This patch introduces a new structure of the it/dep repo.
Components are restructured into a tree. Helm charts are
designed with common templates so that parameters can be
standardized.
This patches introduced installation scripts that take override
value.yaml files for all the helm charts.
Signed-off-by: Zhe Huang <zhehuang@research.att.com>
Change-Id: I44f043f8c7a93fa7f50ac31c37f9cb5e0efbfb53
diff --git a/infra/10-Nexus/helm/.helmignore b/infra/10-Nexus/helm/.helmignore
new file mode 100644
index 0000000..f0c1319
--- /dev/null
+++ b/infra/10-Nexus/helm/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/infra/10-Nexus/helm/Chart.yaml b/infra/10-Nexus/helm/Chart.yaml
new file mode 100644
index 0000000..0f3fb98
--- /dev/null
+++ b/infra/10-Nexus/helm/Chart.yaml
@@ -0,0 +1,22 @@
+################################################################################
+# Copyright (c) 2019 AT&T Intellectual Property. #
+# Copyright (c) 2019 Nokia. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you may not use this file except in compliance with the License. #
+# You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+################################################################################
+
+apiVersion: v1
+appVersion: "1.0"
+description: RIC Aux Nexus Helm Chart
+name: nexus
+version: 1.1.0
diff --git a/infra/10-Nexus/helm/charts/common-1.1.0.tgz b/infra/10-Nexus/helm/charts/common-1.1.0.tgz
new file mode 100644
index 0000000..ccccfe6
--- /dev/null
+++ b/infra/10-Nexus/helm/charts/common-1.1.0.tgz
Binary files differ
diff --git a/infra/10-Nexus/helm/requirements.yaml b/infra/10-Nexus/helm/requirements.yaml
new file mode 100644
index 0000000..aa94575
--- /dev/null
+++ b/infra/10-Nexus/helm/requirements.yaml
@@ -0,0 +1,20 @@
+################################################################################
+# Copyright (c) 2019 AT&T Intellectual Property. #
+# Copyright (c) 2019 Nokia. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you may not use this file except in compliance with the License. #
+# You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+################################################################################
+
+dependencies:
+ - name: common
+ version: ~1.1.0
diff --git a/infra/10-Nexus/helm/templates/_helpers.tpl b/infra/10-Nexus/helm/templates/_helpers.tpl
new file mode 100644
index 0000000..9f9800c
--- /dev/null
+++ b/infra/10-Nexus/helm/templates/_helpers.tpl
@@ -0,0 +1,32 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "nexus.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "nexus.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "nexus.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
diff --git a/infra/10-Nexus/helm/templates/deployment.yaml b/infra/10-Nexus/helm/templates/deployment.yaml
new file mode 100644
index 0000000..d3184c0
--- /dev/null
+++ b/infra/10-Nexus/helm/templates/deployment.yaml
@@ -0,0 +1,48 @@
+apiVersion: apps/v1beta2
+kind: Deployment
+metadata:
+ name: {{ template "nexus.fullname" . }}
+ labels:
+ app: {{ template "nexus.name" . }}
+ chart: {{ template "nexus.chart" . }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ app: {{ template "nexus.name" . }}
+ release: {{ .Release.Name }}
+ template:
+ metadata:
+ labels:
+ app: {{ template "nexus.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ containers:
+ - name: {{ .Chart.Name }}
+ image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ # volumeMounts:
+ #- name: certs
+ # mountPath: /var/run/certs
+ # readOnly: true
+ ports:
+ - name: nexus
+ containerPort: 8081
+ protocol: TCP
+ - name: docker
+ containerPort: 10001
+ protocol: TCP
+ # livenessProbe:
+ # httpGet:
+ # path: /
+ # port: nexus
+# readinessProbe:
+# httpGet:
+# path: /
+# port: http
+# volumes:
+# - name: certs
+# secret:
+# secretName: {{ template "nexus.name" . }}-certs
diff --git a/infra/10-Nexus/helm/templates/ingress.yaml b/infra/10-Nexus/helm/templates/ingress.yaml
new file mode 100644
index 0000000..1a7522a
--- /dev/null
+++ b/infra/10-Nexus/helm/templates/ingress.yaml
@@ -0,0 +1,28 @@
+{{- $fullName := include "nexus.fullname" . -}}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ name: {{ $fullName }}
+ labels:
+ app: {{ template "nexus.name" . }}
+ chart: {{ template "nexus.chart" . }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ tls:
+ - hosts:
+ - docker.{{ .Values.ingress.hostpostfix }}
+ secretName: {{ include "common.repositorycert" . }}
+ rules:
+ - host: nexus.{{ .Values.ingress.hostpostfix }}
+ http:
+ paths:
+ - backend:
+ serviceName: {{ $fullName }}
+ servicePort: nexus
+ - host: docker.{{ .Values.ingress.hostpostfix }}
+ http:
+ paths:
+ - backend:
+ serviceName: {{ $fullName }}
+ servicePort: docker
diff --git a/infra/10-Nexus/helm/templates/save-secret-job.yaml b/infra/10-Nexus/helm/templates/save-secret-job.yaml
new file mode 100644
index 0000000..801df24
--- /dev/null
+++ b/infra/10-Nexus/helm/templates/save-secret-job.yaml
@@ -0,0 +1,27 @@
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: cert-copy
+spec:
+ template:
+ spec:
+ containers:
+ - name: cert-copy
+ image: alpine
+ command: ["cp", "-rL", "/var/run/certs/..data/tls.crt", "/var/run/certs-copy/"]
+ # command: ["tail", "-f", "/dev/null"]
+ volumeMounts:
+ - name: certs
+ mountPath: /var/run/certs
+ readOnly: true
+ - name: write-to-volume
+ mountPath: /var/run/certs-copy
+ volumes:
+ - name: certs
+ secret:
+ secretName: {{ include "common.repositorycert" . }}
+ - name: write-to-volume
+ hostPath:
+ path: /tmp
+ restartPolicy: Never
+ backoffLimit: 4
diff --git a/infra/10-Nexus/helm/templates/secret-docker.yaml b/infra/10-Nexus/helm/templates/secret-docker.yaml
new file mode 100644
index 0000000..7365f7e
--- /dev/null
+++ b/infra/10-Nexus/helm/templates/secret-docker.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/tls
+metadata:
+ name: {{ include "common.repositorycert" . }}
+ labels:
+ app: {{ template "nexus.name" . }}
+ chart: {{ template "nexus.chart" . }}
+ heritage: {{ .Release.Service }}
+ release: {{ .Release.Name }}
+ annotations:
+ "helm.sh/hook": "pre-install"
+ "helm.sh/hook-delete-policy": "before-hook-creation"
+data:
+{{ ( include "common.repository.gen-certs" . ) | indent 2 }}
diff --git a/infra/10-Nexus/helm/templates/service.yaml b/infra/10-Nexus/helm/templates/service.yaml
new file mode 100644
index 0000000..cc9b518
--- /dev/null
+++ b/infra/10-Nexus/helm/templates/service.yaml
@@ -0,0 +1,23 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "nexus.fullname" . }}
+ labels:
+ app: {{ template "nexus.name" . }}
+ chart: {{ template "nexus.chart" . }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: ClusterIP
+ ports:
+ - port: {{ .Values.service.port.nexus }}
+ targetPort: nexus
+ protocol: TCP
+ name: nexus
+ - port: {{ .Values.service.port.docker }}
+ targetPort: docker
+ protocol: TCP
+ name: docker
+ selector:
+ app: {{ template "nexus.name" . }}
+ release: {{ .Release.Name }}
diff --git a/infra/10-Nexus/helm/values.yaml b/infra/10-Nexus/helm/values.yaml
new file mode 100644
index 0000000..d7324f5
--- /dev/null
+++ b/infra/10-Nexus/helm/values.yaml
@@ -0,0 +1,24 @@
+# Default values for nexus.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+# This is the name of K8S secret that contains the docker registry cert
+# You can override this by using
+# repositoryCertOverride: ""
+repositoryCert: docker-reg-certs
+
+# This is designed to be deployed using local image
+image:
+ repository: nexus-repository-helm-apt
+ tag: 1.0.0
+ pullPolicy: Never
+
+service:
+ port:
+ nexus: 80
+ docker: 10001
+ingress:
+ hostpostfix: ricinfra.local
+