22 changed files with 1445 additions and 0 deletions
@ -0,0 +1,7 @@ |
|||
apiVersion: v2 |
|||
name: portalmodelo |
|||
description: Portal Modelo para Casas Legislativas |
|||
type: application |
|||
version: 0.6.0 |
|||
appVersion: 3.0-21 |
|||
icon: https://git.interlegis.leg.br/SEIT/rancher-charts/raw/5a821368fe0244ae9017878dd2aae3173328816c/images/portalmodelo.png |
|||
@ -0,0 +1,3 @@ |
|||
# Portal Modelo para Casas Legislativas |
|||
|
|||
Utilize o formulário abaixo para configurar seu Portal Modelo. |
|||
@ -0,0 +1,247 @@ |
|||
labels: |
|||
io.cattle.role: project |
|||
categories: |
|||
- CMS |
|||
questions: |
|||
# Informações Básicas |
|||
- variable: portal.title |
|||
default: "Câmara Municipal" |
|||
description: "Título na página inicial do Portal (imutável)" |
|||
label: Título |
|||
type: enum |
|||
options: |
|||
- "Câmara Municipal" |
|||
- "Assembleia Legislativa" |
|||
- "Tribunal de Contas" |
|||
- "Congresso Nacional" |
|||
group: Básico |
|||
required: true |
|||
- variable: portal.description |
|||
default: "Cidade - UF" |
|||
description: "Descrição na página incial do Portal (imutável)" |
|||
label: Descrição |
|||
type: string |
|||
group: Básico |
|||
required: true |
|||
- variable: portal.adminEmail |
|||
default: "contato@admin.email" |
|||
description: "E-mail do contato do Portal (imutável)" |
|||
label: Contato |
|||
type: string |
|||
group: Básico |
|||
required: true |
|||
- variable: portal.hostname |
|||
default: "teste.df.leg.br" |
|||
description: "URL de acesso do Portal" |
|||
label: Hostname |
|||
type: string |
|||
group: Básico |
|||
required: true |
|||
- variable: portal.hostprefix |
|||
default: "www" |
|||
description: "Prefixo da URL do Portal" |
|||
label: Prefixo do Host |
|||
type: string |
|||
group: Básico |
|||
required: false |
|||
- variable: portal.addprefix |
|||
default: "" |
|||
description: "Prefixo adicional para a URL do Portal (opcional)" |
|||
label: Prefixo adicional do Host |
|||
type: string |
|||
group: Básico |
|||
required: false |
|||
- variable: portal.rootPassword |
|||
default: "altereme" |
|||
description: "Senha de Admin do Zope (raiz, imutável)" |
|||
label: Senha Admin |
|||
type: password |
|||
group: Básico |
|||
required: true |
|||
- variable: portal.adminPassword |
|||
default: "altereme" |
|||
description: "Senha do usuário adm do Plone (imutável)" |
|||
label: Senha Adm |
|||
type: password |
|||
group: Básico |
|||
required: true |
|||
|
|||
# Ingress |
|||
- variable: ingress.tls.enabled |
|||
default: true |
|||
type: boolean |
|||
description: "Habilitar criptografia do protocolo HTTP (HTTPS)?" |
|||
label: "Habilitar TLS?" |
|||
required: false |
|||
group: Ingress |
|||
show_subquestion_if: true |
|||
subquestions: |
|||
- variable: ingress.tls.provider |
|||
default: letsencrypt |
|||
type: enum |
|||
description: "Qual provedor de certificados utilizar?" |
|||
label: "Provedor de certificados" |
|||
required: false |
|||
group: Ingress |
|||
options: |
|||
- letsencrypt |
|||
- aws |
|||
|
|||
- variable: ingress.class |
|||
default: nginx |
|||
type: enum |
|||
description: "Qual o Ingress Controller?" |
|||
label: "Classe Ingress" |
|||
required: false |
|||
group: Ingress |
|||
options: |
|||
- nginx |
|||
- alb |
|||
|
|||
- variable: ingress.vhostmonster |
|||
default: true |
|||
type: boolean |
|||
description: "Habilitar reescrita de URL para o VirtualHostMonster no Ingress?" |
|||
label: "VHostMonster no Ingress" |
|||
required: true |
|||
group: Ingress |
|||
|
|||
# Configurações de Armazenamento |
|||
- variable: persistence.accessMode |
|||
default: ReadWriteOnce |
|||
type: enum |
|||
label: "Modo de acesso do volume (imutável)" |
|||
description: "ReadWriteOnce para volumes de bloco, ReadWriteMany para volumes de arquivo (NFS)." |
|||
options: |
|||
- "ReadWriteOnce" |
|||
- "ReadWriteMany" |
|||
required: true |
|||
group: Armazenamento |
|||
- variable: persistence.size |
|||
default: 2Gi |
|||
type: string |
|||
required: false |
|||
label: "Tamanho do volume" |
|||
description: "Espaço em disco disponível para o portal." |
|||
group: Armazenamento |
|||
- variable: velero.backup.enabled |
|||
default: true |
|||
type: boolean |
|||
label: "Habilitar backup com Velero?" |
|||
description: "Criar ou não os objetos para backup com o Velero." |
|||
required: false |
|||
group: Armazenamento |
|||
- variable: repozo.enabled |
|||
default: false |
|||
type: boolean |
|||
label: "Habilitar backup com Repozo?" |
|||
description: "Habilitar ou não backup com repozo em volumes NFS." |
|||
required: false |
|||
group: Armazenamento |
|||
show_subquestion_if: true |
|||
subquestions: |
|||
- variable: repozo.storageClass |
|||
default: nfs-backup |
|||
type: string |
|||
description: "StorageClass na qual criar os volumes para backup." |
|||
label: "StorageClass do Backup" |
|||
required: false |
|||
- variable: repozo.keep |
|||
default: 1 |
|||
type: int |
|||
label: "Backups a guardar" |
|||
description: "Número de backups full que o repozo deve guardar." |
|||
required: false |
|||
- variable: repozo.keepblobdays |
|||
default: 30 |
|||
type: int |
|||
label: "Número de dias de backups de blobs a guardar." |
|||
description: "Recomendado utilizar a fórmula 'keep * days_between_zeopack = keep_blob_days'." |
|||
required: false |
|||
- variable: repozo.backupblobs |
|||
default: false |
|||
type: boolean |
|||
label: "Backup Blobs" |
|||
description: "Fazer ou não o backup dos blobs com o repozo." |
|||
required: false |
|||
|
|||
# Configurações Avançadas |
|||
- variable: portal.timeZone |
|||
default: "America/Sao_Paulo" |
|||
description: "Fuso Horário do Portal" |
|||
type: enum |
|||
label: "Fuso" |
|||
options: |
|||
- "America/Sao_Paulo" |
|||
- "America/Fortaleza" |
|||
- "America/Belem" |
|||
- "America/Araguaina" |
|||
- "America/Bahia" |
|||
- "America/Boa_Vista" |
|||
- "America/Campo_Grande" |
|||
- "America/Cuiaba" |
|||
- "America/Maceio" |
|||
- "America/Manaus" |
|||
- "America/Porto_Velho" |
|||
- "America/Recife" |
|||
- "America/Rio_Branco" |
|||
- "America/Sao_Paulo" |
|||
required: true |
|||
group: Avançado |
|||
|
|||
- variable: portal.createAndUpgrade |
|||
default: true |
|||
type: boolean |
|||
description: "Habilita o configurador/atualizador de Portais?" |
|||
label: "Criar e Atualizar" |
|||
required: false |
|||
group: Avançado |
|||
|
|||
- variable: portal.zopefolder |
|||
default: "/" |
|||
type: string |
|||
description: "Diretório no Zope onde está armazenado o portal. Precisa terminar com barra '/'." |
|||
label: "Zope Folder" |
|||
required: false |
|||
group: Avançado |
|||
|
|||
- variable: instance.zeoclient |
|||
default: true |
|||
type: boolean |
|||
description: "Separar ZEO Server e Cliente?" |
|||
label: "Cliente ZEO?" |
|||
required: false |
|||
group: Avançado |
|||
|
|||
- variable: instance.zodbCacheSize |
|||
default: 1000 |
|||
description: "Tamanho do Cache do ZODB (em número de objetos)" |
|||
type: int |
|||
label: "ZODB Cache" |
|||
required: false |
|||
group: Avançado |
|||
|
|||
- variable: instance.zeopack.enabled |
|||
default: true |
|||
type: boolean |
|||
description: "Habilitar o Pack periódico do ZODB?" |
|||
label: "ZEO Pack?" |
|||
required: false |
|||
group: Avançado |
|||
|
|||
- variable: instance.zeopack.schedule |
|||
default: "0 1 * * SUN" |
|||
type: string |
|||
description: "Agendamento do ZEO Pack (String do Cron)" |
|||
label: "ZEO Pack Cron" |
|||
required: false |
|||
group: Avançado |
|||
|
|||
- variable: instance.zeopack.keepDays |
|||
default: 30 |
|||
type: int |
|||
description: "Dias de operações a manter após o Pack do ZODB" |
|||
label: "ZEO Pack Keep Days" |
|||
required: false |
|||
group: Avançado |
|||
|
|||
@ -0,0 +1,10 @@ |
|||
1. Seu Portal Modelo pode ser acessado através da URL: |
|||
{{- if .Values.ingress.enabled }} |
|||
http{{ if .Values.ingress.tls.enabled }}s{{ end }}://{{ .Values.portal.hostprefix }}.{{ .Values.portal.hostname }} |
|||
{{- end }} |
|||
2. Utilize as seguintes credenciais para acesso inicial: |
|||
Usuario: adm |
|||
Senha: {{ .Values.portal.adminPassword }} |
|||
3. Usuario de administração do Zope: |
|||
Usuario: admin |
|||
Senha: {{ .Values.portal.rootPassword }} |
|||
@ -0,0 +1,60 @@ |
|||
{{/* vim: set filetype=mustache: */}} |
|||
{{/* |
|||
Expand the name of the chart. |
|||
*/}} |
|||
{{- define "portalmodelo.name" -}} |
|||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} |
|||
{{- end }} |
|||
|
|||
{{/* |
|||
Create a default fully qualified app name. |
|||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). |
|||
If release name contains chart name it will be used as a full name. |
|||
*/}} |
|||
{{- define "portalmodelo.fullname" -}} |
|||
{{- if .Values.fullnameOverride }} |
|||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} |
|||
{{- else }} |
|||
{{- $name := default .Chart.Name .Values.nameOverride }} |
|||
{{- if contains $name .Release.Name }} |
|||
{{- .Release.Name | trunc 63 | trimSuffix "-" }} |
|||
{{- else }} |
|||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} |
|||
{{- end }} |
|||
{{- end }} |
|||
{{- end }} |
|||
|
|||
{{/* |
|||
Create chart name and version as used by the chart label. |
|||
*/}} |
|||
{{- define "portalmodelo.chart" -}} |
|||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} |
|||
{{- end }} |
|||
|
|||
{{/* |
|||
Common labels |
|||
*/}} |
|||
{{- define "portalmodelo.labels" -}} |
|||
helm.sh/chart: {{ include "portalmodelo.chart" . }} |
|||
app.kubernetes.io/name: {{ include "portalmodelo.name" . }} |
|||
app.kubernetes.io/instance: {{ .Release.Name }} |
|||
{{- if .Chart.AppVersion }} |
|||
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} |
|||
{{- end }} |
|||
app.kubernetes.io/managed-by: {{ .Release.Service }} |
|||
{{- end }} |
|||
|
|||
{{/* |
|||
Selector labels |
|||
*/}} |
|||
{{- define "portalmodelo.ploneSelectorLabels" -}} |
|||
app.kubernetes.io/name: {{ include "portalmodelo.name" . }} |
|||
app.kubernetes.io/instance: {{ .Release.Name }} |
|||
app.kubernetes.io/component: plone |
|||
{{- end }} |
|||
|
|||
{{- define "portalmodelo.zeoserverSelectorLabels" -}} |
|||
app.kubernetes.io/name: {{ include "portalmodelo.name" . }} |
|||
app.kubernetes.io/instance: {{ .Release.Name }} |
|||
app.kubernetes.io/component: zeoserver |
|||
{{- end }} |
|||
@ -0,0 +1,28 @@ |
|||
{{- if .Values.autoscaling.enabled }} |
|||
apiVersion: autoscaling/v2beta1 |
|||
kind: HorizontalPodAutoscaler |
|||
metadata: |
|||
name: {{ include "portalmodelo.fullname" . }} |
|||
labels: |
|||
{{- include "portalmodelo.labels" . | nindent 4 }} |
|||
spec: |
|||
scaleTargetRef: |
|||
apiVersion: apps/v1 |
|||
kind: Deployment |
|||
name: {{ include "portalmodelo.fullname" . }} |
|||
minReplicas: {{ .Values.autoscaling.minReplicas }} |
|||
maxReplicas: {{ .Values.autoscaling.maxReplicas }} |
|||
metrics: |
|||
{{- if .Values.autoscaling.targetCPUUtilizationPercentage }} |
|||
- type: Resource |
|||
resource: |
|||
name: cpu |
|||
targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} |
|||
{{- end }} |
|||
{{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} |
|||
- type: Resource |
|||
resource: |
|||
name: memory |
|||
targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} |
|||
{{- end }} |
|||
{{- end }} |
|||
@ -0,0 +1,131 @@ |
|||
{{- if .Values.ingress.enabled -}} |
|||
{{- $fullName := include "portalmodelo.fullname" . -}} |
|||
{{- $hostName := .Values.portal.hostname -}} |
|||
{{- $hostPrefix := .Values.portal.hostprefix -}} |
|||
{{- $addPrefix := .Values.portal.addprefix -}} |
|||
{{- $zopeFolder := .Values.portal.zopefolder -}} |
|||
{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} |
|||
apiVersion: networking.k8s.io/v1 |
|||
{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} |
|||
apiVersion: networking.k8s.io/v1beta1 |
|||
{{- else -}} |
|||
apiVersion: extensions/v1beta1 |
|||
{{- end }} |
|||
kind: Ingress |
|||
metadata: |
|||
name: {{ $fullName }} |
|||
labels: |
|||
{{- include "portalmodelo.labels" . | nindent 4 }} |
|||
annotations: |
|||
{{- if .Values.ingress.tls.enabled }} |
|||
# USE TLS |
|||
{{- if contains "letsencrypt" .Values.ingress.tls.provider }} |
|||
cert-manager.io/cluster-issuer: "letsencrypt-prod" |
|||
{{- end }} |
|||
{{- if contains "nginx" .Values.ingress.class }} |
|||
{{- if .Values.ingress.vhostmonster }} |
|||
nginx.ingress.kubernetes.io/rewrite-target: "/VirtualHostBase/https/{{ $hostPrefix }}.{{ $hostName }}:443{{ $zopeFolder }}portal/VirtualHostRoot/$1" |
|||
{{- end }} |
|||
nginx.ingress.kubernetes.io/from-to-www-redirect: "true" |
|||
nginx.ingress.kubernetes.io/service-upstream: "true" |
|||
{{- end }} |
|||
{{- if contains "alb" .Values.ingress.class }} |
|||
alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS": 443}]' |
|||
alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}' |
|||
{{- end }} |
|||
{{- else }} |
|||
# DO NOT USE TLS |
|||
{{- if contains "nginx" .Values.ingress.class }} |
|||
{{- if .Values.ingress.vhostmonster }} |
|||
nginx.ingress.kubernetes.io/rewrite-target: "/VirtualHostBase/http/{{ $hostPrefix }}.{{ $hostName }}:80{{ $zopeFolder }}portal/VirtualHostRoot/$1" |
|||
{{- end }} |
|||
{{- end }} |
|||
{{- if contains "alb" .Values.ingress.class }} |
|||
alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}]' |
|||
{{- end }} |
|||
{{- end }} |
|||
{{- if contains "alb" .Values.ingress.class }} |
|||
alb.ingress.kubernetes.io/group.name: pm |
|||
alb.ingress.kubernetes.io/scheme: internet-facing |
|||
alb.ingress.kubernetes.io/target-type: ip |
|||
kubernetes.io/ingress.class: alb |
|||
{{- end }} |
|||
spec: |
|||
{{- if .Values.ingress.tls.enabled }} |
|||
tls: |
|||
- hosts: |
|||
- "{{ $hostPrefix }}.{{ $hostName }}" |
|||
{{- if eq "www" $hostPrefix }} |
|||
- "{{ $hostName }}" |
|||
{{- end }} |
|||
{{- if .Values.portal.addprefix }} |
|||
- "{{ $addPrefix }}.{{ $hostName }}" |
|||
{{- end }} |
|||
secretName: {{ $hostName | replace "." "-" }}-tls |
|||
{{- end }} |
|||
rules: |
|||
- host: "{{ $hostPrefix }}.{{ $hostName }}" |
|||
http: |
|||
paths: |
|||
{{- if and (contains "alb" .Values.ingress.class) (.Values.ingress.tls.enabled) }} |
|||
- path: /* |
|||
backend: |
|||
serviceName: ssl-redirect |
|||
servicePort: use-annotation |
|||
{{- end }} |
|||
{{- if contains "nginx" .Values.ingress.class }} |
|||
{{- if .Values.ingress.vhostmonster }} |
|||
- path: /(.*) |
|||
{{- else }} |
|||
- path: / |
|||
{{- end }} |
|||
{{- else }} |
|||
- path: /* |
|||
{{- end }} |
|||
{{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} |
|||
pathType: ImplementationSpecific |
|||
{{- end }} |
|||
backend: |
|||
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} |
|||
service: |
|||
name: {{ $fullName }}-plone |
|||
port: |
|||
number: 8080 |
|||
{{- else }} |
|||
serviceName: {{ $fullName }}-plone |
|||
servicePort: 8080 |
|||
{{- end }} |
|||
{{- if .Values.portal.addprefix }} |
|||
- host: "{{ $addPrefix }}.{{ $hostName }}" |
|||
http: |
|||
paths: |
|||
{{- if and (contains "alb" .Values.ingress.class) (.Values.ingress.tls.enabled) }} |
|||
- path: /* |
|||
backend: |
|||
serviceName: ssl-redirect |
|||
servicePort: use-annotation |
|||
{{- end }} |
|||
{{- if contains "nginx" .Values.ingress.class }} |
|||
{{- if .Values.ingress.vhostmonster }} |
|||
- path: /(.*) |
|||
{{- else }} |
|||
- path: / |
|||
{{- end }} |
|||
{{- else }} |
|||
- path: /* |
|||
{{- end }} |
|||
{{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} |
|||
pathType: ImplementationSpecific |
|||
{{- end }} |
|||
backend: |
|||
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} |
|||
service: |
|||
name: {{ $fullName }} |
|||
port: |
|||
number: 8080 |
|||
{{- else }} |
|||
serviceName: {{ $fullName }}-plone |
|||
servicePort: 8080 |
|||
{{- end }} |
|||
{{- end }} |
|||
{{- end }} |
|||
@ -0,0 +1,15 @@ |
|||
{{- if and .Values.persistence.enabled .Values.repozo.enabled }} |
|||
apiVersion: v1 |
|||
kind: PersistentVolumeClaim |
|||
metadata: |
|||
name: {{ include "portalmodelo.fullname" . }}-backupvol |
|||
labels: |
|||
{{- include "portalmodelo.labels" . | nindent 4 }} |
|||
spec: |
|||
accessModes: |
|||
- {{ .Values.persistence.accessMode }} |
|||
resources: |
|||
requests: |
|||
storage: {{ .Values.persistence.size }} |
|||
storageClassName: "{{ .Values.repozo.storageClass }}" |
|||
{{- end }} |
|||
@ -0,0 +1,154 @@ |
|||
apiVersion: apps/v1 |
|||
kind: Deployment |
|||
metadata: |
|||
name: {{ include "portalmodelo.fullname" . }}-plone |
|||
labels: |
|||
{{- include "portalmodelo.labels" . | nindent 4 }} |
|||
annotations: |
|||
{{- if .Values.portal.createAndUpgrade }} |
|||
"helm.sh/hook": post-install,post-upgrade |
|||
"helm.sh/hook-weight": "-2" |
|||
{{- end }} |
|||
spec: |
|||
{{- if not .Values.autoscaling.enabled }} |
|||
{{- if .Values.portal.createAndUpgrade }} |
|||
replicas: 0 |
|||
{{- else }} |
|||
replicas: {{ .Values.replicaCount }} |
|||
{{- end }} |
|||
{{- end }} |
|||
strategy: |
|||
{{- if .Values.instance.zeoclient }} |
|||
type: RollingUpdate |
|||
{{- else }} |
|||
type: Recreate |
|||
{{- end }} |
|||
selector: |
|||
matchLabels: |
|||
{{- include "portalmodelo.ploneSelectorLabels" . | nindent 6 }} |
|||
template: |
|||
metadata: |
|||
{{- with .Values.podAnnotations }} |
|||
annotations: |
|||
{{- toYaml . | nindent 8 }} |
|||
{{- end }} |
|||
labels: |
|||
{{- include "portalmodelo.ploneSelectorLabels" . | nindent 8 }} |
|||
spec: |
|||
{{- with .Values.imagePullSecrets }} |
|||
imagePullSecrets: |
|||
{{- toYaml . | nindent 8 }} |
|||
{{- end }} |
|||
securityContext: |
|||
{{- toYaml .Values.podSecurityContext | nindent 8 }} |
|||
initContainers: |
|||
{{- if not .Values.instance.zeoclient }} |
|||
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" |
|||
name: {{ .Release.Name }}-rmlock |
|||
command: |
|||
- "rm" |
|||
- "-f" |
|||
- "/data/filestorage/Data.fs.lock" |
|||
volumeMounts: |
|||
- mountPath: /data |
|||
name: data |
|||
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" |
|||
name: {{ .Release.Name }}-initplone |
|||
command: |
|||
- "mkdir" |
|||
- "-p" |
|||
- "/data/filestorage" |
|||
- "/data/blobstorage" |
|||
- "/data/instance" |
|||
- "/data/log" |
|||
volumeMounts: |
|||
- mountPath: /data |
|||
name: data |
|||
{{- end }} |
|||
containers: |
|||
- env: |
|||
{{- if .Values.instance.zeoclient }} |
|||
- name: ZEO_ADDRESS |
|||
value: {{ template "portalmodelo.fullname" . }}-zeoserver:8100 |
|||
{{- if eq .Values.persistence.accessMode "ReadWriteMany"}} |
|||
- name: ZEO_SHARED_BLOB_DIR |
|||
value: "on" |
|||
{{- end }} |
|||
{{- end }} |
|||
- name: TZ |
|||
value: {{ .Values.portal.timeZone }} |
|||
- name: ZODB_CACHE_SIZE |
|||
value: "{{ .Values.instance.zodbCacheSize }}" |
|||
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" |
|||
imagePullPolicy: {{ .Values.image.pullPolicy }} |
|||
name: {{ .Release.Name }}-plone |
|||
ports: |
|||
- containerPort: 8080 |
|||
- containerPort: 8881 |
|||
livenessProbe: |
|||
exec: |
|||
command: |
|||
- /plone/instance/bin/instance |
|||
- monitor |
|||
- health_ok |
|||
initialDelaySeconds: 180 |
|||
failureThreshold: 2 |
|||
periodSeconds: 400 |
|||
successThreshold: 1 |
|||
timeoutSeconds: 5 |
|||
readinessProbe: |
|||
failureThreshold: 3 |
|||
httpGet: |
|||
path: / |
|||
port: 8080 |
|||
initialDelaySeconds: 90 |
|||
periodSeconds: 10 |
|||
successThreshold: 1 |
|||
timeoutSeconds: 2 |
|||
{{- if eq .Values.persistence.accessMode "ReadWriteMany" }} |
|||
volumeMounts: |
|||
- mountPath: /data |
|||
name: data |
|||
{{- end }} |
|||
resources: |
|||
{{- toYaml .Values.resources.plone | nindent 12 }} |
|||
restartPolicy: Always |
|||
{{- if and .Values.persistence.enabled (not .Values.instance.zeoclient) }} |
|||
volumes: |
|||
- name: data |
|||
persistentVolumeClaim: |
|||
claimName: {{ include "portalmodelo.fullname" . }}-data |
|||
{{- end }} |
|||
{{- with .Values.nodeSelector }} |
|||
nodeSelector: |
|||
{{- toYaml . | nindent 8 }} |
|||
{{- end }} |
|||
affinity: |
|||
{{- if .Values.instance.zeoclient }} |
|||
podAffinity: |
|||
preferredDuringSchedulingIgnoredDuringExecution: |
|||
- weight: 50 |
|||
podAffinityTerm: |
|||
labelSelector: |
|||
matchExpressions: |
|||
- key: app.kubernetes.io/name |
|||
operator: In |
|||
values: |
|||
- {{ include "portalmodelo.name" . }} |
|||
- key: app.kubernetes.io/component |
|||
operator: In |
|||
values: |
|||
- zeoserver |
|||
- key: app.kubernetes.io/instance |
|||
operator: In |
|||
values: |
|||
- {{ .Release.Name }} |
|||
topologyKey: kubernetes.io/hostname |
|||
{{- end }} |
|||
{{- with .Values.affinity }} |
|||
{{- toYaml . | nindent 8 }} |
|||
{{- end }} |
|||
{{- with .Values.tolerations }} |
|||
tolerations: |
|||
{{- toYaml . | nindent 8 }} |
|||
{{- end }} |
|||
@ -0,0 +1,38 @@ |
|||
{{- if .Values.portal.createAndUpgrade }} |
|||
apiVersion: batch/v1 |
|||
kind: Job |
|||
metadata: |
|||
name: {{ include "portalmodelo.fullname" . }}-plone-scaleup |
|||
labels: |
|||
{{- include "portalmodelo.labels" . | nindent 4 }} |
|||
annotations: |
|||
"helm.sh/hook": post-install,post-upgrade |
|||
"helm.sh/hook-weight": "1" |
|||
"helm.sh/hook-delete-policy": "hook-succeeded" |
|||
spec: |
|||
backoffLimit: 5 |
|||
template: |
|||
metadata: |
|||
labels: |
|||
{{- include "portalmodelo.labels" . | nindent 8 }} |
|||
spec: |
|||
restartPolicy: OnFailure |
|||
serviceAccountName: {{ include "portalmodelo.fullname" . }}-scaleup |
|||
containers: |
|||
- name: kubectl |
|||
image: rancher/kubectl:v1.29.0 |
|||
command: |
|||
- /bin/sh |
|||
- -c |
|||
- | |
|||
echo "Waiting for plonecfg job to complete..." |
|||
kubectl wait --for=condition=complete --timeout=600s job/{{ include "portalmodelo.fullname" . }}-plonecfg -n {{ .Release.Namespace }} |
|||
|
|||
echo "Scaling up plone deployment to {{ .Values.replicaCount }} replicas..." |
|||
kubectl scale deployment/{{ include "portalmodelo.fullname" . }}-plone --replicas={{ .Values.replicaCount }} -n {{ .Release.Namespace }} |
|||
|
|||
echo "Waiting for deployment to be ready..." |
|||
kubectl rollout status deployment/{{ include "portalmodelo.fullname" . }}-plone -n {{ .Release.Namespace }} |
|||
|
|||
echo "Plone deployment scaled up successfully!" |
|||
{{- end }} |
|||
@ -0,0 +1,51 @@ |
|||
{{- if .Values.portal.createAndUpgrade }} |
|||
apiVersion: v1 |
|||
kind: ServiceAccount |
|||
metadata: |
|||
name: {{ include "portalmodelo.fullname" . }}-scaleup |
|||
labels: |
|||
{{- include "portalmodelo.labels" . | nindent 4 }} |
|||
annotations: |
|||
"helm.sh/hook": pre-install,pre-upgrade |
|||
"helm.sh/hook-weight": "-5" |
|||
"helm.sh/hook-delete-policy": "before-hook-creation" |
|||
--- |
|||
apiVersion: rbac.authorization.k8s.io/v1 |
|||
kind: Role |
|||
metadata: |
|||
name: {{ include "portalmodelo.fullname" . }}-scaleup |
|||
labels: |
|||
{{- include "portalmodelo.labels" . | nindent 4 }} |
|||
annotations: |
|||
"helm.sh/hook": pre-install,pre-upgrade |
|||
"helm.sh/hook-weight": "-5" |
|||
"helm.sh/hook-delete-policy": "before-hook-creation" |
|||
rules: |
|||
- apiGroups: ["apps"] |
|||
resources: ["deployments", "deployments/scale"] |
|||
verbs: ["get", "list", "patch", "update"] |
|||
resourceNames: ["{{ include "portalmodelo.fullname" . }}-plone"] |
|||
- apiGroups: ["batch"] |
|||
resources: ["jobs"] |
|||
verbs: ["get", "list", "watch"] |
|||
resourceNames: ["{{ include "portalmodelo.fullname" . }}-plonecfg"] |
|||
--- |
|||
apiVersion: rbac.authorization.k8s.io/v1 |
|||
kind: RoleBinding |
|||
metadata: |
|||
name: {{ include "portalmodelo.fullname" . }}-scaleup |
|||
labels: |
|||
{{- include "portalmodelo.labels" . | nindent 4 }} |
|||
annotations: |
|||
"helm.sh/hook": pre-install,pre-upgrade |
|||
"helm.sh/hook-weight": "-5" |
|||
"helm.sh/hook-delete-policy": "before-hook-creation" |
|||
roleRef: |
|||
apiGroup: rbac.authorization.k8s.io |
|||
kind: Role |
|||
name: {{ include "portalmodelo.fullname" . }}-scaleup |
|||
subjects: |
|||
- kind: ServiceAccount |
|||
name: {{ include "portalmodelo.fullname" . }}-scaleup |
|||
namespace: {{ .Release.Namespace }} |
|||
{{- end }} |
|||
@ -0,0 +1,14 @@ |
|||
apiVersion: v1 |
|||
kind: Service |
|||
metadata: |
|||
name: {{ include "portalmodelo.fullname" . }}-plone |
|||
labels: |
|||
{{- include "portalmodelo.labels" . | nindent 4 }} |
|||
spec: |
|||
ports: |
|||
- port: 8080 |
|||
targetPort: 8080 |
|||
protocol: TCP |
|||
name: "8080" |
|||
selector: |
|||
{{- include "portalmodelo.ploneSelectorLabels" . | nindent 4 }} |
|||
@ -0,0 +1,88 @@ |
|||
{{- if .Values.portal.createAndUpgrade }} |
|||
apiVersion: batch/v1 |
|||
kind: Job |
|||
metadata: |
|||
name: {{ include "portalmodelo.fullname" . }}-plonecfg |
|||
labels: |
|||
{{- include "portalmodelo.labels" . | nindent 4 }} |
|||
spec: |
|||
template: |
|||
metadata: |
|||
annotations: |
|||
"helm.sh/hook": post-install,post-upgrade |
|||
"helm.sh/hook-weight": "-1" |
|||
"helm.sh/hook-delete-policy": "hook-succeeded" |
|||
labels: |
|||
{{- include "portalmodelo.ploneSelectorLabels" . | nindent 8 }} |
|||
spec: |
|||
{{- with .Values.imagePullSecrets }} |
|||
imagePullSecrets: |
|||
{{- toYaml . | nindent 8 }} |
|||
{{- end }} |
|||
securityContext: |
|||
{{- toYaml .Values.podSecurityContext | nindent 8 }} |
|||
restartPolicy: Never |
|||
initContainers: |
|||
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" |
|||
name: {{ .Release.Name }}-chownplone |
|||
command: |
|||
- "chown" |
|||
- "plone:plone" |
|||
- "/data" |
|||
securityContext: |
|||
runAsNonRoot: false |
|||
runAsUser: 0 |
|||
{{- if eq .Values.persistence.accessMode "ReadWriteMany" }} |
|||
volumeMounts: |
|||
- mountPath: /data |
|||
name: data |
|||
{{- end }} |
|||
containers: |
|||
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" |
|||
name: {{ .Release.Name }}-plonecfg |
|||
command: [ "/bin/sh", "-c" ] |
|||
args: |
|||
- >- |
|||
sleep 20 && |
|||
sed -i "s/%SHARED_BLOB%/${ZEO_SHARED_BLOB_DIR}/g" /plone/instance/configure.cfg && |
|||
sed -i "s/%SHARED_BLOB%/${ZEO_SHARED_BLOB_DIR}/g" /plone/instance/upgrades.cfg && |
|||
/configure.sh |
|||
env: |
|||
{{- if .Values.instance.zeoclient }} |
|||
- name: ZEO_ADDRESS |
|||
value: {{ template "portalmodelo.fullname" . }}-zeoserver:8100 |
|||
{{- if eq .Values.persistence.accessMode "ReadWriteMany" -}} |
|||
- name: ZEO_SHARED_BLOB_DIR |
|||
value: "on" |
|||
{{- else }} |
|||
- name: ZEO_SHARED_BLOB_DIR |
|||
value: "off" |
|||
{{- end }} |
|||
{{- else }} |
|||
- name: ZEO_ADDRESS |
|||
value: "" |
|||
{{- end }} |
|||
- name: EMAIL |
|||
value: {{ .Values.portal.adminEmail }} |
|||
- name: PASSWORD |
|||
value: {{ .Values.portal.adminPassword }} |
|||
- name: TITLE |
|||
value: {{ .Values.portal.title }} |
|||
- name: DESCR |
|||
value: {{ .Values.portal.description }} |
|||
- name: HOSTNAME |
|||
value: "leg.br" |
|||
- name: ROOTPWD |
|||
value: {{ .Values.portal.rootPassword }} |
|||
{{- if eq .Values.persistence.accessMode "ReadWriteMany" }} |
|||
volumeMounts: |
|||
- mountPath: /data |
|||
name: data |
|||
{{- if .Values.persistence.enabled }} |
|||
volumes: |
|||
- name: data |
|||
persistentVolumeClaim: |
|||
claimName: {{ include "portalmodelo.fullname" . }}-data |
|||
{{- end }} |
|||
{{- end }} |
|||
{{- end }} |
|||
@ -0,0 +1,21 @@ |
|||
{{- if .Values.persistence.enabled }} |
|||
apiVersion: v1 |
|||
kind: PersistentVolumeClaim |
|||
metadata: |
|||
name: {{ include "portalmodelo.fullname" . }}-data |
|||
labels: |
|||
{{- include "portalmodelo.labels" . | nindent 4 }} |
|||
spec: |
|||
accessModes: |
|||
- {{ .Values.persistence.accessMode }} |
|||
resources: |
|||
requests: |
|||
storage: {{ .Values.persistence.size }} |
|||
{{- if .Values.persistence.storageClass }} |
|||
{{- if (eq "-" .Values.persistence.storageClass) }} |
|||
storageClassName: "" |
|||
{{- else }} |
|||
storageClassName: "{{ .Values.persistence.storageClass }}" |
|||
{{- end }} |
|||
{{- end }} |
|||
{{- end }} |
|||
@ -0,0 +1,70 @@ |
|||
{{- if and .Values.persistence.enabled (or .Values.repozo.enabled .Values.velero.backup.enabled )}} |
|||
apiVersion: v1 |
|||
kind: ConfigMap |
|||
metadata: |
|||
name: {{ include "portalmodelo.fullname" . }}-backupscript |
|||
data: |
|||
backup: |- |
|||
#!/plone/Python-2.7/bin/python |
|||
|
|||
import sys |
|||
sys.path[0:0] = [ |
|||
'/plone/buildout-cache/eggs/collective.recipe.backup-2.17-py2.7.egg', |
|||
'/plone/buildout-cache/eggs/zc.buildout-2.2.5-py2.7.egg', |
|||
'/plone/buildout-cache/eggs/zc.recipe.egg-1.3.2-py2.7.egg', |
|||
'/plone/buildout-cache/eggs/setuptools-7.0-py2.7.egg', |
|||
] |
|||
|
|||
|
|||
import logging |
|||
loglevel = logging.INFO |
|||
from optparse import OptionParser |
|||
parser = OptionParser() |
|||
parser.add_option("-q", "--quiet", |
|||
action="store_false", dest="verbose", default=True, |
|||
help="don't print status messages to stdout") |
|||
parser.add_option("-n", "--no-prompt", |
|||
action="store_true", dest="no_prompt", default=False, |
|||
help="don't ask for any user confirmation") |
|||
(options, args) = parser.parse_args() |
|||
# Allow the user to make the script more quiet (say in a cronjob): |
|||
if not options.verbose: |
|||
loglevel = logging.WARN |
|||
logging.basicConfig(level=loglevel, |
|||
format='%(levelname)s: %(message)s') |
|||
|
|||
import collective.recipe.backup.main |
|||
|
|||
{{- $bkpLocation := "/backup" -}} |
|||
{{- if .Values.velero.backup.enabled -}} |
|||
{{- $bkpLocation = "/data" -}} |
|||
{{- end }} |
|||
|
|||
if __name__ == '__main__': |
|||
sys.exit(collective.recipe.backup.main.backup_main( |
|||
bin_dir='/plone/instance/bin', |
|||
storages=[{'backup_location': '{{ $bkpLocation }}/backups', |
|||
'blob_backup_location': '{{ $bkpLocation }}/blobstoragebackups', |
|||
'blob_snapshot_location': '{{ $bkpLocation }}/blobstoragesnapshots', |
|||
'blobdir': '/data/blobstorage', |
|||
'datafs': '/data/filestorage/Data.fs', |
|||
'snapshot_location': '{{ $bkpLocation }}/snapshotbackups', |
|||
'storage': '1'}], |
|||
keep={{ .Values.repozo.keep }}, |
|||
keep_blob_days={{ .Values.repozo.keepblobdays }}, |
|||
full=False, |
|||
verbose=False, |
|||
gzip=True, |
|||
only_blobs=False, |
|||
{{- if .Values.repozo.backupblobs }} |
|||
backup_blobs=True, |
|||
{{- else }} |
|||
backup_blobs=False, |
|||
{{- end }} |
|||
use_rsync=True, |
|||
gzip_blob=False, |
|||
pre_command='', |
|||
post_command='', |
|||
no_prompt=options.no_prompt, |
|||
)) |
|||
{{- end }} |
|||
@ -0,0 +1,87 @@ |
|||
{{- if .Values.instance.zeoclient }} |
|||
{{- if and .Values.persistence.enabled .Values.repozo.enabled }} |
|||
apiVersion: batch/v1 |
|||
kind: CronJob |
|||
metadata: |
|||
name: {{ include "portalmodelo.fullname" . }}-repozo |
|||
labels: |
|||
{{- include "portalmodelo.labels" . | nindent 4 }} |
|||
spec: |
|||
# generate a random backup time between 1 and 5 AM |
|||
schedule: {{ mod (randNumeric 2) 60 }} {{ mod (randNumeric 1) 6 }} * * * |
|||
concurrencyPolicy: Forbid |
|||
jobTemplate: |
|||
spec: |
|||
template: |
|||
metadata: |
|||
labels: |
|||
{{- include "portalmodelo.labels" . | nindent 12 }} |
|||
spec: |
|||
{{- with .Values.imagePullSecrets }} |
|||
imagePullSecrets: |
|||
{{- toYaml . | nindent 12 }} |
|||
{{- end }} |
|||
securityContext: |
|||
{{- toYaml .Values.podSecurityContext | nindent 12 }} |
|||
containers: |
|||
- name: {{ .Release.Name }}-repozo |
|||
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" |
|||
imagePullPolicy: {{ .Values.image.pullPolicy }} |
|||
securityContext: |
|||
runAsNonRoot: false |
|||
runAsUser: 0 |
|||
command: |
|||
- "/bin/bash" |
|||
- "-c" |
|||
args: |
|||
- "/plone/Python-2.7/bin/python /plone/instance/bin/backup" |
|||
env: |
|||
- name: TZ |
|||
value: {{ .Values.portal.timeZone }} |
|||
volumeMounts: |
|||
- mountPath: /plone/instance/bin/backup |
|||
subPath: backup |
|||
name: backupscript |
|||
- mountPath: /data |
|||
name: data |
|||
- mountPath: /backup |
|||
name: backupvol |
|||
restartPolicy: OnFailure |
|||
volumes: |
|||
- name: data |
|||
persistentVolumeClaim: |
|||
claimName: {{ include "portalmodelo.fullname" . }}-data |
|||
- name: backupvol |
|||
persistentVolumeClaim: |
|||
claimName: {{ include "portalmodelo.fullname" . }}-backupvol |
|||
- name: backupscript |
|||
configMap: |
|||
name: {{ include "portalmodelo.fullname" . }}-backupscript |
|||
{{- with .Values.nodeSelector }} |
|||
nodeSelector: |
|||
{{- toYaml . | nindent 12 }} |
|||
{{- end }} |
|||
affinity: |
|||
podAffinity: |
|||
requiredDuringSchedulingIgnoredDuringExecution: |
|||
- labelSelector: |
|||
matchExpressions: |
|||
- key: app.kubernetes.io/name |
|||
operator: In |
|||
values: |
|||
- {{ include "portalmodelo.name" . }} |
|||
- key: app.kubernetes.io/instance |
|||
operator: In |
|||
values: |
|||
- {{ .Release.Name }} |
|||
- key: app.kubernetes.io/component |
|||
operator: In |
|||
values: |
|||
- zeoserver |
|||
topologyKey: kubernetes.io/hostname |
|||
{{- with .Values.tolerations }} |
|||
tolerations: |
|||
{{- toYaml . | nindent 12 }} |
|||
{{- end }} |
|||
{{- end}} |
|||
{{- end}} |
|||
@ -0,0 +1,46 @@ |
|||
{{- if .Values.velero.backup.enabled }} |
|||
apiVersion: velero.io/v1 |
|||
kind: Schedule |
|||
metadata: |
|||
name: {{ include "portalmodelo.fullname" . }}-weekdays |
|||
namespace: {{ .Values.velero.namespace }} |
|||
spec: |
|||
# generate a random backup time between 1 and 5 AM on weekdays |
|||
schedule: {{ mod (randNumeric 2) 60 }} {{ mod (randNumeric 1) 6 }} * * MON,WED,FRI |
|||
template: |
|||
includedNamespaces: |
|||
- {{ .Release.Namespace }} |
|||
{{- with .Values.velero.backup.excludedResources }} |
|||
excludedResources: |
|||
{{- toYaml . | nindent 8 }} |
|||
{{- end }} |
|||
# every weekday backup is good for the next week (7 days) |
|||
ttl: 168h0m0s |
|||
{{- if .Values.velero.backup.useSnapshotBackup }} |
|||
defaultVolumesToFsBackup: false |
|||
snapshotVolumes: true |
|||
snapshotMoveData: {{ .Values.velero.backup.snapshotMoveData }} |
|||
{{- else }} |
|||
defaultVolumesToFsBackup: true |
|||
snapshotVolumes: false |
|||
{{- end }} |
|||
hooks: |
|||
resources: |
|||
- name: repozo |
|||
includedResources: |
|||
- pods |
|||
labelSelector: |
|||
matchLabels: |
|||
app.kubernetes.io/instance: {{ .Release.Name }} |
|||
app.kubernetes.io/name: portalmodelo |
|||
app.kubernetes.io/component: zeoserver |
|||
pre: |
|||
- exec: |
|||
command: |
|||
- "/bin/bash" |
|||
- "-c" |
|||
- "/plone/Python-2.7/bin/python /plone/instance/bin/backup" |
|||
timeout: 3600s |
|||
onError: Continue |
|||
useOwnerReferencesInBackup: false |
|||
{{- end }} |
|||
@ -0,0 +1,46 @@ |
|||
{{- if .Values.velero.backup.enabled }} |
|||
apiVersion: velero.io/v1 |
|||
kind: Schedule |
|||
metadata: |
|||
name: {{ include "portalmodelo.fullname" . }}-weekly |
|||
namespace: {{ .Values.velero.namespace }} |
|||
spec: |
|||
# generate a random backup time between 1 and 5 AM on sunday |
|||
schedule: {{ mod (randNumeric 2) 60 }} {{ mod (randNumeric 1) 6 }} * * 0 |
|||
template: |
|||
includedNamespaces: |
|||
- {{ .Release.Namespace }} |
|||
{{- with .Values.velero.backup.excludedResources }} |
|||
excludedResources: |
|||
{{- toYaml . | nindent 8 }} |
|||
{{- end }} |
|||
# every sunday backup is good for 45 days |
|||
ttl: 1080h0m0s |
|||
{{- if .Values.velero.backup.useSnapshotBackup }} |
|||
defaultVolumesToFsBackup: false |
|||
snapshotVolumes: true |
|||
snapshotMoveData: {{ .Values.velero.backup.snapshotMoveData }} |
|||
{{- else }} |
|||
defaultVolumesToFsBackup: true |
|||
snapshotVolumes: false |
|||
{{- end }} |
|||
hooks: |
|||
resources: |
|||
- name: repozo |
|||
includedResources: |
|||
- pods |
|||
labelSelector: |
|||
matchLabels: |
|||
app.kubernetes.io/instance: {{ .Release.Name }} |
|||
app.kubernetes.io/name: portalmodelo |
|||
app.kubernetes.io/component: zeoserver |
|||
pre: |
|||
- exec: |
|||
command: |
|||
- "/bin/bash" |
|||
- "-c" |
|||
- "/plone/Python-2.7/bin/python /plone/instance/bin/backup" |
|||
timeout: 3600s |
|||
onError: Continue |
|||
useOwnerReferencesInBackup: false |
|||
{{- end }} |
|||
@ -0,0 +1,65 @@ |
|||
{{- if .Values.instance.zeoclient }} |
|||
{{- if .Values.instance.zeopack.enabled }} |
|||
apiVersion: batch/v1 |
|||
kind: CronJob |
|||
metadata: |
|||
name: {{ include "portalmodelo.fullname" . }}-zeopack |
|||
labels: |
|||
{{- include "portalmodelo.labels" . | nindent 4 }} |
|||
spec: |
|||
schedule: {{ .Values.instance.zeopack.schedule | quote }} |
|||
jobTemplate: |
|||
spec: |
|||
template: |
|||
metadata: |
|||
labels: |
|||
{{- include "portalmodelo.labels" . | nindent 12 }} |
|||
spec: |
|||
{{- with .Values.imagePullSecrets }} |
|||
imagePullSecrets: |
|||
{{- toYaml . | nindent 12 }} |
|||
{{- end }} |
|||
securityContext: |
|||
{{- toYaml .Values.podSecurityContext | nindent 12 }} |
|||
containers: |
|||
- name: {{ .Release.Name }}-zeopack |
|||
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" |
|||
imagePullPolicy: {{ .Values.image.pullPolicy }} |
|||
command: |
|||
- "/bin/bash" |
|||
- "-c" |
|||
args: |
|||
- "sleep \"$[ ( $RANDOM % 90 ) + 1 ]m\" && python /docker-initialize.py && /plone/instance/bin/zeopack -D {{ .Values.instance.zeopack.keepDays }}" |
|||
env: |
|||
- name: ZEO_ADDRESS |
|||
value: {{ template "portalmodelo.fullname" . }}-zeoserver:8100 |
|||
- name: TZ |
|||
value: {{ .Values.portal.timeZone }} |
|||
{{- if eq .Values.persistence.accessMode "ReadWriteMany" }} |
|||
volumeMounts: |
|||
- mountPath: /data |
|||
name: data |
|||
{{- end }} |
|||
resources: |
|||
{{- toYaml .Values.resources.zeo | nindent 16 }} |
|||
restartPolicy: OnFailure |
|||
{{- if and .Values.persistence.enabled (eq .Values.persistence.accessMode "ReadWriteMany") }} |
|||
volumes: |
|||
- name: data |
|||
persistentVolumeClaim: |
|||
claimName: {{ include "portalmodelo.fullname" . }}-data |
|||
{{- end }} |
|||
{{- with .Values.nodeSelector }} |
|||
nodeSelector: |
|||
{{- toYaml . | nindent 12 }} |
|||
{{- end }} |
|||
{{- with .Values.affinity }} |
|||
affinity: |
|||
{{- toYaml . | nindent 12 }} |
|||
{{- end }} |
|||
{{- with .Values.tolerations }} |
|||
tolerations: |
|||
{{- toYaml . | nindent 12 }} |
|||
{{- end }} |
|||
{{- end}} |
|||
{{- end}} |
|||
@ -0,0 +1,131 @@ |
|||
{{- if .Values.instance.zeoclient }} |
|||
apiVersion: apps/v1 |
|||
kind: Deployment |
|||
metadata: |
|||
name: {{ include "portalmodelo.fullname" . }}-zeoserver |
|||
labels: |
|||
{{- include "portalmodelo.labels" . | nindent 4 }} |
|||
spec: |
|||
replicas: 1 |
|||
strategy: |
|||
type: Recreate |
|||
selector: |
|||
matchLabels: |
|||
{{- include "portalmodelo.zeoserverSelectorLabels" . | nindent 6 }} |
|||
template: |
|||
metadata: |
|||
{{- with .Values.podAnnotations }} |
|||
annotations: |
|||
{{- toYaml . | nindent 8 }} |
|||
{{- end }} |
|||
labels: |
|||
{{- include "portalmodelo.zeoserverSelectorLabels" . | nindent 8 }} |
|||
spec: |
|||
{{- with .Values.imagePullSecrets }} |
|||
imagePullSecrets: |
|||
{{- toYaml . | nindent 8 }} |
|||
{{- end }} |
|||
securityContext: |
|||
{{- toYaml .Values.podSecurityContext | nindent 8 }} |
|||
initContainers: |
|||
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" |
|||
name: {{ .Release.Name }}-chownplone |
|||
command: |
|||
- "chown" |
|||
- "plone:plone" |
|||
- "/data" |
|||
securityContext: |
|||
runAsNonRoot: false |
|||
runAsUser: 0 |
|||
volumeMounts: |
|||
- mountPath: /data |
|||
name: data |
|||
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" |
|||
name: {{ .Release.Name }}-rmlock |
|||
command: |
|||
- "rm" |
|||
- "-f" |
|||
- "/data/filestorage/Data.fs.lock" |
|||
volumeMounts: |
|||
- mountPath: /data |
|||
name: data |
|||
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" |
|||
name: {{ .Release.Name }}-initzeo |
|||
command: |
|||
- "mkdir" |
|||
- "-p" |
|||
- "/data/filestorage" |
|||
- "/data/blobstorage" |
|||
- "/data/zeoserver" |
|||
- "/data/log" |
|||
volumeMounts: |
|||
- mountPath: /data |
|||
name: data |
|||
containers: |
|||
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" |
|||
args: |
|||
- zeoserver |
|||
env: |
|||
{{- if eq .Values.persistence.accessMode "ReadWriteMany"}} |
|||
- name: ZEO_SHARED_BLOB_DIR |
|||
value: "on" |
|||
{{- end }} |
|||
- name: TZ |
|||
value: {{ .Values.portal.timeZone }} |
|||
imagePullPolicy: {{ .Values.image.pullPolicy }} |
|||
name: {{ .Release.Name }}-zeoserver |
|||
ports: |
|||
- containerPort: 8100 |
|||
volumeMounts: |
|||
- mountPath: /data |
|||
name: data |
|||
{{- if .Values.velero.backup.enabled }} |
|||
- mountPath: /plone/instance/bin/backup |
|||
subPath: backup |
|||
name: backupscript |
|||
{{- end }} |
|||
livenessProbe: |
|||
tcpSocket: |
|||
port: 8100 |
|||
initialDelaySeconds: 90 |
|||
periodSeconds: 10 |
|||
failureThreshold: 5 |
|||
successThreshold: 1 |
|||
timeoutSeconds: 5 |
|||
readinessProbe: |
|||
tcpSocket: |
|||
port: 8100 |
|||
initialDelaySeconds: 90 |
|||
periodSeconds: 5 |
|||
failureThreshold: 5 |
|||
successThreshold: 1 |
|||
timeoutSeconds: 3 |
|||
resources: |
|||
{{- toYaml .Values.resources.zeo | nindent 12 }} |
|||
restartPolicy: Always |
|||
volumes: |
|||
- name: data |
|||
{{- if .Values.persistence.enabled }} |
|||
persistentVolumeClaim: |
|||
claimName: {{ include "portalmodelo.fullname" . }}-data |
|||
{{- else }} |
|||
emptyDir: {} |
|||
{{- end }} |
|||
{{- if .Values.velero.backup.enabled }} |
|||
- name: backupscript |
|||
configMap: |
|||
name: {{ include "portalmodelo.fullname" . }}-backupscript |
|||
{{- end }} |
|||
{{- with .Values.nodeSelector }} |
|||
nodeSelector: |
|||
{{- toYaml . | nindent 8 }} |
|||
{{- end }} |
|||
{{- with .Values.affinity }} |
|||
affinity: |
|||
{{- toYaml . | nindent 8 }} |
|||
{{- end }} |
|||
{{- with .Values.tolerations }} |
|||
tolerations: |
|||
{{- toYaml . | nindent 8 }} |
|||
{{- end }} |
|||
{{- end}} |
|||
@ -0,0 +1,17 @@ |
|||
{{- if .Values.instance.zeoclient }} |
|||
apiVersion: v1 |
|||
kind: Service |
|||
metadata: |
|||
name: {{ include "portalmodelo.fullname" . }}-zeoserver |
|||
labels: |
|||
{{- include "portalmodelo.labels" . | nindent 4 }} |
|||
spec: |
|||
ports: |
|||
- port: 8100 |
|||
targetPort: 8100 |
|||
protocol: TCP |
|||
name: "8100" |
|||
selector: |
|||
{{- include "portalmodelo.zeoserverSelectorLabels" . | nindent 4 }} |
|||
{{- end }} |
|||
|
|||
@ -0,0 +1,116 @@ |
|||
# Default values for portalmodelo. |
|||
# This is a YAML-formatted file. |
|||
# Declare variables to be passed into your templates. |
|||
|
|||
replicaCount: 1 |
|||
|
|||
image: |
|||
repository: interlegis/portalmodelo |
|||
pullPolicy: IfNotPresent |
|||
# Overrides the image tag whose default is the chart appVersion. |
|||
tag: "" |
|||
|
|||
imagePullSecrets: [] |
|||
nameOverride: "" |
|||
fullnameOverride: "" |
|||
|
|||
persistence: |
|||
enabled: true |
|||
#storageClass: "" |
|||
accessMode: ReadWriteOnce |
|||
size: 5Gi |
|||
|
|||
velero: |
|||
namespace: velero |
|||
backup: |
|||
enabled: false |
|||
# cert-manager objects are usually blocked during backup |
|||
useSnapshotBackup: false |
|||
snapshotMoveData: false |
|||
excludedResources: |
|||
- certificates.cert-manager.io |
|||
- orders.acme.cert-manager.io |
|||
- certificaterequests.cert-manager.io |
|||
- challenges.acme.cert-manager.io |
|||
|
|||
portal: |
|||
adminPassword: altereme |
|||
rootPassword: altereme |
|||
adminEmail: contato@tecnico.net |
|||
title: Câmara Municipal |
|||
description: Cidade - UF |
|||
hostname: teste.df.leg.br |
|||
hostprefix: www |
|||
addprefix: '' |
|||
timeZone: America/Sao_Paulo |
|||
createAndUpgrade: true |
|||
zopefolder: '/' |
|||
|
|||
instance: |
|||
zodbCacheSize: 1000 |
|||
zeoclient: true |
|||
zeopack: |
|||
enabled: true |
|||
schedule: "0 1 * * SUN" # Every Sunday at 1AM |
|||
keepDays: 30 |
|||
|
|||
repozo: |
|||
enabled: false |
|||
storageClass: nfs-backup |
|||
keep: 1 |
|||
keepblobdays: 30 |
|||
backupblobs: true |
|||
|
|||
podAnnotations: {} |
|||
|
|||
podSecurityContext: {} |
|||
# fsGroup: 2000 |
|||
|
|||
securityContext: {} |
|||
# capabilities: |
|||
# drop: |
|||
# - ALL |
|||
# readOnlyRootFilesystem: true |
|||
# runAsNonRoot: true |
|||
# runAsUser: 1000 |
|||
|
|||
ingress: |
|||
enabled: true |
|||
class: nginx |
|||
# nginx - for default nginx ingress controller |
|||
# alb - for AWS ALB Load Balancer controller |
|||
tls: |
|||
enabled: true |
|||
provider: letsencrypt |
|||
vhostmonster: true |
|||
# extra annotations only |
|||
annotations: {} |
|||
|
|||
resources: |
|||
plone: |
|||
limits: |
|||
cpu: 1000m |
|||
memory: 1600Mi |
|||
requests: |
|||
cpu: 100m |
|||
memory: 750Mi |
|||
zeo: |
|||
limits: |
|||
cpu: 1000m |
|||
memory: 512Mi |
|||
requests: |
|||
cpu: 50m |
|||
memory: 112Mi |
|||
|
|||
autoscaling: |
|||
enabled: false |
|||
minReplicas: 1 |
|||
maxReplicas: 100 |
|||
targetCPUUtilizationPercentage: 80 |
|||
# targetMemoryUtilizationPercentage: 80 |
|||
|
|||
nodeSelector: {} |
|||
|
|||
tolerations: [] |
|||
|
|||
affinity: {} |
|||
Loading…
Reference in new issue