forked from spotinst/charts
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request spotinst#2 from spotinst/enterprise-gateway
enterprise-gateway-2.3.0
- Loading branch information
Showing
10 changed files
with
389 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| name: enterprise-gateway | ||
| description: A helm chart to deploy Jupyter Enterprise Gateway | ||
| version: 2.3.0 | ||
| apiVersion: v1 | ||
| icon: https://avatars1.githubusercontent.com/u/7388996?s=200&v=4 | ||
| home: https://jupyter.org/enterprise_gateway | ||
| sources: | ||
| - https://github.com/jupyter/enterprise_gateway | ||
| kubeVersion: '>=1.11.0-0' | ||
| tillerVersion: '>=2.11.0-0' | ||
| maintainers: | ||
| - name: ntfrnzn | ||
| email: nate.franzen@netapp.com |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| --- | ||
| apiVersion: rbac.authorization.k8s.io/v1 | ||
| kind: ClusterRole | ||
| metadata: | ||
| name: enterprise-gateway-controller | ||
| labels: | ||
| app: enterprise-gateway | ||
| component: enterprise-gateway | ||
| chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} | ||
| release: {{ .Release.Name }} | ||
| heritage: {{ .Release.Service }} | ||
| rules: | ||
| - apiGroups: [""] | ||
| resources: ["pods", "namespaces", "services", "configmaps", "secrets", "persistentvolumes", "persistentvolumeclaims"] | ||
| verbs: ["get", "watch", "list", "create", "delete"] | ||
| - apiGroups: ["rbac.authorization.k8s.io"] | ||
| resources: ["rolebindings"] | ||
| verbs: ["get", "list", "create", "delete"] | ||
| --- | ||
| apiVersion: rbac.authorization.k8s.io/v1 | ||
| kind: ClusterRole | ||
| metadata: | ||
| # Referenced by EG_KERNEL_CLUSTER_ROLE in the Deployment | ||
| name: {{ .Values.kernel.clusterRole }} | ||
| labels: | ||
| app: enterprise-gateway | ||
| component: kernel | ||
| chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} | ||
| release: {{ .Release.Name }} | ||
| heritage: {{ .Release.Service }} | ||
| rules: | ||
| - apiGroups: [""] | ||
| resources: ["pods"] | ||
| verbs: ["get", "watch", "list", "create", "delete"] |
18 changes: 18 additions & 0 deletions
18
charts/enterprise-gateway/templates/clusterrolebinding.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| apiVersion: rbac.authorization.k8s.io/v1 | ||
| kind: ClusterRoleBinding | ||
| metadata: | ||
| name: enterprise-gateway-controller | ||
| labels: | ||
| app: enterprise-gateway | ||
| component: enterprise-gateway | ||
| chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} | ||
| release: {{ .Release.Name }} | ||
| heritage: {{ .Release.Service }} | ||
| subjects: | ||
| - kind: ServiceAccount | ||
| name: enterprise-gateway-sa | ||
| namespace: {{ .Release.Namespace }} | ||
| roleRef: | ||
| kind: ClusterRole | ||
| name: enterprise-gateway-controller | ||
| apiGroup: rbac.authorization.k8s.io |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,39 @@ | ||
| {{- if .Values.kip.enabled }} | ||
| apiVersion: apps/v1 | ||
| kind: DaemonSet | ||
| metadata: | ||
| name: kernel-image-puller | ||
| namespace: {{ .Release.Namespace }} | ||
| spec: | ||
| selector: | ||
| matchLabels: | ||
| name: kernel-image-puller | ||
| template: | ||
| metadata: | ||
| labels: | ||
| name: kernel-image-puller | ||
| app: enterprise-gateway | ||
| component: kernel-image-puller | ||
| chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} | ||
| release: {{ .Release.Name }} | ||
| heritage: {{ .Release.Service }} | ||
| spec: | ||
| containers: | ||
| - name: kernel-image-puller | ||
| image: {{ .Values.kip.image }} | ||
| imagePullPolicy: {{ .Values.kip.imagePullPolicy }} | ||
| env: | ||
| - name: KIP_GATEWAY_HOST | ||
| value: "http://enterprise-gateway.{{ .Release.Namespace }}:{{ .Values.port }}" | ||
| - name: KIP_INTERVAL | ||
| value: !!str {{ .Values.kip.interval }} | ||
| - name: KIP_PULL_POLICY | ||
| value: {{ .Values.kip.pullPolicy }} | ||
| volumeMounts: | ||
| - name: dockersock | ||
| mountPath: "/var/run/docker.sock" | ||
| volumes: | ||
| - name: dockersock | ||
| hostPath: | ||
| path: /var/run/docker.sock | ||
| {{- end }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,87 @@ | ||
| apiVersion: apps/v1 | ||
| kind: Deployment | ||
| metadata: | ||
| name: enterprise-gateway | ||
| namespace: {{ .Release.Namespace }} | ||
| labels: | ||
| gateway-selector: enterprise-gateway | ||
| app: enterprise-gateway | ||
| component: enterprise-gateway | ||
| chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} | ||
| release: {{ .Release.Name }} | ||
| heritage: {{ .Release.Service }} | ||
| spec: | ||
| replicas: {{ .Values.replicas }} | ||
| selector: | ||
| matchLabels: | ||
| gateway-selector: enterprise-gateway | ||
| template: | ||
| metadata: | ||
| labels: | ||
| gateway-selector: enterprise-gateway | ||
| app: enterprise-gateway | ||
| component: enterprise-gateway | ||
| spec: | ||
| # Created by this chart. | ||
| serviceAccountName: enterprise-gateway-sa | ||
| {{- if .Values.kernelspecs.image }} | ||
| initContainers: | ||
| - name: kernelspecs | ||
| image: {{ .Values.kernelspecs.image }} | ||
| imagePullPolicy: {{ .Values.kernelspecs.imagePullPolicy }} | ||
| args: ["cp", "-r", "/kernels", "/usr/local/share/jupyter"] | ||
| volumeMounts: | ||
| - name: image-kernelspecs | ||
| mountPath: "/usr/local/share/jupyter/kernels" | ||
| {{- end }} | ||
| containers: | ||
| - name: enterprise-gateway | ||
| image: {{ .Values.image }} | ||
| imagePullPolicy: {{ .Values.imagePullPolicy }} | ||
| env: | ||
| - name: EG_PORT | ||
| value: !!str {{ .Values.port }} | ||
| - name: EG_NAMESPACE | ||
| value: {{ .Release.Namespace }} | ||
| - name: EG_KERNEL_CLUSTER_ROLE | ||
| value: {{ .Values.kernel.clusterRole }} | ||
| - name: EG_SHARED_NAMESPACE | ||
| value: {{ if .Values.kernel.shareGatewayNamespace }}"True"{{ else }}"False"{{ end }} | ||
| {{- if and .Values.kernel.kernelNamespace (not .Values.kernel.shareGatewayNamespace )}} | ||
| - name: KERNEL_NAMESPACE | ||
| value: {{ .Values.kernel.kernelNamespace }} | ||
| {{- end }} | ||
| - name: EG_MIRROR_WORKING_DIRS | ||
| value: {{ if .Values.mirrorWorkingDirs }}"True"{{ else }}"False"{{ end }} | ||
| - name: KERNEL_SERVICE_ACCOUNT_NAME | ||
| value: kernel_sa | ||
| - name: EG_CULL_IDLE_TIMEOUT | ||
| value: !!str {{ .Values.kernel.cullIdleTimeout }} | ||
| - name: EG_LOG_LEVEL | ||
| value: {{ .Values.logLevel }} | ||
| - name: EG_KERNEL_LAUNCH_TIMEOUT | ||
| value: !!str {{ .Values.kernel.launchTimeout }} | ||
| - name: EG_KERNEL_WHITELIST | ||
| value: {{ toJson .Values.kernel.whitelist | squote }} | ||
| - name: EG_DEFAULT_KERNEL_NAME | ||
| value: {{ .Values.kernel.defaultKernelName }} | ||
| ports: | ||
| - containerPort: {{ .Values.port }} | ||
| {{- if .Values.nfs.enabled }} | ||
| volumeMounts: | ||
| - name: nfs-kernelspecs | ||
| mountPath: "/usr/local/share/jupyter/kernels" | ||
| volumes: | ||
| - name: nfs-kernelspecs | ||
| nfs: | ||
| server: {{ .Values.nfs.internalServerIPAddress }} | ||
| path: "/usr/local/share/jupyter/kernels" | ||
| {{- else if .Values.kernelspecs.image }} | ||
| volumeMounts: | ||
| - name: image-kernelspecs | ||
| mountPath: "/usr/local/share/jupyter/kernels" | ||
| volumes: | ||
| - name: image-kernelspecs | ||
| emptyDir: | ||
| medium: Memory | ||
| {{- end }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,35 @@ | ||
| {{ if .Values.ingress.enabled }} | ||
| apiVersion: extensions/v1beta1 | ||
| kind: Ingress | ||
| metadata: | ||
| namespace: {{ .Release.Namespace }} | ||
| name: enterprise-gateway-ingress | ||
| annotations: | ||
| {{- if .Values.ingress.nginx.enabled }} | ||
| {{- with .Values.ingress.nginx.annotations }} | ||
| {{ toYaml . | indent 4 }} | ||
| {{- end }} | ||
| {{- else if .Values.ingress.traefik.enabled }} | ||
| {{- with .Values.ingress.traefik.annotations }} | ||
| {{ toYaml . | indent 4 }} | ||
| {{- end }} | ||
| {{- end }} | ||
| spec: | ||
| rules: | ||
| {{- if .Values.ingress.hostName }} | ||
| - host: {{ .Values.ingress.hostName }} | ||
| http: | ||
| {{- else }} | ||
| - http: | ||
| {{- end }} | ||
| paths: | ||
| {{- if .Values.ingress.nginx.enabled }} | ||
| - path: {{ .Values.ingress.nginx.path }} | ||
| {{- else if .Values.ingress.traefik.enabled }} | ||
| - path: {{ .Values.ingress.traefik.path }} | ||
| {{- end }} | ||
| backend: | ||
| serviceName: enterprise-gateway | ||
| servicePort: {{ .Values.port }} | ||
| {{ end }} | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,44 @@ | ||
| {{- if and .Values.kernel.kernelNamespace (not .Values.kernel.shareGatewayNamespace )}} | ||
| apiVersion: v1 | ||
| kind: Namespace | ||
| metadata: | ||
| name: {{ .Values.kernel.kernelNamespace }} | ||
| labels: | ||
| app: enterprise-gateway | ||
| component: kernel | ||
| chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} | ||
| release: {{ .Release.Name }} | ||
| heritage: {{ .Release.Service }} | ||
| --- | ||
| apiVersion: v1 | ||
| kind: ServiceAccount | ||
| metadata: | ||
| name: kernel-sa | ||
| namespace: {{ .Values.kernel.kernelNamespace }} | ||
| labels: | ||
| app: enterprise-gateway | ||
| component: kernel | ||
| chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} | ||
| release: {{ .Release.Name }} | ||
| heritage: {{ .Release.Service }} | ||
| --- | ||
| apiVersion: rbac.authorization.k8s.io/v1 | ||
| kind: RoleBinding | ||
| metadata: | ||
| name: {{ .Values.kernel.kernelNamespace }} | ||
| namespace: {{ .Values.kernel.kernelNamespace }} | ||
| labels: | ||
| app: enterprise-gateway | ||
| component: kernel | ||
| chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} | ||
| release: {{ .Release.Name }} | ||
| heritage: {{ .Release.Service }} | ||
| subjects: | ||
| - kind: ServiceAccount | ||
| name: kernel-sa | ||
| namespace: {{ .Values.kernel.kernelNamespace }} | ||
| roleRef: | ||
| kind: ClusterRole | ||
| name: {{ .Values.kernel.clusterRole }} | ||
| apiGroup: rbac.authorization.k8s.io | ||
| {{- end }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| apiVersion: v1 | ||
| kind: Service | ||
| metadata: | ||
| labels: | ||
| app: enterprise-gateway | ||
| component: enterprise-gateway | ||
| chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} | ||
| release: {{ .Release.Name }} | ||
| heritage: {{ .Release.Service }} | ||
| name: enterprise-gateway | ||
| namespace: {{ .Release.Namespace }} | ||
| spec: | ||
| ports: | ||
| - name: http | ||
| port: {{ .Values.port }} | ||
| targetPort: {{ .Values.port }} | ||
| selector: | ||
| gateway-selector: enterprise-gateway | ||
| sessionAffinity: ClientIP | ||
| type: NodePort | ||
| {{- if .Values.k8sMasterPublicIP }} | ||
| externalIPs: | ||
| - {{ .Values.k8sMasterPublicIP }} | ||
| {{- end }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,11 @@ | ||
| apiVersion: v1 | ||
| kind: ServiceAccount | ||
| metadata: | ||
| name: enterprise-gateway-sa | ||
| namespace: {{ .Release.Namespace }} | ||
| labels: | ||
| app: enterprise-gateway | ||
| component: enterprise-gateway | ||
| chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} | ||
| release: {{ .Release.Name }} | ||
| heritage: {{ .Release.Service }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,84 @@ | ||
| # Enterprise Gateway image name and tag to use. | ||
| image: elyra/enterprise-gateway:2.3.0 | ||
| # Enterprise Gateway image pull policy. | ||
| imagePullPolicy: IfNotPresent | ||
| # The primary port on which Enterprise Gateway is servicing requests. | ||
| port: 8888 | ||
| # Update to deploy multiple replicas of EG. | ||
| replicas: 1 | ||
| # Log output level. | ||
| logLevel: DEBUG | ||
| # Whether to mirror working directories. | ||
| mirrorWorkingDirs: false | ||
| # Master public IP on which to expose EG. | ||
| k8sMasterPublicIP: | ||
|
|
||
| kernel: | ||
| # Kernel cluster role created by this chart. | ||
| clusterRole: kernel-controller | ||
| # Will start kernels in the same namespace as EG if True. | ||
| shareGatewayNamespace: false | ||
| # ignored if shareGatewayNamespace | ||
| kernelNamespace: jupyter-notebooks | ||
| # Timeout for kernel launching in seconds. | ||
| launchTimeout: 60 | ||
| # Timeout for an idle kernel before its culled in seconds. Default is 1 hour. | ||
| cullIdleTimeout: 3600 | ||
| # List of kernel names that are available for use. | ||
| whitelist: | ||
| - r_kubernetes | ||
| - python_kubernetes | ||
| - scala_kubernetes | ||
| - spark_r_kubernetes | ||
| - spark_python_kubernetes | ||
| - spark_scala_kubernetes | ||
| # Default kernel name should be something from the whitelist | ||
| defaultKernelName: python_kubernetes | ||
|
|
||
| kernelspecs: | ||
| # Optional custom data image containing kernelspecs to use. | ||
| image: | ||
| # Kernelspecs image pull policy. | ||
| imagePullPolicy: Always | ||
|
|
||
| nfs: | ||
| enabled: false | ||
| # IP address of NFS server. Required if enabled. | ||
| internalServerIPAddress: | ||
|
|
||
| ingress: | ||
| enabled: false | ||
|
|
||
| # Ingress resource host | ||
| hostName: "" | ||
|
|
||
| # Ingress resource annotations to be included depending in ingress controller. | ||
| traefik: | ||
| enabled: true | ||
| path: /gateway | ||
| annotations: | ||
| kubernetes.io/ingress.class: "traefik" | ||
| traefik.frontend.rule.type: PathPrefixStrip | ||
|
|
||
| nginx: | ||
| enabled: false | ||
| path: /gateway/?(.*) | ||
| annotations: | ||
| kubernetes.io/ingress.class: "nginx" | ||
| nginx.ingress.kubernetes.io/rewrite-target: /$1 | ||
| nginx.ingress.kubernetes.io/ssl-redirect: "false" | ||
| nginx.ingress.kubernetes.io/force-ssl-redirect: "false" | ||
|
|
||
| # Kernel Image Puller (daemonset) | ||
| kip: | ||
| enabled: true | ||
| # Kernel Image Puller image name and tag to use. | ||
| image: elyra/kernel-image-puller:2.3.0 | ||
| # Kernel Image Puller image pull policy. | ||
| imagePullPolicy: IfNotPresent | ||
| # Determines whether the Kernel Image Puller will pull kernel images it has | ||
| # previously pulled | ||
| pullPolicy: IfNotPresent | ||
| # The interval (in seconds) at which the Kernel Image Puller fetches | ||
| # kernelspecs to pull kernel images. | ||
| interval: 300 |