From f40b9bed27c4e6bdc7ef9ba488ec2e7c027ad88b Mon Sep 17 00:00:00 2001 From: Sanjay Bhangar Date: Tue, 26 Jul 2022 12:52:03 +0530 Subject: [PATCH 1/6] Refs #249 #250, namespace letsencrypt issuer --- osm-seed/templates/letsencrypt-issuer.yaml | 2 +- osm-seed/templates/nominatim-api/nominatim-api-ingress.yaml | 3 +-- osm-seed/templates/overpass-api/overpass-api-ingress.yaml | 2 +- osm-seed/templates/taginfo/taginfo-ingress.yaml | 3 +-- .../tasking-manager-api/tasking-manager-api-ingress.yaml | 2 +- osm-seed/templates/tiler-server/tiler-server-ingress.yaml | 2 +- osm-seed/templates/tiler-visor/tiler-visor-ingress.yaml | 2 +- osm-seed/templates/web/web-ingress.yaml | 2 +- 8 files changed, 8 insertions(+), 10 deletions(-) diff --git a/osm-seed/templates/letsencrypt-issuer.yaml b/osm-seed/templates/letsencrypt-issuer.yaml index 7f73166f..8514fc4d 100644 --- a/osm-seed/templates/letsencrypt-issuer.yaml +++ b/osm-seed/templates/letsencrypt-issuer.yaml @@ -2,7 +2,7 @@ apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: - name: letsencrypt-prod-issuer + name: {{ template ".Release.Name" . }}-letsencrypt-prod-issuer spec: acme: # You must replace this email address with your own. diff --git a/osm-seed/templates/nominatim-api/nominatim-api-ingress.yaml b/osm-seed/templates/nominatim-api/nominatim-api-ingress.yaml index f6ca8f60..2424316c 100644 --- a/osm-seed/templates/nominatim-api/nominatim-api-ingress.yaml +++ b/osm-seed/templates/nominatim-api/nominatim-api-ingress.yaml @@ -5,8 +5,7 @@ metadata: name: {{ template "osm-seed.fullname" . }}-ingress-nominatim-api annotations: kubernetes.io/ingress.class: nginx - cert-manager.io/cluster-issuer: letsencrypt-prod-issuer -spec: + cert-manager.io/cluster-issuer: {{ template ".Release.Name" . }}-letsencrypt-prod-issuer tls: - hosts: - nominatim.{{ .Values.domain }} diff --git a/osm-seed/templates/overpass-api/overpass-api-ingress.yaml b/osm-seed/templates/overpass-api/overpass-api-ingress.yaml index 8ca0e8c1..b7311fff 100644 --- a/osm-seed/templates/overpass-api/overpass-api-ingress.yaml +++ b/osm-seed/templates/overpass-api/overpass-api-ingress.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "osm-seed.fullname" . }}-ingress-overpass-api annotations: kubernetes.io/ingress.class: nginx - cert-manager.io/cluster-issuer: letsencrypt-prod-issuer + cert-manager.io/cluster-issuer: {{ template ".Release.Name" . }}-letsencrypt-prod-issuer spec: tls: - hosts: diff --git a/osm-seed/templates/taginfo/taginfo-ingress.yaml b/osm-seed/templates/taginfo/taginfo-ingress.yaml index 5db7bce5..ef3f9125 100644 --- a/osm-seed/templates/taginfo/taginfo-ingress.yaml +++ b/osm-seed/templates/taginfo/taginfo-ingress.yaml @@ -5,8 +5,7 @@ metadata: name: {{ template "osm-seed.fullname" . }}-ingress-taginfo-api annotations: kubernetes.io/ingress.class: nginx - cert-manager.io/cluster-issuer: letsencrypt-prod-issuer -spec: + cert-manager.io/cluster-issuer: {{ template ".Release.Name" . }}-letsencrypt-prod-issuer tls: - hosts: - taginfo.{{ .Values.domain }} diff --git a/osm-seed/templates/tasking-manager-api/tasking-manager-api-ingress.yaml b/osm-seed/templates/tasking-manager-api/tasking-manager-api-ingress.yaml index 45771c75..166820a7 100644 --- a/osm-seed/templates/tasking-manager-api/tasking-manager-api-ingress.yaml +++ b/osm-seed/templates/tasking-manager-api/tasking-manager-api-ingress.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "osm-seed.fullname" . }}-ingress-tm-api annotations: kubernetes.io/ingress.class: nginx - cert-manager.io/cluster-issuer: letsencrypt-prod-issuer + cert-manager.io/cluster-issuer: {{ template ".Release.Name" . }}-letsencrypt-prod-issuer spec: tls: - hosts: diff --git a/osm-seed/templates/tiler-server/tiler-server-ingress.yaml b/osm-seed/templates/tiler-server/tiler-server-ingress.yaml index d89042f0..0fb0a7f3 100644 --- a/osm-seed/templates/tiler-server/tiler-server-ingress.yaml +++ b/osm-seed/templates/tiler-server/tiler-server-ingress.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "osm-seed.fullname" . }}-ingress-tiler-server annotations: kubernetes.io/ingress.class: nginx - cert-manager.io/cluster-issuer: letsencrypt-prod-issuer + cert-manager.io/cluster-issuer: {{ template ".Release.Name" . }}-letsencrypt-prod-issuer spec: tls: - hosts: diff --git a/osm-seed/templates/tiler-visor/tiler-visor-ingress.yaml b/osm-seed/templates/tiler-visor/tiler-visor-ingress.yaml index 836ca7da..547b1496 100644 --- a/osm-seed/templates/tiler-visor/tiler-visor-ingress.yaml +++ b/osm-seed/templates/tiler-visor/tiler-visor-ingress.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "osm-seed.fullname" . }}-ingress-tiler-visor annotations: kubernetes.io/ingress.class: nginx - cert-manager.io/cluster-issuer: letsencrypt-prod-issuer + cert-manager.io/cluster-issuer: {{ template ".Release.Name" . }}-letsencrypt-prod-issuer spec: tls: - hosts: diff --git a/osm-seed/templates/web/web-ingress.yaml b/osm-seed/templates/web/web-ingress.yaml index 4df537c9..85334c70 100644 --- a/osm-seed/templates/web/web-ingress.yaml +++ b/osm-seed/templates/web/web-ingress.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "osm-seed.fullname" . }}-ingress-web annotations: kubernetes.io/ingress.class: nginx - cert-manager.io/cluster-issuer: letsencrypt-prod-issuer + cert-manager.io/cluster-issuer: {{ template ".Release.Name" . }}-letsencrypt-prod-issuer spec: tls: - hosts: From 1279a34251aad09cd5903d2737fb679f28533b84 Mon Sep 17 00:00:00 2001 From: Sanjay Bhangar Date: Tue, 26 Jul 2022 18:06:06 +0530 Subject: [PATCH 2/6] fix outputting of release name --- osm-seed/templates/nominatim-api/nominatim-api-ingress.yaml | 2 +- osm-seed/templates/overpass-api/overpass-api-ingress.yaml | 2 +- osm-seed/templates/taginfo/taginfo-ingress.yaml | 2 +- .../tasking-manager-api/tasking-manager-api-ingress.yaml | 2 +- osm-seed/templates/tiler-server/tiler-server-ingress.yaml | 2 +- osm-seed/templates/tiler-visor/tiler-visor-ingress.yaml | 2 +- osm-seed/templates/web/web-ingress.yaml | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/osm-seed/templates/nominatim-api/nominatim-api-ingress.yaml b/osm-seed/templates/nominatim-api/nominatim-api-ingress.yaml index 2424316c..ea2f0c1b 100644 --- a/osm-seed/templates/nominatim-api/nominatim-api-ingress.yaml +++ b/osm-seed/templates/nominatim-api/nominatim-api-ingress.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "osm-seed.fullname" . }}-ingress-nominatim-api annotations: kubernetes.io/ingress.class: nginx - cert-manager.io/cluster-issuer: {{ template ".Release.Name" . }}-letsencrypt-prod-issuer + cert-manager.io/cluster-issuer: {{ .Release.Name }}-letsencrypt-prod-issuer tls: - hosts: - nominatim.{{ .Values.domain }} diff --git a/osm-seed/templates/overpass-api/overpass-api-ingress.yaml b/osm-seed/templates/overpass-api/overpass-api-ingress.yaml index b7311fff..8ba5bb79 100644 --- a/osm-seed/templates/overpass-api/overpass-api-ingress.yaml +++ b/osm-seed/templates/overpass-api/overpass-api-ingress.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "osm-seed.fullname" . }}-ingress-overpass-api annotations: kubernetes.io/ingress.class: nginx - cert-manager.io/cluster-issuer: {{ template ".Release.Name" . }}-letsencrypt-prod-issuer + cert-manager.io/cluster-issuer: {{ .Release.Name }}-letsencrypt-prod-issuer spec: tls: - hosts: diff --git a/osm-seed/templates/taginfo/taginfo-ingress.yaml b/osm-seed/templates/taginfo/taginfo-ingress.yaml index ef3f9125..90b52d8b 100644 --- a/osm-seed/templates/taginfo/taginfo-ingress.yaml +++ b/osm-seed/templates/taginfo/taginfo-ingress.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "osm-seed.fullname" . }}-ingress-taginfo-api annotations: kubernetes.io/ingress.class: nginx - cert-manager.io/cluster-issuer: {{ template ".Release.Name" . }}-letsencrypt-prod-issuer + cert-manager.io/cluster-issuer: {{ .Release.Name }}-letsencrypt-prod-issuer tls: - hosts: - taginfo.{{ .Values.domain }} diff --git a/osm-seed/templates/tasking-manager-api/tasking-manager-api-ingress.yaml b/osm-seed/templates/tasking-manager-api/tasking-manager-api-ingress.yaml index 166820a7..6f04c051 100644 --- a/osm-seed/templates/tasking-manager-api/tasking-manager-api-ingress.yaml +++ b/osm-seed/templates/tasking-manager-api/tasking-manager-api-ingress.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "osm-seed.fullname" . }}-ingress-tm-api annotations: kubernetes.io/ingress.class: nginx - cert-manager.io/cluster-issuer: {{ template ".Release.Name" . }}-letsencrypt-prod-issuer + cert-manager.io/cluster-issuer: {{ .Release.Name }}-letsencrypt-prod-issuer spec: tls: - hosts: diff --git a/osm-seed/templates/tiler-server/tiler-server-ingress.yaml b/osm-seed/templates/tiler-server/tiler-server-ingress.yaml index 0fb0a7f3..6cf0115d 100644 --- a/osm-seed/templates/tiler-server/tiler-server-ingress.yaml +++ b/osm-seed/templates/tiler-server/tiler-server-ingress.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "osm-seed.fullname" . }}-ingress-tiler-server annotations: kubernetes.io/ingress.class: nginx - cert-manager.io/cluster-issuer: {{ template ".Release.Name" . }}-letsencrypt-prod-issuer + cert-manager.io/cluster-issuer: {{ .Release.Name }}-letsencrypt-prod-issuer spec: tls: - hosts: diff --git a/osm-seed/templates/tiler-visor/tiler-visor-ingress.yaml b/osm-seed/templates/tiler-visor/tiler-visor-ingress.yaml index 547b1496..7bec8628 100644 --- a/osm-seed/templates/tiler-visor/tiler-visor-ingress.yaml +++ b/osm-seed/templates/tiler-visor/tiler-visor-ingress.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "osm-seed.fullname" . }}-ingress-tiler-visor annotations: kubernetes.io/ingress.class: nginx - cert-manager.io/cluster-issuer: {{ template ".Release.Name" . }}-letsencrypt-prod-issuer + cert-manager.io/cluster-issuer: {{ .Release.Name }}-letsencrypt-prod-issuer spec: tls: - hosts: diff --git a/osm-seed/templates/web/web-ingress.yaml b/osm-seed/templates/web/web-ingress.yaml index 85334c70..0f881c76 100644 --- a/osm-seed/templates/web/web-ingress.yaml +++ b/osm-seed/templates/web/web-ingress.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "osm-seed.fullname" . }}-ingress-web annotations: kubernetes.io/ingress.class: nginx - cert-manager.io/cluster-issuer: {{ template ".Release.Name" . }}-letsencrypt-prod-issuer + cert-manager.io/cluster-issuer: {{ .Release.Name }}-letsencrypt-prod-issuer spec: tls: - hosts: From 58152dbf6345b5bb51a7b25b473fd49e226ebddc Mon Sep 17 00:00:00 2001 From: Sanjay Bhangar Date: Fri, 29 Jul 2022 12:46:46 +0530 Subject: [PATCH 3/6] uff, forgot to commit change to letsencrypt-issuer --- osm-seed/templates/letsencrypt-issuer.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/osm-seed/templates/letsencrypt-issuer.yaml b/osm-seed/templates/letsencrypt-issuer.yaml index 8514fc4d..12e8cc40 100644 --- a/osm-seed/templates/letsencrypt-issuer.yaml +++ b/osm-seed/templates/letsencrypt-issuer.yaml @@ -2,7 +2,7 @@ apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: - name: {{ template ".Release.Name" . }}-letsencrypt-prod-issuer + name: {{ .Release.Name }}-letsencrypt-prod-issuer spec: acme: # You must replace this email address with your own. From 53c3a8c6d6c3b619d840684515a315722c8cff31 Mon Sep 17 00:00:00 2001 From: Rub21 Date: Mon, 1 Aug 2022 10:28:08 -0500 Subject: [PATCH 4/6] Add nodeSelector section for populateApidb --- osm-seed/values.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/osm-seed/values.yaml b/osm-seed/values.yaml index 5a72f2fb..33c8e9f2 100644 --- a/osm-seed/values.yaml +++ b/osm-seed/values.yaml @@ -275,7 +275,10 @@ populateApidb: limits: memory: '2Gi' cpu: '2.5' - + nodeSelector: + enabled: false + label_key: nodegroup_type + label_value: tiler # ==================================================================================================== # Variables to start a pod to process osm files # ==================================================================================================== From f753d6908c5016f19da7726861094bd1fa6889ce Mon Sep 17 00:00:00 2001 From: Sanjay Bhangar Date: Wed, 3 Aug 2022 16:45:22 +0530 Subject: [PATCH 5/6] at this point, trying random things a bit --- .../templates/jobs/populate-apidb-job.yaml | 66 +++++++++---------- 1 file changed, 33 insertions(+), 33 deletions(-) diff --git a/osm-seed/templates/jobs/populate-apidb-job.yaml b/osm-seed/templates/jobs/populate-apidb-job.yaml index 5377718a..d36bb4e6 100644 --- a/osm-seed/templates/jobs/populate-apidb-job.yaml +++ b/osm-seed/templates/jobs/populate-apidb-job.yaml @@ -9,39 +9,39 @@ metadata: environment: {{ .Values.environment }} release: {{ .Release.Name }} spec: - template: - spec: - containers: - - name: {{ .Release.Name }}-populate-apidb-job - image: {{ .Values.populateApidb.image.name }}:{{ .Values.populateApidb.image.tag }} - command: ['/start.sh'] + template: + spec: + containers: + - name: {{ .Release.Name }}-populate-apidb-job + image: "{{ .Values.populateApidb.image.name }}:{{ .Values.populateApidb.image.tag }}" + command: ['/start.sh'] + {{- if .Values.populateApidb.resources.enabled }} + resources: + requests: + memory: {{ .Values.populateApidb.resources.requests.memory }} + cpu: {{ .Values.populateApidb.resources.requests.cpu }} + limits: + memory: {{ .Values.populateApidb.resources.limits.memory }} + cpu: {{ .Values.populateApidb.resources.limits.cpu }} + {{- end }} + env: + - name: POSTGRES_HOST + value: {{ .Release.Name }}-db + - name: POSTGRES_DB + value: {{ .Values.db.env.POSTGRES_DB }} + - name: POSTGRES_PASSWORD + value: {{ quote .Values.db.env.POSTGRES_PASSWORD }} + - name: POSTGRES_USER + value: {{ .Values.db.env.POSTGRES_USER }} + - name: URL_FILE_TO_IMPORT + value: {{.Values.populateApidb.env.URL_FILE_TO_IMPORT}} {{- if .Values.populateApidb.resources.enabled }} - resources: - requests: - memory: {{ .Values.populateApidb.resources.requests.memory }} - cpu: {{ .Values.populateApidb.resources.requests.cpu }} - limits: - memory: {{ .Values.populateApidb.resources.limits.memory }} - cpu: {{ .Values.populateApidb.resources.limits.cpu }} + - name: MEMORY_JAVACMD_OPTIONS + value: {{ .Values.populateApidb.resources.requests.memory | default "4Gi" | quote}} {{- end }} - env: - - name: POSTGRES_HOST - value: {{ .Release.Name }}-db - - name: POSTGRES_DB - value: {{ .Values.db.env.POSTGRES_DB }} - - name: POSTGRES_PASSWORD - value: {{ quote .Values.db.env.POSTGRES_PASSWORD }} - - name: POSTGRES_USER - value: {{ .Values.db.env.POSTGRES_USER }} - - name: URL_FILE_TO_IMPORT - value: {{.Values.populateApidb.env.URL_FILE_TO_IMPORT}} - {{- if .Values.populateApidb.resources.enabled }} - - name: MEMORY_JAVACMD_OPTIONS - value: {{ .Values.populateApidb.resources.requests.memory | default "4Gi" | quote}} - {{- end }} - restartPolicy: Never - {{- if .Values.populateApidb.nodeSelector.enabled }} - nodeSelector: - {{ .Values.populateApidb.nodeSelector.label_key }} : {{ .Values.populateApidb.nodeSelector.label_value }} - {{- end }} + restartPolicy: Never + {{- if .Values.populateApidb.nodeSelector.enabled }} + nodeSelector: + {{ .Values.populateApidb.nodeSelector.label_key }} : {{ .Values.populateApidb.nodeSelector.label_value }} + {{- end }} {{- end }} \ No newline at end of file From 49f438e1db36d48b7b44837f3c83d0ea1cf75cce Mon Sep 17 00:00:00 2001 From: Sanjay Bhangar Date: Wed, 3 Aug 2022 20:11:22 +0530 Subject: [PATCH 6/6] fix spec on nominatim-ingress resource --- osm-seed/templates/nominatim-api/nominatim-api-ingress.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/osm-seed/templates/nominatim-api/nominatim-api-ingress.yaml b/osm-seed/templates/nominatim-api/nominatim-api-ingress.yaml index ea2f0c1b..edc78b34 100644 --- a/osm-seed/templates/nominatim-api/nominatim-api-ingress.yaml +++ b/osm-seed/templates/nominatim-api/nominatim-api-ingress.yaml @@ -6,6 +6,7 @@ metadata: annotations: kubernetes.io/ingress.class: nginx cert-manager.io/cluster-issuer: {{ .Release.Name }}-letsencrypt-prod-issuer +spec: tls: - hosts: - nominatim.{{ .Values.domain }}