From 110ea93ca468b5da3c16ad9d61244a6ea8c13c60 Mon Sep 17 00:00:00 2001 From: Tristan Date: Wed, 15 Oct 2025 10:22:15 +0300 Subject: [PATCH 1/7] Update Helm Chart - Add resources - Add a key to change the storage mode - if RWO, the protes pods will be deployed on the same nodes - Update mongo to noble - Add init-script.js configMap - Update secrets - Update env - Update rabbitMQ to 4.1.4-management --- deployment/Chart.yaml | 4 +- .../templates/flower/flower-deployment.yaml | 3 +- .../templates/mongodb/mongo-init-script.yaml | 41 ++++++++++++ .../templates/mongodb/mongodb-deployment.yaml | 38 +++++++----- deployment/templates/mongodb/mongodb-pvc.yaml | 2 +- .../templates/mongodb/mongodb-secret.yaml | 8 +-- .../templates/protes/celery-deployment.yaml | 15 ++--- .../templates/protes/protes-deployment.yaml | 20 +++++- .../templates/protes/protes-volume.yaml | 4 +- .../rabbitmq/rabbitmq-deployment.yaml | 3 +- .../templates/rabbitmq/rabbitmq-pvc.yaml | 2 +- deployment/values.yaml | 62 ++++++++++++++++--- 12 files changed, 154 insertions(+), 48 deletions(-) create mode 100644 deployment/templates/mongodb/mongo-init-script.yaml diff --git a/deployment/Chart.yaml b/deployment/Chart.yaml index 00e8a6c..a6357cb 100644 --- a/deployment/Chart.yaml +++ b/deployment/Chart.yaml @@ -2,5 +2,5 @@ apiVersion: v2 name: protes description: A proTES Helm chart for Kubernetes type: application -version: 0.1.0 -appVersion: 1.16.0 +version: 2.0.0 +appVersion: 2.0.0 diff --git a/deployment/templates/flower/flower-deployment.yaml b/deployment/templates/flower/flower-deployment.yaml index 867577a..4e1cb64 100644 --- a/deployment/templates/flower/flower-deployment.yaml +++ b/deployment/templates/flower/flower-deployment.yaml @@ -18,4 +18,5 @@ spec: - image: {{ .Values.flower.image }} command: ['flower'] args: ['--broker=amqp://guest:guest@rabbitmq:5672//', '--port=5555', '--basic_auth={{ .Values.flower.basicAuth }}'] - name: flower \ No newline at end of file + name: flower + resources: {{- toYaml .Values.flower.resources | nindent 10 }} diff --git a/deployment/templates/mongodb/mongo-init-script.yaml b/deployment/templates/mongodb/mongo-init-script.yaml new file mode 100644 index 0000000..77cc49a --- /dev/null +++ b/deployment/templates/mongodb/mongo-init-script.yaml @@ -0,0 +1,41 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: mongo-init-script +data: + init-script.js: | + db = db.getSiblingDB('taskStore'); + dbproTES = db.getSiblingDB('{{ tpl .Values.mongodb.secret.databaseName . }}') + + dbproTES.createUser({ + user: "{{ tpl .Values.mongodb.secret.databaseUser . }}", + pwd: "{{ tpl .Values.mongodb.secret.databasePassword . }}", + roles: [ + { + role: "readWrite", + db: "{{ tpl .Values.mongodb.secret.databaseName . }}" + } + ] + }); + + // Create the 'tasks' and 'service_info' collections + // Database configuration from https://github.com/elixir-cloud-aai/proTES/blob/2f2d88915d9948b0d2ffbe6799af01bbc413b00a/pro_tes/config.yaml#L30 + db.createCollection('tasks'); + db.runs.createIndex( + { task_id: 1, worker_id: 1 }, + { unique: true, sparse: true } + ); + db.createCollection('service_info'); + db.service_info.createIndex( + { id: 1 } + ); + + dbproWES.createCollection('runs'); + dbproWES.runs.createIndex( + { run_id: 1, task_id: 1 }, + { unique: true, sparse: true } + ); + dbproWES.createCollection('service_info'); + dbproWES.service_info.createIndex( + { id: 1} + ); diff --git a/deployment/templates/mongodb/mongodb-deployment.yaml b/deployment/templates/mongodb/mongodb-deployment.yaml index 22261d7..b5f065d 100644 --- a/deployment/templates/mongodb/mongodb-deployment.yaml +++ b/deployment/templates/mongodb/mongodb-deployment.yaml @@ -16,25 +16,30 @@ spec: spec: containers: - env: - - name: MONGODB_USER + - name: MONGO_INITDB_ROOT_USERNAME valueFrom: secretKeyRef: - key: database-user + key: databaseRootUsername name: {{ .Values.mongodb.appName }} - - name: MONGODB_PASSWORD + - name: MONGO_INITDB_ROOT_PASSWORD valueFrom: secretKeyRef: - key: database-password + key: databaseRootPassword name: {{ .Values.mongodb.appName }} - - name: MONGODB_ADMIN_PASSWORD + - name: MONGO_INITDB_DATABASE valueFrom: secretKeyRef: - key: database-admin-password + key: databaseName name: {{ .Values.mongodb.appName }} - - name: MONGODB_DATABASE + - name: MONGO_APP_USERNAME valueFrom: secretKeyRef: - key: database-name + key: databaseUser + name: {{ .Values.mongodb.appName }} + - name: MONGO_APP_PASSWORD + valueFrom: + secretKeyRef: + key: databasePassword name: {{ .Values.mongodb.appName }} image: {{ .Values.mongodb.image }} imagePullPolicy: IfNotPresent @@ -57,20 +62,23 @@ spec: - '-i' - '-c' - >- - mongo 127.0.0.1:27017/$MONGODB_DATABASE -u $MONGODB_USER -p - $MONGODB_PASSWORD --eval="quit()" + mongosh --host 127.0.0.1:27017 -u $MONGO_INITDB_ROOT_USERNAME -p $MONGO_INITDB_ROOT_PASSWORD --authenticationDatabase admin $MONGO_INITDB_DATABASE --eval="quit()" failureThreshold: 3 - initialDelaySeconds: 3 + initialDelaySeconds: 30 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 - resources: - limits: - memory: 512Mi + resources: {{- toYaml .Values.mongodb.resources | nindent 12 }} volumeMounts: - - mountPath: /var/lib/mongodb/data + - mountPath: /data/db name: mongodb-data + - name: init-script + mountPath: /docker-entrypoint-initdb.d/init-script.js + subPath: init-script.js volumes: - name: mongodb-data persistentVolumeClaim: claimName: {{ .Values.mongodb.appName }}-volume + - name: init-script + configMap: + name: mongo-init-script diff --git a/deployment/templates/mongodb/mongodb-pvc.yaml b/deployment/templates/mongodb/mongodb-pvc.yaml index 70fc970..dede4b5 100644 --- a/deployment/templates/mongodb/mongodb-pvc.yaml +++ b/deployment/templates/mongodb/mongodb-pvc.yaml @@ -4,7 +4,7 @@ metadata: name: {{ .Values.mongodb.appName }}-volume spec: accessModes: - - ReadWriteMany + - {{ .Values.storageAccessMode }} resources: requests: storage: {{ .Values.mongodb.volumeSize }} \ No newline at end of file diff --git a/deployment/templates/mongodb/mongodb-secret.yaml b/deployment/templates/mongodb/mongodb-secret.yaml index 57949b7..e634e49 100644 --- a/deployment/templates/mongodb/mongodb-secret.yaml +++ b/deployment/templates/mongodb/mongodb-secret.yaml @@ -4,7 +4,7 @@ type: Opaque metadata: name: {{ .Values.mongodb.appName }} data: - database-admin-password: {{ .Values.mongodb.databaseAdminPassword | b64enc }} - database-name: {{ .Values.mongodb.databaseName | b64enc }} - database-password: {{ .Values.mongodb.databasePassword | b64enc }} - database-user: {{ .Values.mongodb.databaseUser | b64enc }} + {{- range $key, $val := .Values.mongodb.secret }} + "{{ $key }}": "{{ tpl $val $ | b64enc }}" + {{- end }} + diff --git a/deployment/templates/protes/celery-deployment.yaml b/deployment/templates/protes/celery-deployment.yaml index ae28321..e23f0af 100644 --- a/deployment/templates/protes/celery-deployment.yaml +++ b/deployment/templates/protes/celery-deployment.yaml @@ -16,6 +16,7 @@ spec: image: busybox command: [ 'mkdir' ] args: [ '-p', '/data/db', '/data/output', '/data/tmp' ] + resources: {{- toYaml .Values.celeryWorker.initResources | nindent 10 }} volumeMounts: - mountPath: /data name: protes-volume @@ -34,29 +35,23 @@ spec: - name: MONGO_USERNAME valueFrom: secretKeyRef: - key: database-user + key: databaseUser name: {{ .Values.mongodb.appName }} - name: MONGO_PASSWORD valueFrom: secretKeyRef: - key: database-password + key: databasePassword name: {{ .Values.mongodb.appName }} - name: MONGO_DBNAME valueFrom: secretKeyRef: - key: database-name + key: databaseName name: {{ .Values.mongodb.appName }} - name: RABBIT_HOST value: {{ .Values.rabbitmq.appName }} - name: RABBIT_PORT value: "5672" - resources: - requests: - memory: "512Mi" - cpu: "300m" - limits: - memory: "8Gi" - cpu: "1" + resources: {{- toYaml .Values.celeryWorker.resources | nindent 10 }} volumeMounts: - mountPath: /data name: protes-volume diff --git a/deployment/templates/protes/protes-deployment.yaml b/deployment/templates/protes/protes-deployment.yaml index 4dd42d7..a9d708b 100644 --- a/deployment/templates/protes/protes-deployment.yaml +++ b/deployment/templates/protes/protes-deployment.yaml @@ -12,11 +12,24 @@ spec: labels: app: {{ .Values.protes.appName }} spec: + {{- if eq .Values.storageAccessMode "ReadWriteOnce" }} + affinity: + podAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app + operator: In + values: + - {{ .Values.celeryWorker.appName }} + topologyKey: "kubernetes.io/hostname" + {{- end }} initContainers: - name: vol-init image: busybox command: [ 'mkdir' ] args: [ '-p', '/data/db', '/data/specs' ] + resources: {{- toYaml .Values.protes.initResources | nindent 10 }} volumeMounts: - mountPath: /data name: protes-volume @@ -35,22 +48,23 @@ spec: - name: MONGO_USERNAME valueFrom: secretKeyRef: - key: database-user + key: databaseUser name: {{ .Values.mongodb.appName }} - name: MONGO_PASSWORD valueFrom: secretKeyRef: - key: database-password + key: databasePassword name: {{ .Values.mongodb.appName }} - name: MONGO_DBNAME valueFrom: secretKeyRef: - key: database-name + key: databaseName name: {{ .Values.mongodb.appName }} - name: RABBIT_HOST value: {{ .Values.rabbitmq.appName }} - name: RABBIT_PORT value: "5672" + resources: {{- toYaml .Values.protes.resources | nindent 10 }} livenessProbe: tcpSocket: port: protes-port diff --git a/deployment/templates/protes/protes-volume.yaml b/deployment/templates/protes/protes-volume.yaml index 3a48246..95de9ba 100644 --- a/deployment/templates/protes/protes-volume.yaml +++ b/deployment/templates/protes/protes-volume.yaml @@ -5,7 +5,7 @@ metadata: name: {{ .Values.protes.appName}}-volume spec: accessModes: - - ReadWriteMany + - {{ .Values.storageAccessMode }} resources: requests: - storage: '1Gi' \ No newline at end of file + storage: '1Gi' diff --git a/deployment/templates/rabbitmq/rabbitmq-deployment.yaml b/deployment/templates/rabbitmq/rabbitmq-deployment.yaml index 7b8926f..212cfbe 100644 --- a/deployment/templates/rabbitmq/rabbitmq-deployment.yaml +++ b/deployment/templates/rabbitmq/rabbitmq-deployment.yaml @@ -17,10 +17,11 @@ spec: containers: - name: rabbitmq image: {{ .Values.rabbitmq.image }} + resources: {{- toYaml .Values.rabbitmq.resources | nindent 10 }} volumeMounts: - mountPath: /var/lib/rabbitmq name: rabbitmq-volume volumes: - name: rabbitmq-volume persistentVolumeClaim: - claimName: {{ .Values.rabbitmq.appName }}-volume \ No newline at end of file + claimName: {{ .Values.rabbitmq.appName }}-volume diff --git a/deployment/templates/rabbitmq/rabbitmq-pvc.yaml b/deployment/templates/rabbitmq/rabbitmq-pvc.yaml index 544e239..a5cbb88 100644 --- a/deployment/templates/rabbitmq/rabbitmq-pvc.yaml +++ b/deployment/templates/rabbitmq/rabbitmq-pvc.yaml @@ -5,7 +5,7 @@ metadata: name: {{ .Values.rabbitmq.appName }}-volume spec: accessModes: - - ReadWriteMany + - {{ .Values.storageAccessMode }} resources: requests: storage: {{ .Values.rabbitmq.volumeSize }} \ No newline at end of file diff --git a/deployment/values.yaml b/deployment/values.yaml index 1a3f005..e42060a 100644 --- a/deployment/values.yaml +++ b/deployment/values.yaml @@ -2,35 +2,81 @@ # This is a YAML-formatted file. # Declare variables to be passed into your templates. -applicationDomain: rahtiapp.fi +applicationDomain: "" # which cluster type proTES is going to be deployed on # it can be either 'kubernetes' or 'openshift' -clusterType: openshift +clusterType: kubernetes + +# mongodb-pvc.yaml/rabbitmq-pvc.yaml, change to ReadWriteMany if storageClass can do RWX +storageAccessMode: ReadWriteOnce flower: appName: protes-flower basicAuth: admin:admin image: endocode/flower + resources: + limits: + cpu: 200m + memory: 1Gi + requests: + cpu: 200m + memory: 500Mi protes: appName: protes image: elixircloud/protes:latest + initResources: + limits: + memory: 16Mi + cpu: 50m + requests: + memory: 16Mi + resources: + limits: + memory: 256Mi + cpu: 100m + requests: + memory: 256Mi + cpu: 100m celeryWorker: appName: celery-worker image: elixircloud/protes:latest + initResources: + limits: + memory: 16Mi + cpu: 50m + requests: + memory: 16Mi + cpu: 50m + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 256Mi mongodb: appName: mongodb - databaseAdminPassword: adminpasswd - databaseName: protes-db - databasePassword: protes-db-passwd - databaseUser: protes-user + secret: + databaseRootUsername: prowes-adm + databaseRootPassword: adminpasswd + databaseUser: prowes-user + databasePassword: prowes-db-passwd + databaseName: prowes-db volumeSize: 1Gi - image: centos/mongodb-36-centos7 + image: docker.io/library/mongo:noble rabbitmq: appName: rabbitmq volumeSize: 1Gi - image: rabbitmq:3-management + image: rabbitmq:4.1.4-management + resources: + limits: + cpu: 200m + memory: 1Gi + requests: + cpu: 200m + memory: 256Mi From c8afa1fe0e7f026627ca33c0c03049c611e0415e Mon Sep 17 00:00:00 2001 From: Tristan Date: Wed, 15 Oct 2025 10:32:47 +0300 Subject: [PATCH 2/7] Fix variables --- deployment/templates/mongodb/mongo-init-script.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/deployment/templates/mongodb/mongo-init-script.yaml b/deployment/templates/mongodb/mongo-init-script.yaml index 77cc49a..25d0d01 100644 --- a/deployment/templates/mongodb/mongo-init-script.yaml +++ b/deployment/templates/mongodb/mongo-init-script.yaml @@ -30,12 +30,12 @@ data: { id: 1 } ); - dbproWES.createCollection('runs'); - dbproWES.runs.createIndex( + dbproTES.createCollection('runs'); + dbproTES.runs.createIndex( { run_id: 1, task_id: 1 }, { unique: true, sparse: true } ); - dbproWES.createCollection('service_info'); - dbproWES.service_info.createIndex( + dbproTES.createCollection('service_info'); + dbproTES.service_info.createIndex( { id: 1} ); From 7e7d8500a1c0e6ad3f3459b976c0aad99a467b5c Mon Sep 17 00:00:00 2001 From: Tristan Date: Wed, 15 Oct 2025 16:10:06 +0300 Subject: [PATCH 3/7] Add default resources mongodb --- deployment/values.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/deployment/values.yaml b/deployment/values.yaml index e42060a..f34f6de 100644 --- a/deployment/values.yaml +++ b/deployment/values.yaml @@ -68,6 +68,13 @@ mongodb: databaseName: prowes-db volumeSize: 1Gi image: docker.io/library/mongo:noble + resources: + limits: + cpu: 200m + memory: 512Mi + requests: + cpu: 200m + memory: 512Mi rabbitmq: appName: rabbitmq From 5d19a2d956815b22e94ef2be7ad9da87b7db5856 Mon Sep 17 00:00:00 2001 From: Tristan Date: Thu, 16 Oct 2025 15:07:05 +0300 Subject: [PATCH 4/7] Edit rabbitMQ limits --- deployment/values.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/deployment/values.yaml b/deployment/values.yaml index f34f6de..a07deb4 100644 --- a/deployment/values.yaml +++ b/deployment/values.yaml @@ -2,11 +2,11 @@ # This is a YAML-formatted file. # Declare variables to be passed into your templates. -applicationDomain: "" +applicationDomain: "rahtiapp.fi" # which cluster type proTES is going to be deployed on # it can be either 'kubernetes' or 'openshift' -clusterType: kubernetes +clusterType: openshift # mongodb-pvc.yaml/rabbitmq-pvc.yaml, change to ReadWriteMany if storageClass can do RWX storageAccessMode: ReadWriteOnce @@ -83,7 +83,7 @@ rabbitmq: resources: limits: cpu: 200m - memory: 1Gi + memory: 256Mi requests: cpu: 200m memory: 256Mi From 0542ab37c1694d1f917af66fb2dbf67222731d33 Mon Sep 17 00:00:00 2001 From: Tristan Date: Thu, 16 Oct 2025 15:08:13 +0300 Subject: [PATCH 5/7] Fix --- deployment/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deployment/values.yaml b/deployment/values.yaml index a07deb4..82271e6 100644 --- a/deployment/values.yaml +++ b/deployment/values.yaml @@ -2,11 +2,11 @@ # This is a YAML-formatted file. # Declare variables to be passed into your templates. -applicationDomain: "rahtiapp.fi" +applicationDomain: "" # which cluster type proTES is going to be deployed on # it can be either 'kubernetes' or 'openshift' -clusterType: openshift +clusterType: kubernetes # mongodb-pvc.yaml/rabbitmq-pvc.yaml, change to ReadWriteMany if storageClass can do RWX storageAccessMode: ReadWriteOnce From a24accf49de3687e98704a9955ce0efda69faca8 Mon Sep 17 00:00:00 2001 From: Tristan Date: Fri, 17 Oct 2025 13:39:08 +0300 Subject: [PATCH 6/7] Fix readinessProbe timeout --- deployment/templates/mongodb/mongodb-deployment.yaml | 2 +- deployment/values.yaml | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/deployment/templates/mongodb/mongodb-deployment.yaml b/deployment/templates/mongodb/mongodb-deployment.yaml index b5f065d..3cfd44f 100644 --- a/deployment/templates/mongodb/mongodb-deployment.yaml +++ b/deployment/templates/mongodb/mongodb-deployment.yaml @@ -67,7 +67,7 @@ spec: initialDelaySeconds: 30 periodSeconds: 10 successThreshold: 1 - timeoutSeconds: 1 + timeoutSeconds: 50 resources: {{- toYaml .Values.mongodb.resources | nindent 12 }} volumeMounts: - mountPath: /data/db diff --git a/deployment/values.yaml b/deployment/values.yaml index 82271e6..732687f 100644 --- a/deployment/values.yaml +++ b/deployment/values.yaml @@ -18,7 +18,7 @@ flower: resources: limits: cpu: 200m - memory: 1Gi + memory: 500Mi requests: cpu: 200m memory: 500Mi @@ -61,11 +61,11 @@ celeryWorker: mongodb: appName: mongodb secret: - databaseRootUsername: prowes-adm - databaseRootPassword: adminpasswd - databaseUser: prowes-user - databasePassword: prowes-db-passwd - databaseName: prowes-db + databaseRootUsername: "" + databaseRootPassword: "" + databaseUser: "" + databasePassword: "" + databaseName: "" volumeSize: 1Gi image: docker.io/library/mongo:noble resources: From 6be1450ac4c0d14c4b22543709c96cb46baa799d Mon Sep 17 00:00:00 2001 From: Tristan Date: Wed, 22 Oct 2025 10:27:44 +0300 Subject: [PATCH 7/7] Fix init-script --- deployment/templates/mongodb/mongo-init-script.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deployment/templates/mongodb/mongo-init-script.yaml b/deployment/templates/mongodb/mongo-init-script.yaml index 25d0d01..8353ee5 100644 --- a/deployment/templates/mongodb/mongo-init-script.yaml +++ b/deployment/templates/mongodb/mongo-init-script.yaml @@ -21,7 +21,7 @@ data: // Create the 'tasks' and 'service_info' collections // Database configuration from https://github.com/elixir-cloud-aai/proTES/blob/2f2d88915d9948b0d2ffbe6799af01bbc413b00a/pro_tes/config.yaml#L30 db.createCollection('tasks'); - db.runs.createIndex( + db.tasks.createIndex( { task_id: 1, worker_id: 1 }, { unique: true, sparse: true } );