diff --git a/charts/studio/Chart.yaml b/charts/studio/Chart.yaml index 1e4b9ae5..1a330f76 100644 --- a/charts/studio/Chart.yaml +++ b/charts/studio/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: studio description: A Helm chart for Kubernetes type: application -version: 0.4.3 +version: 0.4.4 appVersion: "v2.27.0" maintainers: - name: iterative diff --git a/charts/studio/README.md b/charts/studio/README.md index 93afb8dd..d2cf1ebc 100644 --- a/charts/studio/README.md +++ b/charts/studio/README.md @@ -1,6 +1,6 @@ # studio -![Version: 0.4.3](https://img.shields.io/badge/Version-0.4.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.27.0](https://img.shields.io/badge/AppVersion-v2.27.0-informational?style=flat-square) +![Version: 0.4.4](https://img.shields.io/badge/Version-0.4.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.27.0](https://img.shields.io/badge/AppVersion-v2.27.0-informational?style=flat-square) A Helm chart for Kubernetes @@ -91,6 +91,28 @@ A Helm chart for Kubernetes | nginx.ingress.enabled | bool | `false` | | | nginx.serverBlock | string | see in `values.yaml` | Nginx for blobvault configuration | | nginx.service.type | string | `"ClusterIP"` | | +| pgBouncer | object | `{"affinity":{},"autoscaling":{"enabled":false,"maxReplicas":5,"minReplicas":1,"targetCPUUtilizationPercentage":80},"enabled":false,"envFromSecret":"","envVars":{},"image":{"pullPolicy":"IfNotPresent","repository":"docker.io/bitnami/pgbouncer","tag":"1.20.1"},"nodeSelector":{},"podAnnotations":{},"podSecurityContext":{},"replicaCount":1,"resources":{"limits":{"cpu":"1000m","memory":"1024Mi"},"requests":{"cpu":"500m","memory":"512Mi"}},"securityContext":{},"service":{"port":6432,"type":"ClusterIP"},"serviceAccountName":"","tolerations":[]}` | PgBouncer settings group | +| pgBouncer.affinity | object | `{}` | PgBouncer pod affinity configuration | +| pgBouncer.autoscaling | object | `{"enabled":false,"maxReplicas":5,"minReplicas":1,"targetCPUUtilizationPercentage":80}` | PgBouncer autoscaling configuration | +| pgBouncer.autoscaling.enabled | bool | `false` | PgBouncer autoscaling enabled flag | +| pgBouncer.autoscaling.maxReplicas | int | `5` | PgBouncer autoscaling max replicas | +| pgBouncer.autoscaling.minReplicas | int | `1` | PgBouncer autoscaling min replicas | +| pgBouncer.autoscaling.targetCPUUtilizationPercentage | int | `80` | PgBouncer autoscaling target CPU utilization percentage | +| pgBouncer.envFromSecret | string | `""` | The name of an existing Secret that contains sensitive environment variables passed to DVCx worker pods. | +| pgBouncer.envVars | object | `{}` | Additional environment variables for PgBouncer pods | +| pgBouncer.image | object | `{"pullPolicy":"IfNotPresent","repository":"docker.io/bitnami/pgbouncer","tag":"1.20.1"}` | PgBouncer image settings | +| pgBouncer.image.pullPolicy | string | `"IfNotPresent"` | PgBouncer image pull policy | +| pgBouncer.image.repository | string | `"docker.io/bitnami/pgbouncer"` | PgBouncer image repository | +| pgBouncer.image.tag | string | `"1.20.1"` | PgBouncer image tag | +| pgBouncer.nodeSelector | object | `{}` | PgBouncer pod node selector configuration | +| pgBouncer.podAnnotations | object | `{}` | Additional PgBouncer pod annotations | +| pgBouncer.podSecurityContext | object | `{}` | PgBouncer pod security context configuration | +| pgBouncer.resources | object | `{"limits":{"cpu":"1000m","memory":"1024Mi"},"requests":{"cpu":"500m","memory":"512Mi"}}` | PgBouncer resources configuration | +| pgBouncer.resources.limits | object | `{"cpu":"1000m","memory":"1024Mi"}` | PgBouncer limits configuration | +| pgBouncer.resources.requests | object | `{"cpu":"500m","memory":"512Mi"}` | PgBouncer requests configuration | +| pgBouncer.securityContext | object | `{}` | PgBouncer pod security context configuration | +| pgBouncer.serviceAccountName | string | `""` | PgBouncer service account name | +| pgBouncer.tolerations | list | `[]` | PgBouncer pod tolerations configuration | | postgresql.enabled | bool | `true` | Postgres enabled | | postgresql.fullnameOverride | string | `"studio-postgresql"` | Postgres name override | | postgresql.global.postgresql.auth.database | string | `"iterativeai"` | Postgres database | diff --git a/charts/studio/templates/_helpers.tpl b/charts/studio/templates/_helpers.tpl index 8c3b0d14..fc46ef46 100644 --- a/charts/studio/templates/_helpers.tpl +++ b/charts/studio/templates/_helpers.tpl @@ -88,6 +88,15 @@ app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} app.kubernetes.io/managed-by: {{ .Release.Service }} {{- end }} +{{- define "pgbouncer.labels" -}} +helm.sh/chart: {{ include "studio.chart" . }} +{{ include "pgbouncer.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + {{/* Selector labels */}} @@ -122,6 +131,12 @@ app.kubernetes.io/name: studio-worker app.kubernetes.io/instance: {{ .Release.Name }} {{- end }} +{{- define "pgbouncer.selectorLabels" -}} +app.kubernetes.io/name: pgbouncer +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + + {{/* Create the name of the service account to use */}} diff --git a/charts/studio/templates/deployment-pgbouncer.yaml b/charts/studio/templates/deployment-pgbouncer.yaml new file mode 100644 index 00000000..858a32e9 --- /dev/null +++ b/charts/studio/templates/deployment-pgbouncer.yaml @@ -0,0 +1,69 @@ +{{- if ((.Values.pgBouncer).enabled) -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{.Release.Name}}-pgbouncer + labels: + {{- include "pgbouncer.labels" . | nindent 4 }} +spec: + {{- if not .Values.pgBouncer.autoscaling.enabled }} + replicas: {{ .Values.pgBouncer.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "pgbouncer.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + checksum/secret-pgbouncer: {{ include (print $.Template.BasePath "/secret-pgbouncer.yaml") . | sha256sum }} + {{- include "studio.checksum" . | indent 8 }} + {{- with .Values.pgBouncer.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "pgbouncer.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ .Values.pgBouncer.serviceAccountName }} + securityContext: + {{- with .Values.pgBouncer.podSecurityContext }} + {{- toYaml . | nindent 8 }} + {{- end }} + containers: + - name: pgbouncer + securityContext: + {{- toYaml .Values.pgBouncer.securityContext | nindent 12 }} + image: "{{ .Values.pgBouncer.image.repository }}:{{ .Values.pgBouncer.image.tag }}" + imagePullPolicy: {{ .Values.pgBouncer.image.pullPolicy }} + resources: + {{- toYaml .Values.pgBouncer.resources | nindent 12 }} + env: + - name: PGBOUNCER_PORT + value: "6432" + envFrom: + - secretRef: + name: pgbouncer + {{- if .Values.pgBouncer.envFromSecret }} + - secretRef: + name: {{ .Values.pgBouncer.envFromSecret }} + {{- end }} + ports: + - name: pgbouncer + containerPort: 6432 + protocol: TCP + {{- with .Values.pgBouncer.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.pgBouncer.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.pgBouncer.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/charts/studio/templates/deployment-studio-dvcx-worker.yaml b/charts/studio/templates/deployment-studio-dvcx-worker.yaml index e5065abf..2804693f 100644 --- a/charts/studio/templates/deployment-studio-dvcx-worker.yaml +++ b/charts/studio/templates/deployment-studio-dvcx-worker.yaml @@ -30,7 +30,7 @@ spec: securityContext: fsGroup: 103 fsGroupChangePolicy: "OnRootMismatch" - {{- with .Values.studioWorker.podSecurityContext }} + {{- with .Values.studioDvcxWorker.podSecurityContext }} {{- toYaml . | nindent 8 }} {{- end }} containers: diff --git a/charts/studio/templates/secret-pgbouncer.yaml b/charts/studio/templates/secret-pgbouncer.yaml new file mode 100644 index 00000000..807d3739 --- /dev/null +++ b/charts/studio/templates/secret-pgbouncer.yaml @@ -0,0 +1,21 @@ +{{- if ((.Values.pgBouncer).enabled) -}} +apiVersion: v1 +kind: Secret +metadata: + name: pgbouncer + {{ if (not (hasKey .Values "ci")) }} # Add annotation if we're not in CI execution. + annotations: + helm.sh/resource-policy: "keep" + argocd.argoproj.io/sync-options: Delete=false + {{- end }} + labels: + {{- include "studio.labels" . | nindent 4 }} +type: Opaque +stringData: + POSTGRESQL_USERNAME: {{ .Values.global.postgres.user | quote }} + POSTGRESQL_PASSWORD: {{ .Values.global.postgres.password | quote }} + POSTGRESQL_DATABASE: {{ .Values.global.postgres.databaseName | quote }} + POSTGRESQL_HOST: {{ .Values.global.postgres.host | quote }} + POSTGRESQL_PORT: {{ .Values.global.postgres.port | quote }} + PGBOUNCER_DATABASE: {{ .Values.global.postgres.databaseName | quote }} +{{- end }} \ No newline at end of file diff --git a/charts/studio/templates/secret-studio.yaml b/charts/studio/templates/secret-studio.yaml index 2475081a..6534b1c2 100644 --- a/charts/studio/templates/secret-studio.yaml +++ b/charts/studio/templates/secret-studio.yaml @@ -11,14 +11,14 @@ metadata: {{- include "studio.labels" . | nindent 4 }} type: Opaque stringData: - {{- if .Values.global.postgres.databaseUrl }} - # Deprecated configuration format. - # Will be removed in a future release - DATABASE_URL: "psql://{{ .Values.global.postgres.databaseUser}}:{{ .Values.global.postgres.databasePassword }}@{{ .Values.global.postgres.databaseUrl }}" - {{- else }} DATABASE_USER: {{ .Values.global.postgres.user | quote }} DATABASE_PASSWORD: {{ .Values.global.postgres.password | quote }} DATABASE_NAME: {{ .Values.global.postgres.databaseName | quote }} + + {{- if ((.Values.pgBouncer).enabled) }} + DATABASE_HOST: "pgbouncer.{{ .Release.Namespace }}.svc.cluster.local" + DATABASE_PORT: {{ .Values.pgBouncer.service.port | quote }} + {{- else }} DATABASE_HOST: {{ .Values.global.postgres.host | quote }} DATABASE_PORT: {{ .Values.global.postgres.port | quote }} {{- end }} diff --git a/charts/studio/templates/service-pgbouncer.yaml b/charts/studio/templates/service-pgbouncer.yaml new file mode 100644 index 00000000..4c8233fb --- /dev/null +++ b/charts/studio/templates/service-pgbouncer.yaml @@ -0,0 +1,17 @@ +{{- if ((.Values.pgBouncer).enabled) -}} +apiVersion: v1 +kind: Service +metadata: + name: pgbouncer + labels: + {{- include "pgbouncer.labels" . | nindent 4 }} +spec: + type: {{ .Values.pgBouncer.service.type }} + ports: + - port: {{ .Values.pgBouncer.service.port }} + targetPort: pgbouncer + protocol: TCP + name: pgbouncer + selector: + {{- include "pgbouncer.selectorLabels" . | nindent 4 }} +{{- end }} diff --git a/charts/studio/values.yaml b/charts/studio/values.yaml index cc7ffcd1..53a213c6 100644 --- a/charts/studio/values.yaml +++ b/charts/studio/values.yaml @@ -363,6 +363,87 @@ ray: minimum: 1 maximum: 4 +# -- PgBouncer settings group +pgBouncer: + enabled: false + + # -- PgBouncer image settings + image: + # -- PgBouncer image repository + repository: docker.io/bitnami/pgbouncer + # -- PgBouncer image pull policy + pullPolicy: IfNotPresent + # -- PgBouncer image tag + tag: "1.20.1" + + service: + type: ClusterIP + port: 6432 + + # -- Additional environment variables for PgBouncer pods + envVars: {} + # Example: + # envVars: + # DEBUG: "True" + + # -- The name of an existing Secret that contains sensitive environment variables passed to DVCx + # worker pods. + envFromSecret: "" + + replicaCount: 1 + + # -- PgBouncer resources configuration + resources: + # -- PgBouncer requests configuration + requests: + cpu: 500m + memory: 512Mi + # -- PgBouncer limits configuration + limits: + cpu: 1000m + memory: 1024Mi + + # -- PgBouncer autoscaling configuration + autoscaling: + # -- PgBouncer autoscaling enabled flag + enabled: false + # -- PgBouncer autoscaling min replicas + minReplicas: 1 + # -- PgBouncer autoscaling max replicas + maxReplicas: 5 + # -- PgBouncer autoscaling target CPU utilization percentage + targetCPUUtilizationPercentage: 80 + # -- PgBouncer autoscaling target memory utilization percentage + # targetMemoryUtilizationPercentage: 80 + + # -- Additional PgBouncer pod annotations + podAnnotations: {} + + # -- PgBouncer pod security context configuration + podSecurityContext: {} + # fsGroup: 2000 + + # -- PgBouncer pod security context configuration + securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + + # -- PgBouncer service account name + serviceAccountName: "" + + # -- PgBouncer pod node selector configuration + nodeSelector: {} + + # -- PgBouncer pod tolerations configuration + tolerations: [] + + # -- PgBouncer pod affinity configuration + affinity: {} + # -- Studio UI settings group studioUi: # -- Additional environment variables for ui pods