Lumosviridi v20 kubernetes updates (#6356)

Updates for v20+ and misc terraform bug fixes. Also refactored to use terraform variables instead of locals which helps with readability and ease of use for new users. Terraform validation is currently passing: ![Screenshot 2024-07-21 at 13 18 37](https://github.com/user-attachments/assets/02aadc2d-d3f6-4e8b-9315-64e25191d9e6) Additionally added [terraform-docs](https://terraform-docs.io/) to generate a more helpful README for terraform specific configuration. Raw K8s manifests were updated with changes for v20+ as well. --------- Co-authored-by: Félix Malfait <[email protected]>
twentyhq · Aug 8, 2024 · c3bf94e · c3bf94e
1 parent 74229a8
commit c3bf94e
Show file tree

Hide file tree

Showing 19 changed files with 484 additions and 79 deletions.
diff --git a/packages/twenty-docker/k8s/manifests/deployment-db.yaml b/packages/twenty-docker/k8s/manifests/deployment-db.yaml
@@ -37,8 +37,8 @@ spec:
         ports:
         - containerPort: 5432
           name: tcp
-          protocol: TCP    
-        resources: 
+          protocol: TCP
+        resources:
           requests:
             memory: "256Mi"
             cpu: "250m"

diff --git a/packages/twenty-docker/k8s/manifests/deployment-server.yaml b/packages/twenty-docker/k8s/manifests/deployment-server.yaml
@@ -31,6 +31,8 @@ spec:
           value: 3000
         - name: SERVER_URL
           value: "https://crm.example.com:443"
+        - name: FRONT_BASE_URL
+          value: "https://crm.example.com:443"
         - name: PG_DATABASE_URL
           value: "postgres://twenty:[email protected]/default"
         - name: ENABLE_DB_MIGRATIONS
@@ -39,6 +41,8 @@ spec:
           value: "true"
         - name: STORAGE_TYPE
           value: "local"
+        - name: "MESSAGE_QUEUE_TYPE"
+          value: "pg-boss"
         - name: ACCESS_TOKEN_SECRET
           valueFrom:
             secretKeyRef:
@@ -65,8 +69,8 @@ spec:
         ports:
         - containerPort: 3000
           name: http-tcp
-          protocol: TCP    
-        resources: 
+          protocol: TCP
+        resources:
           requests:
             memory: "256Mi"
             cpu: "250m"
@@ -76,6 +80,8 @@ spec:
         stdin: true
         tty: true
         volumeMounts:
+        - mountPath: /app/docker-data
+          name: twentycrm-server-data
         - mountPath: /app/.local-storage
           name: twentycrm-server-data
       dnsPolicy: ClusterFirst

diff --git a/packages/twenty-docker/k8s/manifests/deployment-worker.yaml b/packages/twenty-docker/k8s/manifests/deployment-worker.yaml
@@ -0,0 +1,78 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app: twentycrm-worker
+  name: twentycrm-worker
+  namespace: twentycrm
+spec:
+  progressDeadlineSeconds: 600
+  replicas: 1
+  strategy:
+    rollingUpdate:
+      maxSurge: 1
+      maxUnavailable: 1
+    type: RollingUpdate
+  selector:
+    matchLabels:
+      app: twentycrm-worker
+  template:
+    metadata:
+      labels:
+        app: twentycrm-worker
+    spec:
+      volumes:
+      - name: twentycrm-worker-data
+        persistentVolumeClaim:
+          claimName: twentycrm-worker-pvc
+      containers:
+      - env:
+        - name: SERVER_URL
+          value: "https://crm.example.com:443"
+        - name: FRONT_BASE_URL
+          value: "https://crm.example.com:443"
+        - name: PG_DATABASE_URL
+          value: "postgres://twenty:[email protected]/default"
+        - name: ENABLE_DB_MIGRATIONS
+          value: "false" # it already runs on the server
+        - name: STORAGE_TYPE
+          value: "local"
+        - name: "MESSAGE_QUEUE_TYPE"
+          value: "pg-boss"
+        - name: ACCESS_TOKEN_SECRET
+          valueFrom:
+            secretKeyRef:
+              name: tokens
+              key: accessToken
+        - name: LOGIN_TOKEN_SECRET
+          valueFrom:
+            secretKeyRef:
+              name: tokens
+              key: loginToken
+        - name: REFRESH_TOKEN_SECRET
+          valueFrom:
+            secretKeyRef:
+              name: tokens
+              key: refreshToken
+        - name: FILE_TOKEN_SECRET
+          valueFrom:
+            secretKeyRef:
+              name: tokens
+              key: fileToken
+      - image: twentycrm/twenty:latest
+        imagePullPolicy: Always
+        name: twentycrm
+        command:
+        - yarn
+        - worker:prod
+        resources:
+          requests:
+            memory: "256Mi"
+            cpu: "250m"
+          limits:
+            memory: "1024Mi"
+            cpu: "1000m"
+        stdin: true
+        tty: true
+      dnsPolicy: ClusterFirst
+      restartPolicy: Always
diff --git a/packages/twenty-docker/k8s/manifests/ingress.yaml b/packages/twenty-docker/k8s/manifests/ingress.yaml
@@ -20,5 +20,5 @@ spec:
         backend:
           service:
             name: twentycrm-server
-            port: 
+            port:
               name: http-tcp
diff --git a/packages/twenty-docker/k8s/terraform/.terraform-docs.yml b/packages/twenty-docker/k8s/terraform/.terraform-docs.yml
@@ -0,0 +1,48 @@
+formatter: "markdown table" # this is required
+
+version: ""
+
+header-from: main.tf
+
+recursive:
+  enabled: false
+  path: modules
+
+output:
+  file: "README.md"
+  mode: inject
+  template: |-
+    <!-- BEGIN_TF_DOCS -->
+    # TwentyCRM Terraform Docs
+
+    This file was generated by [terraform-docs](https://terraform-docs.io/), for more information on how to install, configure and use visit their website.
+
+    To update this `README.md` after changes to the Terraform code in this folder, run: `terraform-docs .`
+
+    To make configuration changes to how this doc is generated, see `./.terraform-docs.yml`
+    
+    {{ .Content }}
+    <!-- END_TF_DOCS -->
+
+output-values:
+  enabled: false
+  from: "outputs.tf"
+
+sort:
+  enabled: true
+  by: required
+
+settings:
+  anchor: true
+  color: true
+  default: true
+  description: true
+  escape: true
+  hide-empty: true
+  html: true
+  indent: 2
+  lockfile: true
+  read-comments: true
+  required: true
+  sensitive: true
+  type: true
diff --git a/packages/twenty-docker/k8s/terraform/README.md b/packages/twenty-docker/k8s/terraform/README.md
@@ -0,0 +1,64 @@
+<!-- BEGIN_TF_DOCS -->
+# TwentyCRM Terraform Docs
+
+This file was generated by [terraform-docs](https://terraform-docs.io/), for more information on how to install, configure and use visit their website.
+
+To update this `README.md` after changes to the Terraform code in this folder, run: `terraform-docs .`
+
+To make configuration changes to how this doc is generated, see `./.terraform-docs.yml`
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.9.2 |
+| <a name="requirement_kubernetes"></a> [kubernetes](#requirement\_kubernetes) | >= 2.31.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_kubernetes"></a> [kubernetes](#provider\_kubernetes) | >= 2.31.0 |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [kubernetes_deployment.twentycrm_db](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/deployment) | resource |
+| [kubernetes_deployment.twentycrm_server](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/deployment) | resource |
+| [kubernetes_deployment.twentycrm_worker](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/deployment) | resource |
+| [kubernetes_ingress.twentycrm](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/ingress) | resource |
+| [kubernetes_namespace.twentycrm](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace) | resource |
+| [kubernetes_persistent_volume.db](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/persistent_volume) | resource |
+| [kubernetes_persistent_volume.server](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/persistent_volume) | resource |
+| [kubernetes_persistent_volume_claim.db](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/persistent_volume_claim) | resource |
+| [kubernetes_persistent_volume_claim.server](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/persistent_volume_claim) | resource |
+| [kubernetes_secret.twentycrm_tokens](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/secret) | resource |
+| [kubernetes_service.twentycrm_db](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/service) | resource |
+| [kubernetes_service.twentycrm_server](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/service) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_twentycrm_app_hostname"></a> [twentycrm\_app\_hostname](#input\_twentycrm\_app\_hostname) | The protocol, DNS fully qualified hostname, and port used to access TwentyCRM in your environment. Ex: https://crm.example.com:443 | `string` | n/a | yes |
+| <a name="input_twentycrm_pgdb_admin_password"></a> [twentycrm\_pgdb\_admin\_password](#input\_twentycrm\_pgdb\_admin\_password) | TwentyCRM password for postgres database. | `string` | n/a | yes |
+| <a name="input_twentycrm_token_accessToken"></a> [twentycrm\_token\_accessToken](#input\_twentycrm\_token\_accessToken) | TwentyCRM access Token | `string` | n/a | yes |
+| <a name="input_twentycrm_token_fileToken"></a> [twentycrm\_token\_fileToken](#input\_twentycrm\_token\_fileToken) | TwentyCRM file Token | `string` | n/a | yes |
+| <a name="input_twentycrm_token_loginToken"></a> [twentycrm\_token\_loginToken](#input\_twentycrm\_token\_loginToken) | TwentyCRM login Token | `string` | n/a | yes |
+| <a name="input_twentycrm_token_refreshToken"></a> [twentycrm\_token\_refreshToken](#input\_twentycrm\_token\_refreshToken) | TwentyCRM refresh Token | `string` | n/a | yes |
+| <a name="input_twentycrm_app_name"></a> [twentycrm\_app\_name](#input\_twentycrm\_app\_name) | A friendly name prefix to use for every component deployed. | `string` | `"twentycrm"` | no |
+| <a name="input_twentycrm_db_image"></a> [twentycrm\_db\_image](#input\_twentycrm\_db\_image) | TwentyCRM image for database deployment. This defaults to latest. | `string` | `"twentycrm/twenty-postgres:latest"` | no |
+| <a name="input_twentycrm_db_pv_capacity"></a> [twentycrm\_db\_pv\_capacity](#input\_twentycrm\_db\_pv\_capacity) | Storage capacity provisioned for database persistent volume. | `string` | `"10Gi"` | no |
+| <a name="input_twentycrm_db_pv_path"></a> [twentycrm\_db\_pv\_path](#input\_twentycrm\_db\_pv\_path) | Local path to use to store the physical volume if using local storage on nodes. | `string` | `""` | no |
+| <a name="input_twentycrm_db_pvc_requests"></a> [twentycrm\_db\_pvc\_requests](#input\_twentycrm\_db\_pvc\_requests) | Storage capacity reservation for database persistent volume claim. | `string` | `"10Gi"` | no |
+| <a name="input_twentycrm_db_replicas"></a> [twentycrm\_db\_replicas](#input\_twentycrm\_db\_replicas) | Number of replicas for the TwentyCRM database deployment. This defaults to 1. | `number` | `1` | no |
+| <a name="input_twentycrm_namespace"></a> [twentycrm\_namespace](#input\_twentycrm\_namespace) | Namespace for all TwentyCRM resources | `string` | `"twentycrm"` | no |
+| <a name="input_twentycrm_server_data_mount_path"></a> [twentycrm\_server\_data\_mount\_path](#input\_twentycrm\_server\_data\_mount\_path) | TwentyCRM mount path for servers application data. Defaults to '/app/docker-data'. | `string` | `"/app/docker-data"` | no |
+| <a name="input_twentycrm_server_image"></a> [twentycrm\_server\_image](#input\_twentycrm\_server\_image) | TwentyCRM server image for the server deployment. This defaults to latest. This value is also used for the workers image. | `string` | `"twentycrm/twenty:latest"` | no |
+| <a name="input_twentycrm_server_pv_capacity"></a> [twentycrm\_server\_pv\_capacity](#input\_twentycrm\_server\_pv\_capacity) | Storage capacity provisioned for server persistent volume. | `string` | `"10Gi"` | no |
+| <a name="input_twentycrm_server_pv_path"></a> [twentycrm\_server\_pv\_path](#input\_twentycrm\_server\_pv\_path) | Local path to use to store the physical volume if using local storage on nodes. | `string` | `""` | no |
+| <a name="input_twentycrm_server_pvc_requests"></a> [twentycrm\_server\_pvc\_requests](#input\_twentycrm\_server\_pvc\_requests) | Storage capacity reservation for server persistent volume claim. | `string` | `"10Gi"` | no |
+| <a name="input_twentycrm_server_replicas"></a> [twentycrm\_server\_replicas](#input\_twentycrm\_server\_replicas) | Number of replicas for the TwentyCRM server deployment. This defaults to 1. | `number` | `1` | no |
+| <a name="input_twentycrm_worker_replicas"></a> [twentycrm\_worker\_replicas](#input\_twentycrm\_worker\_replicas) | Number of replicas for the TwentyCRM worker deployment. This defaults to 1. | `number` | `1` | no |
+<!-- END_TF_DOCS -->
diff --git a/packages/twenty-docker/k8s/terraform/deployment-db.tf b/packages/twenty-docker/k8s/terraform/deployment-db.tf
@@ -1,17 +1,17 @@
 resource "kubernetes_deployment" "twentycrm_db" {
   metadata {
-    name      = "${local.twentycrm_app_name}-db"
+    name      = "${var.twentycrm_app_name}-db"
     namespace = kubernetes_namespace.twentycrm.metadata.0.name
     labels = {
-      app = "${local.twentycrm_app_name}-db"
+      app = "${var.twentycrm_app_name}-db"
     }
   }
 
   spec {
-    replicas = 1
+    replicas = var.twentycrm_db_replicas
     selector {
       match_labels = {
-        app = "${local.twentycrm_app_name}-db"
+        app = "${var.twentycrm_app_name}-db"
       }
     }
 
@@ -26,17 +26,14 @@ resource "kubernetes_deployment" "twentycrm_db" {
     template {
       metadata {
         labels = {
-          app = "${local.twentycrm_app_name}-db"
+          app = "${var.twentycrm_app_name}-db"
         }
       }
 
       spec {
-        # security_context {
-        #   fs_group = 0
-        # }
         container {
-          image = local.twentycrm_db_image
-          name  = local.twentycrm_app_name
+          image = var.twentycrm_db_image
+          name  = var.twentycrm_app_name
           stdin = true
           tty   = true
           security_context {
@@ -45,7 +42,7 @@ resource "kubernetes_deployment" "twentycrm_db" {
 
           env {
             name  = "POSTGRES_PASSWORD"
-            value = "twenty"
+            value = var.twentycrm_pgdb_admin_password
           }
           env {
             name  = "BITNAMI_DEBUG"
@@ -69,16 +66,16 @@ resource "kubernetes_deployment" "twentycrm_db" {
           }
 
           volume_mount {
-            name       = "nfs-twentycrm-db-data"
+            name       = "db-data"
             mount_path = "/bitnami/postgresql"
           }
         }
 
         volume {
-          name = "nfs-twentycrm-db-data"
+          name = "db-data"
 
           persistent_volume_claim {
-            claim_name = "nfs-twentycrm-db-data-pvc"
+            claim_name = kubernetes_persistent_volume_claim.db.metadata.0.name
           }
         }