Merge pull request #2047 from NCEAS/feature-1666-misc-k8s-fixes

Feature 1666 misc k8s fixes
NCEAS · Dec 20, 2024 · b5204a8 · b5204a8
2 parents b09f20d + 235157e
commit b5204a8
Showing 1 changed file with 164 additions and 0 deletions.
diff --git a/helm/examples/values-dev-cluster-arctic-example.yaml b/helm/examples/values-dev-cluster-arctic-example.yaml
@@ -0,0 +1,164 @@
+## override values.yaml with values to use for running on the NCEAS dev cluster
+## EXAMPLE FILE FROM TEST ARCTIC DATA CENTER INSTALLATION, FOR REFERENCE ONLY
+##
+## examples:
+## from local helm chart:
+##  helm install myrelease -n mynamespace ./helm -f ./helm/examples/values-dev-cluster-example.yaml
+##
+## or from pre-packaged chart:
+##  helm install myrelease -n mynamespace oci://ghcr.io/nceas/charts/metacat --version 1.2.0 \
+##       -f ./helm/examples/values-dev-cluster-example.yaml \
+##       --debug --render-subchart-notes
+##
+## see values.yaml for full documentation on the following parameters
+##
+
+## set once here, for both metacat and indexer:
+## Omit for production - otherwise logging is too verbose
+##
+## NOTE: can also edit the logging level the metacat configMap, and it will be picked up
+## automatically without a pod restart
+##
+debug: &debug false
+
+global:
+  metacatUiThemeName: "arctic"
+  metacatUiWebRoot: "/catalog"
+  metacatExternalBaseUrl: "https://metacat-dev.test.dataone.org/"
+  d1ClientCnUrl: "https://cn-stage.test.dataone.org/cn"
+  storageClass: &storageClassName csi-cephfs-sc
+  ephemeralVolumeStorageClass: csi-cephfs-sc-ephemeral
+  ## Use your own release name instead of metacatbrooke
+  passwordsSecret: &passwordSecretName metacatbrooke-metacat-secrets
+
+metacatui:
+  livenessProbe:
+    failureThreshold: 4
+    initialDelaySeconds: 30
+    httpGet:
+      path: /catalog/config/config.js
+      port: http
+
+  readinessProbe:
+    failureThreshold: 4
+    initialDelaySeconds: 30
+    httpGet:
+      path: /catalog/config/config.js
+      port: http
+
+metacat:
+  server.name: metacat-dev.test.dataone.org
+  auth.administrators: http://orcid.org/0000-0002-1472-913X;http://orcid.org/0000-0002-1209-5268
+
+  cn.server.publiccert.filename: /var/metacat/pubcerts/DataONETestIntCA.pem
+
+#  storage.hashstore.disableConversion: true
+
+  ## DataONE Member Node (MN) Parameters
+  dataone.certificate.fromHttpHeader.enabled: true
+  dataone.autoRegisterMemberNode: 2024-01-25
+  dataone.nodeId: "urn:node:TestBROOKELT"
+  dataone.subject: "CN=urn:node:TestBROOKELT,DC=dataone,DC=org"
+  dataone.nodeName: Test BROOKE LT Metacat Node
+  dataone.nodeDescription: Dev cluster Test BROOKE LT Metacat Node
+  dataone.contactSubject: http://orcid.org/0000-0002-1472-913X
+  dataone.nodeSynchronize: true
+  dataone.nodeReplicate: true
+  dataone.replicationpolicy.default.numreplicas: "1"
+
+persistence:
+  storageClass: *storageClassName
+  size: 100Gi
+  accessModes:
+    - ReadWriteMany
+  ## Use your own release name instead of metacatbrooke
+  volumeName: cephfs-metacatbrooke-metacat
+
+image:
+  # tag: TEST
+  pullPolicy: Always
+  debug: *debug
+
+ingress:
+  defaultBackend:
+    enabled: true
+    service:
+      name: wpbrooke-wordpress
+      port:
+        number: 80
+
+  annotations:
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
+  tls:
+    - hosts: [] # defaults to metacat.server.name
+      secretName: ingress-nginx-tls-cert
+
+podSecurityContext:
+  runAsNonRoot: true
+
+postgresql:
+  ## @param postgresqlDataDir PostgreSQL data dir folder
+  ##
+  postgresqlDataDir: /bitnami/postgresql/14/main
+
+  primary:
+    extendedConfiguration: |
+      max_connections = 250
+      max_wal_size=16384
+      min_wal_size=4096
+      shared_buffers = 1280MB
+
+    persistence:
+      size: 10Gi
+      selector:
+        matchLabels:
+          ## Use your own release name instead of metacatbrooke
+          metacatVolumeName: cephfs-metacatbrooke-metacat-postgresdata
+
+  auth:
+    existingSecret: *passwordSecretName
+
+dataone-indexer:
+  # increase minReplicas from default 3
+  autoscaling:
+    minReplicas: 50
+    targetCPUUtilizationPercentage: 80
+
+  image:
+    pullPolicy: Always
+    debug: *debug
+
+  topologySpreadConstraints:
+    - maxSkew: 2
+      topologyKey: kubernetes.io/hostname
+      whenUnsatisfiable: ScheduleAnyway
+      labelSelector:
+        matchLabels:
+          app.kubernetes.io/name: d1index
+
+  idxworker:
+    # this actually puts container in debug loop mode - no indexer running
+    debug: false
+
+  rabbitmq:
+    auth:
+      existingPasswordSecret: *passwordSecretName
+
+  solr:
+    extraVolumes:
+      - name: solr-config
+        configMap:
+          ## Use your own release name instead of metacatbrooke
+          name: metacatbrooke-indexer-configfiles
+          defaultMode: 0777
+
+####################################################################################################
+## FOR DEBUGGING ONLY
+####################################################################################################
+##
+## probes will kill remote debugger
+#
+#livenessProbe:
+#  enabled: false
+#readinessProbe:
+#  enabled: false