From 98a15069eb191172d7718804916fecf0af1503b5 Mon Sep 17 00:00:00 2001 From: CAI WENZHE Date: Sun, 4 Jun 2023 12:54:39 +0800 Subject: [PATCH] deploy: helm charts templates for single-node (#587) --- .gitignore | 5 +- install/helm-single/.helmignore | 23 +++++++ install/helm-single/Chart.yaml | 6 ++ install/helm-single/readme.md | 22 +++++++ .../helm-single/templates/backend.config.yaml | 13 ++++ .../templates/backend.deployment.yaml | 63 +++++++++++++++++++ .../templates/backend.service.yaml | 16 +++++ install/helm-single/templates/ingress.yaml | 20 ++++++ .../helm-single/templates/judge.config.yaml | 10 +++ .../templates/judge.deployment.yaml | 49 +++++++++++++++ .../templates/mongo.deployment.yaml | 40 ++++++++++++ .../helm-single/templates/mongo.service.yaml | 33 ++++++++++ install/helm-single/templates/namespace.yaml | 6 ++ install/helm-single/values.yaml | 38 +++++++++++ 14 files changed, 343 insertions(+), 1 deletion(-) create mode 100644 install/helm-single/.helmignore create mode 100644 install/helm-single/Chart.yaml create mode 100644 install/helm-single/readme.md create mode 100644 install/helm-single/templates/backend.config.yaml create mode 100644 install/helm-single/templates/backend.deployment.yaml create mode 100644 install/helm-single/templates/backend.service.yaml create mode 100644 install/helm-single/templates/ingress.yaml create mode 100644 install/helm-single/templates/judge.config.yaml create mode 100644 install/helm-single/templates/judge.deployment.yaml create mode 100644 install/helm-single/templates/mongo.deployment.yaml create mode 100644 install/helm-single/templates/mongo.service.yaml create mode 100644 install/helm-single/templates/namespace.yaml create mode 100644 install/helm-single/values.yaml diff --git a/.gitignore b/.gitignore index 6cab8f6f..60c06cb3 100644 --- a/.gitignore +++ b/.gitignore @@ -56,4 +56,7 @@ node_modules/ __* !__mocks__ !.gitkeep -*.local \ No newline at end of file +*.local + +# Monokle +.monokle \ No newline at end of file diff --git a/install/helm-single/.helmignore b/install/helm-single/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/install/helm-single/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/install/helm-single/Chart.yaml b/install/helm-single/Chart.yaml new file mode 100644 index 00000000..16c6ee91 --- /dev/null +++ b/install/helm-single/Chart.yaml @@ -0,0 +1,6 @@ +apiVersion: v2 +name: hydro-helm +description: A Helm chart for Hydro Deployment +type: application +version: 0.1.0 +appVersion: "1.16.0" diff --git a/install/helm-single/readme.md b/install/helm-single/readme.md new file mode 100644 index 00000000..a9640bf0 --- /dev/null +++ b/install/helm-single/readme.md @@ -0,0 +1,22 @@ +## 该部署方式非官方维护,仅适用于有经验的K8s集群运维人员修改使用 +## 普通用户请务必使用自动脚本安装,这可大大提高您一次成功的可能性 + +## It is for testing purposes only and is not production-ready. +## TL;DR + +首次部署完毕后,不会自动创建用户,请手动在Backend的Pod中执行 + +``` +hydrooj cli user create systemjudge@systemjudge.local root rootroot +hydrooj cli user setSuperAdmin 2 +``` + +Helm Chart示例中尚未完全适配多节点以及HA需求。主要体现在 +- Mongo的单节点部署 +- 为了理解和调试便利,后端容器`/data/file`和`/root/.hydro`,Mongo容器`/data/db`,评测机容器`/root/.config/hydro`使用了HostPath。 + + +由于Judge需要以特权容器运行(cgroup所需),建议将Backend和Judge调度到不同的节点上。 + +本部署方式暂不支持本地构建镜像,请根据组织架构场景下的基础设施,自行处理镜像仓库问题。 + diff --git a/install/helm-single/templates/backend.config.yaml b/install/helm-single/templates/backend.config.yaml new file mode 100644 index 00000000..7cfa8139 --- /dev/null +++ b/install/helm-single/templates/backend.config.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: backend-config-map + labels: + app: backend + namespace: hydro-namespace +data: + addon.json: |- + {{.Values.Backend.AddonJson | nindent 4}} + + config.json: |- + {{.Values.Backend.ConfigJson | nindent 4}} diff --git a/install/helm-single/templates/backend.deployment.yaml b/install/helm-single/templates/backend.deployment.yaml new file mode 100644 index 00000000..5cd88d9e --- /dev/null +++ b/install/helm-single/templates/backend.deployment.yaml @@ -0,0 +1,63 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: backend + name: backend-deployment + namespace: hydro-namespace +spec: + replicas: {{.Values.Backend.Replicas}} + revisionHistoryLimit: 1 + strategy: + type: RollingUpdate + selector: + matchLabels: + app: backend + template: + metadata: + labels: + app: backend + spec: + containers: + - name: oj-backend + image: {{.Values.Backend.Image}} + imagePullPolicy: IfNotPresent + volumeMounts: + - mountPath: /data/file + name: file-volume + - mountPath: /root/.hydro + name: backend-volume + - mountPath: /root/.hydro-config-map + name: config-json-volume + ports: + - name: server-port + containerPort: 80 + command: ["/bin/sh", "-c"] + args: + - | + cp /root/.hydro-config-map/addon.json /root/.hydro/ && + cp /root/.hydro-config-map/config.json /root/.hydro/ && + hydrooj + + initContainers: + - name: init-mydb + image: busybox + command: + [ + "sh", + "-c", + "until nslookup {{.Values.Global.Mongo.SvcDomain}}; do echo waiting for {{.Values.Global.Mongo.SvcDomain}}; sleep 2; done;", + ] + restartPolicy: Always + volumes: + - name: file-volume + hostPath: + path: {{.Values.Backend.FileVolume}} + type: DirectoryOrCreate + - name: backend-volume + hostPath: + path: {{.Values.Backend.BackendVolume}} + type: DirectoryOrCreate + - name: config-volume + configMap: + name: backend-config-map diff --git a/install/helm-single/templates/backend.service.yaml b/install/helm-single/templates/backend.service.yaml new file mode 100644 index 00000000..648492e9 --- /dev/null +++ b/install/helm-single/templates/backend.service.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app: backend + name: backend-service + namespace: hydro-namespace +spec: + ports: + - port: {{.Values.Backend.ClusterPort}} + name: backend-cluster-endpoint + protocol: TCP + targetPort: 80 + selector: + app: backend + type: ClusterIP diff --git a/install/helm-single/templates/ingress.yaml b/install/helm-single/templates/ingress.yaml new file mode 100644 index 00000000..f668c7fd --- /dev/null +++ b/install/helm-single/templates/ingress.yaml @@ -0,0 +1,20 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: hydro-ingress + annotations: + kubernetes.io/ingress.class: traefik + ingress.kubernetes.io/ssl-redirect: "false" + namespace: hydro-namespace +spec: + rules: + - host: "backend.boo.foo" # 如果不需要当然也可以去掉HostName + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: backend-service-service + port: + name: backend-cluster-endpoint diff --git a/install/helm-single/templates/judge.config.yaml b/install/helm-single/templates/judge.config.yaml new file mode 100644 index 00000000..85c2e50d --- /dev/null +++ b/install/helm-single/templates/judge.config.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: judge-config-map + labels: + app: judge + namespace: hydro-namespace +data: + judge.yaml: |- + {{.Values.Judge.JudgeYaml | nindent 4}} diff --git a/install/helm-single/templates/judge.deployment.yaml b/install/helm-single/templates/judge.deployment.yaml new file mode 100644 index 00000000..688bc9d9 --- /dev/null +++ b/install/helm-single/templates/judge.deployment.yaml @@ -0,0 +1,49 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: judge + name: judge-deployment + namespace: hydro-namespace +spec: + replicas: {{.Values.Judge.Replicas}} + revisionHistoryLimit: 1 + strategy: + type: RollingUpdate + selector: + matchLabels: + app: judge + template: + metadata: + labels: + app: judge + spec: + containers: + - name: oj-judge + image: {{.Values.Judge.Image}} + imagePullPolicy: IfNotPresent + privileged: true + volumeMounts: + - mountPath: /root/.config/hydro + name: judge-volume + - mountPath: /root/.judge-config-map + name: config-json-volume + ports: + - name: server-port + containerPort: 80 + command: ["/bin/sh", "-c"] + args: + - | + cp /root/.judge-config-map/judge.yaml /root/ && + pm2 start sandbox && + pm2-runtime start hydrojudge + + restartPolicy: Always + volumes: + - name: judge-volume + hostPath: + path: {{.Values.Judge.ConfigVolume}} + type: DirectoryOrCreate + - name: config-volume + configMap: + name: judge-config-map diff --git a/install/helm-single/templates/mongo.deployment.yaml b/install/helm-single/templates/mongo.deployment.yaml new file mode 100644 index 00000000..59cd094d --- /dev/null +++ b/install/helm-single/templates/mongo.deployment.yaml @@ -0,0 +1,40 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: mongo + name: mongo-deployment + namespace: hydro-namespace +spec: + replicas: 1 + revisionHistoryLimit: 1 + strategy: + type: Recreate + selector: + matchLabels: + app: mongo + template: + metadata: + labels: + app: mongo + spec: + containers: + - name: oj-mongo + image: mongo:latest + imagePullPolicy: IfNotPresent + volumeMounts: + - mountPath: /data/db + name: localvolume + env: + - name: MONGO_INITDB_ROOT_USERNAME + value: {{.Values.Mongo.Username}} + - name: MONGO_INITDB_ROOT_PASSWORD + value: {{.Values.Mongo.Password}} + ports: + - name: db-port + containerPort: 27017 + volumes: + - name: localvolume + hostPath: + path: {{.Values.Mongo.Volume}} + type: DirectoryOrCreate diff --git a/install/helm-single/templates/mongo.service.yaml b/install/helm-single/templates/mongo.service.yaml new file mode 100644 index 00000000..56b495d0 --- /dev/null +++ b/install/helm-single/templates/mongo.service.yaml @@ -0,0 +1,33 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app: mongo + name: mongo-service + namespace: hydro-namespace +spec: + ports: + - port: {{.Values.Mongo.ClusterPort}} + name: mongo-cluster-endpoint + protocol: TCP + targetPort: 27017 + selector: + app: mongo + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: mongo + name: mongo-loadbalance-service + namespace: hydro-namespace +spec: + ports: + - port: {{.Values.Mongo.LoadBalancerPort}} + name: mongo-endpoint + protocol: TCP + targetPort: 27017 + selector: + app: mongo + type: LoadBalancer diff --git a/install/helm-single/templates/namespace.yaml b/install/helm-single/templates/namespace.yaml new file mode 100644 index 00000000..e836d7c1 --- /dev/null +++ b/install/helm-single/templates/namespace.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: hydro-namespace + labels: + name: hydro-namespace-label diff --git a/install/helm-single/values.yaml b/install/helm-single/values.yaml new file mode 100644 index 00000000..3ec5676a --- /dev/null +++ b/install/helm-single/values.yaml @@ -0,0 +1,38 @@ +Mongo: + Volume: /path/of/mongo-volume + Username: username + Password: password + ClusterPort: 27017 # 对集群内服务端口 + LoadBalancerPort: 27017 # 对集群外暴露端口 + +Backend: + Image: some.url/docker/backend:latest + FileVolume: /path/of/backend-file-volume # aka /data/file + BackendVolume: /path/of/backend-config-volume # aka /root/.hydro + Replicas: 1 + ClusterPort: 8080 # 对集群内服务端口 + ConfigJson: |- + {"host": "mongo-service.hydro-namespace.svc.cluster.local", "port": "27017", "name": "hydro", "username": "username", "password": "password"} + + AddonJson: |- + ["@hydrooj/ui-default"] + +Judge: + Replicas: 1 + ConfigVolume: /path/of/judge-volume # aka /root/.config/hydro + Image: some.url/docker/judge:latest + # 评测机走svc内网连接后端 + JudgeYaml: |- + hosts: + localhost: + type: hydro + server_url: http://backend-service.hydro-namespace.svc.cluster.local:8080/ + uname: root + password: rootroot + detail: true + +Global: + Mongo: + SvcDomain: mongo-service.hydro-namespace.svc.cluster.local + Backend: + SvcDomain: backend-service.hydro-namespace.svc.cluster.local