-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add Redis, Prometheus, PostgreSQL, MinIO, Kratos charts (#22)
* Add Redis chart * Add Prometheus chart * Add PostgreSQL chart * Add Drupal page * Update outscale chart * Add MinIO chart * Add Kratos chart
- Loading branch information
Showing
31 changed files
with
670 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
## Drupal | ||
|
||
### Stable repository for Drupal | ||
|
||
[stable/drupal](https://github.com/helm/charts/tree/master/stable/drupal) refers to [bitnami chart](https://bitnami.com/stack/drupal/helm). | ||
|
||
Install with the default values (+ mandatory fields that are required): `helm install d8cluster stable/drupal --set mariadb.rootUser.password=password,mariadb.db.password=secretpassword`. | ||
|
||
Wait for the pods to be created: `kubectl get pods`. | ||
|
||
You should be able to access your new Drupal installation through [drupal.local](http://drupal.local/) and log with username = "user" and password = `kubectl get secret --namespace default d8cluster-drupal -o jsonpath="{.data.drupal-password}" | base64 --decode`. | ||
|
||
If [drupal.local](http://drupal.local/) doesn't work, look at the services state and see if the public ip of the LoadBalancer is defined. If you're on MiniKube it may be undefined, in this case look at minikube services `minikube service d8cluster-drupal --url` and open the link in the URL. | ||
|
||
### Additional reading on Drupal | ||
|
||
- Article from Jeff Geerling on [Running Drupal in Kubernetes with Docker in production](https://www.jeffgeerling.com/blog/2019/running-drupal-kubernetes-docker-production) _April 12, 2019_ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,64 @@ | ||
# Contribute | ||
|
||
## How to update the dependencies | ||
|
||
```bash | ||
# makes sure the repository has been added and refreshed | ||
helm repo add bitnami https://charts.bitnami.com/bitnami | ||
helm repo add ory https://k8s.ory.sh/helm/charts | ||
helm repo update | ||
|
||
# searches for the latest version | ||
helm search repo -l kratos --versions | ||
helm search repo -l postgresql --versions | ||
|
||
# manual: update version number in Chart.yaml | ||
|
||
# updates Chart.lock | ||
helm dependency update | ||
``` | ||
|
||
## How to check the manifest code quality | ||
|
||
```bash | ||
# checks code style | ||
helm lint | ||
|
||
# checks the Kubernetes objects generated from the chart | ||
helm template kratos . -f values.yaml --namespace kratos \ | ||
--set kratos.kratos.config.dsn=postgres://foo:bar@pg-sqlproxy-gcloud-sqlproxy:5432/db \ | ||
> temp.yaml | ||
``` | ||
|
||
## How to deploy the chart from the sources | ||
|
||
### Example with NGINX Ingress Controller | ||
|
||
```bash | ||
# gets Ingress Controller external IP | ||
NGINX_PUBLIC_IP=`kubectl get service -n ingress-nginx ingress-nginx-controller --output jsonpath='{.status.loadBalancer.ingress[0].ip}'` | ||
|
||
# installs on a cluster | ||
helm upgrade --install kratos . -f values.yaml --create-namespace \ | ||
--set kratos.kratos.config.dsn=postgres://postgres:secretpassword@kratos-postgresql:5432/kratos \ | ||
--set-file kratos.kratos.identitySchemas.'identity\.default\.schema\.json'=examples/kratos/email-password/identity.schema.json \ | ||
--set kratos.kratos.automigration.enabled=true \ | ||
--set kratos.ingress.admin.enabled=true \ | ||
--set kratos.ingress.admin.className=nginx \ | ||
--set kratos.ingress.admin.annotations.'cert-manager\.io/cluster-issuer'=letsencrypt-prod \ | ||
--set kratos.ingress.admin.hosts[0].host=kratos-admin.${NGINX_PUBLIC_IP}.sslip.io \ | ||
--set kratos.ingress.admin.tls[0].secretName=kratos-admin-tls \ | ||
--set kratos.ingress.admin.tls[0].hosts[0]=kratos-admin.${NGINX_PUBLIC_IP}.sslip.io \ | ||
--set kratos.ingress.public.enabled=true \ | ||
--set kratos.ingress.public.className=nginx \ | ||
--set kratos.ingress.public.annotations.'cert-manager\.io/cluster-issuer'=letsencrypt-prod \ | ||
--set kratos.ingress.public.hosts[0].host=kratos.${NGINX_PUBLIC_IP}.sslip.io \ | ||
--set kratos.ingress.public.tls[0].secretName=kratos-tls \ | ||
--set kratos.ingress.public.tls[0].hosts[0]=kratos.${NGINX_PUBLIC_IP}.sslip.io \ | ||
--set postgresql.dependency.enabled=true \ | ||
--set postgresql.global.postgresql.auth.postgresPassword=secretpassword \ | ||
--namespace kratos \ | ||
--debug | ||
|
||
# manual: open http://kratos.${NGINX_PUBLIC_IP}.sslip.io/ (log in with admin/pasWd8char) | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
dependencies: | ||
- name: kratos | ||
repository: https://k8s.ory.sh/helm/charts | ||
version: 0.33.4 | ||
- name: postgresql | ||
repository: https://charts.bitnami.com/bitnami | ||
version: 12.6.0 | ||
digest: sha256:cf4c7369ecaf6bfb8c2d35ae11f60c7b9b3cb692f4b357b19b4beb66f8edb00d | ||
generated: "2023-07-03T11:39:45.082206693+02:00" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
apiVersion: v2 | ||
name: kratos | ||
description: Helm chart for managing Kratos | ||
type: application | ||
version: "0.1.0" | ||
appVersion: "v0.13.0" | ||
dependencies: | ||
# ref. https://k8s.ory.sh/helm/kratos.html | ||
- name: kratos | ||
version: 0.33.4 # appVersion: v0.13.0 | ||
repository: https://k8s.ory.sh/helm/charts | ||
condition: kratos.dependency.enabled | ||
# ref. https://github.com/bitnami/charts/blob/main/bitnami/postgresql | ||
- name: postgresql | ||
version: 12.6.0 # appVersion: 15.3.0 | ||
repository: https://charts.bitnami.com/bitnami | ||
condition: postgresql.dependency.enabled | ||
maintainers: | ||
- name: devpro | ||
email: bertrand@devpro.fr | ||
home: https://github.com/devpro/helm-charts/tree/main/charts/kratos |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
# Helm chart for Kratos | ||
|
||
This Helm chart will install [Kratos](https://www.ory.sh/kratos/) ([code](https://github.com/ory/kratos), [docs](https://www.ory.sh/docs/kratos/ory-kratos-intro)) on a Kubernetes cluster. | ||
It is based on [the official Helm chart](https://k8s.ory.sh/helm/kratos.html) ([code](https://github.com/ory/k8s/tree/master/helm/charts/kratos)). | ||
|
||
## Usage | ||
|
||
```bash | ||
# if not already done, adds devpro repository in helm | ||
helm repo add devpro https://devpro.github.io/helm-charts | ||
helm repo update | ||
|
||
# installs the chart with default parameters | ||
helm upgrade --install kratos devpro/kratos --create-namespace --namespace kratos | ||
|
||
# cleans up | ||
helm uninstall kratos -n kratos | ||
kubectl delete ns kratos | ||
``` | ||
|
||
## Configuration | ||
|
||
Setting up the authentication flow can be tricky. Here are some links with information that could help you. | ||
|
||
* [Quickstart](https://www.ory.sh/docs/kratos/quickstart) | ||
* [Kratos Helm chart hack values](https://github.com/ory/k8s/blob/master/hacks/values/kratos.yaml) | ||
|
||
## Going further | ||
|
||
Look at [Contibuting](CONTRIBUTING.md) page. |
49 changes: 49 additions & 0 deletions
49
charts/kratos/examples/kratos/email-password/identity.schema.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,49 @@ | ||
{ | ||
"$id": "https://schemas.ory.sh/presets/kratos/quickstart/email-password/identity.schema.json", | ||
"$schema": "http://json-schema.org/draft-07/schema#", | ||
"title": "Person", | ||
"type": "object", | ||
"properties": { | ||
"traits": { | ||
"type": "object", | ||
"properties": { | ||
"email": { | ||
"type": "string", | ||
"format": "email", | ||
"title": "E-Mail", | ||
"minLength": 3, | ||
"ory.sh/kratos": { | ||
"credentials": { | ||
"password": { | ||
"identifier": true | ||
} | ||
}, | ||
"verification": { | ||
"via": "email" | ||
}, | ||
"recovery": { | ||
"via": "email" | ||
} | ||
} | ||
}, | ||
"name": { | ||
"type": "object", | ||
"properties": { | ||
"first": { | ||
"title": "First Name", | ||
"type": "string" | ||
}, | ||
"last": { | ||
"title": "Last Name", | ||
"type": "string" | ||
} | ||
} | ||
} | ||
}, | ||
"required": [ | ||
"email" | ||
], | ||
"additionalProperties": false | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
# https://github.com/ory/k8s/blob/master/helm/charts/kratos/values.yaml | ||
kratos: | ||
kratos: | ||
config: | ||
identity: | ||
default_schema_id: default | ||
schemas: | ||
- id: default | ||
url: file:///etc/config/identity.default.schema.json | ||
|
||
# https://github.com/bitnami/charts/blob/main/bitnami/postgresql/values.yaml | ||
postgresql: | ||
dependency: | ||
enabled: false | ||
primary: | ||
initdb: | ||
scripts: | ||
# creates the database (ref. https://artifacthub.io/packages/helm/bitnami/postgresql#initialize-a-fresh-instance) | ||
init.sql: | | ||
CREATE DATABASE kratos; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,71 @@ | ||
# Contribute | ||
|
||
## How to update the dependencies | ||
|
||
```bash | ||
# makes sure the repository has been added and refreshed | ||
helm repo add minio https://charts.min.io/ | ||
helm repo update | ||
|
||
# searches for the latest version | ||
helm search repo -l minio --versions | ||
|
||
# manual: update version number in Chart.yaml | ||
|
||
# updates Chart.lock | ||
helm dependency update | ||
``` | ||
|
||
## How to check the manifest before deployment | ||
|
||
```bash | ||
# checks code style | ||
helm lint | ||
|
||
# checks the Kubernetes objects generated from the chart | ||
helm template minio . -f values.yaml \ | ||
--namespace minio > temp.yaml | ||
``` | ||
|
||
## How to deploy the chart from the sources | ||
|
||
```bash | ||
# installs on a cluster | ||
helm upgrade --install minio . -f values.yaml --create-namespace \ | ||
--set minio.resources.requests.memory=512Mi \ | ||
--set minio.replicas=1 --set minio.mode=standalone \ | ||
--set minio.persistence.enabled=false \ | ||
--set minio.rootUser=admin,minio.rootPassword=pasWd8char \ | ||
--namespace minio \ | ||
# --debug | ||
``` | ||
|
||
## How to access the console | ||
|
||
### Example with NGINX Ingress Controller and a default storage class defined | ||
|
||
ℹ MinIO Server comes with an embedded web based object browser | ||
|
||
```bash | ||
# gets Ingress Controller external IP | ||
NGINX_PUBLIC_IP=`kubectl get service -n ingress-nginx ingress-nginx-controller --output jsonpath='{.status.loadBalancer.ingress[0].ip}'` | ||
|
||
# installs on a cluster | ||
helm upgrade --install minio . -f values.yaml --create-namespace \ | ||
--set minio.resources.requests.memory=512Mi \ | ||
--set minio.replicas=1 \ | ||
--set minio.mode=standalone \ | ||
--set minio.persistence.enabled=true,minio.persistence.size=10Gi \ | ||
--set minio.rootUser=admin,minio.rootPassword=pasWd8char \ | ||
--set minio.ingress.enabled=true,minio.ingress.ingressClassName=nginx,minio.ingress.annotations.'cert-manager\.io/cluster-issuer'=letsencrypt-prod \ | ||
--set minio.ingress.hosts[0]=minio.${NGINX_PUBLIC_IP}.sslip.io \ | ||
--set minio.ingress.tls[0].secretName=minio-tls \ | ||
--set minio.ingress.tls[0].hosts[0]=minio.${NGINX_PUBLIC_IP}.sslip.io \ | ||
--set minio.consoleIngress.enabled=true,minio.consoleIngress.ingressClassName=nginx,minio.consoleIngress.annotations.'cert-manager\.io/cluster-issuer'=letsencrypt-prod \ | ||
--set minio.consoleIngress.hosts[0]=minio-console.${NGINX_PUBLIC_IP}.sslip.io \ | ||
--set minio.consoleIngress.tls[0].secretName=minio-console-tls \ | ||
--set minio.consoleIngress.tls[0].hosts[0]=minio-console.${NGINX_PUBLIC_IP}.sslip.io \ | ||
--namespace minio | ||
|
||
# manual: open http://minio-console.${NGINX_PUBLIC_IP}.sslip.io/ (log in with admin/pasWd8char) | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
dependencies: | ||
- name: minio | ||
repository: https://charts.min.io | ||
version: 5.0.9 | ||
digest: sha256:f93e3182ead43eb99cfb2e9caabfd9af08a106c8d4276feaae91ade0149b0ed4 | ||
generated: "2023-07-03T08:56:29.967777315+02:00" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
apiVersion: v2 | ||
name: minio | ||
description: Helm chart for managing MinIO | ||
type: application | ||
version: "0.1.0" | ||
appVersion: "RELEASE.2023-04-28T18-11-17Z" | ||
dependencies: | ||
- name: minio | ||
version: 5.0.9 # appVersion: RELEASE.2023-04-28T18-11-17Z | ||
repository: https://charts.min.io | ||
maintainers: | ||
- name: devpro | ||
email: bertrand@devpro.fr | ||
home: https://github.com/devpro/helm-charts/tree/main/charts/minio |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,23 @@ | ||
# MinIO | ||
# Helm chart for MinIO | ||
|
||
[min.io](https://min.io/) | ||
This Helm chart will install [min.io](https://min.io/) ([code](https://github.com/minio/minio)) on a Kubernetes cluster. | ||
It is based on [the official Helm chart](https://github.com/minio/minio/tree/master/helm/minio). | ||
|
||
## Quick start | ||
|
||
```bash | ||
# if not already done, adds devpro repository in helm | ||
helm repo add devpro https://devpro.github.io/helm-charts | ||
helm repo update | ||
|
||
# installs the chart with default parameters | ||
helm upgrade --install minio devpro/minio --create-namespace --namespace minio | ||
|
||
# cleans up | ||
helm uninstall minio -n minio | ||
kubectl delete ns minio | ||
``` | ||
|
||
## Going further | ||
|
||
Look at [Contibuting](CONTRIBUTING.md) page. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
# https://github.com/minio/minio/blob/master/helm/minio/values.yaml | ||
minio: {} | ||
# resources: | ||
# requests: | ||
# memory: | ||
# replicas: | ||
# mode: | ||
# persistence: | ||
# enabled: | ||
# # access key length should be at least 3 character long | ||
# rootUser: | ||
# # secret key length should be at least 8 character long | ||
# rootPassword: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
dependencies: | ||
- name: osc-cloud-controller-manager | ||
repository: oci://registry-1.docker.io/outscalehelm | ||
version: 0.2.0 | ||
- name: osc-bsu-csi-driver | ||
repository: oci://registry-1.docker.io/outscalehelm | ||
version: 1.2.1 | ||
digest: sha256:8cba9c83f5b8dd659c59f05a6354a98c46d5db48a7bb59148a0b557acfbe139c | ||
generated: "2023-06-26T17:15:01.698505202+02:00" |
Oops, something went wrong.