }} + -Dgraphdb.home=/opt/graphdb/home + {{ default $.Values.graphdb.node.java_args}} +{{- end }} diff --git a/templates/configuration/graphdb-jolokia-access-configmap.yaml b/templates/configuration/graphdb-jolokia-access-configmap.yaml deleted file mode 100644 index a1055167..00000000 --- a/templates/configuration/graphdb-jolokia-access-configmap.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# Default configuration map for provisioning the GraphDB jolokia access settings. -# To change it, prepare another configuration map and update "graphdb.configs.jolokiaAccessConfigMap" -{{- $configs := (.Values.graphdb.configs | default dict) }} -{{- if $configs.jolokiaAccessConfigMap }} -{{- if eq $configs.jolokiaAccessConfigMap "graphdb-jolokia-access-configmap" }} -apiVersion: {{ .Values.versions.configmap }} -kind: ConfigMap -metadata: - name: graphdb-jolokia-access-configmap - labels: - name: graphdb-jolokia-access-configmap -data: - jolokia-access.xml: |- -{{ tpl (.Files.Get "files/config/jolokia-access.xml" | indent 4) . }} -{{- end }} -{{- end }} diff --git a/templates/configuration/graphdb-logback-configmap.yaml b/templates/configuration/graphdb-logback-configmap.yaml index befa3146..f6fcd426 100644 --- a/templates/configuration/graphdb-logback-configmap.yaml +++ b/templates/configuration/graphdb-logback-configmap.yaml @@ -1,14 +1,14 @@ -# Default configuration map for provisioning GraphDB logback settings. -# To change it, prepare another configuration map and update "graphdb.configs.logbackConfigMap" {{- $configs := (.Values.graphdb.configs | default dict) }} {{- if $configs.logbackConfigMap }} {{- if eq $configs.logbackConfigMap "graphdb-logback-configmap" }} +# Default configuration map for provisioning GraphDB logback settings. +# To change it, prepare another configuration map and update "graphdb.configs.logbackConfigMap" apiVersion: {{ .Values.versions.configmap }} kind: ConfigMap metadata: name: graphdb-logback-configmap labels: - name: graphdb-logback-configmap + {{- include "graphdb.labels" . | nindent 4 }} data: logback.xml: |- {{ tpl (.Files.Get "files/config/logback.xml" | indent 4) . }} diff --git a/templates/configuration/graphdb-master-configmap.yaml b/templates/configuration/graphdb-master-configmap.yaml deleted file mode 100644 index 81ee01e1..00000000 --- a/templates/configuration/graphdb-master-configmap.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{{ range $i, $master_index := untilStep 1 (add1 $.Values.graphdb.clusterConfig.mastersCount | int) 1 }} ---- -apiVersion: {{ $.Values.versions.configmap }} -kind: ConfigMap -metadata: - name: graphdb-master-{{ $master_index }}-configmap - labels: - name: graphdb-master-{{ $master_index }}-configmap -data: - # >- means replace new line with space and no new lines at the end - GDB_JAVA_OPTS: >- - -Denable-context-index=true - -Dentity-pool-implementation=transactional - -Dhealth.max.query.time.seconds=60 - -Dgraphdb.vhosts={{ $.Values.deployment.protocol }}://{{ if eq ($master_index | int64) 1 }}{{ include "resolveDeploymentHost" $ }}{{ $.Values.graphdb.workbench.subpath }}{{ else }}{{ include "resolveDeploymentHost" $ }}{{ $.Values.graphdb.workbench.subpath }}-master-{{ $master_index }}/{{ end }},http://graphdb-master-{{ $master_index }}:7200/ - -Dgraphdb.external-url=http://graphdb-master-{{ $master_index }}:7200/ - -Dgraphdb.append.request.id.headers=true - -Dgraphdb.workbench.importDirectory=/opt/graphdb/home/graphdb-import - -Dgraphdb.home.conf=/opt/graphdb/home/conf - -Dgraphdb.ontop.jdbc.path=/opt/graphdb/home/jdbc-driver - {{ if eq ($master_index | int64) 1 }}-Dgraphdb.backup.base.folder=/opt/graphdb/backups{{ end }} -{{- if ne $.Values.graphdb.topology "standalone" }} - -Dgraphdb.auth.token.secret={{ $.Values.graphdb.clusterConfig.clusterSecret | quote }} -{{- end }} - {{ default $.Values.graphdb.masters.java_args (include "resolveMasterValue" (dict "nodes" $.Values.graphdb.masters.nodes "value_name" "java_args" "master_index" $master_index )) }} -{{ end }} diff --git a/templates/configuration/graphdb-master-repo-default-configmap.yaml b/templates/configuration/graphdb-master-repo-default-configmap.yaml deleted file mode 100644 index dcee8be2..00000000 --- a/templates/configuration/graphdb-master-repo-default-configmap.yaml +++ /dev/null @@ -1,15 +0,0 @@ -# Default configuration map for provisioning GraphDB repository. -# To change it, prepare another configuration map and update "graphdb.repositoryConfigmap" -apiVersion: {{ .Values.versions.configmap }} -kind: ConfigMap -metadata: - name: graphdb-repo-default-configmap - labels: - name: graphdb-repo-default-configmap -data: - config.ttl: |- -{{ if ne .Values.graphdb.topology "standalone" }} -{{ tpl (.Files.Get "files/config/master.default.ttl" | indent 4) . }} -{{ else }} -{{ tpl (.Files.Get "files/config/graphdb-repo.default.ttl" | indent 4) . }} -{{ end }} diff --git a/templates/configuration/graphdb-node-configmap.yaml b/templates/configuration/graphdb-node-configmap.yaml new file mode 100644 index 00000000..a47f5417 --- /dev/null +++ b/templates/configuration/graphdb-node-configmap.yaml @@ -0,0 +1,21 @@ +apiVersion: {{ $.Values.versions.configmap }} +kind: ConfigMap +metadata: + name: graphdb-node-configmap + labels: + {{- include "graphdb.labels" . | nindent 4 }} +data: + # >- means replace new line with space and no new lines at the end + GDB_JAVA_OPTS: >- + -Denable-context-index=true + -Dentity-pool-implementation=transactional + -Dhealth.max.query.time.seconds=60 + -Dgraphdb.vhosts={{ $.Values.deployment.protocol }}://{{ include "resolveDeploymentHost" $ }}{{ $.Values.graphdb.workbench.subpath }} + -Dgraphdb.append.request.id.headers=true + -Dgraphdb.workbench.importDirectory=/opt/graphdb/home/graphdb-import + -Dgraphdb.home=/opt/graphdb/home + -Dgraphdb.ontop.jdbc.path=/opt/graphdb/home/jdbc-driver +{{- if gt (int $.Values.graphdb.clusterConfig.nodesCount) 1 }} + -Dgraphdb.auth.token.secret={{ $.Values.graphdb.clusterConfig.clusterSecret | quote }} +{{- end }} + {{ default $.Values.graphdb.node.java_args}} diff --git a/templates/configuration/graphdb-properties-configmap.yaml b/templates/configuration/graphdb-properties-configmap.yaml index 2108c8d8..afa7671d 100644 --- a/templates/configuration/graphdb-properties-configmap.yaml +++ b/templates/configuration/graphdb-properties-configmap.yaml @@ -1,14 +1,14 @@ -# Default configuration map for provisioning GraphDB properties. -# To change it, prepare another configuration map and update "graphdb.configs.propertiesConfigMap" {{- $configs := (.Values.graphdb.configs | default dict) }} {{- if $configs.propertiesConfigMap}} {{- if eq $configs.propertiesConfigMap "graphdb-properties-configmap" }} +# Default configuration map for provisioning GraphDB properties. +# To change it, prepare another configuration map and update "graphdb.configs.propertiesConfigMap" apiVersion: {{ .Values.versions.configmap }} kind: ConfigMap metadata: name: graphdb-properties-configmap labels: - name: graphdb-properties-configmap + {{- include "graphdb.labels" . | nindent 4 }} data: graphdb.properties: |- {{ tpl (.Files.Get "files/config/graphdb.properties" | indent 4) . }} diff --git a/templates/configuration/graphdb-settings-configmap.yaml b/templates/configuration/graphdb-settings-configmap.yaml index cea9c366..94e5b9f0 100644 --- a/templates/configuration/graphdb-settings-configmap.yaml +++ b/templates/configuration/graphdb-settings-configmap.yaml @@ -1,14 +1,14 @@ -# Default configuration map for provisioning GraphDB settings.js file. -# To change it, prepare another configuration map and update "graphdb.configs.settingsConfigMap" {{- $configs := (.Values.graphdb.configs | default dict) }} {{- $settingsConfigMap := $configs.settingsConfigMap | default "" }} {{- if or (eq $settingsConfigMap "graphdb-settings-configmap") (and (not $settingsConfigMap ) (.Values.graphdb.security.enabled)) }} +# Default configuration map for provisioning GraphDB settings.js file. +# To change it, prepare another configuration map and update "graphdb.configs.settingsConfigMap" apiVersion: {{ .Values.versions.configmap }} kind: ConfigMap metadata: name: graphdb-settings-configmap labels: - name: graphdb-settings-configmap + {{- include "graphdb.labels" . | nindent 4 }} data: settings.js: |- {{ tpl (.Files.Get "files/config/settings.js" | indent 4) . }} diff --git a/templates/configuration/graphdb-users-configmap.yaml b/templates/configuration/graphdb-users-configmap.yaml index 1a6ef81f..b0b2df20 100644 --- a/templates/configuration/graphdb-users-configmap.yaml +++ b/templates/configuration/graphdb-users-configmap.yaml @@ -1,14 +1,14 @@ -# Default configuration map for provisioning GraphDB users.js file. -# To change it, prepare another configuration map and update "graphdb.configs.usersConfigMap" {{- $configs := (.Values.graphdb.configs | default dict) }} {{- $usersConfigMap := $configs.usersConfigMap | default ""}} {{- if or (eq $usersConfigMap "graphdb-users-configmap") (and (not $usersConfigMap) (.Values.graphdb.security.enabled)) }} +# Default configuration map for provisioning GraphDB users.js file. +# To change it, prepare another configuration map and update "graphdb.configs.usersConfigMap" apiVersion: {{ .Values.versions.configmap }} kind: ConfigMap metadata: name: graphdb-users-configmap labels: - name: graphdb-users-configmap + {{- include "graphdb.labels" . | nindent 4 }} data: users.js: |- {{ tpl (.Files.Get "files/config/users.js" | indent 4) . }} diff --git a/templates/configuration/graphdb-worker-configmap.yaml b/templates/configuration/graphdb-worker-configmap.yaml deleted file mode 100644 index 9cb06916..00000000 --- a/templates/configuration/graphdb-worker-configmap.yaml +++ /dev/null @@ -1,23 +0,0 @@ -{{ if ne .Values.graphdb.topology "standalone" }} -{{ range $i, $worker_index := untilStep 1 (add1 $.Values.graphdb.clusterConfig.workersCount | int) 1 }} ---- -apiVersion: {{ $.Values.versions.configmap }} -kind: ConfigMap -metadata: - name: graphdb-worker-{{ $worker_index }}-configmap - labels: - name: graphdb-worker-{{ $worker_index }}-configmap -data: - # >- means replace new line with space and no new lines at the end - GDB_JAVA_OPTS: >- - -Denable-context-index=true - -Dentity-pool-implementation=transactional - -Dhealth.max.query.time.seconds=60 - -Dgraphdb.vhosts={{ $.Values.deployment.protocol }}://{{ include "resolveDeploymentHost" $ }}{{ $.Values.graphdb.workbench.subpath }}-worker-{{ $worker_index }},http://graphdb-worker-{{ $worker_index }}:7200/ - -Dgraphdb.external-url=http://graphdb-worker-{{ $worker_index }}:7200/ - -Dgraphdb.append.request.id.headers=true - -Dgraphdb.auth.token.secret={{ $.Values.graphdb.clusterConfig.clusterSecret | quote }} - -Dgraphdb.home.conf=/opt/graphdb/home/conf - {{ default $.Values.graphdb.workers.java_args (include "resolveWorkerValue" (dict "nodes" $.Values.graphdb.workers.nodes "value_name" "java_args" "worker_index" $worker_index )) }} -{{ end }} -{{ end }} diff --git a/templates/configuration/graphdb-worker-repo-default-configmap.yaml b/templates/configuration/graphdb-worker-repo-default-configmap.yaml deleted file mode 100644 index 382cbeaa..00000000 --- a/templates/configuration/graphdb-worker-repo-default-configmap.yaml +++ /dev/null @@ -1,13 +0,0 @@ -{{ if ne .Values.graphdb.topology "standalone" }} -# Default configuration map for provisioning GraphDB worker node repository. -# To change it, prepare another configuration map and update "graphdb.cluster.worker.repositoryConfigmap" -apiVersion: {{ .Values.versions.configmap }} -kind: ConfigMap -metadata: - name: graphdb-worker-repo-default-configmap - labels: - name: graphdb-worker-repo-default-configmap -data: - config.ttl: |- -{{ tpl (.Files.Get "files/config/graphdb-repo.default.ttl" | indent 4) . }} -{{ end }} diff --git a/templates/configuration/kong-configmap.yaml b/templates/configuration/kong-configmap.yaml deleted file mode 100644 index 83f55759..00000000 --- a/templates/configuration/kong-configmap.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{- if .Values.kong.enabled }} ---- -apiVersion: {{ .Values.versions.configmap }} -kind: ConfigMap -metadata: - name: kong-configmap - labels: - app: kong-configmap -data: - KONG_DATABASE: "off" - KONG_DECLARATIVE_CONFIG: "/etc/kong/kong.yaml" - KONG_MEM_CACHE_SIZE: "{{ .Values.kong.memCacheSize }}" - KONG_NGINX_WORKER_PROCESSES: "{{ .Values.kong.workers }}" - KONG_ADMIN_LISTEN: "0.0.0.0:8001, 0.0.0.0:8444 ssl" - KONG_PROXY_ACCESS_LOG: "/dev/stdout" - KONG_ADMIN_ACCESS_LOG: "/dev/stdout" - KONG_PROXY_ERROR_LOG: "/dev/stderr" - KONG_ADMIN_ERROR_LOG: "/dev/stderr" -{{- end }} diff --git a/templates/configuration/kong-services-configmap.yaml b/templates/configuration/kong-services-configmap.yaml deleted file mode 100644 index b0d4f522..00000000 --- a/templates/configuration/kong-services-configmap.yaml +++ /dev/null @@ -1,11 +0,0 @@ -{{- if .Values.kong.enabled }} -apiVersion: {{ .Values.versions.configmap }} -kind: ConfigMap -metadata: - name: kong-services-configmap - labels: - app: kong-services-configmap -data: - kong.yaml: |- -{{ tpl (.Files.Get "files/config/kong.dbless.yaml" | indent 4) . }} -{{- end }} diff --git a/templates/gateway/ingress.yaml b/templates/gateway/ingress.yaml index 0aa9351d..537558dd 100644 --- a/templates/gateway/ingress.yaml +++ b/templates/gateway/ingress.yaml @@ -1,39 +1,45 @@ {{- if .Values.deployment.ingress.enabled }} +--- apiVersion: {{ .Values.versions.ingress }} kind: Ingress metadata: name: ingress + labels: + {{- include "graphdb.labels" . | nindent 4 }} annotations: kubernetes.io/ingress.class: {{ .Values.deployment.ingress.class }} - {{ if .Values.deployment.tls.enabled }} + {{- if .Values.deployment.tls.enabled }} ingress.kubernetes.io/force-ssl-redirect: "true" - {{ end }} + {{- end }} nginx.ingress.kubernetes.io/proxy-body-size: {{ .Values.deployment.ingress.maxRequestSize }} nginx.ingress.kubernetes.io/proxy-connect-timeout: {{ .Values.deployment.ingress.timeout.connect | quote }} nginx.ingress.kubernetes.io/proxy-read-timeout: {{ .Values.deployment.ingress.timeout.read | quote }} nginx.ingress.kubernetes.io/proxy-send-timeout: {{ .Values.deployment.ingress.timeout.send | quote }} - nginx.ingress.kubernetes.io/proxy-redirect-from: http://graphdb-master-1:7200 - nginx.ingress.kubernetes.io/proxy-redirect-to: {{ .Values.deployment.protocol }}://{{ .Values.deployment.host }}/graphdb + nginx.ingress.kubernetes.io/rewrite-target: /$2 + nginx.ingress.kubernetes.io/x-forwarded-prefix: {{ $.Values.graphdb.workbench.subpath | quote }} {{- with .Values.deployment.ingress.annotations }} {{- toYaml . | nindent 4 }} {{- end }} - spec: - {{ if .Values.deployment.tls.enabled }} + {{- if .Values.deployment.tls.enabled }} tls: - hosts: - {{ include "resolveDeploymentHost" . | quote }} secretName: {{ required "TLS secret is required!" .Values.deployment.tls.secretName }} - {{ end }} + {{- end }} rules: - host: {{ include "resolveDeploymentHost" . | quote }} http: paths: - - path: / + - path: {{ $.Values.graphdb.workbench.subpath }}(/|$)(.*) pathType: Prefix backend: service: - name: kong-proxy + {{- if gt (int $.Values.graphdb.clusterConfig.nodesCount) 1 }} + name: graphdb-cluster-proxy + {{- else }} + name: graphdb-node + {{- end }} port: - number: 8000 + number: 7200 {{- end }} diff --git a/templates/gateway/kong.yaml b/templates/gateway/kong.yaml deleted file mode 100644 index 2792e96c..00000000 --- a/templates/gateway/kong.yaml +++ /dev/null @@ -1,135 +0,0 @@ -{{- if .Values.kong.enabled }} ---- -apiVersion: {{ .Values.versions.deployment }} -kind: Deployment -metadata: - name: kong - labels: - app: kong -spec: - replicas: 1 - selector: - matchLabels: - app: kong - template: - metadata: - name: kong - labels: - app: kong - annotations: - # Enables redeployment if the configuration map or the declarative configuration is updated - checksum/configmap: {{ include (print $.Template.BasePath "/configuration/kong-configmap.yaml") . | sha256sum }} - checksum/services-configmap: {{ include (print $.Template.BasePath "/configuration/kong-services-configmap.yaml") . | sha256sum }} - spec: - volumes: - - name: kong-services-config - configMap: - name: {{ .Values.kong.servicesConfigmap }} - {{ if hasKey .Values.kong "nodeSelector" }} - nodeSelector: {{ .Values.kong.nodeSelector | toYaml | nindent 8 }} - {{ end }} - containers: - - name: kong - image: {{ include "renderFullImageName" (dict "globalRegistry" .Values.global.imageRegistry "image" .Values.images.kong) }} - imagePullPolicy: {{ .Values.deployment.imagePullPolicy }} - envFrom: - - configMapRef: - name: {{ .Values.kong.configmap }} - ports: - - name: proxy - containerPort: 8000 - protocol: TCP - - name: proxy-ssl - containerPort: 8443 - protocol: TCP - - name: admin - containerPort: 8001 - protocol: TCP - - name: admin-ssl - containerPort: 8444 - protocol: TCP - volumeMounts: - - name: kong-services-config - mountPath: /etc/kong - resources: {{ .Values.kong.resources | toYaml | nindent 12 }} - readinessProbe: - exec: - command: ["kong", "health"] - initialDelaySeconds: 5 - periodSeconds: 10 - livenessProbe: - exec: - command: ["kong", "health"] - initialDelaySeconds: 5 - periodSeconds: 10 ---- -apiVersion: {{ .Values.versions.service }} -kind: Service -metadata: - name: kong-proxy -spec: - selector: - app: kong - ports: - - name: kong-proxy - port: 8000 - targetPort: 8000 - protocol: TCP ---- -apiVersion: {{ .Values.versions.service }} -kind: Service -metadata: - name: kong-proxy-ssl -spec: - selector: - app: kong - ports: - - name: kong-proxy-ssl - port: 8443 - targetPort: 8443 - protocol: TCP ---- -apiVersion: {{ .Values.versions.service }} -kind: Service -metadata: - name: kong-admin -spec: - selector: - app: kong - ports: - - name: kong-admin - port: 8001 - targetPort: 8001 - protocol: TCP ---- -apiVersion: {{ .Values.versions.service }} -kind: Service -metadata: - name: kong-admin-ssl -spec: - selector: - app: kong - ports: - - name: kong-admin-ssl - port: 8444 - targetPort: 8444 - protocol: TCP ---- -apiVersion: {{ .Values.versions.service }} -kind: Service -metadata: - name: kong-admin-outside -spec: - selector: - app: kong - type: NodePort - ports: - - name: kong-admin-outside - nodePort: {{ .Values.kong.port.nodePort }} - port: 8001 - protocol: TCP - targetPort: 8001 - sessionAffinity: None -status: - loadBalancer: {} -{{- end }} diff --git a/templates/graphdb-cluster-proxy.yaml b/templates/graphdb-cluster-proxy.yaml new file mode 100644 index 00000000..bcd27023 --- /dev/null +++ b/templates/graphdb-cluster-proxy.yaml @@ -0,0 +1,88 @@ +{{- if gt (int $.Values.graphdb.clusterConfig.nodesCount) 1 }} +{{- $configs := ($.Values.graphdb.configs | default dict) }} +--- +apiVersion: {{ $.Values.versions.statefulset }} +kind: StatefulSet +metadata: + name: gdb-proxy + labels: + app: graphdb-cluster-proxy + {{- include "graphdb.labels" . | nindent 4 }} +spec: + replicas: {{ $.Values.graphdb.clusterProxy.replicas }} + serviceName: graphdb-proxy + podManagementPolicy: Parallel + selector: + matchLabels: + app: graphdb-cluster-proxy + template: + metadata: + labels: + app: graphdb-cluster-proxy + annotations: + checksum/configmap: {{ include (print $.Template.BasePath "/configuration/graphdb-cluster-proxy-configmap.yaml") . | sha256sum }} + spec: + terminationGracePeriodSeconds: 15 + setHostnameAsFQDN: true + nodeSelector: + {{- default "{}" ($.Values.graphdb.clusterProxy.nodeSelector | toYaml | nindent 8) }} + affinity: + {{- default "{}" ($.Values.graphdb.clusterProxy.affinity | toYaml | nindent 8) }} + tolerations: + {{- default "{}" ($.Values.graphdb.clusterProxy.tolerations | toYaml | nindent 8) }} + topologySpreadConstraints: + {{- default "{}" ($.Values.graphdb.clusterProxy.topologySpreadConstraints | toYaml | nindent 8) }} + imagePullSecrets: + {{- include "combinedImagePullSecrets" $ | nindent 8 }} + containers: + - name: graphdb-proxy + image: {{ include "renderFullImageName" (dict "globalRegistry" $.Values.global.imageRegistry "image" $.Values.images.graphdb) }} + imagePullPolicy: {{ $.Values.deployment.imagePullPolicy }} + command: ["/opt/graphdb/dist/bin/cluster-proxy"] + envFrom: + - configMapRef: + name: graphdb-cluster-proxy-configmap + ports: + - name: gdb-proxy-port + containerPort: 7200 + - name: gdb-proxy-rpc + containerPort: 7300 + resources: {{ $.Values.graphdb.clusterProxy.resources | toYaml | nindent 12 }} + startupProbe: {{ $.Values.graphdb.clusterProxy.startupProbe | toYaml | nindent 12 }} + readinessProbe: {{ $.Values.graphdb.clusterProxy.readinessProbe | toYaml | nindent 12 }} + livenessProbe: {{ $.Values.graphdb.clusterProxy.livenessProbe | toYaml | nindent 12 }} +--- +apiVersion: {{ $.Values.versions.service }} +kind: Service +metadata: + name: graphdb-cluster-proxy + labels: + app: graphdb-cluster-proxy + {{- include "graphdb.labels" . | nindent 4 }} +spec: + type: LoadBalancer + selector: + app: graphdb-cluster-proxy + ports: + - name: gdb-proxy-port + port: 7200 + targetPort: 7200 + protocol: TCP +--- +apiVersion: {{ $.Values.versions.service }} +kind: Service +metadata: + name: graphdb-proxy + labels: + app: graphdb-cluster-proxy + {{- include "graphdb.labels" . | nindent 4 }} +spec: + clusterIP: None + selector: + app: graphdb-cluster-proxy + ports: + - name: gdb-proxy-rpc + port: 7300 + targetPort: 7300 + protocol: TCP +{{- end }} diff --git a/templates/graphdb-master.yaml b/templates/graphdb-master.yaml deleted file mode 100644 index 2f67346f..00000000 --- a/templates/graphdb-master.yaml +++ /dev/null @@ -1,408 +0,0 @@ -# Loop over the replica count -{{ range $i, $master_index := untilStep 1 (add1 $.Values.graphdb.clusterConfig.mastersCount | int ) 1 }} - -{{ $worker_endpoint := printf "http://graphdb-master-%d:7200" $master_index }} -{{- $authToken := ((printf "%s:%s" $.Values.graphdb.security.provisioningUsername $.Values.graphdb.security.provisioningPassword) | b64enc) }} -{{- $configs := ($.Values.graphdb.configs | default dict) }} - ---- -apiVersion: {{ $.Values.versions.statefulset }} -kind: StatefulSet -metadata: - name: graphdb-master-{{ $master_index }} - labels: - app: graphdb-master-{{ $master_index }} -spec: - replicas: 1 - serviceName: graphdb-master-{{ $master_index }} - updateStrategy: - type: RollingUpdate - selector: - matchLabels: - app: graphdb-master-{{ $master_index }} - {{- if or (or (hasKey $.Values.graphdb.masters.persistence "volumeClaimTemplateSpec") (include "shouldRenderBackupVolumeClaimTemplate" (dict "backupRestore" $.Values.graphdb.backupRestore "master_index" $master_index))) (and $.Values.graphdb.import_directory_mount.enabled (eq $master_index 1)) }} - volumeClaimTemplates: - {{- end }} - {{- if hasKey $.Values.graphdb.masters.persistence "volumeClaimTemplateSpec" }} - - metadata: - name: graphdb-master-{{ $master_index }}-data-dynamic-pvc - {{- $spec := dict "globalStorageClassName" $.Values.global.storageClass "spec" $.Values.graphdb.masters.persistence.volumeClaimTemplateSpec }} - spec: {{ include "renderVolumeClaimTemplateSpec" $spec | nindent 8 }} - {{- end }} - {{- if (include "shouldRenderBackupVolumeClaimTemplate" (dict "backupRestore" $.Values.graphdb.backupRestore "master_index" $master_index)) }} - - metadata: - name: graphdb-backup-pvc - {{- $spec := dict "globalStorageClassName" $.Values.global.storageClass "spec" $.Values.graphdb.backupRestore.persistence.volumeClaimTemplateSpec }} - spec: {{ include "renderVolumeClaimTemplateSpec" $spec | nindent 8 }} - {{- end }} - {{- if and $.Values.graphdb.import_directory_mount.enabled (eq $master_index 1) }} - - metadata: - name: graphdb-server-import-dir - {{- $spec := dict "globalStorageClassName" $.Values.global.storageClass "spec" $.Values.graphdb.import_directory_mount.volumeClaimTemplateSpec }} - spec: {{ include "renderVolumeClaimTemplateSpec" $spec | nindent 8 }} - {{- end }} - template: - metadata: - labels: - app: graphdb-master-{{ $master_index }} - spec: - terminationGracePeriodSeconds: 60 - volumes: - {{- if ne (default $.Values.graphdb.masters.license (include "resolveMasterValue" (dict "nodes" $.Values.graphdb.masters.nodes "value_name" "license" "master_index" $master_index))) "" }} - - name: graphdb-master-license - secret: - secretName: {{ default $.Values.graphdb.masters.license (include "resolveMasterValue" (dict "nodes" $.Values.graphdb.masters.nodes "value_name" "license" "master_index" $master_index)) }} - {{- end }} - {{- if not (hasKey $.Values.graphdb.masters.persistence "volumeClaimTemplateSpec") }} - - name: graphdb-master-storage - persistentVolumeClaim: - claimName: graphdb-master-{{ $master_index }}-data-pvc - {{- end }} - - name: graphdb-master-repo-config - configMap: - name: {{ required "Config map with .ttl for repositories creation is required!" $.Values.graphdb.masters.repositoryConfigmap }} - {{- if or $configs.settingsConfigMap $.Values.graphdb.security.enabled }} - - name: graphdb-settings-config - configMap: - name: {{ $configs.settingsConfigMap | default "graphdb-settings-configmap" }} - {{- end }} - {{- if or $configs.usersConfigMap $.Values.graphdb.security.enabled }} - - name: graphdb-users-config - configMap: - name: {{ $configs.usersConfigMap | default "graphdb-users-configmap" }} - {{- end }} - {{- if $configs.propertiesConfigMap }} - - name: graphdb-properties-config - configMap: - name: {{ $configs.propertiesConfigMap }} - {{- end }} - {{- if $configs.logbackConfigMap }} - - name: graphdb-logback-config - configMap: - name: {{ $configs.logbackConfigMap }} - {{- end }} - {{- if $configs.jolokiaAccessConfigMap }} - - name: graphdb-jolokia-access-config - configMap: - name: {{ $configs.jolokiaAccessConfigMap }} - {{- end }} - imagePullSecrets: - {{- include "combinedImagePullSecrets" $ | nindent 8 }} - nodeSelector: - {{- default "{}" (default ($.Values.graphdb.masters.nodeSelector | toYaml) (include "resolveMasterValue" (dict "nodes" $.Values.graphdb.masters.nodes "value_name" "nodeSelector" "master_index" $master_index))) | nindent 8 }} - affinity: - {{- default "{}" (default ($.Values.graphdb.masters.affinity | toYaml) (include "resolveMasterValue" (dict "nodes" $.Values.graphdb.masters.nodes "value_name" "affinity" "master_index" $master_index))) | nindent 8 }} - tolerations: - {{- default "{}" (default ($.Values.graphdb.masters.tolerations | toYaml) (include "resolveMasterValue" (dict "nodes" $.Values.graphdb.masters.nodes "value_name" "tolerations" "master_index" $master_index))) | nindent 8 }} - topologySpreadConstraints: - {{- default "{}" (default ($.Values.graphdb.masters.topologySpreadConstraints | toYaml) (include "resolveMasterValue" (dict "nodes" $.Values.graphdb.masters.nodes "value_name" "topologySpreadConstraints" "master_index" $master_index))) | nindent 8 }} - containers: - - name: graphdb-master-{{ $master_index }} - image: {{ include "renderFullImageName" (dict "globalRegistry" $.Values.global.imageRegistry "image" $.Values.images.graphdb) }} - imagePullPolicy: {{ $.Values.deployment.imagePullPolicy }} - ports: - - name: graphdb-m-{{ $master_index }} - containerPort: 7200 - envFrom: - - configMapRef: - name: graphdb-master-{{ $master_index }}-configmap - volumeMounts: - {{- if hasKey $.Values.graphdb.masters.persistence "volumeClaimTemplateSpec" }} - - name: graphdb-master-{{ $master_index }}-data-dynamic-pvc - {{- else }} - - name: graphdb-master-storage - {{- end }} - mountPath: /opt/graphdb/home - {{- if and (eq ($master_index | int64) 1) (include "shouldRenderBackupVolumeClaimTemplate" (dict "backupRestore" $.Values.graphdb.backupRestore "master_index" $master_index)) }} - - name: graphdb-backup-pvc - mountPath: /opt/graphdb/backups - {{- end }} - {{- if and $.Values.graphdb.import_directory_mount.enabled (eq $master_index 1) }} - - name: graphdb-server-import-dir - mountPath: /opt/graphdb/home/graphdb-import - {{- end }} - resources: {{ $.Values.graphdb.masters.resources | toYaml | nindent 12 }} - # Allow for GraphDB to start within 10*30 seconds before readiness & liveness probes interfere - startupProbe: - httpGet: - path: /protocol - port: graphdb-m-{{ $master_index }} - failureThreshold: 30 - timeoutSeconds: 5 - periodSeconds: 10 - readinessProbe: - httpGet: - path: /protocol - port: graphdb-m-{{ $master_index }} - initialDelaySeconds: 5 - timeoutSeconds: 5 - periodSeconds: 10 - livenessProbe: - httpGet: - path: /protocol - port: graphdb-m-{{ $master_index }} - initialDelaySeconds: 60 - timeoutSeconds: 5 - periodSeconds: 10 - initContainers: - {{- if ne (default $.Values.graphdb.masters.license (include "resolveMasterValue" (dict "nodes" $.Values.graphdb.masters.nodes "value_name" "license" "master_index" $master_index))) "" }} - # LICENSE PROVISION - - name: provision-license - image: {{ include "renderFullImageName" (dict "globalRegistry" $.Values.global.imageRegistry "image" $.Values.images.busybox) }} - imagePullPolicy: {{ $.Values.deployment.imagePullPolicy }} - volumeMounts: - {{- if hasKey $.Values.graphdb.masters.persistence "volumeClaimTemplateSpec" }} - - name: graphdb-master-{{ $master_index }}-data-dynamic-pvc - {{- else }} - - name: graphdb-master-storage - {{- end }} - mountPath: /opt/graphdb/home - - name: graphdb-master-license - mountPath: /tmp/license/ - command: ['sh', '-c'] - args: - - | - mkdir -p /opt/graphdb/home/conf/ - cd /opt/graphdb/home/conf/ - [ -f graphdb.license ] && echo "License present, exiting..." && exit 0 - - echo 'Provisioning GraphDB master {{ $master_index }} license' - cp /tmp/license/*.license ./graphdb.license - echo 'Done' - {{- end }} - # REPO PROVISION - - name: provision-repository - image: {{ include "renderFullImageName" (dict "globalRegistry" $.Values.global.imageRegistry "image" $.Values.images.busybox) }} - imagePullPolicy: {{ $.Values.deployment.imagePullPolicy }} - volumeMounts: - {{- if hasKey $.Values.graphdb.masters.persistence "volumeClaimTemplateSpec" }} - - name: graphdb-master-{{ $master_index }}-data-dynamic-pvc - {{- else }} - - name: graphdb-master-storage - {{- end }} - mountPath: /opt/graphdb/home - - name: graphdb-master-repo-config - mountPath: /tmp/graphdb - command: ['sh', '-c'] - args: - - | - set -eu - for filename in /tmp/graphdb/*.ttl; do - repositoryName=$(grep "rep:repositoryID" $filename | sed -ne 's/rep:repositoryID "//p' | sed -ne 's/" ;//p' | sed -ne 's/^[[:space:]]*//p') - echo "Repo name: $repositoryName" - echo "File name: $filename" - mkdir -p /opt/graphdb/home/data/repositories/$repositoryName ; - cd /opt/graphdb/home/data/repositories/$repositoryName ; - - # If the repo configuration exists -> skip provisioning - [ -f config.ttl ] && echo "Repository $repositoryName exists, exiting..." && exit 0 - - echo "Provisioning GraphDB $repositoryName repository with file $filename" ; - cp $filename ./config.ttl ; - echo 'Done' - done - # PROVISION SETTINGS AND SECURITY - - name: provision-settings - image: {{ include "renderFullImageName" (dict "globalRegistry" $.Values.global.imageRegistry "image" $.Values.images.busybox) }} - imagePullPolicy: {{ $.Values.deployment.imagePullPolicy }} - volumeMounts: - {{- if hasKey $.Values.graphdb.masters.persistence "volumeClaimTemplateSpec" }} - - name: graphdb-master-{{ $master_index }}-data-dynamic-pvc - {{- else }} - - name: graphdb-master-storage - {{- end }} - mountPath: /opt/graphdb/home - {{- if or $configs.settingsConfigMap $.Values.graphdb.security.enabled }} - - name: graphdb-settings-config - mountPath: /tmp/graphdb-settigns-configmap - {{- end }} - {{- if or $configs.usersConfigMap $.Values.graphdb.security.enabled }} - - name: graphdb-users-config - mountPath: /tmp/graphdb-users-configmap - {{- end }} - {{- if $configs.propertiesConfigMap }} - - name: graphdb-properties-config - mountPath: /tmp/graphdb-properties-configmap - {{- end }} - {{- if $configs.logbackConfigMap }} - - name: graphdb-logback-config - mountPath: /tmp/graphdb-logback-configmap - {{- end }} - {{- if $configs.jolokiaAccessConfigMap }} - - name: graphdb-jolokia-access-config - mountPath: /tmp/graphdb-jolokia-access-configmap - {{- end }} - command: ['sh', '-c'] - args: - - | - set -eu - if [[ ! -f /opt/graphdb/home/work/workbench/settings.js && ! -f /opt/graphdb/home/work/workbench/users.js && -f /tmp/graphdb-users-configmap/users.js ]]; then - echo "Provisioning users with users.js file..." - mkdir -p /opt/graphdb/home/work/workbench ; - cp /tmp/graphdb-users-configmap/users.js /opt/graphdb/home/work/workbench/users.js - fi - if [[ ! -f /opt/graphdb/home/work/workbench/settings.js && -f /tmp/graphdb-settigns-configmap/settings.js ]]; then - echo "Provisioning settings with settings.js file..." - mkdir -p /opt/graphdb/home/work/workbench ; - cp /tmp/graphdb-settigns-configmap/settings.js /opt/graphdb/home/work/workbench/settings.js - fi - if [[ ! -f /opt/graphdb/home/conf/graphdb.properties && -f /tmp/graphdb-properties-configmap/graphdb.properties ]]; then - echo "Provisioning graphdb properties file..." - mkdir -p /opt/graphdb/home/conf ; - cp /tmp/graphdb-properties-configmap/graphdb.properties /opt/graphdb/home/conf/graphdb.properties - fi - if [[ ! -f /opt/graphdb/home/conf/logback.xml && -f /tmp/graphdb-logback-configmap/logback.xml ]]; then - echo "Provisioning logging config file..." - mkdir -p /opt/graphdb/home/conf ; - cp /tmp/graphdb-logback-configmap/logback.xml /opt/graphdb/home/conf/logback.xml - fi - if [[ ! -f /opt/graphdb/home/conf/jolokia-access.xml && -f /tmp/graphdb-jolokia-access-configmap/jolokia-access.xml ]]; then - echo "Provisioning jolokia access config file..." - mkdir -p /opt/graphdb/home/conf ; - cp /tmp/graphdb-jolokia-access-configmap/jolokia-access.xml /opt/graphdb/home/conf/jolokia-access.xml - fi - mkdir -p /opt/graphdb/home/jdbc-driver - echo 'Done' - {{- if and (eq $.Values.graphdb.topology "standalone") (include "shouldRenderBackupVolumeClaimTemplate" (dict "backupRestore" $.Values.graphdb.backupRestore "master_index" $master_index)) }} - - name: restore-standalone - image: {{ include "renderFullImageName" (dict "globalRegistry" $.Values.global.imageRegistry "image" $.Values.images.busybox) }} - imagePullPolicy: {{ $.Values.deployment.imagePullPolicy }} - volumeMounts: - - name: graphdb-master-storage - mountPath: /opt/graphdb/ - - name: graphdb-backup-pvc - mountPath: {{ $.Values.deployment.storage }}/graphdb-backups/ - command: ['sh', '-c'] - args: - - | - {{ $repo := $.Values.graphdb.backupRestore.restore_repository -}} - mkdir -p /opt/graphdb/home/data/repositories/{{ $repo }} ; - cd /opt/graphdb/home/data/repositories/ ; - echo "Backup to restore: {{ $.Values.deployment.storage }}/graphdb-backups/backup/{{ $repo }}-{{ $.Values.graphdb.backupRestore.restore_from_backup }}/" - if [ -d {{ $.Values.deployment.storage }}/graphdb-backups/backup/{{ $repo }}-{{ $.Values.graphdb.backupRestore.restore_from_backup }}/ ]; then - rm -rf {{ $repo }} - unzip {{ $.Values.deployment.storage }}/graphdb-backups/backup/{{ $repo }}-{{ $.Values.graphdb.backupRestore.restore_from_backup }}/* - echo "Successfully restored!" - else - echo "Nothing to restore." - fi - {{- end }} - # LOADRDF TOOL - {{- if and (and (eq $master_index 1) $.Values.graphdb.tools.loadrdf.trigger) (eq $.Values.graphdb.topology "standalone") }} - - name: loadrdf-tool - image: {{ include "renderFullImageName" (dict "globalRegistry" $.Values.global.imageRegistry "image" $.Values.images.graphdb) }} - imagePullPolicy: {{ $.Values.deployment.imagePullPolicy }} - resources: - limits: - cpu: {{ $.Values.graphdb.tools.resources.limits.cpu }} - memory: {{ $.Values.graphdb.tools.resources.limits.memory }} - requests: - cpu: {{ $.Values.graphdb.tools.resources.requests.cpu }} - memory: {{ $.Values.graphdb.tools.resources.requests.memory }} - volumeMounts: - {{- if hasKey $.Values.graphdb.workers.persistence "volumeClaimTemplateSpec" }} - - name: graphdb-worker-{{ $master_index }}-data-dynamic-pvc - {{- else }} - - name: graphdb-worker-storage - {{- end }} - mountPath: /opt/graphdb/home - {{- if and (eq $master_index 1) (or $.Values.graphdb.tools.preload.trigger $.Values.graphdb.tools.loadrdf.trigger) }} - {{- if hasKey $.Values.graphdb.tools.persistence "volumeClaimTemplateSpec" }} - - name: graphdb-worker-preload-dynamic-pvc - {{- else }} - - name: graphdb-worker-preload-data - {{- end }} - mountPath: /tmp/graphdb/ - {{- end }} - command: ['sh', '-c'] - args: - - | - cp /opt/graphdb/home/conf/graphdb.license /opt/graphdb/dist/conf/graphdb.license - echo "graphdb.home.data = /opt/graphdb/home/data/" >> /opt/graphdb/dist/conf/graphdb.properties - /opt/graphdb/dist/bin/loadrdf {{ $.Values.graphdb.tools.loadrdf.flags }} -c /tmp/graphdb/config.ttl -m parallel /tmp/graphdb/{{$.Values.graphdb.tools.loadrdf.rdfDataFile}} - echo "preload with loadrdf tool is done" - {{- end }} - {{- if and (and (eq $master_index 1) $.Values.graphdb.tools.loadrdf.trigger) (eq $.Values.graphdb.topology "standalone") }} - # PRELOAD TOOL - - name: preload-tool - image: {{ include "renderFullImageName" (dict "globalRegistry" $.Values.global.imageRegistry "image" $.Values.images.graphdb) }} - imagePullPolicy: {{ $.Values.deployment.imagePullPolicy }} - resources: - limits: - cpu: {{ $.Values.graphdb.tools.resources.limits.cpu }} - memory: {{ $.Values.graphdb.tools.resources.limits.memory }} - requests: - cpu: {{ $.Values.graphdb.tools.resources.requests.cpu }} - memory: {{ $.Values.graphdb.tools.resources.requests.memory }} - volumeMounts: - {{- if hasKey $.Values.graphdb.workers.persistence "volumeClaimTemplateSpec" }} - - name: graphdb-worker-{{ $master_index }}-data-dynamic-pvc - {{- else }} - - name: graphdb-worker-storage - {{- end }} - mountPath: /opt/graphdb/home - {{- if hasKey $.Values.graphdb.tools.persistence "volumeClaimTemplateSpec" }} - - name: graphdb-worker-preload-dynamic-pvc - {{- else }} - - name: graphdb-worker-preload-data - {{- end }} - command: ['sh', '-c'] - args: - - | - cp /opt/graphdb/home/conf/graphdb.license /opt/graphdb/dist/conf/graphdb.license - echo "graphdb.home.data = /opt/graphdb/home/data/" >> /opt/graphdb/dist/conf/graphdb.properties - /opt/graphdb/dist/bin/preload {{ $.Values.graphdb.tools.preload.flags }} -c /tmp/graphdb/config.ttl /tmp/graphdb/{{$.Values.graphdb.tools.preload.rdfDataFile}} - echo "preload with preload tool is done" - {{- end }} - # STORAGE TOOL - {{- if and (and (eq $master_index 1) $.Values.graphdb.tools.loadrdf.trigger) (eq $.Values.graphdb.topology "standalone") }} - - name: storage-tool - image: {{ include "renderFullImageName" (dict "globalRegistry" $.Values.global.imageRegistry "image" $.Values.images.graphdb) }} - imagePullPolicy: {{ $.Values.deployment.imagePullPolicy }} - resources: - limits: - cpu: {{ $.Values.graphdb.tools.resources.limits.cpu }} - memory: {{ $.Values.graphdb.tools.resources.limits.memory }} - requests: - cpu: {{ $.Values.graphdb.tools.resources.requests.cpu }} - memory: {{ $.Values.graphdb.tools.resources.requests.memory }} - volumeMounts: - {{- if hasKey $.Values.graphdb.workers.persistence "volumeClaimTemplateSpec" }} - - name: graphdb-worker-{{ $master_index }}-data-dynamic-pvc - {{- else }} - - name: graphdb-worker-storage - {{- end }} - mountPath: /opt/graphdb/home - command: ['sh', '-c'] - args: - - | - cdate=$(date +'%Y-%m-%d') - if [ -d /opt/graphdb/home/data/repositories/{{$.Values.graphdb.tools.storage_tool.repository}}/storage ]; then - result=$(/opt/graphdb/dist/bin/storage-tool -command={{ $.Values.graphdb.tools.storage_tool.command }} -storage=/opt/graphdb/home/data/repositories/{{$.Values.graphdb.tools.storage_tool.repository}}/storage {{$.Values.graphdb.tools.storage_tool.options}}) - echo -e "${result}" >> /opt/graphdb/home/data/storage-tool-${cdate}.log - echo -e "${result}" - if echo -e "${result}" | grep -qi "inconsistent" - then - exit 1 - fi - else - echo "The wanted repository does not exist" - fi - {{- end }} - ---- -apiVersion: {{ $.Values.versions.service }} -kind: Service -metadata: - name: graphdb-master-{{ $master_index }} - labels: - app: graphdb-master-{{ $master_index }} -spec: - selector: - app: graphdb-master-{{ $master_index }} - ports: - - name: graphdb-master-{{ $master_index }} - port: 7200 - targetPort: 7200 - protocol: TCP -{{ end }} diff --git a/templates/graphdb-node.yaml b/templates/graphdb-node.yaml new file mode 100644 index 00000000..fc139f82 --- /dev/null +++ b/templates/graphdb-node.yaml @@ -0,0 +1,214 @@ +{{- $configs := ($.Values.graphdb.configs | default dict) }} +--- +apiVersion: {{ $.Values.versions.statefulset }} +kind: StatefulSet +metadata: + name: graphdb-node + labels: {{- include "graphdb.labels" . | nindent 4 }} + app: graphdb-node +spec: + replicas: {{ $.Values.graphdb.clusterConfig.nodesCount }} + serviceName: graphdb-node + updateStrategy: + type: RollingUpdate + podManagementPolicy: Parallel + selector: + matchLabels: + app: graphdb-node + {{- if or (hasKey $.Values.graphdb.node.persistence "volumeClaimTemplateSpec") ($.Values.graphdb.import_directory_mount.enabled)}} + volumeClaimTemplates: + {{- if hasKey $.Values.graphdb.node.persistence "volumeClaimTemplateSpec" }} + - metadata: + name: graphdb-node-data-dynamic-pvc + {{- $spec := dict "globalStorageClassName" $.Values.global.storageClass "spec" $.Values.graphdb.node.persistence.volumeClaimTemplateSpec }} + spec: {{ include "renderVolumeClaimTemplateSpec" $spec | nindent 8 }} + {{- end }} + {{- if $.Values.graphdb.import_directory_mount.enabled }} + - metadata: + name: graphdb-server-import-dir + {{- $spec := dict "globalStorageClassName" $.Values.global.storageClass "spec" $.Values.graphdb.import_directory_mount.volumeClaimTemplateSpec }} + spec: {{ include "renderVolumeClaimTemplateSpec" $spec | nindent 8 }} + {{- end }} + {{- end }} + template: + metadata: + labels: + app: graphdb-node + annotations: + checksum/configmap: {{ include (print $.Template.BasePath "/configuration/graphdb-node-configmap.yaml") . | sha256sum }} + spec: + setHostnameAsFQDN: true + terminationGracePeriodSeconds: 120 + volumes: + {{- if $.Values.graphdb.node.license }} + - name: graphdb-license + secret: + secretName: {{ $.Values.graphdb.node.license }} + {{- end }} + {{- if or $configs.settingsConfigMap $.Values.graphdb.security.enabled }} + - name: graphdb-settings-config + configMap: + name: {{ $configs.settingsConfigMap | default "graphdb-settings-configmap" }} + {{- end }} + {{- if or $configs.usersConfigMap $.Values.graphdb.security.enabled }} + - name: graphdb-users-config + configMap: + name: {{ $configs.usersConfigMap | default "graphdb-users-configmap" }} + {{- end }} + {{- if $configs.propertiesConfigMap }} + - name: graphdb-properties-config + configMap: + name: {{ $configs.propertiesConfigMap }} + {{- end }} + {{- if $configs.logbackConfigMap }} + - name: graphdb-logback-config + configMap: + name: {{ $configs.logbackConfigMap }} + {{- end }} + imagePullSecrets: + {{- include "combinedImagePullSecrets" $ | nindent 8 }} + nodeSelector: + {{- default "{}" ($.Values.graphdb.node.nodeSelector | toYaml | nindent 8) }} + affinity: + {{- default "{}" ($.Values.graphdb.node.affinity | toYaml | nindent 8) }} + tolerations: + {{- default "{}" ($.Values.graphdb.node.tolerations | toYaml | nindent 8) }} + topologySpreadConstraints: + {{- default "{}" ($.Values.graphdb.node.topologySpreadConstraints | toYaml | nindent 8) }} + containers: + - name: graphdb-node + image: {{ include "renderFullImageName" (dict "globalRegistry" $.Values.global.imageRegistry "image" $.Values.images.graphdb) }} + imagePullPolicy: {{ $.Values.deployment.imagePullPolicy }} + ports: + - name: graphdb + containerPort: 7200 + {{- if gt (int (.Values.graphdb.clusterConfig.nodesCount)) 1 }} + - name: graphdb-rpc + containerPort: 7300 + {{- end }} + envFrom: + - configMapRef: + name: graphdb-node-configmap + volumeMounts: + {{- if hasKey $.Values.graphdb.node.persistence "volumeClaimTemplateSpec" }} + - name: graphdb-node-data-dynamic-pvc + {{- else }} + - name: graphdb-node-storage + {{- end }} + mountPath: /opt/graphdb/home + {{- if $.Values.graphdb.import_directory_mount.enabled }} + - name: graphdb-server-import-dir + mountPath: /opt/graphdb/home/graphdb-import + {{- end }} + resources: {{ $.Values.graphdb.node.resources | toYaml | nindent 12 }} + # Allow for GraphDB to start within 10*30 seconds before readiness & liveness probes interfere + startupProbe: {{ $.Values.graphdb.node.startupProbe | toYaml | nindent 12 }} + readinessProbe: {{ $.Values.graphdb.node.readinessProbe | toYaml | nindent 12 }} + livenessProbe: {{ $.Values.graphdb.node.livenessProbe | toYaml | nindent 12 }} + initContainers: + {{- if $.Values.graphdb.node.license }} + # LICENSE PROVISION + - name: provision-license + image: {{ include "renderFullImageName" (dict "globalRegistry" $.Values.global.imageRegistry "image" $.Values.images.busybox) }} + imagePullPolicy: {{ $.Values.deployment.imagePullPolicy }} + volumeMounts: + {{- if hasKey $.Values.graphdb.node.persistence "volumeClaimTemplateSpec" }} + - name: graphdb-node-data-dynamic-pvc + {{- else }} + - name: graphdb-node-storage + {{- end }} + mountPath: /opt/graphdb/home + - name: graphdb-license + mountPath: /tmp/license/ + command: ['sh', '-c'] + args: + - | + mkdir -p /opt/graphdb/home/conf/ + cd /opt/graphdb/home/conf/ + [ -f graphdb.license ] && rm graphdb.license + + mkdir -p /opt/graphdb/home/work/ + cd /opt/graphdb/home/work/ + [ -f graphdb.license ] && rm graphdb.license + + echo 'Provisioning GraphDB node license' + cp /tmp/license/*.license ./graphdb.license + echo 'Done' + {{- end }} + # PROVISION SETTINGS AND SECURITY + - name: provision-settings + image: {{ include "renderFullImageName" (dict "globalRegistry" $.Values.global.imageRegistry "image" $.Values.images.busybox) }} + imagePullPolicy: {{ $.Values.deployment.imagePullPolicy }} + volumeMounts: + {{- if hasKey $.Values.graphdb.node.persistence "volumeClaimTemplateSpec" }} + - name: graphdb-node-data-dynamic-pvc + {{- else }} + - name: graphdb-node-storage + {{- end }} + mountPath: /opt/graphdb/home + {{- if or $configs.settingsConfigMap $.Values.graphdb.security.enabled }} + - name: graphdb-settings-config + mountPath: /tmp/graphdb-settings-configmap + {{- end }} + {{- if or $configs.usersConfigMap $.Values.graphdb.security.enabled }} + - name: graphdb-users-config + mountPath: /tmp/graphdb-users-configmap + {{- end }} + {{- if $configs.propertiesConfigMap }} + - name: graphdb-properties-config + mountPath: /tmp/graphdb-properties-configmap + {{- end }} + {{- if $configs.logbackConfigMap }} + - name: graphdb-logback-config + mountPath: /tmp/graphdb-logback-configmap + {{- end }} + command: ['sh', '-c'] + args: + - | + set -eu + if [[ ! -f /opt/graphdb/home/work/workbench/settings.js && ! -f /opt/graphdb/home/data/users.js && -f /tmp/graphdb-users-configmap/users.js ]]; then + echo "Provisioning users with users.js file..." + mkdir -p /opt/graphdb/data ; + cp /tmp/graphdb-users-configmap/users.js /opt/graphdb/home/data/users.js + fi + if [[ ! -f /opt/graphdb/home/work/workbench/settings.js && ! -f /opt/graphdb/home/data/settings.js && -f /tmp/graphdb-settings-configmap/settings.js ]]; then + echo "Provisioning settings with settings.js file..." + mkdir -p /opt/graphdb/data ; + cp /tmp/graphdb-settings-configmap/settings.js /opt/graphdb/data/settings.js + fi + if [[ ! -f /opt/graphdb/home/conf/graphdb.properties && -f /tmp/graphdb-properties-configmap/graphdb.properties ]]; then + echo "Provisioning graphdb properties file..." + mkdir -p /opt/graphdb/home/conf ; + cp /tmp/graphdb-properties-configmap/graphdb.properties /opt/graphdb/home/conf/graphdb.properties + fi + if [[ ! -f /opt/graphdb/home/conf/logback.xml && -f /tmp/graphdb-logback-configmap/logback.xml ]]; then + echo "Provisioning logging config file..." + mkdir -p /opt/graphdb/home/conf ; + cp /tmp/graphdb-logback-configmap/logback.xml /opt/graphdb/home/conf/logback.xml + fi + mkdir -p /opt/graphdb/home/jdbc-driver + echo 'Done' + +--- +apiVersion: {{ $.Values.versions.service }} +kind: Service +metadata: + name: graphdb-node + labels: + app: graphdb-node + {{- include "graphdb.labels" . | nindent 4 }} +spec: + selector: + app: graphdb-node + ports: + - name: graphdb + port: 7200 + targetPort: 7200 + protocol: TCP +{{- if gt (int $.Values.graphdb.clusterConfig.nodesCount) 1 }} + - name: rpc + port: 7300 + targetPort: 7300 + protocol: TCP + clusterIP: None +{{- end }} diff --git a/templates/graphdb-utils-configmap.yaml b/templates/graphdb-utils-configmap.yaml index 2afb6ccb..567303df 100644 --- a/templates/graphdb-utils-configmap.yaml +++ b/templates/graphdb-utils-configmap.yaml @@ -4,14 +4,7 @@ metadata: name: graphdb-utils-configmap labels: name: graphdb-utils-configmap + {{- include "graphdb.labels" . | nindent 4 }} data: graphdb.sh: |- {{ tpl (.Files.Get "files/scripts/graphdb.sh" | indent 4) . }} - backup.sh: |- -{{ tpl (.Files.Get "files/scripts/backup.sh" | indent 4) . }} - deleteBackup.sh: |- -{{ tpl (.Files.Get "files/scripts/deleteBackup.sh" | indent 4) . }} - runManualBackup.sh: |- -{{ tpl (.Files.Get "files/scripts/runManualBackup.sh" | indent 4) . }} - runRestoreBackup.sh: |- -{{ tpl (.Files.Get "files/scripts/runRestoreBackup.sh" | indent 4) . }} diff --git a/templates/graphdb-worker.yaml b/templates/graphdb-worker.yaml deleted file mode 100644 index 6cff3403..00000000 --- a/templates/graphdb-worker.yaml +++ /dev/null @@ -1,370 +0,0 @@ -{{ if ne .Values.graphdb.topology "standalone" }} - -# Loop over the replica count -{{ range $i, $worker_index := untilStep 1 (add1 $.Values.graphdb.clusterConfig.workersCount | int ) 1 }} - -{{ $worker_endpoint := printf "http://graphdb-worker-%d:7200" $worker_index }} -{{ $authToken := ((printf "%s:%s" $.Values.graphdb.security.provisioningUsername $.Values.graphdb.security.provisioningPassword) | b64enc) }} -{{- $configs := ($.Values.graphdb.configs | default dict) }} ---- -apiVersion: {{ $.Values.versions.statefulset }} -kind: StatefulSet -metadata: - name: graphdb-worker-{{ $worker_index }} - labels: - app: graphdb-worker-{{ $worker_index }} -spec: - replicas: 1 - serviceName: graphdb-worker-{{ $worker_index }} - updateStrategy: - type: RollingUpdate - selector: - matchLabels: - app: graphdb-worker-{{ $worker_index }} - {{- if hasKey $.Values.graphdb.workers.persistence "volumeClaimTemplateSpec" }} - volumeClaimTemplates: - - metadata: - name: graphdb-worker-{{ $worker_index }}-data-dynamic-pvc - {{- $spec := dict "globalStorageClassName" $.Values.global.storageClass "spec" $.Values.graphdb.workers.persistence.volumeClaimTemplateSpec }} - spec: {{ include "renderVolumeClaimTemplateSpec" $spec | nindent 8 }} - {{- end }} - template: - metadata: - labels: - app: graphdb-worker-{{ $worker_index }} - spec: - terminationGracePeriodSeconds: 60 - volumes: - - name: graphdb-license - secret: - secretName: {{ default $.Values.graphdb.workers.license (include "resolveWorkerValue" (dict "nodes" $.Values.graphdb.workers.nodes "value_name" "license" "worker_index" $worker_index)) }} - {{- if not (hasKey $.Values.graphdb.workers.persistence "volumeClaimTemplateSpec") }} - - name: graphdb-worker-storage - persistentVolumeClaim: - claimName: graphdb-worker-{{ $worker_index }}-data-pvc - {{- end }} - - name: graphdb-worker-repo-config - configMap: - name: {{ required "Config map with .ttl for repositories creation is required!" $.Values.graphdb.workers.repositoryConfigmap }} - {{- if or $configs.settingsConfigMap $.Values.graphdb.security.enabled }} - - name: graphdb-settings-config - configMap: - name: {{ $configs.settingsConfigMap | default "graphdb-settings-configmap" }} - {{- end }} - {{- if or $configs.usersConfigMap $.Values.graphdb.security.enabled }} - - name: graphdb-users-config - configMap: - name: {{ $configs.usersConfigMap | default "graphdb-users-configmap" }} - {{- end }} - - name: graphdb-utils - configMap: - name: graphdb-utils-configmap - {{- if $configs.propertieConfigMap }} - - name: graphdb-properties-config - configMap: - name: {{ $configs.propertieConfigMap }} - {{- end}} - {{- if $configs.logbackConfigMap }} - - name: graphdb-logback-config - configMap: - name: {{ $configs.logbackConfigMap }} - {{- end }} - {{- if $configs.jolokiaAccessConfigMap }} - - name: graphdb-jolokia-access-config - configMap: - name: {{ $configs.jolokiaAccessConfigMap }} - {{- end }} - {{- if and (eq $worker_index 1) (or $.Values.graphdb.tools.preload.trigger $.Values.graphdb.tools.loadrdf.trigger) }} - - name: graphdb-worker-preload-data - persistentVolumeClaim: - claimName: graphdb-worker-preload-data-pvc - {{- end }} - imagePullSecrets: - {{- include "combinedImagePullSecrets" $ | nindent 8 }} - nodeSelector: - {{- default "{}" (default ($.Values.graphdb.workers.nodeSelector | toYaml ) (include "resolveWorkerValue" (dict "nodes" $.Values.graphdb.workers.nodes "value_name" "nodeSelector" "worker_index" $worker_index))) | nindent 8 }} - affinity: - {{- default "{}" (default ($.Values.graphdb.workers.affinity | toYaml) (include "resolveWorkerValue" (dict "nodes" $.Values.graphdb.workers.nodes "value_name" "affinity" "worker_index" $worker_index))) | nindent 8 }} - tolerations: - {{- default "{}" (default ($.Values.graphdb.workers.tolerations | toYaml) (include "resolveWorkerValue" (dict "nodes" $.Values.graphdb.workers.nodes "value_name" "tolerations" "worker_index" $worker_index))) | nindent 8 }} - topologySpreadConstraints: - {{- default "" (default ($.Values.graphdb.workers.topologySpreadConstraints | toYaml) (include "resolveWorkerValue" (dict "nodes" $.Values.graphdb.workers.nodes "value_name" "topologySpreadConstraints" "worker_index" $worker_index))) | nindent 8 }} - containers: - - name: graphdb-worker-{{ $worker_index }} - image: {{ include "renderFullImageName" (dict "globalRegistry" $.Values.global.imageRegistry "image" $.Values.images.graphdb) }} - imagePullPolicy: {{ $.Values.deployment.imagePullPolicy }} - ports: - - name: graphdb-m-{{ $worker_index }} - containerPort: 7200 - envFrom: - - configMapRef: - name: graphdb-worker-{{ $worker_index }}-configmap - volumeMounts: - {{- if hasKey $.Values.graphdb.workers.persistence "volumeClaimTemplateSpec" }} - - name: graphdb-worker-{{ $worker_index }}-data-dynamic-pvc - {{- else }} - - name: graphdb-worker-storage - {{- end }} - mountPath: /opt/graphdb/home - resources: {{ $.Values.graphdb.workers.resources | toYaml | nindent 12 }} - # Allow for GraphDB to start within 10*30 seconds before readiness & liveness probes interfere - startupProbe: - httpGet: - path: /protocol - port: graphdb-m-{{ $worker_index }} - failureThreshold: 30 - timeoutSeconds: 5 - periodSeconds: 10 - readinessProbe: - httpGet: - path: /protocol - port: graphdb-m-{{ $worker_index }} - initialDelaySeconds: 5 - timeoutSeconds: 5 - periodSeconds: 10 - livenessProbe: - httpGet: - path: /protocol - port: graphdb-m-{{ $worker_index }} - initialDelaySeconds: 10 - timeoutSeconds: 5 - periodSeconds: 10 - initContainers: - # LICENSE PROVISION - - name: provision-license - image: {{ include "renderFullImageName" (dict "globalRegistry" $.Values.global.imageRegistry "image" $.Values.images.busybox) }} - imagePullPolicy: {{ $.Values.deployment.imagePullPolicy }} - volumeMounts: - {{- if hasKey $.Values.graphdb.workers.persistence "volumeClaimTemplateSpec" }} - - name: graphdb-worker-{{ $worker_index }}-data-dynamic-pvc - {{- else }} - - name: graphdb-worker-storage - {{- end }} - mountPath: /opt/graphdb/home - - name: graphdb-license - mountPath: /tmp/license/ - command: ['sh', '-c'] - args: - - | - mkdir -p /opt/graphdb/home/conf/ - cd /opt/graphdb/home/conf/ - [ -f graphdb.license ] && echo "License present, exiting..." && exit 0 - - echo 'Provisioning GraphDB worker {{ $worker_index }} license' - cp /tmp/license/*.license ./graphdb.license - echo 'Done' - # REPO PROVISION - - name: provision-worker-repository - image: {{ include "renderFullImageName" (dict "globalRegistry" $.Values.global.imageRegistry "image" $.Values.images.busybox) }} - imagePullPolicy: {{ $.Values.deployment.imagePullPolicy }} - volumeMounts: - {{- if hasKey $.Values.graphdb.workers.persistence "volumeClaimTemplateSpec" }} - - name: graphdb-worker-{{ $worker_index }}-data-dynamic-pvc - {{- else }} - - name: graphdb-worker-storage - {{- end }} - mountPath: /opt/graphdb/home - - name: graphdb-worker-repo-config - mountPath: /tmp/graphdb - command: ['sh', '-c'] - args: - - | - set -eu - for filename in /tmp/graphdb/*.ttl; do - repositoryName=$(grep "rep:repositoryID" $filename | sed -ne 's/rep:repositoryID "//p' | sed -ne 's/" ;//p' | sed -ne 's/^[[:space:]]*//p') - echo "Repo name: $repositoryName" - echo "File name: $filename" - mkdir -p /opt/graphdb/home/data/repositories/$repositoryName ; - cd /opt/graphdb/home/data/repositories/$repositoryName ; - - # If the repo configuration exists -> skip provisioning - [ -f config.ttl ] && echo "Repository $repositoryName exists, exiting..." && exit 0 - - echo "Provisioning GraphDB $repositoryName repository with file $filename" ; - cp $filename ./config.ttl ; - echo 'Done' - done - - # PROVISION SETTINGS AND SECURITY - - name: provision-settings - image: {{ include "renderFullImageName" (dict "globalRegistry" $.Values.global.imageRegistry "image" $.Values.images.busybox) }} - imagePullPolicy: {{ $.Values.deployment.imagePullPolicy }} - volumeMounts: - {{- if hasKey $.Values.graphdb.workers.persistence "volumeClaimTemplateSpec" }} - - name: graphdb-worker-{{ $worker_index }}-data-dynamic-pvc - {{- else }} - - name: graphdb-worker-storage - {{- end }} - mountPath: /opt/graphdb/home - {{- if or $configs.settingsConfigMap $.Values.graphdb.security.enabled }} - - name: graphdb-settings-config - mountPath: /tmp/graphdb-settigns-configmap - {{- end }} - {{- if or $configs.usersConfigMap $.Values.graphdb.security.enabled }} - - name: graphdb-users-config - mountPath: /tmp/graphdb-users-configmap - {{- end }} - {{- if $configs.propertieConfigMap }} - - name: graphdb-properties-config - mountPath: /tmp/graphdb-properties-configmap - {{- end }} - {{- if $configs.logbackConfigMap }} - - name: graphdb-logback-config - mountPath: /tmp/graphdb-logback-configmap - {{- end }} - {{- if $configs.jolokiaAccessConfigMap }} - - name: graphdb-jolokia-access-config - mountPath: /tmp/graphdb-jolokia-access-configmap - {{- end }} - command: ['sh', '-c'] - args: - - | - set -eu - if [[ ! -f /opt/graphdb/home/work/workbench/settings.js && ! -f /opt/graphdb/home/work/workbench/users.js && -f /tmp/graphdb-users-configmap/users.js ]]; then - echo "Provisioning users with users.js file..." - mkdir -p /opt/graphdb/home/work/workbench ; - cp /tmp/graphdb-users-configmap/users.js /opt/graphdb/home/work/workbench/users.js - fi - if [[ ! -f /opt/graphdb/home/work/workbench/settings.js && -f /tmp/graphdb-settigns-configmap/settings.js ]]; then - echo "Provisioning settings with settings.js file..." - mkdir -p /opt/graphdb/home/work/workbench ; - cp /tmp/graphdb-settigns-configmap/settings.js /opt/graphdb/home/work/workbench/settings.js - fi - if [[ ! -f /opt/graphdb/home/conf/graphdb.properties && -f /tmp/graphdb-properties-configmap/graphdb.properties ]]; then - echo "Provisioning graphdb properties file..." - mkdir -p /opt/graphdb/home/conf ; - cp /tmp/graphdb-properties-configmap/graphdb.properties /opt/graphdb/home/conf/graphdb.properties - fi - if [[ ! -f /opt/graphdb/home/conf/logback.xml && -f /tmp/graphdb-logback-configmap/logback.xml ]]; then - echo "Provisioning logging config file..." - mkdir -p /opt/graphdb/home/conf ; - cp /tmp/graphdb-logback-configmap/logback.xml /opt/graphdb/home/conf/logback.xml - fi - if [[ ! -f /opt/graphdb/home/conf/jolokia-access.xml && -f /tmp/graphdb-jolokia-access-configmap/jolokia-access.xml ]]; then - echo "Provisioning jolokia access config file..." - mkdir -p /opt/graphdb/home/conf ; - cp /tmp/graphdb-jolokia-access-configmap/jolokia-access.xml /opt/graphdb/home/conf/jolokia-access.xml - fi - mkdir -p /opt/graphdb/home/jdbc-driver - echo 'Done' - # LOADRDF TOOL - {{- if and (eq $worker_index 1) $.Values.graphdb.tools.loadrdf.trigger }} - - name: loadrdf-tool - image: {{ include "renderFullImageName" (dict "globalRegistry" $.Values.global.imageRegistry "image" $.Values.images.graphdb) }} - imagePullPolicy: {{ $.Values.deployment.imagePullPolicy }} - resources: - limits: - cpu: {{ $.Values.graphdb.tools.resources.limits.cpu }} - memory: {{ $.Values.graphdb.tools.resources.limits.memory }} - requests: - cpu: {{ $.Values.graphdb.tools.resources.requests.cpu }} - memory: {{ $.Values.graphdb.tools.resources.requests.memory }} - volumeMounts: - {{- if hasKey $.Values.graphdb.workers.persistence "volumeClaimTemplateSpec" }} - - name: graphdb-worker-{{ $worker_index }}-data-dynamic-pvc - {{- else }} - - name: graphdb-worker-storage - {{- end }} - mountPath: /opt/graphdb/home - {{- if and (eq $worker_index 1) (or $.Values.graphdb.tools.preload.trigger $.Values.graphdb.tools.loadrdf.trigger) }} - {{- if hasKey $.Values.graphdb.tools.persistence "volumeClaimTemplateSpec" }} - - name: graphdb-worker-preload-dynamic-pvc - {{- else }} - - name: graphdb-worker-preload-data - {{- end }} - mountPath: /tmp/graphdb/ - {{- end }} - command: ['sh', '-c'] - args: - - | - cp /opt/graphdb/home/conf/graphdb.license /opt/graphdb/dist/conf/graphdb.license - echo "graphdb.home.data = /opt/graphdb/home/data/" >> /opt/graphdb/dist/conf/graphdb.properties - /opt/graphdb/dist/bin/loadrdf {{ $.Values.graphdb.tools.loadrdf.flags }} -c /tmp/graphdb/config.ttl -m parallel /tmp/graphdb/{{$.Values.graphdb.tools.loadrdf.rdfDataFile}} - echo "preload with loadrdf tool is done" - {{- end }} - {{- if and (eq $worker_index 1) $.Values.graphdb.tools.preload.trigger }} - # PRELOAD TOOL - - name: preload-tool - image: {{ include "renderFullImageName" (dict "globalRegistry" $.Values.global.imageRegistry "image" $.Values.images.graphdb) }} - imagePullPolicy: {{ $.Values.deployment.imagePullPolicy }} - resources: - limits: - cpu: {{ $.Values.graphdb.tools.resources.limits.cpu }} - memory: {{ $.Values.graphdb.tools.resources.limits.memory }} - requests: - cpu: {{ $.Values.graphdb.tools.resources.requests.cpu }} - memory: {{ $.Values.graphdb.tools.resources.requests.memory }} - volumeMounts: - {{- if hasKey $.Values.graphdb.workers.persistence "volumeClaimTemplateSpec" }} - - name: graphdb-worker-{{ $worker_index }}-data-dynamic-pvc - {{- else }} - - name: graphdb-worker-storage - {{- end }} - mountPath: /opt/graphdb/home - {{- if hasKey $.Values.graphdb.tools.persistence "volumeClaimTemplateSpec" }} - - name: graphdb-worker-preload-dynamic-pvc - {{- else }} - - name: graphdb-worker-preload-data - {{- end }} - command: ['sh', '-c'] - args: - - | - cp /opt/graphdb/home/conf/graphdb.license /opt/graphdb/dist/conf/graphdb.license - echo "graphdb.home.data = /opt/graphdb/home/data/" >> /opt/graphdb/dist/conf/graphdb.properties - /opt/graphdb/dist/bin/preload {{ $.Values.graphdb.tools.preload.flags }} -c /tmp/graphdb/config.ttl /tmp/graphdb/{{$.Values.graphdb.tools.preload.rdfDataFile}} - echo "preload with preload tool is done" - {{- end }} - # STORAGE TOOL - {{- if and (eq $worker_index 1) $.Values.graphdb.tools.storage_tool.trigger }} - - name: storage-tool - image: {{ include "renderFullImageName" (dict "globalRegistry" $.Values.global.imageRegistry "image" $.Values.images.graphdb) }} - imagePullPolicy: {{ $.Values.deployment.imagePullPolicy }} - resources: - limits: - cpu: {{ $.Values.graphdb.tools.resources.limits.cpu }} - memory: {{ $.Values.graphdb.tools.resources.limits.memory }} - requests: - cpu: {{ $.Values.graphdb.tools.resources.requests.cpu }} - memory: {{ $.Values.graphdb.tools.resources.requests.memory }} - volumeMounts: - {{- if hasKey $.Values.graphdb.workers.persistence "volumeClaimTemplateSpec" }} - - name: graphdb-worker-{{ $worker_index }}-data-dynamic-pvc - {{- else }} - - name: graphdb-worker-storage - {{- end }} - mountPath: /opt/graphdb/home - command: ['sh', '-c'] - args: - - | - cdate=$(date +'%Y-%m-%d') - if [ -d /opt/graphdb/home/data/repositories/{{$.Values.graphdb.tools.storage_tool.repository}}/storage ]; then - result=$(/opt/graphdb/dist/bin/storage-tool -command={{ $.Values.graphdb.tools.storage_tool.command }} -storage=/opt/graphdb/home/data/repositories/{{$.Values.graphdb.tools.storage_tool.repository}}/storage {{$.Values.graphdb.tools.storage_tool.options}}) - echo -e "${result}" >> /opt/graphdb/home/data/storage-tool-${cdate}.log - echo -e "${result}" - if echo -e "${result}" | grep -qi "inconsistent" - then - exit 1 - fi - else - echo "The wanted repository does not exist" - fi - {{- end }} - ---- -apiVersion: {{ $.Values.versions.service }} -kind: Service -metadata: - name: graphdb-worker-{{ $worker_index }} - labels: - app: graphdb-worker-{{ $worker_index }} -spec: - selector: - app: graphdb-worker-{{ $worker_index }} - ports: - - name: graphdb-worker-{{ $worker_index }} - port: 7200 - targetPort: 7200 - protocol: TCP - -{{ end }} -{{ end }} diff --git a/templates/jobs/backup-job.yaml b/templates/jobs/backup-job.yaml deleted file mode 100644 index 1a703204..00000000 --- a/templates/jobs/backup-job.yaml +++ /dev/null @@ -1,37 +0,0 @@ -{{- if and (hasKey .Values.graphdb.backupRestore "auto_backup") .Values.graphdb.backupRestore.enable_backups }} -apiVersion: batch/v1beta1 -kind: CronJob -metadata: - name: backup-cluster - annotations: - "helm.sh/hook": post-install, post-upgrade, post-rollback - "helm.sh/hook-delete-policy": before-hook-creation, hook-failed -spec: - failedJobsHistoryLimit: 2 - successfulJobsHistoryLimit: 2 - schedule: {{ .Values.graphdb.backupRestore.auto_backup | quote }} - jobTemplate: - spec: - template: - spec: - imagePullSecrets: - {{- include "combinedImagePullSecrets" $ | nindent 12 }} - containers: - - name: backup - image: {{ include "renderFullImageName" (dict "globalRegistry" $.Values.global.imageRegistry "image" $.Values.images.graphdb) }} - volumeMounts: - - name: graphdb-utils - mountPath: /tmp/utils - command: ['bash', - '-c', - 'cp /tmp/utils/backup.sh /usr/local/bin/backup.sh; chmod +x /usr/local/bin/backup.sh; - {{- range .Values.graphdb.backupRestore.repositories }} - /usr/local/bin/backup.sh "{{ . }}" {{ $.Values.graphdb.topology | quote }}; - {{- end }} - >> /proc/1/fd/1'] - restartPolicy: Never - volumes: - - name: graphdb-utils - configMap: - name: graphdb-utils-configmap -{{- end }} diff --git a/templates/jobs/cleanup-backup-job.yaml b/templates/jobs/cleanup-backup-job.yaml deleted file mode 100644 index d2170b61..00000000 --- a/templates/jobs/cleanup-backup-job.yaml +++ /dev/null @@ -1,42 +0,0 @@ -{{- if and (hasKey .Values.graphdb.backupRestore "cleanup_cron") .Values.graphdb.backupRestore.enable_automatic_backups_cleanup }} -apiVersion: batch/v1beta1 -kind: CronJob -metadata: - name: backup-cleanup - annotations: - "helm.sh/hook": post-install, post-upgrade, post-rollback - "helm.sh/hook-delete-policy": before-hook-creation, hook-failed -spec: - schedule: {{ .Values.graphdb.backupRestore.cleanup_cron | quote }} - failedJobsHistoryLimit: 2 - successfulJobsHistoryLimit: 2 - jobTemplate: - spec: - template: - spec: - imagePullSecrets: - {{- include "combinedImagePullSecrets" $ | nindent 12 }} - containers: - - name: backup-del - image: {{ include "renderFullImageName" (dict "globalRegistry" $.Values.global.imageRegistry "image" $.Values.images.graphdb) }} - volumeMounts: - - name: graphdb-utils - mountPath: /tmp/utils - - name: graphdb-backup - mountPath: {{ $.Values.deployment.storage }}/graphdb-backups/ - command: ['bash', - '-c', - 'cp /tmp/utils/deleteBackup.sh /usr/local/bin/deleteBackup.sh; chmod +x /usr/local/bin/deleteBackup.sh; - {{- range .Values.graphdb.backupRestore.repositories }} - /usr/local/bin/deleteBackup.sh {{ $.Values.deployment.storage }}/graphdb-backups/backup {{ . }} {{ $.Values.graphdb.backupRestore.backups_count }} {{ $.Values.graphdb.backupRestore.backup_max_age }} - {{- end }} - >> /proc/1/fd/1' ] - restartPolicy: Never - volumes: - - name: graphdb-utils - configMap: - name: graphdb-utils-configmap - - name: graphdb-backup - persistentVolumeClaim: - claimName: graphdb-backup-pvc-graphdb-master-1-0 -{{- end }} diff --git a/templates/jobs/manual-backup-job.yaml b/templates/jobs/manual-backup-job.yaml deleted file mode 100644 index e6bb79dc..00000000 --- a/templates/jobs/manual-backup-job.yaml +++ /dev/null @@ -1,34 +0,0 @@ -{{- if and (hasKey .Values.graphdb.backupRestore "trigger_backup") (ne .Values.graphdb.backupRestore.trigger_backup "") }} -apiVersion: batch/v1 -kind: Job -metadata: - name: run-manual-backup -spec: - ttlSecondsAfterFinished: 60 - template: - spec: - imagePullSecrets: - {{- include "combinedImagePullSecrets" $ | nindent 8 }} - containers: - - name: run-script-manual-backup - image: {{ include "renderFullImageName" (dict "globalRegistry" $.Values.global.imageRegistry "image" $.Values.images.graphdb) }} - volumeMounts: - - name: graphdb-utils - mountPath: /tmp/utils - command: ['bash', - '-c'] - args: - - | - cp /tmp/utils/runManualBackup.sh /tmp/utils/backup.sh /usr/local/bin/; - chmod +x /usr/local/bin/runManualBackup.sh; - chmod +x /usr/local/bin/backup.sh; - {{- range .Values.graphdb.backupRestore.repositories }} - /usr/local/bin/runManualBackup.sh "{{ $.Values.graphdb.backupRestore.trigger_backup }}" "{{ . }}" {{ $.Values.graphdb.topology | quote }} - {{- end }} - >> /proc/1/fd/1 - restartPolicy: OnFailure - volumes: - - name: graphdb-utils - configMap: - name: graphdb-utils-configmap -{{- end }} diff --git a/templates/jobs/post-start-job.yaml b/templates/jobs/post-start-job.yaml index eb18329d..c66a17c9 100644 --- a/templates/jobs/post-start-job.yaml +++ b/templates/jobs/post-start-job.yaml @@ -1,10 +1,12 @@ +{{- if gt (int .Values.graphdb.clusterConfig.nodesCount) 1 }} #Set auth token var {{- $authToken := printf "%s:%s" .Values.graphdb.security.provisioningUsername .Values.graphdb.security.provisioningPassword | b64enc }} -{{- if ne (lower .Values.graphdb.topology) "standalone" }} apiVersion: batch/v1 kind: Job metadata: - name: link-graphdb-cluster-job + name: create-graphdb-cluster-job + labels: + {{- include "graphdb.labels" . | nindent 4 }} annotations: "helm.sh/hook": post-install, post-upgrade, post-rollback "helm.sh/hook-delete-policy": before-hook-creation, hook-succeeded, hook-failed @@ -15,7 +17,7 @@ spec: imagePullSecrets: {{- include "combinedImagePullSecrets" $ | nindent 8 }} containers: - - name: link-graphdb-cluster + - name: create-graphdb-cluster image: {{ include "renderFullImageName" (dict "globalRegistry" $.Values.global.imageRegistry "image" $.Values.images.graphdb) }} securityContext: allowPrivilegeEscalation: false @@ -23,106 +25,22 @@ spec: volumeMounts: - name: graphdb-utils mountPath: /tmp/utils - - name: graphdb-master-repo-config - mountPath: /tmp/master-repos + - name: cluster-config + mountPath: /tmp/cluster-config command: ['sh','-c'] - {{- if eq (lower .Values.graphdb.topology) "1m_3w" }} args: - | - for filename in /tmp/master-repos/*.ttl; do - repositoryName=$(grep "rep:repositoryID" $filename | sed -ne 's/rep:repositoryID "//p' | sed -ne 's/" ;//p' | sed -ne 's/^[[:space:]]*//p') - cp /tmp/utils/graphdb.sh /usr/local/bin/graphdb.sh; chmod +x /usr/local/bin/graphdb.sh ; /usr/local/bin/graphdb.sh link_1m_3w {{ .Values.graphdb.clusterConfig.mastersCount }} "$repositoryName" {{ .Values.graphdb.clusterConfig.workersCount }} "$repositoryName" "{{ $authToken }}" >> /proc/1/fd/1 - done - {{- else if eq (lower .Values.graphdb.topology) "2m3w_rw_ro" }} - args: - - | - for filename in /tmp/master-repos/*.ttl; do - repositoryName=$(grep "rep:repositoryID" $filename | sed -ne 's/rep:repositoryID "//p' | sed -ne 's/" ;//p' | sed -ne 's/^[[:space:]]*//p') - cp /tmp/utils/graphdb.sh /usr/local/bin/graphdb.sh; chmod +x /usr/local/bin/graphdb.sh ; - /usr/local/bin/graphdb.sh waitAllInstances {{ .Values.graphdb.clusterConfig.mastersCount }} "$repositoryName" {{ .Values.graphdb.clusterConfig.workersCount }} "$repositoryName" "{{ $authToken }}"; - - {{- range .Values.graphdb.clusterConfig.readOnlyMasters }} - /usr/local/bin/graphdb.sh setInstanceReadOnly graphdb-{{ . }} "$repositoryName" "{{ $authToken }}"; - {{- end }} - - {{ range $i, $master_index := untilStep 1 (add1 $.Values.graphdb.clusterConfig.mastersCount | int ) 1 }} - {{ range $j, $worker_index := untilStep 1 (add1 $.Values.graphdb.clusterConfig.workersCount | int ) 1 }} - /usr/local/bin/graphdb.sh linkWorkerToMaster graphdb-master-{{ $master_index }} "$repositoryName" graphdb-worker-{{ $worker_index }} "$repositoryName" "{{ $authToken }}"; - {{- end }} - {{- end }} - - {{- range .Values.graphdb.clusterConfig.syncPeersMapping }} - {{- $split := split "<->" . }} - /usr/local/bin/graphdb.sh setSyncPeer graphdb-{{ trim $split._0 }} "$repositoryName" graphdb-{{ trim $split._1 }} "$repositoryName" "{{ $authToken }}"; - /usr/local/bin/graphdb.sh setSyncPeer graphdb-{{ trim $split._1 }} "$repositoryName" graphdb-{{ trim $split._0 }} "$repositoryName" "{{ $authToken }}"; - {{- end }} - >> /proc/1/fd/1 - done - {{- else if eq (lower .Values.graphdb.topology) "2m3w_muted" }} - args: - - | - for filename in /tmp/master-repos/*.ttl; do - repositoryName=$(grep "rep:repositoryID" $filename | sed -ne 's/rep:repositoryID "//p' | sed -ne 's/" ;//p' | sed -ne 's/^[[:space:]]*//p') - cp /tmp/utils/graphdb.sh /usr/local/bin/graphdb.sh; chmod +x /usr/local/bin/graphdb.sh ; - /usr/local/bin/graphdb.sh waitAllInstances {{ .Values.graphdb.clusterConfig.mastersCount }} "$repositoryName" {{ .Values.graphdb.clusterConfig.workersCount }} "$repositoryName" "{{ $authToken }}"; - - {{- range .Values.graphdb.clusterConfig.masterWorkerMapping }} - {{- $split := split "->" . }} - /usr/local/bin/graphdb.sh linkWorkerToMaster graphdb-{{ trim $split._0 }} "$repositoryName" graphdb-{{ trim $split._1 }} "$repositoryName" "{{ $authToken }}"; - {{- end }} - - {{ range $j, $worker_index := untilStep 1 (add1 $.Values.graphdb.clusterConfig.workersCount | int ) 1 }} - {{/* Set all workers as a remote location for master 1 */}} - /usr/local/bin/graphdb.sh addInstanceAsRemoteLocation graphdb-master-1 graphdb-worker-{{ $worker_index }} "{{ $authToken }}"; - {{- end }} - - {{- range .Values.graphdb.clusterConfig.mutedMasters }} - /usr/local/bin/graphdb.sh setInstanceMuted graphdb-{{ . }} "$repositoryName" "{{ $authToken }}"; - {{- end }} - - {{- range .Values.graphdb.clusterConfig.syncPeersMapping }} - {{- $split := split "<->" . }} - /usr/local/bin/graphdb.sh setSyncPeer graphdb-{{ trim $split._0 }} "$repositoryName" graphdb-{{ trim $split._1 }} "$repositoryName" "{{ $authToken }}"; - /usr/local/bin/graphdb.sh setSyncPeer graphdb-{{ trim $split._1 }} "$repositoryName" graphdb-{{ trim $split._0 }} "$repositoryName" "{{ $authToken }}"; - {{- end }} - >> /proc/1/fd/1 - done - {{- end }} - {{- if gt (len $.Values.graphdb.masters.additionalJmxArrtibutes) 0 }} - - name: set-jmx-attributes - image: {{ include "renderFullImageName" (dict "globalRegistry" $.Values.global.imageRegistry "image" $.Values.images.graphdb) }} - securityContext: - allowPrivilegeEscalation: false - runAsUser: 0 - volumeMounts: - - name: graphdb-utils - mountPath: /tmp/utils - - name: graphdb-master-repo-config - mountPath: /tmp/master-repos - command: ['sh','-c'] - args: - - | - cp /tmp/utils/graphdb.sh /usr/local/bin/graphdb.sh - chmod +x /usr/local/bin/graphdb.sh - - for filename in /tmp/master-repos/*.ttl; do - repositoryName=$(grep "rep:repositoryID" $filename | sed -ne 's/rep:repositoryID "//p' | sed -ne 's/" ;//p' | sed -ne 's/^[[:space:]]*//p') - - /usr/local/bin/graphdb.sh waitMasters {{ .Values.graphdb.clusterConfig.mastersCount }} "$repositoryName" - for i in `seq 1 {{ .Values.graphdb.clusterConfig.mastersCount }}`; do - {{- range $name, $value := $.Values.graphdb.masters.additionalJmxArrtibutes }} - /usr/local/bin/graphdb.sh setJmxAttribute "graphdb-master-$i" "$repositoryName" "{{ $authToken }}" "{{ $name }}" "{{ $value }}" - {{- end }} - done - done - {{- end }} + cp /tmp/cluster-config/cluster-config.json /usr/local/bin/cluster-config.json + cp /tmp/utils/graphdb.sh /usr/local/bin/graphdb.sh; chmod +x /usr/local/bin/graphdb.sh + /usr/local/bin/graphdb.sh createCluster {{ .Values.graphdb.clusterConfig.nodesCount }} "/usr/local/bin/cluster-config.json" "{{ $authToken }}" {{ .Values.graphdb.clusterConfig.clusterCreationTimeout }} >> /proc/1/fd/1 restartPolicy: Never volumes: + - name: cluster-config + configMap: + name: graphdb-cluster-config-configmap - name: graphdb-utils configMap: name: graphdb-utils-configmap - - name: graphdb-master-repo-config - configMap: - name: {{ required "Config map for config.ttl is required!" $.Values.graphdb.masters.repositoryConfigmap }} - backoffLimit: 4 + backoffLimit: 9 {{- end }} + diff --git a/templates/jobs/restore-job.yaml b/templates/jobs/restore-job.yaml deleted file mode 100644 index 88719e02..00000000 --- a/templates/jobs/restore-job.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{{- if and (ne .Values.graphdb.topology "standalone") (and (hasKey .Values.graphdb.backupRestore "trigger_restore") .Values.graphdb.backupRestore.enable_restore) }} -apiVersion: batch/v1 -kind: Job -metadata: - name: restore-job -spec: - backoffLimit: 3 - template: - spec: - imagePullSecrets: - {{- include "combinedImagePullSecrets" $ | nindent 8 }} - containers: - - name: run-script-restore-from-backup - image: {{ include "renderFullImageName" (dict "globalRegistry" $.Values.global.imageRegistry "image" $.Values.images.graphdb) }} - volumeMounts: - - name: graphdb-utils - mountPath: /tmp/utils - command: ['sh', - '-c', - 'cp /tmp/utils/runRestoreBackup.sh /usr/local/bin/; chmod +x /usr/local/bin/runRestoreBackup.sh; /usr/local/bin/runRestoreBackup.sh "{{.Values.graphdb.backupRestore.trigger_restore}}" "{{.Values.graphdb.backupRestore.restore_repository}}" "{{ $.Values.deployment.storage }}/graphdb-backups/backup/{{ .Values.graphdb.backupRestore.restore_from_backup}}" >> /proc/1/fd/1'] - restartPolicy: OnFailure - volumes: - - name: graphdb-utils - configMap: - name: graphdb-utils-configmap -{{- end }} diff --git a/templates/persistence/graphdb-master-default-pv.yaml b/templates/persistence/graphdb-master-default-pv.yaml deleted file mode 100644 index e64896b5..00000000 --- a/templates/persistence/graphdb-master-default-pv.yaml +++ /dev/null @@ -1,34 +0,0 @@ -{{- if not (hasKey $.Values.graphdb.masters.persistence "volumeClaimTemplateSpec") }} -{{- $storageClassName := $.Values.graphdb.masters.persistence.storageClassName | default $.Values.global.storageClass }} -{{- if or (ne $storageClassName "standard") (ne $storageClassName "") }} -{{- if eq .Values.graphdb.masters.persistence.volumeNamePrefix "graphdb-default-master" }} -{{- range $i, $master_index := untilStep 1 (add1 $.Values.graphdb.clusterConfig.mastersCount | int ) 1 }} -# -# Default persistence volume for GraphDB workers. Data is stored on the node file system. Suitable -# for Minikube deployments. -# -# Note: Not to be used in production or multi node cluster. -# ---- -apiVersion: {{ $.Values.versions.pv }} -kind: PersistentVolume -metadata: - name: {{ $.Release.Namespace }}-graphdb-default-master-{{ $master_index }}-pv - labels: - name: {{ $.Release.Namespace }}-graphdb-default-master-{{ $master_index }}-pv -spec: - claimRef: - name: graphdb-master-{{ $master_index }}-data-pvc - namespace: {{ $.Release.Namespace }} - storageClassName: {{ $storageClassName }} - accessModes: - - ReadWriteOnce - capacity: - storage: {{ $.Values.graphdb.masters.persistence.storage }} - hostPath: - path: {{ $.Values.deployment.storage }}/graphdb-master-{{ $master_index }}-data - -{{- end }} -{{- end }} -{{- end }} -{{- end }} diff --git a/templates/persistence/graphdb-master-pvc.yaml b/templates/persistence/graphdb-master-pvc.yaml deleted file mode 100644 index db46e131..00000000 --- a/templates/persistence/graphdb-master-pvc.yaml +++ /dev/null @@ -1,25 +0,0 @@ -{{- if not (hasKey $.Values.graphdb.masters.persistence "volumeClaimTemplateSpec") }} -{{- range $i, $master_index := untilStep 1 (add1 $.Values.graphdb.clusterConfig.mastersCount | int ) 1 }} ---- -apiVersion: {{ $.Values.versions.pvc }} -kind: PersistentVolumeClaim -metadata: - name: graphdb-master-{{ $master_index }}-data-pvc - labels: - name: graphdb-master-{{ $master_index }}-data-pvc -spec: - {{- if $.Values.graphdb.masters.persistence.volumeNamePrefix }} - {{- if eq $.Values.graphdb.masters.persistence.volumeNamePrefix "graphdb-default-master" }} - volumeName: {{ $.Release.Namespace }}-{{ $.Values.graphdb.masters.persistence.volumeNamePrefix }}-{{$master_index}}-pv - {{- else }} - volumeName: {{ $.Values.graphdb.masters.persistence.volumeNamePrefix }}-{{$master_index}}-pv - {{- end }} - {{- end }} - storageClassName: {{ $.Values.graphdb.masters.persistence.storageClassName | default $.Values.global.storageClass }} - accessModes: - - ReadWriteOnce - resources: - requests: - storage: {{ $.Values.graphdb.masters.persistence.storage }} -{{- end }} -{{- end }} diff --git a/templates/persistence/graphdb-preload-data-pv.yaml b/templates/persistence/graphdb-preload-data-pv.yaml deleted file mode 100644 index 63399dde..00000000 --- a/templates/persistence/graphdb-preload-data-pv.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{{- if or .Values.graphdb.tools.preload.trigger .Values.graphdb.tools.loadrdf.trigger }} -# -# Default persistence volume for preloading data in GraphDB. Data is stored on the node file system. Suitable -# for Minikube deployments. -# -# Note: Not to be used in production or multi node cluster. -# ---- -apiVersion: {{ $.Values.versions.pv }} -kind: PersistentVolume -metadata: - name: {{ $.Release.Namespace }}-graphdb-preload-data-pv - labels: - name: {{ $.Release.Namespace }}-graphdb-preload-data-pv -spec: - claimRef: - name: graphdb-worker-preload-data-pvc - namespace: {{ $.Release.Namespace }} - storageClassName: {{ $.Values.graphdb.tools.persistence.storageClassName | default $.Values.global.storageClass }} - accessModes: - - ReadWriteOnce - capacity: - storage: {{ $.Values.graphdb.workers.persistence.storage }} - hostPath: - path: {{ $.Values.deployment.storage }}/graphdb-worker-preload-data -{{- end }} diff --git a/templates/persistence/graphdb-preload-data-pvc.yaml b/templates/persistence/graphdb-preload-data-pvc.yaml deleted file mode 100644 index 600566a4..00000000 --- a/templates/persistence/graphdb-preload-data-pvc.yaml +++ /dev/null @@ -1,16 +0,0 @@ -{{- if or $.Values.graphdb.tools.preload.trigger $.Values.graphdb.tools.loadrdf.trigger }} -apiVersion: {{ $.Values.versions.pvc }} -kind: PersistentVolumeClaim -metadata: - name: graphdb-worker-preload-data-pvc - labels: - name: graphdb-worker-preload-data-pvc -spec: - volumeName: {{ $.Release.Namespace }}-graphdb-preload-data-pv - storageClassName: {{ $.Values.graphdb.tools.persistence.storageClassName | default $.Values.global.storageClass }} - accessModes: - - ReadWriteOnce - resources: - requests: - storage: {{ $.Values.graphdb.masters.persistence.storage }} -{{- end }} diff --git a/templates/persistence/graphdb-worker-default-pv.yaml b/templates/persistence/graphdb-worker-default-pv.yaml deleted file mode 100644 index 13d6fdcb..00000000 --- a/templates/persistence/graphdb-worker-default-pv.yaml +++ /dev/null @@ -1,36 +0,0 @@ -{{- if not (hasKey $.Values.graphdb.workers.persistence "volumeClaimTemplateSpec") }} -{{- $storageClassName := $.Values.graphdb.workers.persistence.storageClassName | default $.Values.global.storageClass }} -{{- if or (ne $storageClassName "standard") (ne $storageClassName "") }} -{{- if ne .Values.graphdb.topology "standalone" }} -{{- if eq .Values.graphdb.workers.persistence.volumeNamePrefix "graphdb-default-worker" }} -{{- range $i, $worker_index := untilStep 1 (add1 $.Values.graphdb.clusterConfig.workersCount | int ) 1 }} -# -# Default persistence volume for GraphDB workers. Data is stored on the node file system. Suitable -# for Minikube deployments. -# -# Note: Not to be used in production or multi node cluster. -# ---- -apiVersion: {{ $.Values.versions.pv }} -kind: PersistentVolume -metadata: - name: {{ $.Release.Namespace }}-graphdb-default-worker-{{ $worker_index }}-pv - labels: - name: {{ $.Release.Namespace }}-graphdb-default-worker-{{ $worker_index }}-pv -spec: - claimRef: - name: graphdb-worker-{{ $worker_index }}-data-pvc - namespace: {{ $.Release.Namespace }} - storageClassName: {{ $storageClassName }} - accessModes: - - ReadWriteOnce - capacity: - storage: {{ $.Values.graphdb.workers.persistence.storage }} - hostPath: - path: {{ $.Values.deployment.storage }}/graphdb-worker-{{ $worker_index }}-data - -{{- end }} -{{- end }} -{{- end }} -{{- end }} -{{- end }} diff --git a/templates/persistence/graphdb-worker-pvc.yaml b/templates/persistence/graphdb-worker-pvc.yaml deleted file mode 100644 index d24c54bb..00000000 --- a/templates/persistence/graphdb-worker-pvc.yaml +++ /dev/null @@ -1,29 +0,0 @@ -{{- if not (hasKey $.Values.graphdb.workers.persistence "volumeClaimTemplateSpec") }} -{{- if ne .Values.graphdb.topology "standalone" }} -{{- range $i, $worker_index := untilStep 1 (add1 $.Values.graphdb.clusterConfig.workersCount | int ) 1 }} - ---- -apiVersion: {{ $.Values.versions.pvc }} -kind: PersistentVolumeClaim -metadata: - name: graphdb-worker-{{ $worker_index }}-data-pvc - labels: - name: graphdb-worker-{{ $worker_index }}-data-pvc -spec: - {{- if $.Values.graphdb.workers.persistence.volumeNamePrefix }} - {{- if eq $.Values.graphdb.workers.persistence.volumeNamePrefix "graphdb-default-worker" }} - volumeName: {{ $.Release.Namespace }}-{{ $.Values.graphdb.workers.persistence.volumeNamePrefix }}-{{$worker_index}}-pv - {{- else }} - volumeName: {{ $.Values.graphdb.workers.persistence.volumeNamePrefix }}-{{$worker_index}}-pv - {{- end }} - {{- end }} - storageClassName: {{ $.Values.graphdb.workers.persistence.storageClassName | default $.Values.global.storageClass }} - accessModes: - - ReadWriteOnce - resources: - requests: - storage: {{ $.Values.graphdb.workers.persistence.storage }} - -{{- end }} -{{- end }} -{{- end }} diff --git a/values.yaml b/values.yaml index d0c9e15e..4e1df5a2 100644 --- a/values.yaml +++ b/values.yaml @@ -4,7 +4,6 @@ # To override single property use --set # To override multiple, provide another values-override.yaml with the -f flag # See https://helm.sh/docs/chart_template_guide/values_files/ -# global: imagePullSecrets: [] @@ -29,9 +28,6 @@ versions: # Top lvl flat for easier maintenance images: - kong: - repository: kong - tag: "2.1-alpine" graphdb: repository: ontotext/graphdb tag: "10.0.0" @@ -60,6 +56,7 @@ deployment: # See https://kubernetes.github.io/ingress-nginx/examples/tls-termination/ tls: # -- Feature toggle for SSL termination. Disabled by default. + # If TLS is enabled, the protocol should also be updated (https) enabled: false # -- Name of a Kubernetes secret object with the key and certificate. # If TLS is enabled, it's required to be provided, depending on the deployment. @@ -76,76 +73,33 @@ deployment: # -- Default timeouts in seconds for the underlying Nginx. timeout: connect: 5 - read: 60 - send: 60 - -# KONG API gateway configurations. -# This gateway sits behind the ingress and exposes the rest of the components. -# By default Kong is deployed without database, e.g. stateless mode. -kong: - enabled: true - # -- Reference to a configuration map with Kong configurations as environment variables. - # Override if you need to further configure Kong's system. - # See https://docs.konghq.com/2.0.x/configuration/ - configmap: kong-configmap - # -- Reference to a configuration map containing declarative Kong configuration for - # services and routes. This is the DB-less config. - # See https://docs.konghq.com/1.5.x/db-less-admin-api/#declarative-configuration - servicesConfigmap: kong-services-configmap - # -- Overwrite if you want to deploy Kong on a non-standard port, such as instances - # where you want to have two different installations on the same hardware. - port: - nodePort: 31122 - # -- Global timeout configurations for all services. Values are in milliseconds. - timeout: - connect: 60000 - read: 60000 - write: 60000 - # -- Memory cache size configuration for Kong in DB-less mode. - # Tune according to the given resource limits. - # See https://docs.konghq.com/2.0.x/configuration/#mem_cache_size - memCacheSize: "64m" - # -- Amount of Nginx worker processes. This affects how much memory will be consumed. - # The auto value will determine the workers based on the available CPUs - workers: auto - # Default resource limitations. - resources: - limits: - memory: 1024Mi - # Schedule and assign on specific node. By default, no restrictions are applied. - # See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ - nodeSelector: {} + read: 600 + send: 600 # GraphDB database configurations graphdb: - # -- Cluster topology to be used. Possible values: standalone, 1m_3w, 2m3w_rw_ro, 2m3w_muted. - # standalone - Launches single instance of GraphDB with a preconfigured worker repository. Masters and workers count is controlled by mastersCount and workersCount properties - # 1m_3w - 1 master and multiple workers. https://graphdb.ontotext.com/documentation/enterprise/ee/setting-up-a-cluster-with-one-master.html - # 2m3w_rw_ro - 2 masters, one of which is read only and multiple workers. https://graphdb.ontotext.com/documentation/enterprise/ee/setting-up-a-cluster-with-a-second-readonly-master.html - # 2m3w_muted - 2 masters, one of which is muted and multiple workers. https://graphdb.ontotext.com/documentation/enterprise/ee/setting-up-a-cluster-with-multiple-masters-with-dedicated-workers.html - # Note: If "standalone" is selected, the launched instance will use master-1 properties, but a worker repository will be created! - topology: "standalone" clusterConfig: - # -- Describes how the masters and workers are linked in the format master-X -> worker-Y. Required only for 2m3w_muted topology. - masterWorkerMapping: - - master-1 -> worker-1 - - master-1 -> worker-2 - - master-2 -> worker-3 - # -- Describes which masters will be set as read only. Required only for 2m3w_rw_ro topology. - readOnlyMasters: - - master-2 - # -- Describes which masters will be set as muted. Required only for 2m3w_muted topology. - mutedMasters: - - master-2 - # -- Describes which masters will be linked as sync peer. Required for 2m3w_rw_ro and 2m3w_muted topology. - syncPeersMapping: - - master-1 <-> master-2 - workersCount: 3 - mastersCount: 1 + # -- Number of GraphDB nodes to be used in the cluster. + # Set value to 1 to run a standalone GraphDB instance. + nodesCount: 1 # -- A secret used for secure communication amongst the nodes in the cluster. clusterSecret: s3cr37 - - # -- References to configuration maps containing settings.js, users.js, graphdb.properties, logback.xml and jolokia-access.xml files to overwrite + # -- Timeout for the cluster creation CURL query. + # Note: By default helm waits for Kubernetes commands to complete for 5 minutes. You can increase that by adding "--timeout 10m" to the helm command. + clusterCreationTimeout: 60 + # -- Cluster configuration parameters: + # The minimum wait time in milliseconds for a heartbeat from a leader. + electionMinTimeout: 7000 + # The variable portion of each waiting period in milliseconds for a heartbeat. + electionRangeTimeout: 5000 + # The interval in milliseconds between each heartbeat that is sent to follower nodes by the leader. + heartbeatInterval: 2000 + #The size of the data blocks transferred during data replication streaming through the RPC protocol. + messageSize: 64 + # The amount of time in milliseconds a follower node would wait before attempting to verify the last committed entry when the first verification is unsuccessful. + verificationTimeout: 1500 + + # -- References to configuration maps containing settings.js, users.js, graphdb.properties, and logback.xml files to overwrite # the default GraphDB configuration. For reference see https://graphdb.ontotext.com/documentation/standard/configuring-graphdb.html configs: # Override default settings configuration @@ -156,220 +110,132 @@ graphdb: #propertiesConfigMap: graphdb-properties-configmap # Override default logback configuration #logbackConfigMap: graphdb-logback-configmap - # Override default jolokia access configuration - #jolokiaAccessConfigMap: graphdb-jolokia-access-configmap security: - # If the security is enabled, it's mandatory to have a provisioning user, so the healthchecks and cluster linking can work properly + # If the security is enabled, it's mandatory to have a provisioning user, so the health-checks and cluster linking can work properly enabled: false provisioningUsername: provisioner # bcrypt encrypted password. default: iHaveSuperpowers provisioningPassword: iHaveSuperpowers - masters: - # -- Reference to a configuration map containing one or more .ttl files used for repository - # initialization in the post install hook. For reference see https://graphdb.ontotext.com/documentation/standard/configuring-a-repository.html - repositoryConfigmap: graphdb-repo-default-configmap - # -- Reference to a secret containing 'graphdb.license' file to be used by master nodes. - # This is a required secret without which GraphDB won't operate if you use SE/EE editions. - # Can be set to "" if you want to use this instance only with master repositories, which does not require a license! - # Important: Must be created beforehand - license: graphdb-license - # -- Java arguments with which master instances will be launched. GraphDB configuration properties can also be passed here in the format -Dprop=value - java_args: "-XX:MaxRAMPercentage=70 -XX:+UseContainerSupport -Ddefault.min.distinct.threshold=100m" - # Node scheduling options such as nodeSelector, affinity, tolerations, topologySpreadConstraints can be set here for ALL workers. - # By default, no restrictions are applied. The same options can be specified per instance in the nodes section. - # See https://kubernetes.io/docs/concepts/scheduling-eviction - # -- Specific GraphDB master instances configurations. Supported properties for per node configuration are: license, java_args, graphdb_properties -# nodes: -# - name: master-1 -# java_args: "-XX:MaxRAMPercentage=70 -XX:+UseContainerSupport -Ddefault.min.distinct.threshold=100m" -# license: graphdb-license - # -- Below are minimum requirements for data sets of up to 50 million RDF triples - # For resizing, refer according to your GraphDB version documentation - # For EE see http://graphdb.ontotext.com/documentation/enterprise/requirements.html + # -- Settings for the GraphDB cluster proxy used to communicate with the GraphDB cluster + # Note: If there is no cluster (graphdb.clusterConfig.nodesCount is set to 1) no proxy will be deployed + clusterProxy: + # -- Number of cluster proxies used to access the GraphDB cluster + replicas: 1 + # -- Java arguments with which the cluster proxy instances will be launched. GraphDB configuration properties can also be passed here in the format -Dprop=value + java_args: "-XX:MaxRAMPercentage=70 -Ddefault.min.distinct.threshold=100m -XX:+UseContainerSupport" + # Node scheduling options such as nodeSelector, affinity, tolerations, topologySpreadConstraints can be set here for ALL nodes. + # By default, no restrictions are applied. + # nodeSelector: {} + # affinity: {} + # tolerations: {} + # topologySpreadConstraints: {} + # -- Minimum requirements for a successfully running GraphDB cluster proxy resources: limits: - memory: 2Gi + memory: 1Gi + cpu: 500m requests: - memory: 2Gi - # -- Persistence configurations. - # By default, Helm will use a PV that reads and writes to the host file system. - persistence: - # -- Name reference of a persistent volume to which the claim will try to attach. If changed, the default PVs won't be used. - # Example result: graphdb-default-master-1-pv -# volumeNamePrefix: graphdb-default-master -# storageClassName: standard -# # -- Storage size request for each master. The persistent volume has to be able to satisfy the size. -# storage: 10G - # use dynamic volume provisioning - volumeClaimTemplateSpec: - accessModes: - - "ReadWriteOnce" - resources: - requests: - storage: "5Gi" - # additional JMX attributes to be set after the cluster is initialized - additionalJmxArrtibutes: {} - workers: - # -- Reference to a configuration map containing one or more .ttl files used for repository - # initialization in the post install hook. For reference see https://graphdb.ontotext.com/documentation/standard/configuring-a-repository.html - repositoryConfigmap: graphdb-worker-repo-default-configmap - # -- Reference to a secret containing 'graphdb.license' file to be used by worker nodes. - # This is a required secret without which GraphDB won't operate if you use SE/EE editions. + memory: 1Gi + cpu: 500m + # -- Configurations for the GraphDB cluster proxy startup probe. Misconfigured probe can lead to a failing cluster. + startupProbe: + httpGet: + path: /protocol + port: gdb-proxy-port + failureThreshold: 30 + timeoutSeconds: 5 + periodSeconds: 10 + # -- Configurations for the GraphDB cluster proxy readiness probe. Misconfigured probe can lead to a failing cluster. + readinessProbe: + httpGet: + path: /proxy/ready + port: gdb-proxy-port + initialDelaySeconds: 20 + timeoutSeconds: 5 + periodSeconds: 10 + # -- Configurations for the GraphDB cluster proxy liveness probe. Misconfigured probe can lead to a failing cluster. + livenessProbe: + httpGet: + path: /proxy/health + port: gdb-proxy-port + initialDelaySeconds: 60 + timeoutSeconds: 5 + periodSeconds: 10 + + # -- Settings for the GraphDB cluster nodes + node: + # -- Reference to a secret containing 'graphdb.license' file to be used by the nodes. # Important: Must be created beforehand - license: graphdb-license - # -- Java arguments with which worker instances will be launched. GraphDB configuration properties can also be passed here in the format -Dprop=value + license: + # -- Java arguments with which node instances will be launched. GraphDB configuration properties can also be passed here in the format -Dprop=value java_args: "-XX:MaxRAMPercentage=70 -Ddefault.min.distinct.threshold=100m -XX:+UseContainerSupport" - # Node scheduling options such as nodeSelector, affinity, tolerations, topologySpreadConstraints can be set here for ALL workers. - # By default, no restrictions are applied. The same options can be specified per instance in the nodes section. - # See https://kubernetes.io/docs/concepts/scheduling-eviction - - topologySpreadConstraints: - # -- Specific GraphDB worker instances configurations. Supported properties for per node configuration are: license, java_args, graphdb_properties -# nodes: -# - name: worker-1 -# license: graphdb-license -# - name: worker-2 -# java_args: "-XX:MaxRAMPercentage=70 -Ddefault.min.distinct.threshold=100m -XX:+UseContainerSupport " + # Node scheduling options such as nodeSelector, affinity, tolerations, topologySpreadConstraints can be set here for ALL nodes. + # By default, no restrictions are applied. + # nodeSelector: {} + # affinity: {} + # tolerations: {} + # topologySpreadConstraints: {} # -- Persistence configurations. # By default, Helm will use a PV that reads and writes to the host file system. persistence: - # -- Name reference prefix of a persistent volume to which the claim will try to attach. If changed, the default PVs won't be used. - # Example result: graphdb-default-worker-1-pv -# volumeNamePrefix: graphdb-default-worker -# storageClassName: standard -# # -- Storage size request for each worker. The persistent volume has to be able to satisfy the size. -# storage: 10G # use dynamic volume provisioning - volumeClaimTemplateSpec: - accessModes: - - "ReadWriteOnce" - resources: - requests: - storage: "5Gi" + volumeClaimTemplateSpec: + accessModes: + - "ReadWriteOnce" + resources: + requests: + storage: "5Gi" # -- Below are minimum requirements for data sets of up to 50 million RDF triples - # For resizing, refer according to your GraphDB version documentation - # For EE see http://graphdb.ontotext.com/documentation/enterprise/requirements.html - # Note: Same as for the master node + # For resizing, refer according to the GraphDB documentation + # http://graphdb.ontotext.com/documentation/requirements.html resources: limits: memory: 2Gi + cpu: 2000m requests: memory: 2Gi - # Reference to a configuration map with GraphDB specific configurations. - # Injected as environment variables. - #configmap: graphdb-configmap + cpu: 2000m + # -- Configurations for the GraphDB node startup probe. Misconfigured probe can lead to a failing cluster. + startupProbe: + httpGet: + path: /protocol + port: graphdb + failureThreshold: 30 + timeoutSeconds: 5 + periodSeconds: 10 + # -- Configurations for the GraphDB node readiness probe. Misconfigured probe can lead to a failing cluster. + readinessProbe: + httpGet: + path: /protocol + port: graphdb + initialDelaySeconds: 5 + timeoutSeconds: 5 + periodSeconds: 10 + # -- Configurations for the GraphDB node liveness probe. Misconfigured probe can lead to a failing cluster. + livenessProbe: + httpGet: + path: /protocol + port: graphdb + initialDelaySeconds: 60 + timeoutSeconds: 5 + periodSeconds: 10 + # GraphDB workbench configurations workbench: # -- This is the sub path at which GraphDB workbench can be opened. # Should be configured in the API gateway (or any other proxy in front) subpath: /graphdb + # WARNING: Setting enabled to true in most cloud providers will result in an error # Attach additional PV which will be used as an import directory # https://graphdb.ontotext.com/documentation/standard/loading-data-using-the-workbench.html#importing-server-files import_directory_mount: enabled: false volumeClaimTemplateSpec: - accessModes: - - "ReadWriteOnce" - resources: - requests: - storage: "10Gi" - - backupRestore: - # -- Enable auto/manual backups. - enable_backups: false - # -- Cron Schedule for auto backup. Creates an automatic backup, stored in the graphdb-backup-pv - # (default folder - /data/graphdb-backups). - # The backups are saved in format MM-DD-YYYY-hh-mm in UTC! - auto_backup: "0 0 23 ? * MON *" - repositories: - - default - # -- Enables cleanup of the backups directory. - # WARNING!!! This can be used only by storage classes that have access mode ReadWriteMany because the backups PVC must be attached to a second pod. - enable_automatic_backups_cleanup: false - # -- Cleans up the backups directory. - # Makes sure that there is a limit of the stored backups. - # Each or both of backups_count and backups_max_age could be used. - cleanup_cron: "*/2 * * * *" - # -- Max number of backup dirs saved. - backups_count: "2" - # -- Max number of days for backups. - backup_max_age: "2" - # -- A future date at which we want to trigger a backup. Must be given in format YYYY-DD-MM hh:mm - # NOTE: Timezone depends on the Kubernetes cluster. Usually UTC! - trigger_backup: "" - - # -- Trigger restore at a given time from a given file. - enable_restore: false - # -- A future date at which we want to trigger a restore. Works only with a cluster with workers. - # For a standalone the restore is called from an init container. Must be given in format YYYY-DD-MM hh:mm - # NOTE: Timezone depends on the Kubernetes cluster. Usually UTC! - trigger_restore: "2021-06-24 13:28" - # -- The name of the backup directory we want to restore. - # Must be given in format YYYY-DD-MM-hh-mm, where YYYY-DD-MM-hh-mm is your backup directory. The backup directory name contains the repository name too, but it must be omitted here. - restore_from_backup: "2021-06-24-12-59" - # -- The name of the repository we want to restore. - restore_repository: default - persistence: - volumeClaimTemplateSpec: - accessModes: - - "ReadWriteOnce" - resources: - requests: - storage: "10Gi" - - # -- Tools for loading, scanning and repairing data in repos - tools: - resources: - limits: - memory: "10G" - requests: - memory: "10G" - # -- Tool to preload data in a chosen repo - # https://graphdb.ontotext.com/documentation/enterprise/loading-data-using-preload.html - preload: - # -- If trigger is set to true, then the preload tool will be run while initializing the deployment - # Don't forget to add repo config file(should be named config.ttl) and RDF data file to the graphdb-preload-data-pv - # (default pv is: /data/graphdb-worker-preload-data) - trigger: false - # -- Options to add to the command - # possible flags: -f, -p, -r - # If you use the "-f" option, the tool will override the repository and could lose some data. - flags: "-f" - rdfDataFile: "geonames_europe.ttl" - # -- Tool to preload data in a chosen repo - # https://graphdb.ontotext.com/documentation/enterprise/loading-data-using-the-loadrdf-tool.html - loadrdf: - # -- If trigger is set to true, then the loadrdf tool will be run while initializing the deployment - # Don't forget to add repo config file(should be named config.ttl) and RDF data file to the graphdb-preload-data-pv - # (default pv is: /data/graphdb-worker-preload-data) - trigger: false - # -- Options to add to the command - # possible flags: -f, -p - # If you use the "-f" option, the tool will override the repository and could lose some data. - flags: "-f" - rdfDataFile: "geonames_europe.ttl" - persistence: - #storageClassName: standard - # -- Storage size request for the preload/loadrdf pv. The persistent volume has to be able to satisfy the size. - #storage: 10G - volumeClaimTemplateSpec: - accessModes: - - "ReadWriteOnce" - resources: - requests: - storage: "10Gi" - - # -- Tool for scanning and repairing data - # See https://graphdb.ontotext.com/documentation/enterprise/storage-tool.html - storage_tool: - # -- If trigger is set to true, then the storage tool will be run while initializing the deployment - trigger: false - # -- commands to run the storage-tool with - command: "scan" - # -- repo to run command on - repository: "repo-test-1" - # -- additional options to run the storage-tool with - options: "" + accessModes: + - "ReadWriteOnce" + resources: + requests: + storage: "10Gi"