From 29b8c508d52207752f4393a5ac08c8af2201fd42 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcel=20Wallschl=C3=A4ger?= Date: Fri, 8 Mar 2024 10:41:20 +0100 Subject: [PATCH] [Fixes #152] Feature: add image pull policy to all container (#159) --- charts/geonode/README.md | 14 +++++ .../templates/geonode/geonode-deploy.yaml | 8 +-- .../templates/geoserver/geoserver-deploy.yaml | 2 + .../geonode/templates/nginx/nginx-deploy.yaml | 2 +- .../geonode/templates/pycsw/pycsw-deploy.yaml | 7 +-- charts/geonode/values.yaml | 52 ++++++++++++++----- 6 files changed, 65 insertions(+), 20 deletions(-) diff --git a/charts/geonode/README.md b/charts/geonode/README.md index d0e3722..9fc3f26 100644 --- a/charts/geonode/README.md +++ b/charts/geonode/README.md @@ -35,6 +35,7 @@ Helm Chart for Geonode. Supported versions: Geonode: 4.1.3, Geoserver: 2.23.0, p | geonode.acme.enabled | bool | `false` | enables cert-manager to do ACME challenges (aka certificates via letsencrypt) | | geonode.acme.stageUrl | string | `"https://acme-staging-v02.api.letsencrypt.org/directory"` | ACME staging environment (use acme-staging to avoid running into rate limits) stageUrl: https://acme-v02.api.letsencrypt.org/directory | | geonode.celery.container_name | string | `"celery"` | celery container name | +| geonode.celery.imagePullPolicy | string | `"IfNotPresent"` | celery image pull policy | | geonode.celery.resources.limits.cpu | int | `2` | limit cpu as in resource.requests.cpu (https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | | geonode.celery.resources.limits.memory | string | `"2Gi"` | limits memory as in resource.limits.memory (https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | | geonode.celery.resources.requests.cpu | int | `1` | requested cpu as in resource.requests.cpu (https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | @@ -68,11 +69,16 @@ Helm Chart for Geonode. Supported versions: Geonode: 4.1.3, Geoserver: 2.23.0, p | geonode.haystack.search_results_per_page | string | `"200"` | hystack results per page | | geonode.image.name | string | `"geonode/geonode"` | used geonode image | | geonode.image.tag | string | `"4.2.2"` | tag of used geonode image | +| geonode.imagePullPolicy | string | `"IfNotPresent"` | image pull policy | | geonode.imagePullSecret | string | `""` | pull secret to use for geonode image | | geonode.ingress.annotations | object | `{}` | adds ingress annotations for nginx ingress class | | geonode.ingress.enabled | bool | `true` | enables external access | | geonode.ingress.ingressClassName | string | `nil` | define kubernetes ingress class for geonode ingress | | geonode.ingress.tlsSecret | string | `"geonode-tls-secret"` | tls certificate for geonode ingress https://kubernetes.io/docs/tasks/tls/managing-tls-in-a-cluster/ (for the use of cert-manager, configure the acme section properly). is used when geonode.general.externalScheme is set to 'https' | +| geonode.init.container_name | string | `"geonode-wait-for-db-and-rabbit"` | init container name | +| geonode.init.image.name | string | `"jwilder/dockerize"` | | +| geonode.init.image.tag | string | `"0.6.1"` | | +| geonode.init.imagePullPolicy | string | `"IfNotPresent"` | | | geonode.ldap.always_update_user | bool | `true` | always update local user database from ldap | | geonode.ldap.attr_map_email_addr | string | `"mailPrimaryAddress"` | email attribute used from ldap | | geonode.ldap.attr_map_first_name | string | `"givenName"` | given name attribute used from ldap | @@ -141,6 +147,7 @@ Helm Chart for Geonode. Supported versions: Geonode: 4.1.3, Geoserver: 2.23.0, p | geoserver.container_name | string | `"geoserver"` | geoserver container name | | geoserver.image.name | string | `"geonode/geoserver"` | geoserver image docker image (default in zalf namespace because geonode one was not up to date) | | geoserver.image.tag | string | `"2.23.3-v2"` | geoserver docker image tag | +| geoserver.imagePullPolicy | string | `"IfNotPresent"` | geoserver image pull policy | | geoserver.imagePullSecret | string | `""` | pull secret to use for geoserver image | | geoserver.port | int | `8080` | geoserver port | | geoserver.resources.limits.cpu | int | `2` | limit cpu as in resource.requests.cpu (https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | @@ -153,6 +160,7 @@ Helm Chart for Geonode. Supported versions: Geonode: 4.1.3, Geoserver: 2.23.0, p | geoserver_data.container_name | string | `"geoserver-data-dir"` | | | geoserver_data.image.name | string | `"geonode/geoserver_data"` | geoserver image docker image (default in zalf namespace because geonode one was not up to date) | | geoserver_data.image.tag | string | `"2.23.3-v1"` | geoserver docker image tag | +| geoserver_data.imagePullPolicy | string | `"IfNotPresent"` | geoserver image pull policy | | global.accessMode | string | `"ReadWriteMany"` | storage access mode used by helm dependency pvc | | global.storageClass | string | `nil` | storageClass used by helm dependencies pvc | | memcached.architecture | string | `"high-availability"` | memcached replica. Loadbalanaced via kubernetes. (only one entry in django settings.py) im memcached is activated under geonode.memcached.enabled this takes place | @@ -162,6 +170,7 @@ Helm Chart for Geonode. Supported versions: Geonode: 4.1.3, Geoserver: 2.23.0, p | nginx.external_cors.enabled | bool | `false` | Add Access-Control-Allow-Origin directive to allow integration from an external domain | | nginx.image.name | string | `"nginx"` | nginx docker image | | nginx.image.tag | string | `"1.25"` | nginx docker image tag | +| nginx.imagePullPolicy | string | `"IfNotPresent"` | nginx image pull policy | | nginx.imagePullSecret | string | `""` | pull secret to use for nginx image | | nginx.maxClientBodySize | string | `"2G"` | max file upload size | | nginx.replicaCount | int | `1` | nginx container replicas | @@ -195,7 +204,12 @@ Helm Chart for Geonode. Supported versions: Geonode: 4.1.3, Geoserver: 2.23.0, p | pycsw.endpoint | string | `"/catalogue/csw"` | pycsw url below geonode.ingress.externalDomain | | pycsw.image.name | string | `"geopython/pycsw"` | pycsw docker image | | pycsw.image.tag | string | `"2.6.1"` | pycsw docker image tag | +| pycsw.imagePullPolicy | string | `"IfNotPresent"` | pycsw image pull policy | | pycsw.imagePullSecret | string | `""` | pull secret to use for pycsw image | +| pycsw.init.container_name | string | `"pycsw-wait-for-geonode"` | | +| pycsw.init.image.name | string | `"alpine/curl"` | pycsw docker image | +| pycsw.init.image.tag | string | `"8.5.0"` | pycsw docker image tag | +| pycsw.init.imagePullPolicy | string | `"IfNotPresent"` | pycsw image pull policy | | pycsw.mappings | string | copied from 4.1.x: https://github.com/GeoNode/geonode/blob/master/geonode/catalogue/backends/pycsw_local_mappings.py | pycsw config file parameters, see docs: https://docs.pycsw.org/_/downloads/en/latest/pdf/ | | pycsw.port | int | `8000` | pycsw endpoint port | | pycsw.replicaCount | int | `1` | pycsw container replicas | diff --git a/charts/geonode/templates/geonode/geonode-deploy.yaml b/charts/geonode/templates/geonode/geonode-deploy.yaml index c765d9e..140937f 100644 --- a/charts/geonode/templates/geonode/geonode-deploy.yaml +++ b/charts/geonode/templates/geonode/geonode-deploy.yaml @@ -37,9 +37,9 @@ spec: initContainers: # Wait for Postgres and rabbit - - name: geonode-wait-for-db-and-rabbit - image: jwilder/dockerize - imagePullPolicy: IfNotPresent + - name: {{ .Values.geonode.init.container_name }} + image: "{{ .Values.geonode.init.image.name }}:{{ .Values.geonode.init.image.tag }}" + imagePullPolicy: {{ .Values.geonode.init.imagePullPolicy }} args: - -timeout=60s - -wait @@ -51,6 +51,7 @@ spec: # This is the django app server - name: {{ .Values.geonode.container_name }} image: "{{ .Values.geonode.image.name }}:{{ .Values.geonode.image.tag }}" + imagePullPolicy: {{ .Values.geonode.imagePullPolicy }} command: - bash - -c @@ -164,6 +165,7 @@ spec: # Celery is the task worker - name: {{ .Values.geonode.celery.container_name }} image: "{{ .Values.geonode.image.name }}:{{ .Values.geonode.image.tag }}" + imagePullPolicy: {{ .Values.geonode.celery.imagePullPolicy }} command: - bash - -c diff --git a/charts/geonode/templates/geoserver/geoserver-deploy.yaml b/charts/geonode/templates/geoserver/geoserver-deploy.yaml index aa18eef..fbca8ec 100644 --- a/charts/geonode/templates/geoserver/geoserver-deploy.yaml +++ b/charts/geonode/templates/geoserver/geoserver-deploy.yaml @@ -23,6 +23,7 @@ spec: initContainers: - name: {{ .Values.geoserver_data.container_name }} image: "{{ .Values.geoserver_data.image.name }}:{{ .Values.geoserver_data.image.tag }}" + imagePullPolicy: {{ .Values.geoserver_data.imagePullPolicy }} command: - sh - -c @@ -55,6 +56,7 @@ spec: containers: - name: {{ .Values.geoserver.container_name }} image: "{{ .Values.geoserver.image.name }}:{{ .Values.geoserver.image.tag }}" + imagePullPolicy: {{ .Values.geoserver.imagePullPolicy }} ports: - containerPort: {{ .Values.geoserver.port }} diff --git a/charts/geonode/templates/nginx/nginx-deploy.yaml b/charts/geonode/templates/nginx/nginx-deploy.yaml index fbc64b4..ab52fca 100644 --- a/charts/geonode/templates/nginx/nginx-deploy.yaml +++ b/charts/geonode/templates/nginx/nginx-deploy.yaml @@ -26,7 +26,7 @@ spec: containers: - name: {{ .Values.nginx.container_name }} image: "{{ .Values.nginx.image.name }}:{{ .Values.nginx.image.tag }}" - + imagePullPolicy: {{ .Values.nginx.imagePullPolicy }} ports: {{- if (eq .Values.geonode.general.externalScheme "https" )}} - containerPort: 443 diff --git a/charts/geonode/templates/pycsw/pycsw-deploy.yaml b/charts/geonode/templates/pycsw/pycsw-deploy.yaml index 6b4bb6a..4e7b518 100644 --- a/charts/geonode/templates/pycsw/pycsw-deploy.yaml +++ b/charts/geonode/templates/pycsw/pycsw-deploy.yaml @@ -29,9 +29,9 @@ spec: initContainers: # Wait for GeoNode to be up and running, else there can be a race conddition where pycsw creates the database table, # and lets crash init process of geonode - - name: pycsw-wait-for-geonode - image: alpine/curl - imagePullPolicy: IfNotPresent + - name: {{ .Values.pycsw.init.container_name }} + image: "{{ .Values.pycsw.init.image.name }}:{{ .Values.pycsw.init.image.tag }}" + imagePullPolicy: {{ .Values.pycsw.init.imagePullPolicy }} command: ["/bin/sh","-c"] args: ['while [ $(curl -ksw "%{http_code}" "$GEONODE_ENDPOINT:8001" -o /dev/null) -ne 200 ]; do sleep 5; echo "health check failed . Waiting for GeoNode ($GEONODE_ENDPOINT:8001) ..."; done'] env: @@ -41,6 +41,7 @@ spec: containers: - name: {{ .Values.pycsw.container_name }} image: "{{ .Values.pycsw.image.name }}:{{ .Values.pycsw.image.tag }}" + imagePullPolicy: {{ .Values.pycsw.imagePullPolicy }} envFrom: - configMapRef: name: {{ include "pycsw_pod_name" . }}-env diff --git a/charts/geonode/values.yaml b/charts/geonode/values.yaml index 5113c4f..8ca98f4 100644 --- a/charts/geonode/values.yaml +++ b/charts/geonode/values.yaml @@ -20,7 +20,8 @@ geonode: name: geonode/geonode # -- tag of used geonode image tag: "4.2.2" - + # -- image pull policy + imagePullPolicy: IfNotPresent # -- pull secret to use for geonode image imagePullSecret: "" @@ -304,9 +305,22 @@ geonode: user_analytics_gzip: True centralized_dashboard_enabled: False + init: + # -- init container name + container_name: geonode-wait-for-db-and-rabbit + image: + # init container image + name: jwilder/dockerize + # init container image tag + tag: "0.6.1" + # init container image pull policy + imagePullPolicy: "IfNotPresent" + celery: # -- celery container name container_name: celery + # -- celery image pull policy + imagePullPolicy: "IfNotPresent" resources: requests: # -- requested memory as in resource.requests.memory (https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) @@ -328,12 +342,12 @@ geoserver: name: geonode/geoserver # -- geoserver docker image tag tag: "2.23.3-v2" - # -- geoserver port - port: 8080 - + # -- geoserver image pull policy + imagePullPolicy: "IfNotPresent" # -- pull secret to use for geoserver image imagePullSecret: "" - + # -- geoserver port + port: 8080 secret: # -- name of an existing Secret to use. Set, if you want to separately maintain the Secret. existingSecretName: "" @@ -361,6 +375,8 @@ geoserver_data: name: geonode/geoserver_data # -- geoserver docker image tag tag: "2.23.3-v1" + # -- geoserver image pull policy + imagePullPolicy: "IfNotPresent" # CONFIGURATION FOR NGINX DEPLOYMENT nginx: @@ -368,15 +384,16 @@ nginx: container_name: nginx # -- nginx container replicas replicaCount: 1 - - # -- pull secret to use for nginx image - imagePullSecret: "" - image: # -- nginx docker image name: nginx # -- nginx docker image tag tag: "1.25" + # -- nginx image pull policy + imagePullPolicy: "IfNotPresent" + # -- pull secret to use for nginx image + imagePullSecret: "" + # -- max file upload size maxClientBodySize: 2G resources: @@ -407,15 +424,15 @@ pycsw: replicaCount: 1 # -- pycsw container name container_name: pycsw - - # -- pull secret to use for pycsw image - imagePullSecret: "" - image: # -- pycsw docker image name: geopython/pycsw # -- pycsw docker image tag tag: "2.6.1" + # -- pycsw image pull policy + imagePullPolicy: "IfNotPresent" + # -- pull secret to use for pycsw image + imagePullSecret: "" # -- pycsw endpoint port port: 8000 # -- pycsw url below geonode.ingress.externalDomain @@ -431,6 +448,15 @@ pycsw: memory: "1Gi" # -- limit cpu as in resource.requests.cpu (https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) cpu: "500m" + init: + container_name: pycsw-wait-for-geonode + image: + # -- pycsw docker image + name: alpine/curl + # -- pycsw docker image tag + tag: "8.5.0" + # -- pycsw image pull policy + imagePullPolicy: "IfNotPresent" # -- pycsw config file parameters, see docs: https://docs.pycsw.org/_/downloads/en/latest/pdf/ # @default -- copied from 4.1.x: https://github.com/GeoNode/geonode/blob/master/geonode/catalogue/backends/pycsw_local_mappings.py mappings: |-