diff --git a/src/helm/env.d/dev-keycloak/values.meet.yaml.gotmpl b/src/helm/env.d/dev-keycloak/values.meet.yaml.gotmpl index 92a9c698..ed13a786 100644 --- a/src/helm/env.d/dev-keycloak/values.meet.yaml.gotmpl +++ b/src/helm/env.d/dev-keycloak/values.meet.yaml.gotmpl @@ -76,6 +76,13 @@ backend: - "/bin/sh" - "-c" - | + while ! python manage.py check --database default > /dev/null 2>&1 + do + echo "Database not ready" + sleep 2 + done + echo "Database is ready" + python manage.py migrate --no-input && python manage.py create_demo --force restartPolicy: Never @@ -92,6 +99,13 @@ backend: - "/bin/sh" - "-c" - | + while ! python manage.py check --database default > /dev/null 2>&1 + do + echo "Database not ready" + sleep 2 + done + echo "Database is ready" + python manage.py createsuperuser --email admin@example.com --password admin restartPolicy: Never diff --git a/src/helm/env.d/dev/values.meet.yaml.gotmpl b/src/helm/env.d/dev/values.meet.yaml.gotmpl index a0168bc2..135110bd 100644 --- a/src/helm/env.d/dev/values.meet.yaml.gotmpl +++ b/src/helm/env.d/dev/values.meet.yaml.gotmpl @@ -103,6 +103,13 @@ backend: - "/bin/sh" - "-c" - | + while ! python manage.py check --database default > /dev/null 2>&1 + do + echo "Database not ready" + sleep 2 + done + echo "Database is ready" + python manage.py migrate --no-input && python manage.py create_demo --force restartPolicy: Never @@ -119,6 +126,13 @@ backend: - "/bin/sh" - "-c" - | + while ! python manage.py check --database default > /dev/null 2>&1 + do + echo "Database not ready" + sleep 2 + done + echo "Database is ready" + python manage.py createsuperuser --email admin@example.com --password admin restartPolicy: Never diff --git a/src/helm/meet/Chart.yaml b/src/helm/meet/Chart.yaml index 234636f9..a946016c 100644 --- a/src/helm/meet/Chart.yaml +++ b/src/helm/meet/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v2 type: application name: meet -version: 0.0.8 +version: 0.0.9 diff --git a/src/helm/meet/README.md b/src/helm/meet/README.md index f375c33d..962cdc89 100644 --- a/src/helm/meet/README.md +++ b/src/helm/meet/README.md @@ -4,101 +4,104 @@ ### General configuration -| Name | Description | Value | -| ---------------------------------------------------------------------------- | ---------------------------------------------------- | ----------------------------------------------------------------- | -| `image.repository` | Repository to use to pull meet's container image | `lasuite/meet-backend` | -| `image.tag` | meet's container tag | `latest` | -| `image.pullPolicy` | Container image pull policy | `IfNotPresent` | -| `image.credentials.username` | Username for container registry authentication | | -| `image.credentials.password` | Password for container registry authentication | | -| `image.credentials.registry` | Registry url for which the credentials are specified | | -| `image.credentials.name` | Name of the generated secret for imagePullSecrets | | -| `nameOverride` | Override the chart name | `""` | -| `fullnameOverride` | Override the full application name | `""` | -| `ingress.enabled` | whether to enable the Ingress or not | `false` | -| `ingress.className` | IngressClass to use for the Ingress | `nil` | -| `ingress.host` | Host for the Ingress | `meet.example.com` | -| `ingress.path` | Path to use for the Ingress | `/` | -| `ingress.hosts` | Additional host to configure for the Ingress | `[]` | -| `ingress.tls.enabled` | Weather to enable TLS for the Ingress | `true` | -| `ingress.tls.additional[].secretName` | Secret name for additional TLS config | | -| `ingress.tls.additional[].hosts[]` | Hosts for additional TLS config | | -| `ingress.customBackends` | Add custom backends to ingress | `[]` | -| `ingressAdmin.enabled` | whether to enable the Ingress or not | `false` | -| `ingressAdmin.className` | IngressClass to use for the Ingress | `nil` | -| `ingressAdmin.host` | Host for the Ingress | `meet.example.com` | -| `ingressAdmin.path` | Path to use for the Ingress | `/admin` | -| `ingressAdmin.hosts` | Additional host to configure for the Ingress | `[]` | -| `ingressAdmin.tls.enabled` | Weather to enable TLS for the Ingress | `true` | -| `ingressAdmin.tls.additional[].secretName` | Secret name for additional TLS config | | -| `ingressAdmin.tls.additional[].hosts[]` | Hosts for additional TLS config | | -| `ingressMedia.enabled` | whether to enable the Ingress or not | `false` | -| `ingressMedia.className` | IngressClass to use for the Ingress | `nil` | -| `ingressMedia.host` | Host for the Ingress | `meet.example.com` | -| `ingressMedia.path` | Path to use for the Ingress | `/media/(.*)` | -| `ingressMedia.hosts` | Additional host to configure for the Ingress | `[]` | -| `ingressMedia.tls.enabled` | Weather to enable TLS for the Ingress | `true` | -| `ingressMedia.tls.secretName` | Secret name for TLS config | `nil` | -| `ingressMedia.tls.additional[].secretName` | Secret name for additional TLS config | | -| `ingressMedia.tls.additional[].hosts[]` | Hosts for additional TLS config | | -| `ingressMedia.annotations.nginx.ingress.kubernetes.io/auth-url` | | `https://meet.example.com/api/v1.0/recordings/media-auth/` | -| `ingressMedia.annotations.nginx.ingress.kubernetes.io/auth-response-headers` | | `Authorization, X-Amz-Date, X-Amz-Content-SHA256` | -| `ingressMedia.annotations.nginx.ingress.kubernetes.io/upstream-vhost` | | `minio.meet.svc.cluster.local:9000` | -| `ingressMedia.annotations.nginx.ingress.kubernetes.io/configuration-snippet` | | `add_header Content-Security-Policy "default-src 'none'" always;` | -| `serviceMedia.host` | | `minio.meet.svc.cluster.local` | -| `serviceMedia.port` | | `9000` | -| `serviceMedia.annotations` | | `{}` | +| Name | Description | Value | +| ---------------------------------------------------------------------------- | ---------------------------------------------------- | ------------------------------------------------------------------ | +| `image.repository` | Repository to use to pull meet's container image | `lasuite/meet-backend` | +| `image.tag` | meet's container tag | `latest` | +| `image.pullPolicy` | Container image pull policy | `IfNotPresent` | +| `image.credentials.username` | Username for container registry authentication | | +| `image.credentials.password` | Password for container registry authentication | | +| `image.credentials.registry` | Registry url for which the credentials are specified | | +| `image.credentials.name` | Name of the generated secret for imagePullSecrets | | +| `nameOverride` | Override the chart name | `""` | +| `fullnameOverride` | Override the full application name | `""` | +| `ingress.enabled` | whether to enable the Ingress or not | `false` | +| `ingress.className` | IngressClass to use for the Ingress | `nil` | +| `ingress.host` | Host for the Ingress | `meet.example.com` | +| `ingress.path` | Path to use for the Ingress | `/` | +| `ingress.hosts` | Additional host to configure for the Ingress | `[]` | +| `ingress.tls.enabled` | Weather to enable TLS for the Ingress | `true` | +| `ingress.tls.additional[].secretName` | Secret name for additional TLS config | | +| `ingress.tls.additional[].hosts[]` | Hosts for additional TLS config | | +| `ingress.customBackends` | Add custom backends to ingress | `[]` | +| `ingressAdmin.enabled` | whether to enable the Ingress or not | `false` | +| `ingressAdmin.className` | IngressClass to use for the Ingress | `nil` | +| `ingressAdmin.host` | Host for the Ingress | `meet.example.com` | +| `ingressAdmin.path` | Path to use for the Ingress | `/admin` | +| `ingressAdmin.hosts` | Additional host to configure for the Ingress | `[]` | +| `ingressAdmin.tls.enabled` | Weather to enable TLS for the Ingress | `true` | +| `ingressAdmin.tls.additional[].secretName` | Secret name for additional TLS config | | +| `ingressAdmin.tls.additional[].hosts[]` | Hosts for additional TLS config | | +| `ingressMedia.enabled` | whether to enable the Ingress or not | `false` | +| `ingressMedia.className` | IngressClass to use for the Ingress | `nil` | +| `ingressMedia.host` | Host for the Ingress | `meet.example.com` | +| `ingressMedia.path` | Path to use for the Ingress | `/media/(.*)` | +| `ingressMedia.hosts` | Additional host to configure for the Ingress | `[]` | +| `ingressMedia.tls.enabled` | Weather to enable TLS for the Ingress | `true` | +| `ingressMedia.tls.secretName` | Secret name for TLS config | `nil` | +| `ingressMedia.tls.additional[].secretName` | Secret name for additional TLS config | | +| `ingressMedia.tls.additional[].hosts[]` | Hosts for additional TLS config | | +| `ingressMedia.annotations.nginx.ingress.kubernetes.io/auth-url` | | `https://meet.example.com/api/v1.0/recordings/media-auth/` | +| `ingressMedia.annotations.nginx.ingress.kubernetes.io/auth-response-headers` | | `Authorization, X-Amz-Date, X-Amz-Content-SHA256` | +| `ingressMedia.annotations.nginx.ingress.kubernetes.io/upstream-vhost` | | `minio.meet.svc.cluster.local:9000` | +| `ingressMedia.annotations.nginx.ingress.kubernetes.io/configuration-snippet` | | `add_header Content-Security-Policy "default-src 'none'" always; +` | +| `serviceMedia.host` | | `minio.meet.svc.cluster.local` | +| `serviceMedia.port` | | `9000` | +| `serviceMedia.annotations` | | `{}` | ### backend -| Name | Description | Value | -| ----------------------------------------------------- | ---------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | -| `backend.dpAnnotations` | Annotations to add to the backend Deployment | `{}` | -| `backend.command` | Override the backend container command | `[]` | -| `backend.args` | Override the backend container args | `[]` | -| `backend.replicas` | Amount of backend replicas | `3` | -| `backend.shareProcessNamespace` | Enable share process namespace between containers | `false` | -| `backend.sidecars` | Add sidecars containers to backend deployment | `[]` | -| `backend.migrateJobAnnotations` | Annotations for the migrate job | `{}` | -| `backend.securityContext` | Configure backend Pod security context | `nil` | -| `backend.envVars` | Configure backend container environment variables | `undefined` | -| `backend.envVars.BY_VALUE` | Example environment variable by setting value directly | | -| `backend.envVars.FROM_CONFIGMAP.configMapKeyRef.name` | Name of a ConfigMap when configuring env vars from a ConfigMap | | -| `backend.envVars.FROM_CONFIGMAP.configMapKeyRef.key` | Key within a ConfigMap when configuring env vars from a ConfigMap | | -| `backend.envVars.FROM_SECRET.secretKeyRef.name` | Name of a Secret when configuring env vars from a Secret | | -| `backend.envVars.FROM_SECRET.secretKeyRef.key` | Key within a Secret when configuring env vars from a Secret | | -| `backend.podAnnotations` | Annotations to add to the backend Pod | `{}` | -| `backend.service.type` | backend Service type | `ClusterIP` | -| `backend.service.port` | backend Service listening port | `80` | -| `backend.service.targetPort` | backend container listening port | `8000` | -| `backend.service.annotations` | Annotations to add to the backend Service | `{}` | -| `backend.migrate.command` | backend migrate command | `["python","manage.py","migrate","--no-input"]` | -| `backend.migrate.restartPolicy` | backend migrate job restart policy | `Never` | -| `backend.createsuperuser.command` | backend migrate command | `["/bin/sh","-c","python manage.py createsuperuser --email $DJANGO_SUPERUSER_EMAIL --password $DJANGO_SUPERUSER_PASSWORD\n"]` | -| `backend.createsuperuser.restartPolicy` | backend migrate job restart policy | `Never` | -| `backend.probes.liveness.path` | Configure path for backend HTTP liveness probe | `/__heartbeat__` | -| `backend.probes.liveness.targetPort` | Configure port for backend HTTP liveness probe | `undefined` | -| `backend.probes.liveness.initialDelaySeconds` | Configure initial delay for backend liveness probe | `30` | -| `backend.probes.liveness.initialDelaySeconds` | Configure timeout for backend liveness probe | `30` | -| `backend.probes.startup.path` | Configure path for backend HTTP startup probe | `undefined` | -| `backend.probes.startup.targetPort` | Configure port for backend HTTP startup probe | `undefined` | -| `backend.probes.startup.initialDelaySeconds` | Configure initial delay for backend startup probe | `undefined` | -| `backend.probes.startup.initialDelaySeconds` | Configure timeout for backend startup probe | `undefined` | -| `backend.probes.readiness.path` | Configure path for backend HTTP readiness probe | `/__lbheartbeat__` | -| `backend.probes.readiness.targetPort` | Configure port for backend HTTP readiness probe | `undefined` | -| `backend.probes.readiness.initialDelaySeconds` | Configure initial delay for backend readiness probe | `30` | -| `backend.probes.readiness.initialDelaySeconds` | Configure timeout for backend readiness probe | `30` | -| `backend.resources` | Resource requirements for the backend container | `{}` | -| `backend.nodeSelector` | Node selector for the backend Pod | `{}` | -| `backend.tolerations` | Tolerations for the backend Pod | `[]` | -| `backend.affinity` | Affinity for the backend Pod | `{}` | -| `backend.persistence` | Additional volumes to create and mount on the backend. Used for debugging purposes | `{}` | -| `backend.persistence.volume-name.size` | Size of the additional volume | | -| `backend.persistence.volume-name.type` | Type of the additional volume, persistentVolumeClaim or emptyDir | | -| `backend.persistence.volume-name.mountPath` | Path where the volume should be mounted to | | -| `backend.extraVolumeMounts` | Additional volumes to mount on the backend. | `[]` | -| `backend.extraVolumes` | Additional volumes to mount on the backend. | `[]` | -| `backend.pdb.enabled` | Enable pdb on backend | `true` | +| Name | Description | Value | +| ----------------------------------------------------- | ---------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `backend.dpAnnotations` | Annotations to add to the backend Deployment | `{}` | +| `backend.command` | Override the backend container command | `[]` | +| `backend.args` | Override the backend container args | `[]` | +| `backend.replicas` | Amount of backend replicas | `3` | +| `backend.shareProcessNamespace` | Enable share process namespace between containers | `false` | +| `backend.sidecars` | Add sidecars containers to backend deployment | `[]` | +| `backend.migrateJobAnnotations` | Annotations for the migrate job | `{}` | +| `backend.jobs.ttlSecondsAfterFinished` | Period to wait before remove jobs | `30` | +| `backend.jobs.backoffLimit` | Numbers of jobs retries | `2` | +| `backend.securityContext` | Configure backend Pod security context | `nil` | +| `backend.envVars` | Configure backend container environment variables | `undefined` | +| `backend.envVars.BY_VALUE` | Example environment variable by setting value directly | | +| `backend.envVars.FROM_CONFIGMAP.configMapKeyRef.name` | Name of a ConfigMap when configuring env vars from a ConfigMap | | +| `backend.envVars.FROM_CONFIGMAP.configMapKeyRef.key` | Key within a ConfigMap when configuring env vars from a ConfigMap | | +| `backend.envVars.FROM_SECRET.secretKeyRef.name` | Name of a Secret when configuring env vars from a Secret | | +| `backend.envVars.FROM_SECRET.secretKeyRef.key` | Key within a Secret when configuring env vars from a Secret | | +| `backend.podAnnotations` | Annotations to add to the backend Pod | `{}` | +| `backend.service.type` | backend Service type | `ClusterIP` | +| `backend.service.port` | backend Service listening port | `80` | +| `backend.service.targetPort` | backend container listening port | `8000` | +| `backend.service.annotations` | Annotations to add to the backend Service | `{}` | +| `backend.migrate.command` | backend migrate command | `["/bin/sh","-c","while ! python manage.py check --database default > /dev/null 2>&1\ndo\n echo \"Database not ready\"\n sleep 2\ndone\necho \"Database is ready\"\n\npython manage.py migrate --no-input\n"]` | +| `backend.migrate.restartPolicy` | backend migrate job restart policy | `Never` | +| `backend.createsuperuser.command` | backend migrate command | `["/bin/sh","-c","while ! python manage.py check --database default > /dev/null 2>&1\ndo\n echo \"Database not ready\"\n sleep 2\ndone\necho \"Database is ready\"\n\npython manage.py createsuperuser --email $DJANGO_SUPERUSER_EMAIL --password $DJANGO_SUPERUSER_PASSWORD\n"]` | +| `backend.createsuperuser.restartPolicy` | backend migrate job restart policy | `Never` | +| `backend.probes.liveness.path` | Configure path for backend HTTP liveness probe | `/__heartbeat__` | +| `backend.probes.liveness.targetPort` | Configure port for backend HTTP liveness probe | `undefined` | +| `backend.probes.liveness.initialDelaySeconds` | Configure initial delay for backend liveness probe | `30` | +| `backend.probes.liveness.initialDelaySeconds` | Configure timeout for backend liveness probe | `30` | +| `backend.probes.startup.path` | Configure path for backend HTTP startup probe | `undefined` | +| `backend.probes.startup.targetPort` | Configure port for backend HTTP startup probe | `undefined` | +| `backend.probes.startup.initialDelaySeconds` | Configure initial delay for backend startup probe | `undefined` | +| `backend.probes.startup.initialDelaySeconds` | Configure timeout for backend startup probe | `undefined` | +| `backend.probes.readiness.path` | Configure path for backend HTTP readiness probe | `/__lbheartbeat__` | +| `backend.probes.readiness.targetPort` | Configure port for backend HTTP readiness probe | `undefined` | +| `backend.probes.readiness.initialDelaySeconds` | Configure initial delay for backend readiness probe | `30` | +| `backend.probes.readiness.initialDelaySeconds` | Configure timeout for backend readiness probe | `30` | +| `backend.resources` | Resource requirements for the backend container | `{}` | +| `backend.nodeSelector` | Node selector for the backend Pod | `{}` | +| `backend.tolerations` | Tolerations for the backend Pod | `[]` | +| `backend.affinity` | Affinity for the backend Pod | `{}` | +| `backend.persistence` | Additional volumes to create and mount on the backend. Used for debugging purposes | `{}` | +| `backend.persistence.volume-name.size` | Size of the additional volume | | +| `backend.persistence.volume-name.type` | Type of the additional volume, persistentVolumeClaim or emptyDir | | +| `backend.persistence.volume-name.mountPath` | Path where the volume should be mounted to | | +| `backend.extraVolumeMounts` | Additional volumes to mount on the backend. | `[]` | +| `backend.extraVolumes` | Additional volumes to mount on the backend. | `[]` | +| `backend.pdb.enabled` | Enable pdb on backend | `true` | ### frontend diff --git a/src/helm/meet/templates/backend_job_createsuperuser.yaml b/src/helm/meet/templates/backend_job_createsuperuser.yaml index ccc31f47..31c44e93 100644 --- a/src/helm/meet/templates/backend_job_createsuperuser.yaml +++ b/src/helm/meet/templates/backend_job_createsuperuser.yaml @@ -14,6 +14,8 @@ metadata: labels: {{- include "meet.common.labels" (list . $component) | nindent 4 }} spec: + ttlSecondsAfterFinished: {{ .Values.backend.jobs.ttlSecondsAfterFinished }} + backoffLimit: {{ .Values.backend.jobs.backoffLimit }} template: metadata: annotations: diff --git a/src/helm/meet/templates/backend_job_migrate.yaml b/src/helm/meet/templates/backend_job_migrate.yaml index f0474393..c3f01587 100644 --- a/src/helm/meet/templates/backend_job_migrate.yaml +++ b/src/helm/meet/templates/backend_job_migrate.yaml @@ -14,6 +14,8 @@ metadata: labels: {{- include "meet.common.labels" (list . $component) | nindent 4 }} spec: + ttlSecondsAfterFinished: {{ .Values.backend.jobs.ttlSecondsAfterFinished }} + backoffLimit: {{ .Values.backend.jobs.backoffLimit }} template: metadata: annotations: diff --git a/src/helm/meet/values.yaml b/src/helm/meet/values.yaml index 34d2e100..dc2e1f00 100644 --- a/src/helm/meet/values.yaml +++ b/src/helm/meet/values.yaml @@ -136,6 +136,12 @@ backend: ## @param backend.migrateJobAnnotations Annotations for the migrate job migrateJobAnnotations: {} + ## @param backend.jobs.ttlSecondsAfterFinished Period to wait before remove jobs + ## @param backend.jobs.backoffLimit Numbers of jobs retries + jobs: + ttlSecondsAfterFinished: 30 + backoffLimit: 2 + ## @param backend.securityContext Configure backend Pod security context securityContext: null @@ -166,10 +172,17 @@ backend: ## @param backend.migrate.restartPolicy backend migrate job restart policy migrate: command: - - "python" - - "manage.py" - - "migrate" - - "--no-input" + - "/bin/sh" + - "-c" + - | + while ! python manage.py check --database default > /dev/null 2>&1 + do + echo "Database not ready" + sleep 2 + done + echo "Database is ready" + + python manage.py migrate --no-input restartPolicy: Never ## @param backend.createsuperuser.command backend migrate command @@ -179,6 +192,13 @@ backend: - "/bin/sh" - "-c" - | + while ! python manage.py check --database default > /dev/null 2>&1 + do + echo "Database not ready" + sleep 2 + done + echo "Database is ready" + python manage.py createsuperuser --email $DJANGO_SUPERUSER_EMAIL --password $DJANGO_SUPERUSER_PASSWORD restartPolicy: Never