diff --git a/bin/Tiltfile b/bin/Tiltfile index 2671e25a..30045e9d 100644 --- a/bin/Tiltfile +++ b/bin/Tiltfile @@ -66,6 +66,18 @@ docker_build( ) clean_old_images('localhost:5001/meet-summary') +docker_build( + 'localhost:5001/meet-agents:latest', + context='../src/agents', + dockerfile='../src/agents/Dockerfile', + only=['.'], + target = 'production', + live_update=[ + sync('../src/agents', '/app'), + ] +) +clean_old_images('localhost:5001/meet-agents') + # Copy the mkcert root CA certificate to our Docker build context # This is necessary because we need to inject the certificate into our LiveKit container local_resource( diff --git a/src/helm/env.d/dev-keycloak/values.meet.yaml.gotmpl b/src/helm/env.d/dev-keycloak/values.meet.yaml.gotmpl index 4884a6fd..346b426b 100644 --- a/src/helm/env.d/dev-keycloak/values.meet.yaml.gotmpl +++ b/src/helm/env.d/dev-keycloak/values.meet.yaml.gotmpl @@ -208,6 +208,37 @@ celery: - "--pool=solo" - "--loglevel=info" +agents: + replicas: 1 + envVars: + LIVEKIT_URL: https://livekit.127.0.0.1.nip.io/ + {{- with .Values.livekit.keys }} + {{- range $key, $value := . }} + LIVEKIT_API_SECRET: {{ $value }} + LIVEKIT_API_KEY: {{ $key }} + {{- end }} + {{- end }} + + image: + repository: localhost:5001/meet-agents + pullPolicy: Always + tag: "latest" + + # Extra volume mounts to manage our local custom CA and avoid to disable ssl + extraVolumeMounts: + - name: certs + mountPath: /usr/lib/ssl/cert.pem + subPath: cert.pem + + # Extra volumes to manage our local custom CA and avoid to disable ssl + extraVolumes: + - name: certs + configMap: + name: certifi + items: + - key: cacert.pem + path: cert.pem + ingressMedia: enabled: true host: meet.127.0.0.1.nip.io diff --git a/src/helm/meet/README.md b/src/helm/meet/README.md index e23c54f1..3cb0fe87 100644 --- a/src/helm/meet/README.md +++ b/src/helm/meet/README.md @@ -282,3 +282,36 @@ | `celery.extraVolumeMounts` | Additional volumes to mount on the celery. | `[]` | | `celery.extraVolumes` | Additional volumes to mount on the celery. | `[]` | | `celery.pdb.enabled` | Enable pdb on celery | `false` | + +### agents + +| Name | Description | Value | +| ---------------------------------------------------- | --------------------------------------------------------------------------------- | --------------------- | +| `agents.image.repository` | Repository to use to pull meet's agents container image | `lasuite/meet-agents` | +| `agents.image.tag` | meet's agents container tag | `latest` | +| `agents.image.pullPolicy` | agents container image pull policy | `IfNotPresent` | +| `agents.dpAnnotations` | Annotations to add to the agents Deployment | `{}` | +| `agents.command` | Override the agents container command | `[]` | +| `agents.args` | Override the agents container args | `[]` | +| `agents.replicas` | Amount of agents replicas | `1` | +| `agents.shareProcessNamespace` | Enable share process namespace between containers | `false` | +| `agents.sidecars` | Add sidecars containers to agents deployment | `[]` | +| `agents.securityContext` | Configure agents Pod security context | `nil` | +| `agents.envVars` | Configure agents container environment variables | `undefined` | +| `agents.envVars.BY_VALUE` | Example environment variable by setting value directly | | +| `agents.envVars.FROM_CONFIGMAP.configMapKeyRef.name` | Name of a ConfigMap when configuring env vars from a ConfigMap | | +| `agents.envVars.FROM_CONFIGMAP.configMapKeyRef.key` | Key within a ConfigMap when configuring env vars from a ConfigMap | | +| `agents.envVars.FROM_SECRET.secretKeyRef.name` | Name of a Secret when configuring env vars from a Secret | | +| `agents.envVars.FROM_SECRET.secretKeyRef.key` | Key within a Secret when configuring env vars from a Secret | | +| `agents.podAnnotations` | Annotations to add to the agents Pod | `{}` | +| `agents.resources` | Resource requirements for the agents container | `{}` | +| `agents.nodeSelector` | Node selector for the agents Pod | `{}` | +| `agents.tolerations` | Tolerations for the agents Pod | `[]` | +| `agents.affinity` | Affinity for the agents Pod | `{}` | +| `agents.persistence` | Additional volumes to create and mount on the agents. Used for debugging purposes | `{}` | +| `agents.persistence.volume-name.size` | Size of the additional volume | | +| `agents.persistence.volume-name.type` | Type of the additional volume, persistentVolumeClaim or emptyDir | | +| `agents.persistence.volume-name.mountPath` | Path where the volume should be mounted to | | +| `agents.extraVolumeMounts` | Additional volumes to mount on the agents. | `[]` | +| `agents.extraVolumes` | Additional volumes to mount on the agents. | `[]` | +| `agents.pdb.enabled` | Enable pdb on agents | `false` | diff --git a/src/helm/meet/templates/_helpers.tpl b/src/helm/meet/templates/_helpers.tpl index 3bcce4bd..b2703013 100644 --- a/src/helm/meet/templates/_helpers.tpl +++ b/src/helm/meet/templates/_helpers.tpl @@ -184,6 +184,15 @@ Requires top level scope {{ include "meet.fullname" . }}-celery {{- end }} +{{/* +Full name for the agents + +Requires top level scope +*/}} +{{- define "meet.agents.fullname" -}} +{{ include "meet.fullname" . }}-agents +{{- end }} + {{/* Usage : {{ include "meet.secret.dockerconfigjson.name" (dict "fullname" (include "meet.fullname" .) "imageCredentials" .Values.path.to.the.image1) }} */}} diff --git a/src/helm/meet/templates/agents_deployment.yaml b/src/helm/meet/templates/agents_deployment.yaml new file mode 100644 index 00000000..ec83109a --- /dev/null +++ b/src/helm/meet/templates/agents_deployment.yaml @@ -0,0 +1,137 @@ +{{- $envVars := include "meet.common.env" (list . .Values.agents) -}} +{{- $fullName := include "meet.agents.fullname" . -}} +{{- $component := "agents" -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ $fullName }} + annotations: + {{- with .Values.agents.dpAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "meet.common.labels" (list . $component) | nindent 4 }} +spec: + replicas: {{ .Values.agents.replicas }} + selector: + matchLabels: + {{- include "meet.common.selectorLabels" (list . $component) | nindent 6 }} + template: + metadata: + annotations: + {{- with .Values.agents.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "meet.common.selectorLabels" (list . $component) | nindent 8 }} + spec: + {{- if $.Values.image.credentials }} + imagePullSecrets: + - name: {{ include "meet.secret.dockerconfigjson.name" (dict "fullname" (include "meet.fullname" .) "imageCredentials" $.Values.image.credentials) }} + {{- end}} + shareProcessNamespace: {{ .Values.agents.shareProcessNamespace }} + containers: + {{- with .Values.agents.sidecars }} + {{- toYaml . | nindent 8 }} + {{- end }} + - name: {{ .Chart.Name }} + image: "{{ (.Values.agents.image | default dict).repository | default .Values.agents.image.repository }}:{{ (.Values.agents.image | default dict).tag | default .Values.agents.image.tag }}" + imagePullPolicy: {{ (.Values.agents.image | default dict).pullPolicy | default .Values.agents.image.pullPolicy }} + {{- with .Values.agents.command }} + command: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.agents.args }} + args: + {{- toYaml . | nindent 12 }} + {{- end }} + env: + {{- if $envVars}} + {{- $envVars | indent 12 }} + {{- end }} + {{- with .Values.agents.securityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.agents.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + volumeMounts: + {{- range $index, $value := .Values.mountFiles }} + - name: "files-{{ $index }}" + mountPath: {{ $value.path }} + subPath: content + {{- end }} + {{- range $name, $volume := .Values.agents.persistence }} + - name: "{{ $name }}" + mountPath: "{{ $volume.mountPath }}" + {{- end }} + {{- range .Values.agents.extraVolumeMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath | default "" }} + readOnly: {{ .readOnly }} + {{- end }} + {{- with .Values.agents.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.agents.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.agents.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + volumes: + {{- range $index, $value := .Values.agents.mountFiles }} + - name: "files-{{ $index }}" + configMap: + name: "{{ include "meet.fullname" $ }}-files-{{ $index }}" + {{- end }} + {{- range $name, $volume := .Values.agents.persistence }} + - name: "{{ $name }}" + {{- if eq $volume.type "emptyDir" }} + emptyDir: {} + {{- else }} + persistentVolumeClaim: + claimName: "{{ $fullName }}-{{ $name }}" + {{- end }} + {{- end }} + {{- range .Values.agents.extraVolumes }} + - name: {{ .name }} + {{- if .existingClaim }} + persistentVolumeClaim: + claimName: {{ .existingClaim }} + {{- else if .hostPath }} + hostPath: + {{ toYaml .hostPath | nindent 12 }} + {{- else if .csi }} + csi: + {{- toYaml .csi | nindent 12 }} + {{- else if .configMap }} + configMap: + {{- toYaml .configMap | nindent 12 }} + {{- else if .emptyDir }} + emptyDir: + {{- toYaml .emptyDir | nindent 12 }} + {{- else }} + emptyDir: {} + {{- end }} + {{- end }} +--- +{{ if .Values.agents.pdb.enabled }} +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: {{ $fullName }} + namespace: {{ .Release.Namespace | quote }} +spec: + maxUnavailable: 1 + selector: + matchLabels: + {{- include "meet.common.selectorLabels" (list . $component) | nindent 6 }} +{{ end }} diff --git a/src/helm/meet/values.yaml b/src/helm/meet/values.yaml index 7b6d03af..a42be2fe 100644 --- a/src/helm/meet/values.yaml +++ b/src/helm/meet/values.yaml @@ -616,3 +616,77 @@ celery: ## @param celery.pdb.enabled Enable pdb on celery pdb: enabled: false + +## @section agents + +agents: + + ## @param agents.image.repository Repository to use to pull meet's agents container image + ## @param agents.image.tag meet's agents container tag + ## @param agents.image.pullPolicy agents container image pull policy + image: + repository: lasuite/meet-agents + pullPolicy: IfNotPresent + tag: "latest" + + ## @param agents.dpAnnotations Annotations to add to the agents Deployment + dpAnnotations: {} + + ## @param agents.command Override the agents container command + command: [] + + ## @param agents.args Override the agents container args + args: [] + + ## @param agents.replicas Amount of agents replicas + replicas: 1 + + ## @param agents.shareProcessNamespace Enable share process namespace between containers + shareProcessNamespace: false + + ## @param agents.sidecars Add sidecars containers to agents deployment + sidecars: [] + + ## @param agents.securityContext Configure agents Pod security context + securityContext: null + + ## @param agents.envVars Configure agents container environment variables + ## @extra agents.envVars.BY_VALUE Example environment variable by setting value directly + ## @extra agents.envVars.FROM_CONFIGMAP.configMapKeyRef.name Name of a ConfigMap when configuring env vars from a ConfigMap + ## @extra agents.envVars.FROM_CONFIGMAP.configMapKeyRef.key Key within a ConfigMap when configuring env vars from a ConfigMap + ## @extra agents.envVars.FROM_SECRET.secretKeyRef.name Name of a Secret when configuring env vars from a Secret + ## @extra agents.envVars.FROM_SECRET.secretKeyRef.key Key within a Secret when configuring env vars from a Secret + ## @skip agents.envVars + envVars: + <<: *commonEnvVars + + ## @param agents.podAnnotations Annotations to add to the agents Pod + podAnnotations: {} + + ## @param agents.resources Resource requirements for the agents container + resources: {} + + ## @param agents.nodeSelector Node selector for the agents Pod + nodeSelector: {} + + ## @param agents.tolerations Tolerations for the agents Pod + tolerations: [] + + ## @param agents.affinity Affinity for the agents Pod + affinity: {} + + ## @param agents.persistence Additional volumes to create and mount on the agents. Used for debugging purposes + ## @extra agents.persistence.volume-name.size Size of the additional volume + ## @extra agents.persistence.volume-name.type Type of the additional volume, persistentVolumeClaim or emptyDir + ## @extra agents.persistence.volume-name.mountPath Path where the volume should be mounted to + persistence: {} + + ## @param agents.extraVolumeMounts Additional volumes to mount on the agents. + extraVolumeMounts: [] + + ## @param agents.extraVolumes Additional volumes to mount on the agents. + extraVolumes: [] + + ## @param agents.pdb.enabled Enable pdb on agents + pdb: + enabled: false