From a93dcce84196bb8ffc8cef091d1343597b15b9a6 Mon Sep 17 00:00:00 2001 From: chemicstry Date: Mon, 20 Jun 2022 15:52:43 +0300 Subject: Add helm chart --- script/helm/garage/values.yaml | 124 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 124 insertions(+) create mode 100644 script/helm/garage/values.yaml (limited to 'script/helm/garage/values.yaml') diff --git a/script/helm/garage/values.yaml b/script/helm/garage/values.yaml new file mode 100644 index 00000000..dd1c99f0 --- /dev/null +++ b/script/helm/garage/values.yaml @@ -0,0 +1,124 @@ +# Default values for garage. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +# Garage configuration. These values go to garage.toml +garage: + metadataDir: "/mnt/meta" + dataDir: "/mnt/data" + replicationMode: "3" + rpcBindAddr: "[::]:3901" + rpcSecret: "1799bccfd7411eddcf9ebd316bc1f5287ad12a68094e1c6ac6abde7e6feae1ec" + bootstrapPeers: [] + # kubernetes_namespace: "default" + # kubernetes_service_name: "garage-daemon" + kubernetesSkipCrd: false + s3: + api: + region: "garage" + rootDomain: ".s3.garage.tld" + web: + rootDomain: ".web.garage.tld" + index: "index.html" + +# Data persistence +persistence: + enabled: true + meta: + # storageClass: "" + size: 100Mi + data: + # storageClass: "" + size: 100Mi + +# Number of StatefulSet replicas to start +replicaCount: 3 + +image: + repository: dxflrs/amd64_garage + pullPolicy: IfNotPresent + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + s3: + api: + port: 3900 + web: + port: 3902 + +ingress: + s3: + api: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + web: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +nodeSelector: {} + +tolerations: [] + +affinity: {} -- cgit v1.2.3 From 131cc2532b13acfb90d38e04c5dac5fa9cd3cb0e Mon Sep 17 00:00:00 2001 From: chemicstry Date: Mon, 20 Jun 2022 16:02:23 +0300 Subject: Cleanup values.yaml --- script/helm/garage/values.yaml | 2 -- 1 file changed, 2 deletions(-) (limited to 'script/helm/garage/values.yaml') diff --git a/script/helm/garage/values.yaml b/script/helm/garage/values.yaml index dd1c99f0..06cf9d16 100644 --- a/script/helm/garage/values.yaml +++ b/script/helm/garage/values.yaml @@ -10,8 +10,6 @@ garage: rpcBindAddr: "[::]:3901" rpcSecret: "1799bccfd7411eddcf9ebd316bc1f5287ad12a68094e1c6ac6abde7e6feae1ec" bootstrapPeers: [] - # kubernetes_namespace: "default" - # kubernetes_service_name: "garage-daemon" kubernetesSkipCrd: false s3: api: -- cgit v1.2.3 From b71fa2ddf45e21f40067fc021b3a81d738556eca Mon Sep 17 00:00:00 2001 From: chemicstry Date: Mon, 20 Jun 2022 18:49:38 +0300 Subject: Generate random RPC secret if not provided --- script/helm/garage/values.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'script/helm/garage/values.yaml') diff --git a/script/helm/garage/values.yaml b/script/helm/garage/values.yaml index 06cf9d16..d011f63e 100644 --- a/script/helm/garage/values.yaml +++ b/script/helm/garage/values.yaml @@ -8,7 +8,8 @@ garage: dataDir: "/mnt/data" replicationMode: "3" rpcBindAddr: "[::]:3901" - rpcSecret: "1799bccfd7411eddcf9ebd316bc1f5287ad12a68094e1c6ac6abde7e6feae1ec" + # If not given, a random secret will be generated + rpcSecret: "" bootstrapPeers: [] kubernetesSkipCrd: false s3: -- cgit v1.2.3 From db0c8b3980c5cb056c9402332dd09a1bfb276997 Mon Sep 17 00:00:00 2001 From: Maximilien R Date: Thu, 11 Aug 2022 01:35:41 +0200 Subject: Updates values.yml with some opinionated and untested defaults --- script/helm/garage/values.yaml | 87 +++++++++++++++++++++++++----------------- 1 file changed, 53 insertions(+), 34 deletions(-) (limited to 'script/helm/garage/values.yaml') diff --git a/script/helm/garage/values.yaml b/script/helm/garage/values.yaml index d011f63e..08d0c09b 100644 --- a/script/helm/garage/values.yaml +++ b/script/helm/garage/values.yaml @@ -6,10 +6,13 @@ garage: metadataDir: "/mnt/meta" dataDir: "/mnt/data" + # Default to 3 replicas, see the replication_mode section at + # https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/ replicationMode: "3" rpcBindAddr: "[::]:3901" - # If not given, a random secret will be generated + # If not given, a random secret will be generated and stored in a Secret object rpcSecret: "" + # This is not required if you use the integrated kubernetes discovery bootstrapPeers: [] kubernetesSkipCrd: false s3: @@ -24,17 +27,19 @@ garage: persistence: enabled: true meta: - # storageClass: "" + # storageClass: "fast-storage-class" size: 100Mi data: - # storageClass: "" + # storageClass: "slow-storage-class" size: 100Mi -# Number of StatefulSet replicas to start +# Number of StatefulSet replicas/garage nodes to start replicaCount: 3 image: repository: dxflrs/amd64_garage + # please prefer using the chart version and not this tag + tag: "" pullPolicy: IfNotPresent imagePullSecrets: [] @@ -55,66 +60,80 @@ podAnnotations: {} podSecurityContext: {} # fsGroup: 2000 -securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 +securityContext: + # The default security context is heavily restricted + # feel free to tune it to your requirements + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 service: + # You can rely on any service to expose your cluster + # - ClusterIP (+ Ingress) + # - NodePort (+ Ingress) + # - LoadBalancer type: ClusterIP s3: api: port: 3900 web: port: 3902 - + # NOTE: the admin API is excluded for now as it is not consistent across nodes ingress: s3: api: - enabled: false - className: "" - annotations: {} - # kubernetes.io/ingress.class: nginx + enabled: true + # Rely either on the className or the annotation below but not both + # replace "nginx" by an Ingress controller + # you can find examples here https://kubernetes.io/docs/concepts/services-networking/ingress-controllers + className: "nginx" + annotations: + # kubernetes.io/ingress.class: "nginx" # kubernetes.io/tls-acme: "true" hosts: - - host: chart-example.local + - host: "s3.garage.tld" # garage S3 API endpoint paths: - path: / - pathType: ImplementationSpecific + pathType: Prefix + - host: "*.s3.garage.tld" # garage S3 API endpoint, DNS style bucket access + paths: + - path: / + pathType: Prefix tls: [] - # - secretName: chart-example-tls + # - secretName: my-garage-cluster-tls # hosts: - # - chart-example.local + # - kubernetes.docker.internal web: - enabled: false - className: "" + enabled: true + className: "nginx" annotations: {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" hosts: - - host: chart-example.local - paths: - - path: / - pathType: ImplementationSpecific + - host: "*.web.garage.tld" # wildcard website access with bucket name prefix + paths: + - path: / + pathType: Prefix + - host: "mywebpage.example.com" # specific bucket access with FQDN bucket + paths: + - path: / + pathType: Prefix tls: [] - # - secretName: chart-example-tls + # - secretName: my-garage-cluster-tls # hosts: - # - chart-example.local + # - kubernetes.docker.internal resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # The following are indicative for a small-size deployement, for anything serious double them. # limits: # cpu: 100m - # memory: 128Mi + # memory: 1024Mi # requests: # cpu: 100m - # memory: 128Mi + # memory: 512Mi nodeSelector: {} -- cgit v1.2.3