From 60f300a2e66fb4a28c7043a87802bb54e4f2c657 Mon Sep 17 00:00:00 2001 From: Bartosz Szafran Date: Thu, 16 Jan 2025 02:54:06 +0100 Subject: [PATCH] Allow ingress to DE for epmd and inet_dist when clustering is enabled (#45) Co-authored-by: Ingvarr Zhmakin <19270832+lazyoldbear@users.noreply.github.com> --- charts/document-engine/CHANGELOG.md | 54 +++--- charts/document-engine/Chart.yaml | 2 +- charts/document-engine/README.md | 178 +++++++++--------- .../ci/05-with-clustered-nodes-values.yaml | 2 - charts/document-engine/templates/_helpers.tpl | 16 ++ .../document-engine/templates/configmap.yaml | 5 +- .../templates/networkpolicy.yaml | 18 ++ .../templates/service-epmd.yaml | 9 +- charts/document-engine/values.schema.json | 72 ++++--- charts/document-engine/values.yaml | 18 +- 10 files changed, 219 insertions(+), 155 deletions(-) diff --git a/charts/document-engine/CHANGELOG.md b/charts/document-engine/CHANGELOG.md index 32fc6a3..b25373f 100644 --- a/charts/document-engine/CHANGELOG.md +++ b/charts/document-engine/CHANGELOG.md @@ -1,74 +1,76 @@ # Changelog - [Changelog](#changelog) - - [3.3.2 (2025-01-15)](#332-2025-01-15) + - [3.3.3 (2025-01-15)](#333-2025-01-15) - [Changed](#changed) + - [3.3.2 (2025-01-15)](#332-2025-01-15) + - [Changed](#changed-1) - [3.3.1 (2025-01-10)](#331-2025-01-10) - [Added](#added) - [3.2.12 (2024-12-05)](#3212-2024-12-05) - - [Changed](#changed-1) - - [3.2.11 (2024-11-21)](#3211-2024-11-21) - [Changed](#changed-2) - - [3.2.10 (2024-11-18)](#3210-2024-11-18) + - [3.2.11 (2024-11-21)](#3211-2024-11-21) - [Changed](#changed-3) - - [3.2.9 (2024-11-15)](#329-2024-11-15) + - [3.2.10 (2024-11-18)](#3210-2024-11-18) - [Changed](#changed-4) + - [3.2.9 (2024-11-15)](#329-2024-11-15) + - [Changed](#changed-5) - [3.2.7 (2024-11-15)](#327-2024-11-15) - [Added](#added-1) - - [Changed](#changed-5) + - [Changed](#changed-6) - [3.2.6 (2024-10-29)](#326-2024-10-29) - [Added](#added-2) - - [Changed](#changed-6) - - [3.2.5 (2024-10-24)](#325-2024-10-24) - [Changed](#changed-7) + - [3.2.5 (2024-10-24)](#325-2024-10-24) + - [Changed](#changed-8) - [3.2.4 (2024-10-17)](#324-2024-10-17) - [Fixed](#fixed) - [3.2.3 (2024-10-16)](#323-2024-10-16) - [Fixed](#fixed-1) - [3.2.2 (2024-10-09)](#322-2024-10-09) - - [Changed](#changed-8) - - [3.2.1 (2024-09-20)](#321-2024-09-20) - [Changed](#changed-9) - - [3.2.0 (2024-08-29)](#320-2024-08-29) + - [3.2.1 (2024-09-20)](#321-2024-09-20) - [Changed](#changed-10) - - [3.1.2 (2024-08-23)](#312-2024-08-23) + - [3.2.0 (2024-08-29)](#320-2024-08-29) - [Changed](#changed-11) + - [3.1.2 (2024-08-23)](#312-2024-08-23) + - [Changed](#changed-12) - [3.1.1 (2024-08-23)](#311-2024-08-23) - [Fixed](#fixed-2) - [3.1.0 (2024-08-22)](#310-2024-08-22) - [Added](#added-3) - [3.0.6 (2024-08-22)](#306-2024-08-22) - - [Changed](#changed-12) + - [Changed](#changed-13) - [3.0.5 (2024-08-21)](#305-2024-08-21) - [Fixed](#fixed-3) - [3.0.4 (2024-08-21)](#304-2024-08-21) - - [Changed](#changed-13) + - [Changed](#changed-14) - [Added](#added-4) - [2.9.3 (2024-08-16)](#293-2024-08-16) - [Fixed](#fixed-4) - [2.9.2 (2024-08-13)](#292-2024-08-13) - - [Changed](#changed-14) + - [Changed](#changed-15) - [2.9.1 (2024-08-10)](#291-2024-08-10) - [Added](#added-5) - - [Changed](#changed-15) + - [Changed](#changed-16) - [2.9.0 (2024-08-01)](#290-2024-08-01) - [Added](#added-6) - - [Changed](#changed-16) + - [Changed](#changed-17) - [Fixed](#fixed-5) - [2.8.0](#280) - [Added](#added-7) - - [Changed](#changed-17) + - [Changed](#changed-18) - [Fixed](#fixed-6) - [2.7.3](#273) - - [Changed](#changed-18) + - [Changed](#changed-19) - [Fixed](#fixed-7) - [2.7.2](#272) - [Fixed](#fixed-8) - [2.7.0](#270) - - [Changed](#changed-19) + - [Changed](#changed-20) - [2.6.2](#262) - [Added](#added-8) - - [Changed](#changed-20) + - [Changed](#changed-21) - [2.6.0](#260) - [Added](#added-9) - [2.4.0](#240) @@ -78,9 +80,15 @@ - [2.2.0](#220) - [Added](#added-12) - [2.1.0](#210) - - [Changed](#changed-21) - - [2.0.0](#200) - [Changed](#changed-22) + - [2.0.0](#200) + - [Changed](#changed-23) + +## 3.3.3 (2024-01-15) + +### Changed + +* Updated Network Policy to allow inter-node communication. ## 3.3.2 (2025-01-15) diff --git a/charts/document-engine/Chart.yaml b/charts/document-engine/Chart.yaml index 6bd048d..337111b 100644 --- a/charts/document-engine/Chart.yaml +++ b/charts/document-engine/Chart.yaml @@ -4,7 +4,7 @@ type: application description: Document Engine is a backend software for processing documents and powering automation workflows. home: https://www.nutrient.io/sdk/document-engine icon: https://cdn.prod.website-files.com/65fdb7696055f07a05048833/66e58e33c3880ff24aa34027_nutrient-logo.png -version: 3.3.2 +version: 3.3.3 appVersion: "1.5.5" keywords: diff --git a/charts/document-engine/README.md b/charts/document-engine/README.md index 5f6285a..2c4e98f 100644 --- a/charts/document-engine/README.md +++ b/charts/document-engine/README.md @@ -1,6 +1,6 @@ # Document Engine Helm chart -![Version: 3.3.2](https://img.shields.io/badge/Version-3.3.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.5.5](https://img.shields.io/badge/AppVersion-1.5.5-informational?style=flat-square) +![Version: 3.3.3](https://img.shields.io/badge/Version-3.3.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.5.5](https://img.shields.io/badge/AppVersion-1.5.5-informational?style=flat-square) Document Engine is a backend software for processing documents and powering automation workflows. @@ -232,140 +232,138 @@ The chart depends upon [Bitnami](https://github.com/bitnami/charts/tree/main/bit | Key | Description | Default | |-----|-------------|---------| | [`clustering`](./values.yaml#L511) | Clustering settings | | -| [`clustering.enabled`](./values.yaml#L514) | `CLUSTERING_ENABLED` | `false` | -| [`clustering.method`](./values.yaml#L517) | `CLUSTERING_METHOD` | `"kubernetes_dns"` | -| [`clustering.service`](./values.yaml#L521) | Clustering service settings | | -| [`clustering.service.name`](./values.yaml#L525) | `CLUSTERING_SERVICE_NAME` Also sets up the name of Service with clusterIP: None used for DNS discovery | `"document-engine-erl-dist"` | +| [`clustering.enabled`](./values.yaml#L514) | `CLUSTERING_ENABLED`, enable clustering, only works when `replicaCount` is greater than 1 | `false` | +| [`clustering.method`](./values.yaml#L517) | `CLUSTERING_METHOD`, only `kubernetes_dns` is currently supported | `"kubernetes_dns"` | ### Dashboard | Key | Description | Default | |-----|-------------|---------| -| [`dashboard`](./values.yaml#L530) | Document Engine Dashboard settings | | -| [`dashboard.auth`](./values.yaml#L537) | Dashboard authentication | [...](./values.yaml#L537) | -| [`dashboard.auth.externalSecret`](./values.yaml#L547) | Use an external secret for dashboard credentials | [...](./values.yaml#L547) | -| [`dashboard.auth.externalSecret.name`](./values.yaml#L550) | External secret name | `""` | -| [`dashboard.auth.externalSecret.passwordKey`](./values.yaml#L556) | Secret key name for the password | `"DASHBOARD_PASSWORD"` | -| [`dashboard.auth.externalSecret.usernameKey`](./values.yaml#L553) | Secret key name for the username | `"DASHBOARD_USERNAME"` | -| [`dashboard.auth.password`](./values.yaml#L543) | `DASHBOARD_PASSWORD` — will generate a random password if not set | `""` | -| [`dashboard.auth.username`](./values.yaml#L540) | `DASHBOARD_USERNAME` | `"admin"` | -| [`dashboard.enabled`](./values.yaml#L533) | Enable dashboard | `true` | +| [`dashboard`](./values.yaml#L528) | Document Engine Dashboard settings | | +| [`dashboard.auth`](./values.yaml#L535) | Dashboard authentication | [...](./values.yaml#L535) | +| [`dashboard.auth.externalSecret`](./values.yaml#L545) | Use an external secret for dashboard credentials | [...](./values.yaml#L545) | +| [`dashboard.auth.externalSecret.name`](./values.yaml#L548) | External secret name | `""` | +| [`dashboard.auth.externalSecret.passwordKey`](./values.yaml#L554) | Secret key name for the password | `"DASHBOARD_PASSWORD"` | +| [`dashboard.auth.externalSecret.usernameKey`](./values.yaml#L551) | Secret key name for the username | `"DASHBOARD_USERNAME"` | +| [`dashboard.auth.password`](./values.yaml#L541) | `DASHBOARD_PASSWORD` — will generate a random password if not set | `""` | +| [`dashboard.auth.username`](./values.yaml#L538) | `DASHBOARD_USERNAME` | `"admin"` | +| [`dashboard.enabled`](./values.yaml#L531) | Enable dashboard | `true` | ### Environment | Key | Description | Default | |-----|-------------|---------| -| [`extraEnvFrom`](./values.yaml#L722) | Extra environment variables from resources | `[]` | -| [`extraEnvs`](./values.yaml#L719) | Extra environment variables | `[]` | -| [`extraVolumeMounts`](./values.yaml#L728) | Additional volume mounts for Document Engine container | `[]` | -| [`extraVolumes`](./values.yaml#L725) | Additional volumes | `[]` | -| [`image`](./values.yaml#L679) | Image settings | [...](./values.yaml#L679) | -| [`imagePullSecrets`](./values.yaml#L686) | Pull secrets | `[]` | -| [`initContainers`](./values.yaml#L734) | Init containers | `[]` | -| [`podSecurityContext`](./values.yaml#L705) | Pod security context | `{}` | -| [`securityContext`](./values.yaml#L709) | Security context | `{}` | -| [`serviceAccount`](./values.yaml#L698) | ServiceAccount | [...](./values.yaml#L698) | -| [`sidecars`](./values.yaml#L731) | Additional containers | `[]` | +| [`extraEnvFrom`](./values.yaml#L720) | Extra environment variables from resources | `[]` | +| [`extraEnvs`](./values.yaml#L717) | Extra environment variables | `[]` | +| [`extraVolumeMounts`](./values.yaml#L726) | Additional volume mounts for Document Engine container | `[]` | +| [`extraVolumes`](./values.yaml#L723) | Additional volumes | `[]` | +| [`image`](./values.yaml#L677) | Image settings | [...](./values.yaml#L677) | +| [`imagePullSecrets`](./values.yaml#L684) | Pull secrets | `[]` | +| [`initContainers`](./values.yaml#L732) | Init containers | `[]` | +| [`podSecurityContext`](./values.yaml#L703) | Pod security context | `{}` | +| [`securityContext`](./values.yaml#L707) | Security context | `{}` | +| [`serviceAccount`](./values.yaml#L696) | ServiceAccount | [...](./values.yaml#L696) | +| [`sidecars`](./values.yaml#L729) | Additional containers | `[]` | ### Metadata | Key | Description | Default | |-----|-------------|---------| -| [`deploymentAnnotations`](./values.yaml#L744) | Deployment annotations | `{}` | -| [`fullnameOverride`](./values.yaml#L693) | Release full name override | `""` | -| [`nameOverride`](./values.yaml#L690) | Release name override | `""` | -| [`podAnnotations`](./values.yaml#L741) | Pod annotations | `{}` | -| [`podLabels`](./values.yaml#L738) | Pod labels | `{}` | +| [`deploymentAnnotations`](./values.yaml#L742) | Deployment annotations | `{}` | +| [`fullnameOverride`](./values.yaml#L691) | Release full name override | `""` | +| [`nameOverride`](./values.yaml#L688) | Release name override | `""` | +| [`podAnnotations`](./values.yaml#L739) | Pod annotations | `{}` | +| [`podLabels`](./values.yaml#L736) | Pod labels | `{}` | ### Networking | Key | Description | Default | |-----|-------------|---------| -| [`extraIngresses`](./values.yaml#L795) | Additional ingresses, e.g. for the dashboard | [...](./values.yaml#L795) | -| [`ingress`](./values.yaml#L760) | Ingress | [...](./values.yaml#L760) | -| [`ingress.annotations`](./values.yaml#L769) | Ingress annotations | `{}` | -| [`ingress.className`](./values.yaml#L766) | Ingress class name | `""` | -| [`ingress.enabled`](./values.yaml#L763) | Enable ingress | `false` | -| [`ingress.hosts`](./values.yaml#L772) | Hosts | `[]` | -| [`ingress.tls`](./values.yaml#L786) | Ingress TLS section | `[]` | -| [`networkPolicy`](./values.yaml#L812) | [Network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/) | [...](./values.yaml#L812) | -| [`networkPolicy.allowExternal`](./values.yaml#L820) | Allow access from anywhere | `true` | -| [`networkPolicy.allowExternalEgress`](./values.yaml#L844) | Allow the pod to access any range of port and all destinations. | `true` | -| [`networkPolicy.enabled`](./values.yaml#L815) | Enable network policy | `true` | -| [`networkPolicy.extraEgress`](./values.yaml#L847) | Extra egress rules | `[]` | -| [`networkPolicy.extraIngress`](./values.yaml#L823) | Additional ingress rules | `[]` | -| [`networkPolicy.ingressMatchSelectorLabels`](./values.yaml#L838) | Allow traffic from other namespaces | `[]` | -| [`service`](./values.yaml#L749) | Service | [...](./values.yaml#L749) | -| [`service.port`](./values.yaml#L755) | Service port — see also `config.port` | `5000` | -| [`service.type`](./values.yaml#L752) | Service type | `"ClusterIP"` | +| [`extraIngresses`](./values.yaml#L793) | Additional ingresses, e.g. for the dashboard | [...](./values.yaml#L793) | +| [`ingress`](./values.yaml#L758) | Ingress | [...](./values.yaml#L758) | +| [`ingress.annotations`](./values.yaml#L767) | Ingress annotations | `{}` | +| [`ingress.className`](./values.yaml#L764) | Ingress class name | `""` | +| [`ingress.enabled`](./values.yaml#L761) | Enable ingress | `false` | +| [`ingress.hosts`](./values.yaml#L770) | Hosts | `[]` | +| [`ingress.tls`](./values.yaml#L784) | Ingress TLS section | `[]` | +| [`networkPolicy`](./values.yaml#L810) | [Network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/) | [...](./values.yaml#L810) | +| [`networkPolicy.allowExternal`](./values.yaml#L818) | Allow access from anywhere | `true` | +| [`networkPolicy.allowExternalEgress`](./values.yaml#L842) | Allow the pod to access any range of port and all destinations. | `true` | +| [`networkPolicy.enabled`](./values.yaml#L813) | Enable network policy | `true` | +| [`networkPolicy.extraEgress`](./values.yaml#L845) | Extra egress rules | `[]` | +| [`networkPolicy.extraIngress`](./values.yaml#L821) | Additional ingress rules | `[]` | +| [`networkPolicy.ingressMatchSelectorLabels`](./values.yaml#L836) | Allow traffic from other namespaces | `[]` | +| [`service`](./values.yaml#L747) | Service | [...](./values.yaml#L747) | +| [`service.port`](./values.yaml#L753) | Service port — see also `config.port` | `5000` | +| [`service.type`](./values.yaml#L750) | Service type | `"ClusterIP"` | ### Observability | Key | Description | Default | |-----|-------------|---------| -| [`observability`](./values.yaml#L561) | Observability settings | | -| [`observability.log`](./values.yaml#L565) | Logs | [...](./values.yaml#L565) | -| [`observability.log.healthcheckLevel`](./values.yaml#L571) | `HEALTHCHECK_LOGLEVEL` — log level for health checks | `"debug"` | -| [`observability.log.level`](./values.yaml#L568) | `LOG_LEVEL` | `"info"` | -| [`observability.metrics`](./values.yaml#L606) | Metrics configuration | [...](./values.yaml#L606) | -| [`observability.metrics.enabled`](./values.yaml#L609) | Enable metrics exporting | `false` | -| [`observability.metrics.prometheusRule`](./values.yaml#L647) | Prometheus [PrometheusRule](https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.PrometheusRule) | [...](./values.yaml#L647) | -| [`observability.metrics.serviceMonitor`](./values.yaml#L633) | Prometheus [ServiceMonitor](https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.ServiceMonitor) | [...](./values.yaml#L633) | -| [`observability.metrics.statsd`](./values.yaml#L613) | StatsD parameters | [...](./values.yaml#L613) | -| [`observability.metrics.statsd.customTags`](./values.yaml#L629) | StatsD custom tags, `STATSD_CUSTOM_TAGS` | *generated* | -| [`observability.metrics.statsd.port`](./values.yaml#L623) | StatsD port, `STATSD_PORT` | `9125` | -| [`observability.opentelemetry`](./values.yaml#L575) | OpenTelemetry settings | [...](./values.yaml#L575) | -| [`observability.opentelemetry.enabled`](./values.yaml#L578) | Enable OpenTelemetry (`ENABLE_OPENTELEMETRY`), only tracing is currently supported | `false` | -| [`observability.opentelemetry.otelPropagators`](./values.yaml#L594) | `OTEL_PROPAGATORS`, propagators | `""` | -| [`observability.opentelemetry.otelResourceAttributes`](./values.yaml#L591) | `OTEL_RESOURCE_ATTRIBUTES`, resource attributes | `""` | -| [`observability.opentelemetry.otelServiceName`](./values.yaml#L588) | `OTEL_SERVICE_NAME`, service name | `""` | -| [`observability.opentelemetry.otelTracesSampler`](./values.yaml#L599) | `OTEL_TRACES_SAMPLER`, should normally not be touched to allow custom `parent_based` work, but something like `parentbased_traceidratio` may be considered | `""` | -| [`observability.opentelemetry.otelTracesSamplerArg`](./values.yaml#L602) | `OTEL_TRACES_SAMPLER_ARG`, argument for the sampler | `""` | -| [`observability.opentelemetry.otlpExporterEndpoint`](./values.yaml#L582) | https://opentelemetry.io/docs/specs/otel/configuration/sdk-environment-variables/ `OTEL_EXPORTER_OTLP_ENDPOINT`, if not set, defaults to `http://localhost:4317` | `""` | -| [`observability.opentelemetry.otlpExporterProtocol`](./values.yaml#L585) | `OTEL_EXPORTER_OTLP_PROTOCOL`, if not set, defaults to `grpc` | `""` | -| [`prometheusExporter`](./values.yaml#L657) | StatsD exporter for Prometheus, not recommended for production use Requires `observability.metrics.enabled` and `observability.metrics.statsd.enabled` | [...](./values.yaml#L657) | -| [`prometheusExporter.enabled`](./values.yaml#L660) | Enable the Prometheus exporter | `false` | -| [`prometheusExporter.port`](./values.yaml#L667) | Prometheus metrics port | `10254` | +| [`observability`](./values.yaml#L559) | Observability settings | | +| [`observability.log`](./values.yaml#L563) | Logs | [...](./values.yaml#L563) | +| [`observability.log.healthcheckLevel`](./values.yaml#L569) | `HEALTHCHECK_LOGLEVEL` — log level for health checks | `"debug"` | +| [`observability.log.level`](./values.yaml#L566) | `LOG_LEVEL` | `"info"` | +| [`observability.metrics`](./values.yaml#L604) | Metrics configuration | [...](./values.yaml#L604) | +| [`observability.metrics.enabled`](./values.yaml#L607) | Enable metrics exporting | `false` | +| [`observability.metrics.prometheusRule`](./values.yaml#L645) | Prometheus [PrometheusRule](https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.PrometheusRule) | [...](./values.yaml#L645) | +| [`observability.metrics.serviceMonitor`](./values.yaml#L631) | Prometheus [ServiceMonitor](https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.ServiceMonitor) | [...](./values.yaml#L631) | +| [`observability.metrics.statsd`](./values.yaml#L611) | StatsD parameters | [...](./values.yaml#L611) | +| [`observability.metrics.statsd.customTags`](./values.yaml#L627) | StatsD custom tags, `STATSD_CUSTOM_TAGS` | *generated* | +| [`observability.metrics.statsd.port`](./values.yaml#L621) | StatsD port, `STATSD_PORT` | `9125` | +| [`observability.opentelemetry`](./values.yaml#L573) | OpenTelemetry settings | [...](./values.yaml#L573) | +| [`observability.opentelemetry.enabled`](./values.yaml#L576) | Enable OpenTelemetry (`ENABLE_OPENTELEMETRY`), only tracing is currently supported | `false` | +| [`observability.opentelemetry.otelPropagators`](./values.yaml#L592) | `OTEL_PROPAGATORS`, propagators | `""` | +| [`observability.opentelemetry.otelResourceAttributes`](./values.yaml#L589) | `OTEL_RESOURCE_ATTRIBUTES`, resource attributes | `""` | +| [`observability.opentelemetry.otelServiceName`](./values.yaml#L586) | `OTEL_SERVICE_NAME`, service name | `""` | +| [`observability.opentelemetry.otelTracesSampler`](./values.yaml#L597) | `OTEL_TRACES_SAMPLER`, should normally not be touched to allow custom `parent_based` work, but something like `parentbased_traceidratio` may be considered | `""` | +| [`observability.opentelemetry.otelTracesSamplerArg`](./values.yaml#L600) | `OTEL_TRACES_SAMPLER_ARG`, argument for the sampler | `""` | +| [`observability.opentelemetry.otlpExporterEndpoint`](./values.yaml#L580) | https://opentelemetry.io/docs/specs/otel/configuration/sdk-environment-variables/ `OTEL_EXPORTER_OTLP_ENDPOINT`, if not set, defaults to `http://localhost:4317` | `""` | +| [`observability.opentelemetry.otlpExporterProtocol`](./values.yaml#L583) | `OTEL_EXPORTER_OTLP_PROTOCOL`, if not set, defaults to `grpc` | `""` | +| [`prometheusExporter`](./values.yaml#L655) | StatsD exporter for Prometheus, not recommended for production use Requires `observability.metrics.enabled` and `observability.metrics.statsd.enabled` | [...](./values.yaml#L655) | +| [`prometheusExporter.enabled`](./values.yaml#L658) | Enable the Prometheus exporter | `false` | +| [`prometheusExporter.port`](./values.yaml#L665) | Prometheus metrics port | `10254` | ### Pod lifecycle | Key | Description | Default | |-----|-------------|---------| -| [`lifecycle`](./values.yaml#L906) | [Lifecycle](https://kubernetes.io/docs/tasks/configure-pod-container/attach-handler-lifecycle-event/) | `map[]` | -| [`livenessProbe`](./values.yaml#L877) | [Liveness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) | [...](./values.yaml#L877) | -| [`readinessProbe`](./values.yaml#L890) | [Readiness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) | [...](./values.yaml#L890) | -| [`startupProbe`](./values.yaml#L864) | [Startup probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) | [...](./values.yaml#L864) | -| [`terminationGracePeriodSeconds`](./values.yaml#L902) | [Termination grace period](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/) | `30` | +| [`lifecycle`](./values.yaml#L904) | [Lifecycle](https://kubernetes.io/docs/tasks/configure-pod-container/attach-handler-lifecycle-event/) | `map[]` | +| [`livenessProbe`](./values.yaml#L875) | [Liveness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) | [...](./values.yaml#L875) | +| [`readinessProbe`](./values.yaml#L888) | [Readiness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) | [...](./values.yaml#L888) | +| [`startupProbe`](./values.yaml#L862) | [Startup probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) | [...](./values.yaml#L862) | +| [`terminationGracePeriodSeconds`](./values.yaml#L900) | [Termination grace period](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/) | `30` | ### Scheduling | Key | Description | Default | |-----|-------------|---------| -| [`affinity`](./values.yaml#L962) | Node affinity | `{}` | -| [`autoscaling`](./values.yaml#L911) | [Autoscaling](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | [...](./values.yaml#L911) | -| [`nodeSelector`](./values.yaml#L959) | [Node selector](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/) | `{}` | -| [`podDisruptionBudget`](./values.yaml#L952) | [Pod disruption budget](https://kubernetes.io/docs/tasks/run-application/configure-pdb/) | [...](./values.yaml#L952) | -| [`priorityClassName`](./values.yaml#L971) | [Priority classs](https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/) | `""` | -| [`replicaCount`](./values.yaml#L940) | Number of replicas | `1` | -| [`resources`](./values.yaml#L937) | [Resources](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | `{}` | -| [`schedulerName`](./values.yaml#L974) | [Scheduler](https://kubernetes.io/docs/concepts/scheduling-eviction/kube-scheduler/) | `""` | -| [`tolerations`](./values.yaml#L965) | [Node tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) | `[]` | -| [`topologySpreadConstraints`](./values.yaml#L968) | [Topology spread constraints](https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/) | `[]` | -| [`updateStrategy`](./values.yaml#L943) | [Update strategy](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy) | `{"rollingUpdate":{},"type":"RollingUpdate"}` | +| [`affinity`](./values.yaml#L960) | Node affinity | `{}` | +| [`autoscaling`](./values.yaml#L909) | [Autoscaling](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | [...](./values.yaml#L909) | +| [`nodeSelector`](./values.yaml#L957) | [Node selector](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/) | `{}` | +| [`podDisruptionBudget`](./values.yaml#L950) | [Pod disruption budget](https://kubernetes.io/docs/tasks/run-application/configure-pdb/) | [...](./values.yaml#L950) | +| [`priorityClassName`](./values.yaml#L969) | [Priority classs](https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/) | `""` | +| [`replicaCount`](./values.yaml#L938) | Number of replicas | `1` | +| [`resources`](./values.yaml#L935) | [Resources](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | `{}` | +| [`schedulerName`](./values.yaml#L972) | [Scheduler](https://kubernetes.io/docs/concepts/scheduling-eviction/kube-scheduler/) | `""` | +| [`tolerations`](./values.yaml#L963) | [Node tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) | `[]` | +| [`topologySpreadConstraints`](./values.yaml#L966) | [Topology spread constraints](https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/) | `[]` | +| [`updateStrategy`](./values.yaml#L941) | [Update strategy](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy) | `{"rollingUpdate":{},"type":"RollingUpdate"}` | ### Chart dependencies | Key | Description | Default | |-----|-------------|---------| -| [`minio`](./values.yaml#L1001) | [External MinIO chart](https://github.com/bitnami/charts/tree/main/bitnami/minio) | [...](./values.yaml#L1001) | -| [`postgresql`](./values.yaml#L979) | [External PostgreSQL database chart](https://github.com/bitnami/charts/tree/main/bitnami/postgresql) | [...](./values.yaml#L979) | -| [`redis`](./values.yaml#L1013) | [External Redis chart](https://github.com/bitnami/charts/tree/main/bitnami/redis) | [...](./values.yaml#L1013) | +| [`minio`](./values.yaml#L999) | [External MinIO chart](https://github.com/bitnami/charts/tree/main/bitnami/minio) | [...](./values.yaml#L999) | +| [`postgresql`](./values.yaml#L977) | [External PostgreSQL database chart](https://github.com/bitnami/charts/tree/main/bitnami/postgresql) | [...](./values.yaml#L977) | +| [`redis`](./values.yaml#L1011) | [External Redis chart](https://github.com/bitnami/charts/tree/main/bitnami/redis) | [...](./values.yaml#L1011) | ### Other Values | Key | Description | Default | |-----|-------------|---------| -| [`revisionHistoryLimit`](./values.yaml#L947) | [Revision history limit](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#clean-up-policy) | `10` | +| [`revisionHistoryLimit`](./values.yaml#L945) | [Revision history limit](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#clean-up-policy) | `10` | ## Contribution diff --git a/charts/document-engine/ci/05-with-clustered-nodes-values.yaml b/charts/document-engine/ci/05-with-clustered-nodes-values.yaml index b564453..a6a5772 100644 --- a/charts/document-engine/ci/05-with-clustered-nodes-values.yaml +++ b/charts/document-engine/ci/05-with-clustered-nodes-values.yaml @@ -42,5 +42,3 @@ replicaCount: 2 clustering: enabled: true method: kubernetes_dns - service: - name: document-engine-erl-dist diff --git a/charts/document-engine/templates/_helpers.tpl b/charts/document-engine/templates/_helpers.tpl index 83b0592..e1ed74a 100644 --- a/charts/document-engine/templates/_helpers.tpl +++ b/charts/document-engine/templates/_helpers.tpl @@ -172,6 +172,22 @@ API and dashboard secrets {{- end -}} {{- end -}} +{{/* +Clustering +*/}} +{{- define "document-engine.clustering.service.enabled" -}} + {{- if and .Values.clustering.enabled + (eq .Values.clustering.method "kubernetes_dns") -}} + {{- true -}} + {{- else -}} + {{- false -}} + {{- end -}} +{{- end }} + +{{- define "document-engine.clustering.service.name" -}} + {{- include "document-engine.fullname" . }}-cl +{{- end }} + {{/* Database parameters */}} diff --git a/charts/document-engine/templates/configmap.yaml b/charts/document-engine/templates/configmap.yaml index 0e4d2f3..87caddf 100644 --- a/charts/document-engine/templates/configmap.yaml +++ b/charts/document-engine/templates/configmap.yaml @@ -207,8 +207,9 @@ data: {{- with .Values.clustering }} CLUSTERING_ENABLED: {{ .enabled | quote }} CLUSTERING_METHOD: {{ .method }} -{{- if eq .method "kubernetes_dns" }} - CLUSTERING_SERVICE_NAME: {{ .service.name | quote }} + ERL_EPMD_PORT: {{ .epmd.port | quote }} +{{- if (eq (include "document-engine.clustering.service.enabled" $ ) "true" ) }} + CLUSTERING_SERVICE_NAME: {{ include "document-engine.clustering.service.name" $ | quote }} {{- end }} {{- end }} # diff --git a/charts/document-engine/templates/networkpolicy.yaml b/charts/document-engine/templates/networkpolicy.yaml index c9e0909..555bc6e 100644 --- a/charts/document-engine/templates/networkpolicy.yaml +++ b/charts/document-engine/templates/networkpolicy.yaml @@ -90,6 +90,24 @@ spec: {{- end }} {{- end }} {{- end }} + {{- if .Values.clustering.enabled }} + {{- with .Values.clustering }} + - ports: + # EPMD port + - protocol: TCP + port: {{ .epmd.port }} + # Erlang inet_dist ports + {{- $portRange := split " " ( seq ( int .erlangInetDist.ports.min ) + ( int .erlangInetDist.ports.max ) ) }} + {{- range $port := $portRange }} + - protocol: TCP + port: {{ $port }} + {{- end }} + from: + - podSelector: + matchLabels: {{- include "document-engine.labels" $ | nindent 14 }} + {{- end }} + {{- end }} {{- if .Values.networkPolicy.extraIngress }} {{- tpl (toYaml .Values.networkPolicy.extraIngress) . | nindent 4 }} {{- end }} diff --git a/charts/document-engine/templates/service-epmd.yaml b/charts/document-engine/templates/service-epmd.yaml index a0d1b9a..180441c 100644 --- a/charts/document-engine/templates/service-epmd.yaml +++ b/charts/document-engine/templates/service-epmd.yaml @@ -1,16 +1,15 @@ -{{- if and - .Values.clustering.enabled - (eq .Values.clustering.method "kubernetes_dns") }} +{{- if (eq (include "document-engine.clustering.service.enabled" . ) "true" ) }} apiVersion: v1 kind: Service metadata: - name: {{ .Values.clustering.service.name }} + name: {{ include "document-engine.clustering.service.name" . }} labels: {{- include "document-engine.labels" . | nindent 4 }} spec: + type: ClusterIP clusterIP: None ports: - - port: 4369 + - port: {{ .Values.clustering.epmd.port }} name: epmd selector: {{- include "document-engine.selectorLabels" . | nindent 4 }} diff --git a/charts/document-engine/values.schema.json b/charts/document-engine/values.schema.json index 24d70ea..402eddf 100644 --- a/charts/document-engine/values.schema.json +++ b/charts/document-engine/values.schema.json @@ -237,6 +237,56 @@ }, "type": "object" }, + "clustering": { + "properties": { + "enabled": { + "type": "boolean" + }, + "epmd": { + "properties": { + "port": { + "type": "integer" + } + }, + "type": "object" + }, + "erlangInetDist": { + "properties": { + "ports": { + "properties": { + "max": { + "maximum": 4379, + "minimum": 4379, + "type": "integer" + }, + "min": { + "maximum": 4370, + "minimum": 4370, + "type": "integer" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "method": { + "enum": [ + "kubernetes_dns" + ], + "type": "string" + }, + "service": { + "properties": { + "name": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, "config": { "properties": { "allowDocumentGeneration": { @@ -453,28 +503,6 @@ }, "type": "object" }, - "clustering": { - "properties": { - "enabled": { - "type": "boolean" - }, - "method": { - "enum": [ - "kubernetes_dns" - ], - "type": "string" - }, - "service": { - "properties": { - "name": { - "type": "string" - } - }, - "type": "object" - } - }, - "type": "object" - }, "documentEngineLicense": { "properties": { "activationKey": { diff --git a/charts/document-engine/values.yaml b/charts/document-engine/values.yaml index 56ce98e..bf5d9b0 100644 --- a/charts/document-engine/values.yaml +++ b/charts/document-engine/values.yaml @@ -509,20 +509,18 @@ documentConversion: # @section -- 10. Clustering # @notationType -- none clustering: - # -- `CLUSTERING_ENABLED` + # -- `CLUSTERING_ENABLED`, enable clustering, only works when `replicaCount` is greater than 1 # @section -- 10. Clustering enabled: false - # -- `CLUSTERING_METHOD` + # -- `CLUSTERING_METHOD`, only `kubernetes_dns` is currently supported # @section -- 10. Clustering method: kubernetes_dns # @schema enum: [kubernetes_dns] - # -- (object) Clustering service settings - # @section -- 10. Clustering - # @notationType -- none - service: - # -- `CLUSTERING_SERVICE_NAME` - # Also sets up the name of Service with clusterIP: None used for DNS discovery - # @section -- 10. Clustering - name: document-engine-erl-dist + epmd: + port: 4369 + erlangInetDist: + ports: + min: 4370 # @schema minimum: 4370; maximum: 4370 + max: 4379 # @schema minimum: 4379; maximum: 4379 # -- (object) Document Engine Dashboard settings # @section -- A. Dashboard