From f5ffa91788f574a0004f159a9ae4a564ecd83ef4 Mon Sep 17 00:00:00 2001 From: Chris Ostrouchov Date: Thu, 9 Dec 2021 16:32:01 -0500 Subject: [PATCH] Adding conda-store terraform charts along with postgres/minio charts --- .../conda-store/config/conda-store-config.py | 48 ++++++++ .../kubernetes/services/conda-store/output.tf | 4 +- .../kubernetes/services/conda-store/server.tf | 97 +++++++++++++++ .../conda-store/{main.tf => worker.tf} | 110 ++++++++++-------- .../modules/kubernetes/services/minio/main.tf | 12 ++ .../kubernetes/services/minio/values.yaml | 0 .../kubernetes/services/minio/variables.tf | 0 .../kubernetes/services/postgresql/main.tf | 12 ++ .../services/postgresql/values.yaml | 0 .../services/postgresql/variables.tf | 0 10 files changed, 231 insertions(+), 52 deletions(-) create mode 100644 qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/conda-store/config/conda-store-config.py create mode 100644 qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/conda-store/server.tf rename qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/conda-store/{main.tf => worker.tf} (65%) create mode 100644 qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/minio/main.tf create mode 100644 qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/minio/values.yaml create mode 100644 qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/minio/variables.tf create mode 100644 qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/postgresql/main.tf create mode 100644 qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/postgresql/values.yaml create mode 100644 qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/postgresql/variables.tf diff --git a/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/conda-store/config/conda-store-config.py b/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/conda-store/config/conda-store-config.py new file mode 100644 index 0000000000..d01a41aa87 --- /dev/null +++ b/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/conda-store/config/conda-store-config.py @@ -0,0 +1,48 @@ +import logging + +from conda_store_server.storage import S3Storage +from conda_store_server.server.auth import DummyAuthentication + +# ================================== +# conda-store settings +# ================================== +c.CondaStore.storage_class = S3Storage +c.CondaStore.store_directory = "/opt/conda-store/" +c.CondaStore.environment_directory = "/opt/environments/" +c.CondaStore.database_url = "postgresql+psycopg2://admin:password@postgres/conda-store" +c.CondaStore.default_uid = 1000 +c.CondaStore.default_gid = 100 +c.CondaStore.default_permissions = "775" + +c.S3Storage.internal_endpoint = "minio:9000" +c.S3Storage.external_endpoint = "localhost:30900" +c.S3Storage.access_key = "admin" +c.S3Storage.secret_key = "password" +c.S3Storage.region = "us-east-1" # minio region default +c.S3Storage.bucket_name = "conda-store" +c.S3Storage.secure = False + +# ================================== +# server settings +# ================================== +c.CondaStoreServer.log_level = logging.INFO +c.CondaStoreServer.enable_ui = True +c.CondaStoreServer.enable_api = True +c.CondaStoreServer.enable_registry = True +c.CondaStoreServer.enable_metrics = True +c.CondaStoreServer.address = "0.0.0.0" +c.CondaStoreServer.port = 5000 +# This MUST start with `/` +c.CondaStoreServer.url_prefix = "/" + + +# ================================== +# auth settings +# ================================== +c.CondaStoreServer.authentication_class = DummyAuthentication + +# ================================== +# worker settings +# ================================== +c.CondaStoreWorker.log_level = logging.INFO +c.CondaStoreWorker.watch_paths = ["/opt/environments"] diff --git a/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/conda-store/output.tf b/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/conda-store/output.tf index 74361271df..5344684c8c 100644 --- a/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/conda-store/output.tf +++ b/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/conda-store/output.tf @@ -1,9 +1,9 @@ output "endpoint" { description = "Endpoint dns name of conda-store nfs server" - value = "${var.name}-nfs.${var.namespace}.svc.cluster.local" + value = "${kubernetes_service.nfs.metadata.0.name}.${var.namespace}.svc.cluster.local" } output "endpoint_ip" { description = "IP Address of conda-store nfs server" - value = kubernetes_service.main.spec.0.cluster_ip + value = kubernetes_service.nfs.spec.0.cluster_ip } diff --git a/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/conda-store/server.tf b/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/conda-store/server.tf new file mode 100644 index 0000000000..58c706961d --- /dev/null +++ b/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/conda-store/server.tf @@ -0,0 +1,97 @@ +resource "kubernetes_config_map" "conda-store-config" { + metadata { + name = "conda-store-config" + namespace = var.namespace + } + + "conda-store-config.py" = file("${path.module}/config/conda-store-config.py") +} + + +resource "kubernetes_service" "server" { + metadata { + name = "${var.name}-conda-store-server" + namespace = var.namespace + } + + spec { + selector = { + role = "${var.name}-conda-store-server" + } + + port { + name = "conda-store-server" + port = 5000 + } + } +} + + +resource "kubernetes_deployment" "main" { + metadata { + name = "${var.name}-conda-store-server" + namespace = var.namespace + labels = { + role = "${var.name}-conda-store-server" + } + } + + spec { + replicas = 1 + + selector { + match_labels = { + role = "${var.name}-conda-store-server" + } + } + + template { + metadata { + labels = { + role = "${var.name}-conda-store-server" + } + } + + spec { + affinity { + node_affinity { + required_during_scheduling_ignored_during_execution { + node_selector_term { + match_expressions { + key = var.node-group.key + operator = "In" + values = [ + var.node-group.value + ] + } + } + } + } + } + + container { + name = "conda-store-server" + image = "${var.conda-store-image.name}:${var.conda-store-image.tag}" + + command = [ + - "conda-store-server" + - "--config" + - "/etc/conda-store/conda_store_config.py" + ] + + volume_mount { + name = "config" + mount_path = "/etc/conda-store" + } + } + + volume { + name = "config" + config_map { + name = kubernetes_config_map.conda-store-config.metadata.0.name + } + } + } + } + } +} diff --git a/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/conda-store/main.tf b/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/conda-store/worker.tf similarity index 65% rename from qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/conda-store/main.tf rename to qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/conda-store/worker.tf index f1d2af2558..230b110df0 100644 --- a/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/conda-store/main.tf +++ b/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/conda-store/worker.tf @@ -1,28 +1,12 @@ -resource "kubernetes_persistent_volume_claim" "main" { - metadata { - name = "${var.name}-conda-store-storage" - namespace = var.namespace - } - wait_until_bound = true - spec { - access_modes = ["ReadWriteOnce"] - resources { - requests = { - storage = var.nfs_capacity - } - } - } -} - -resource "kubernetes_service" "main" { +resource "kubernetes_service" "nfs" { metadata { - name = "${var.name}-conda-store" + name = "${var.name}-conda-store-nfs" namespace = var.namespace } spec { selector = { - role = "${var.name}-conda-store" + role = "${var.name}-conda-store-worker" } port { @@ -43,12 +27,39 @@ resource "kubernetes_service" "main" { } +resource "kubernetes_persistent_volume_claim" "main" { + metadata { + name = "${var.name}-conda-store-storage" + namespace = var.namespace + } + wait_until_bound = true + spec { + access_modes = ["ReadWriteOnce"] + resources { + requests = { + storage = var.nfs_capacity + } + } + } +} + + +resource "kubernetes_config_map" "conda-store-environments" { + metadata { + name = "conda-environments" + namespace = var.namespace + } + + data = var.environments +} + + resource "kubernetes_deployment" "main" { metadata { - name = "${var.name}-conda-store" + name = "${var.name}-conda-store-worker" namespace = var.namespace labels = { - role = "${var.name}-conda-store" + role = "${var.name}-conda-store-worker" } } @@ -57,14 +68,14 @@ resource "kubernetes_deployment" "main" { selector { match_labels = { - role = "${var.name}-conda-store" + role = "${var.name}-conda-store-worker" } } template { metadata { labels = { - role = "${var.name}-conda-store" + role = "${var.name}-conda-store-worker" } } @@ -86,27 +97,28 @@ resource "kubernetes_deployment" "main" { } container { - name = "conda-store" + name = "conda-store-worker" image = "${var.conda-store-image.name}:${var.conda-store-image.tag}" command = [ - "python", "/opt/conda-store/conda-store.py", - "-e", "/opt/environments", - "-o", "/home/conda/environments", - "-s", "/home/conda/store", - "--uid", "0", - "--gid", "0", - "--permissions", "775" + - "conda-store-worker" + - "--config" + - "/etc/conda-store/conda_store_config.py" ] volume_mount { - name = "conda-environments" - mount_path = "/opt/environments" + name = "config" + mount_path = "/etc/conda-store" + } + + volume_mount { + name = "environments" + mount_path = "/opt/conda-store" } volume_mount { - mount_path = "/home/conda" - name = "nfs-export-fast" + name = "storage" + mount_path = "/opt/conda-store" } } @@ -135,33 +147,31 @@ resource "kubernetes_deployment" "main" { volume_mount { mount_path = "/exports" - name = "nfs-export-fast" + name = "storage" } } volume { - name = "nfs-export-fast" - persistent_volume_claim { - claim_name = "${var.name}-conda-store-storage" + name = "config" + config_map { + name = kubernetes_config_map.conda-store-config.metadata.0.name } } volume { - name = "conda-environments" + name = "environments" config_map { - name = kubernetes_config_map.conda-environments.metadata.0.name + name = kubernetes_config_map.conda-store-environments.metadata.0.name + } + } + + volume { + name = "storage" + persistent_volume_claim { + claim_name = persistent_volume_claim.main.metadata.0.name } } } } } } - -resource "kubernetes_config_map" "conda-environments" { - metadata { - name = "conda-environments" - namespace = var.namespace - } - - data = var.environments -} \ No newline at end of file diff --git a/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/minio/main.tf b/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/minio/main.tf new file mode 100644 index 0000000000..c5d6d0f19a --- /dev/null +++ b/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/minio/main.tf @@ -0,0 +1,12 @@ +resource "helm_release" "minio" { + name = "minio" + namespace = var.namespace + + repository = "https://charts.bitnami.com/bitnami" + chart = "bitnami/minio" + version = "9.2.4" + + values = concat([ + file("${path.module}/values.yaml"), + ], var.overrides) +} diff --git a/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/minio/values.yaml b/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/minio/values.yaml new file mode 100644 index 0000000000..e69de29bb2 diff --git a/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/minio/variables.tf b/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/minio/variables.tf new file mode 100644 index 0000000000..e69de29bb2 diff --git a/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/postgresql/main.tf b/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/postgresql/main.tf new file mode 100644 index 0000000000..908fa10d9e --- /dev/null +++ b/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/postgresql/main.tf @@ -0,0 +1,12 @@ +resource "helm_release" "postgresql" { + name = "postgresql" + namespace = var.namespace + + repository = "https://charts.bitnami.com/bitnami" + chart = "bitnami/postgresql" + version = "10.13.12" + + values = concat([ + file("${path.module}/values.yaml"), + ], var.overrides) +} diff --git a/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/postgresql/values.yaml b/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/postgresql/values.yaml new file mode 100644 index 0000000000..e69de29bb2 diff --git a/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/postgresql/variables.tf b/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/postgresql/variables.tf new file mode 100644 index 0000000000..e69de29bb2