diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml
index 3f8226533..e3f5837b5 100644
--- a/.github/workflows/lint.yaml
+++ b/.github/workflows/lint.yaml
@@ -6,6 +6,7 @@ on:
pull_request:
branches:
- master
+ - develop
jobs:
lint:
diff --git a/Breaking-Changes.md b/Breaking-Changes.md
index 7adecbad5..8f839d814 100644
--- a/Breaking-Changes.md
+++ b/Breaking-Changes.md
@@ -6,12 +6,38 @@
- Changes in data for catalog, if you have a version lower than 1.16.0, you need to update to version 1.16.0 to get the latest data
+## [1.15.0]
+
+### navi-router
+
+- `router.keyManagementService.apis.*` tokens renamed, `-api` suffix added
+
+## [1.14.0]
+
+### keys-api
+
+- Added new required dgctlStorage parameters
+
+```yaml
+dgctlStorage:
+ host: ''
+ bucket: keys
+ accessKey: ''
+ secretKey: ''
+ manifest: manifest.json
+```
+
## [1.13.0]
### tiles-api
- Backward compatibility with `license` versions before `2.0.0` (on-premise version `1.8.0`) is broken.
- License v2 over HTTPS is required.
+- Update migrations, when updating the service you need to update the data
+
+### pro-api
+
+- Add required topic `assetDataTopic`
## [1.12.0]
diff --git a/CHANGELOG.md b/CHANGELOG.md
index aca5179e6..42926a401 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,50 @@
# 2GIS On-Premise Changelog
+## [1.15.0] (2023-11-30)
+#### [Breaking-Changes](Breaking-Changes.md#1500)
+#### Images
+```
+keys
+ - keys-ui:0.5.0
+ + keys-ui:0.6.0
+navi-castle
+ - navi-castle:1.0.7
+ + navi-castle:1.7.0
+navi-router
+ - navi-router:6.16.0
+ + navi-router:6.17.0.8
+
+```
+
+## [1.14.0] (2023-11-15)
+#### [Breaking-Changes](Breaking-Changes.md#1400)
+#### Images
+```
+keys
+ - keys-backend:1.63.0
+ + keys-backend:1.69.0
+pro-api
+ - pro-api:1.1.57
+ + pro-api:1.1.60
+ - pro-importer:1.1.57
+ + pro-importer:1.1.60
+ - pro-importer:1.1.57
+ + pro-importer:1.1.60
+ - pro-permissions-api:1.1.57
+ + pro-permissions-api:1.1.60
+pro-ui
+ - pro-ui:1.2.0
+ + pro-ui:1.3.0
+tiles-api
+ - tiles-api-importer:4.49.0
+ + tiles-api-importer:4.51.1
+ - tiles-api-proxy:4.49.0
+ + tiles-api-proxy:4.51.1
+ - tiles-api:4.49.0
+ + tiles-api:4.51.1
+
+```
+
## [1.13.0] (2023-10-24)
#### [Breaking-Changes](Breaking-Changes.md#1300)
#### Images
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
new file mode 100644
index 000000000..81bd9cabc
--- /dev/null
+++ b/CONTRIBUTING.md
@@ -0,0 +1,78 @@
+# Contributing to [on-premise-helm-charts](https://github.com/2gis/on-premise-helm-charts/tree/master)
+
+Thank you for your interest in contributing to our Helm charts repository. We welcome contributions from the community and appreciate your help in improving our charts.
+
+Before you start, please take a moment to review the following guidelines to ensure a smooth and productive contribution process.
+
+## Table of Contents
+
+- [How to Contribute](#how-to-contribute)
+ - [Contribution Guidelines](#contribution-guidelines)
+- [Requirements for the design of PR](#requirements-for-the-design-of-pr)
+- [Gitflow](#gitflow)
+ - [Basic guidelines](#basic-guidelines)
+ - [Urgent bugfix guidelines](#urgent-bugfix-guidelines)
+
+## How to Contribute
+
+- We are open to getting contributions from other people. Please note that DCO is not required.
+
+- We are only interested in accepting contributions that improve the quality of our software. Please make sure that your contributions are well-tested and documented.
+
+### Contribution Guidelines
+
+- Create a new branch for your changes. Choose a descriptive branch name.
+- Make your changes, ensuring they follow our Style Guide (see [Style Guide](styleguide.md)).
+- Make your changes and commit them with clear, concise messages to your branch.
+- Test your changes locally to verify they work as expected.
+- Create a pull request (PR) to the `develop` branch.
+- Provide a clear and detailed description of your changes in the PR (see [Requirements for the design of PR](#requirements-for-the-design-of-pr)).
+- Be responsive to any feedback or questions on your PR.
+
+Once your PR is approved, it will be merged. Thank you for your contribution!
+
+## Requirements for the design of PR
+
+- New appVersion (or tag) specified
+- The title of the PR begins with the services name, the addition feature/bugfix is welcome, and the short description of the feature follows. Good examples of PR names:
+ > LICENSE Feature: add super license;
+
+ > [tiles-api] Upgraded version and added breaking changes
+
+ > navi-back: upstream sync
+- The PRs description clearly explains the feature and how to check it.
+Good example of the description:
+
+ > A values.yml file contains a new value, value1. The purpose of this is as follows. Value1 could have "a" or "b" values. One may verify this new feature by utilizing the curl command ('curl example')
+
+## Gitflow
+
+This project uses the Gitflow branching model.
+
+### Basic Guidelines
+
+- The main branch is `master`.
+- All development should happen on feature branches.
+- Feature branches should be named with a descriptive name.
+- Once a feature branch is complete, it should be merged into the `develop` branch with a pull request.
+- The maintainers team will review PRs once a week (on Mondays).
+- The PR will be reviewed if:
+ - it is not in Draft
+ - it is not in WIP
+- In the event of questions about a PR, the need for improvements, the lack of an image provided to us, etc., we start a discussion. The next time this PR will be reviewed the following week (i.e., the team has a week to fix, improve, push, etc.). This way, everything will be predictable and work can be planned.
+- After the PR is reviewed, it is merged into develop.
+- If it is necessary to create a branch for a task, teams branch off from develop (this is where the latest changes will be).
+- When preparing for a release, nothing additional will be taken except for what has already been reviewed and merged into develop. We check all deployments and the operation from the develop branch. If everything is OK, we take it to master, set the tag of the new release with the minor bump.
+
+### Urgent bugfix Guidelines
+
+If it is necessary to release an urgent bug fix without going through the develop branch:
+
+- Create a branch from master.
+- Make the fix.
+- Create a PR to master.
+- The maintainers team checks the fix and all deployments (as in a standard release).
+- Merge the branch into master, set the tag of the new release with a bugfix bump.
+- Move this commit to develop
+
+
diff --git a/GitFlow.png b/GitFlow.png
new file mode 100644
index 000000000..9a53f44f9
Binary files /dev/null and b/GitFlow.png differ
diff --git a/README.md b/README.md
index dfe720e47..ebf8e2533 100644
--- a/README.md
+++ b/README.md
@@ -3,3 +3,19 @@
This repository contains [Helm charts](https://helm.sh/docs/topics/charts/) for deploying [2GIS products](https://dev.2gis.com/) on your own sites.
To learn more about 2GIS On-Premise services, visit [docs.2gis.com](https://docs.2gis.com/en/on-premise/overview).
+
+## Contributing
+
+For information on how to contribute to the project, please see the [CONTRIBUTING.md](CONTRIBUTING.md) file.
+
+## Changelog
+
+For a complete changelog of the project, please see the [CHANGELOG.md](CHANGELOG.md) file.
+
+## Breaking Changes
+
+For information on any breaking changes in the project, please see the [Breaking-Changes.md](Breaking-Changes.md) file.
+
+## Style Guide
+
+For information on the project style guide, please see the [styleguide.md](styleguide.md) file.
diff --git a/charts/catalog-api/Chart.yaml b/charts/catalog-api/Chart.yaml
index b83d628af..bbc226525 100644
--- a/charts/catalog-api/Chart.yaml
+++ b/charts/catalog-api/Chart.yaml
@@ -3,7 +3,7 @@ name: catalog-api
type: application
description: A Helm chart for Kubernetes to deploy Catalog APIs
-version: 1.13.0
+version: 1.15.0
appVersion: 3.600.0
maintainers:
diff --git a/charts/citylens/Chart.yaml b/charts/citylens/Chart.yaml
index f54f69e49..3e6169d31 100644
--- a/charts/citylens/Chart.yaml
+++ b/charts/citylens/Chart.yaml
@@ -3,7 +3,7 @@ name: citylens
type: application
description: A Helm chart for Kubernetes to deploy Citylens service
-version: 1.13.0
+version: 1.15.0
appVersion: 1.1.2
maintainers:
diff --git a/charts/dgtt/Chart.yaml b/charts/dgtt/Chart.yaml
index 783e2aff1..e4c76775a 100644
--- a/charts/dgtt/Chart.yaml
+++ b/charts/dgtt/Chart.yaml
@@ -3,7 +3,7 @@ name: dgtt
description: DGTT Helm chart for Kubernetes
type: application
-version: 1.13.0
+version: 1.15.0
appVersion: 0.2.27-b188673e09
maintainers:
diff --git a/charts/floors-api/Chart.yaml b/charts/floors-api/Chart.yaml
index 9946d2ac0..c0222edb4 100644
--- a/charts/floors-api/Chart.yaml
+++ b/charts/floors-api/Chart.yaml
@@ -3,7 +3,7 @@ name: floors-api
description: Helm for floors service
type: application
-version: 1.13.0
+version: 1.15.0
appVersion: 1.0.4
maintainers:
diff --git a/charts/gis-platform/Chart.yaml b/charts/gis-platform/Chart.yaml
index a319b3f96..4aa1e02c6 100644
--- a/charts/gis-platform/Chart.yaml
+++ b/charts/gis-platform/Chart.yaml
@@ -4,7 +4,7 @@ description: GIS Platform
type: application
-version: 1.13.0
+version: 1.15.0
appVersion: 2023.8.3-0
dependencies:
diff --git a/charts/keycloak/Chart.yaml b/charts/keycloak/Chart.yaml
index 669bd1e12..42de09df1 100644
--- a/charts/keycloak/Chart.yaml
+++ b/charts/keycloak/Chart.yaml
@@ -5,7 +5,7 @@ description: Keycloak is a high performance Java-based identity and access manag
solution. It lets developers add an authentication layer to their applications with
minimum effort.
-version: 1.13.0
+version: 1.15.0
appVersion: 21.1.1-debian-11-r4
maintainers:
diff --git a/charts/keys/Chart.yaml b/charts/keys/Chart.yaml
index fc2b6f4ee..28f7711f0 100644
--- a/charts/keys/Chart.yaml
+++ b/charts/keys/Chart.yaml
@@ -3,8 +3,8 @@ name: keys
type: application
description: A Helm chart for Kubernetes to deploy API Keys service
-version: 1.13.0
-appVersion: 1.63.0
+version: 1.15.0
+appVersion: 1.69.0
maintainers:
- name: 2gis
diff --git a/charts/keys/README.md b/charts/keys/README.md
index b59ea2e09..b82785ea6 100644
--- a/charts/keys/README.md
+++ b/charts/keys/README.md
@@ -31,9 +31,9 @@ See the [documentation](https://docs.2gis.com/en/on-premise/keys) to learn about
| `imagePullSecrets` | Kubernetes image pull secrets. | `[]` |
| `imagePullPolicy` | Pull policy. | `IfNotPresent` |
| `backend.image.repository` | Backend service image repository. | `2gis-on-premise/keys-backend` |
-| `backend.image.tag` | Backend service image tag. | `1.63.0` |
+| `backend.image.tag` | Backend service image tag. | `1.69.0` |
| `admin.image.repository` | Admin service image repository. | `2gis-on-premise/keys-ui` |
-| `admin.image.tag` | Admin service image tag. | `0.5.0` |
+| `admin.image.tag` | Admin service image tag. | `0.6.0` |
| `redis.image.repository` | Redis image repository. | `2gis-on-premise/keys-redis` |
| `redis.image.tag` | Redis image tag. | `6.2.6-alpine3.15` |
@@ -78,6 +78,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/keys) to learn about
| ------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------- |
| `api.adminUsers` | Usernames and passwords of admin users. Format: `username1:password1,username2:password2`. | `""` |
| `api.adminSessionTTL` | TTL of the admin users sessions. Duration string is a sequence of decimal numbers with optional fraction and unit suffix, like `100ms`, `2.3h` or `4h35m`. Valid time units are `ns`, `us` (or `µs`), `ms`, `s`, `m`, `h`. | `336h` |
+| `api.logLevel` | Log level for the service. Can be: `trace`, `debug`, `info`, `warning`, `error`, `fatal`. | `warning` |
| `api.replicas` | A replica count for the pod. | `1` |
| `api.strategy.type` | Type of Kubernetes deployment. Can be `Recreate` or `RollingUpdate`. | `RollingUpdate` |
| `api.strategy.rollingUpdate.maxUnavailable` | Maximum number of pods that can be created over the desired number of pods when doing [rolling update](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment). | `0` |
@@ -115,21 +116,24 @@ See the [documentation](https://docs.2gis.com/en/on-premise/keys) to learn about
### Import service settings
-| Name | Description | Value |
-| --------------------- | ------------------------------------------------------------------------------------------------------------------- | ----- |
-| `import.nodeSelector` | Kubernetes [node selectors](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector). | `{}` |
+| Name | Description | Value |
+| --------------------- | ------------------------------------------------------------------------------------------------------------------- | --------- |
+| `import.logLevel` | Log level for the service. Can be: `trace`, `debug`, `info`, `warning`, `error`, `fatal`. | `warning` |
+| `import.nodeSelector` | Kubernetes [node selectors](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector). | `{}` |
### Migrate service settings
-| Name | Description | Value |
-| ----------------------------- | ------------------------------------------------------------------------------------------------------------------- | ----- |
-| `migrate.initialDelaySeconds` | Delay in seconds at the service startup. | `0` |
-| `migrate.nodeSelector` | Kubernetes [node selectors](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector). | `{}` |
+| Name | Description | Value |
+| ----------------------------- | ------------------------------------------------------------------------------------------------------------------- | --------- |
+| `migrate.logLevel` | Log level for the service. Can be: `trace`, `debug`, `info`, `warning`, `error`, `fatal`. | `warning` |
+| `migrate.initialDelaySeconds` | Delay in seconds at the service startup. | `0` |
+| `migrate.nodeSelector` | Kubernetes [node selectors](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector). | `{}` |
### Tasker service settings
| Name | Description | Value |
| ---------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------- |
+| `tasker.logLevel` | Log level for the service. Can be: `trace`, `debug`, `info`, `warning`, `error`, `fatal`. | `warning` |
| `tasker.delay` | Delay in seconds at the service startup. | `30s` |
| `tasker.strategy.type` | Type of Kubernetes deployment. Can be `Recreate` or `RollingUpdate`. | `RollingUpdate` |
| `tasker.strategy.rollingUpdate.maxUnavailable` | Maximum number of pods that can be created over the desired number of pods when doing [rolling update](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment). | `0` |
@@ -209,6 +213,16 @@ See the [documentation](https://docs.2gis.com/en/on-premise/keys) to learn about
| `predefined.service.keys` | Keys map as: service -> key. | `{}` |
| `predefined.service.aliases` | Aliases map as: service -> key. | `{}` |
+### Deployment Artifacts Storage settings
+
+| Name | Description | Value |
+| ------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------- |
+| `dgctlStorage.host` | S3 endpoint. Format: `host:port`. **Required** | `""` |
+| `dgctlStorage.bucket` | S3 bucket name. | `keys` |
+| `dgctlStorage.accessKey` | S3 access key for accessing the bucket. **Required** | `""` |
+| `dgctlStorage.secretKey` | S3 secret key for accessing the bucket. **Required** | `""` |
+| `dgctlStorage.manifest` | The path to the [manifest file](https://docs.2gis.com/en/on-premise/overview#nav-lvl2@paramCommon_deployment_steps). Format: `manifests/0000000000.json`
This file contains the description of pieces of data that the service requires to operate. | `manifest.json` |
+
### Limits
| Name | Description | Value |
diff --git a/charts/keys/templates/api/deployment.yaml b/charts/keys/templates/api/deployment.yaml
index a0f3e5678..48dd5bf9e 100644
--- a/charts/keys/templates/api/deployment.yaml
+++ b/charts/keys/templates/api/deployment.yaml
@@ -47,6 +47,7 @@ spec:
resources:
{{- toYaml .Values.api.resources | nindent 12 }}
env:
+ {{- include "keys.env.api" . | nindent 12 }}
{{- include "keys.env.db.deploys" . | nindent 12 }}
{{- include "keys.env.redis" . | nindent 12 }}
{{- include "keys.env.auth" . | nindent 12 }}
diff --git a/charts/keys/templates/helpers.tpl b/charts/keys/templates/helpers.tpl
index bfa94b527..220cc6626 100644
--- a/charts/keys/templates/helpers.tpl
+++ b/charts/keys/templates/helpers.tpl
@@ -96,8 +96,24 @@ app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
+{{- define "keys.env.api" -}}
+- name: KEYS_LOG_LEVEL
+ value: "{{ .Values.api.logLevel }}"
+{{- end }}
+
+{{- define "keys.env.import" -}}
+- name: KEYS_LOG_LEVEL
+ value: "{{ .Values.import.logLevel }}"
+{{- end }}
+
+{{- define "keys.env.migrate" -}}
+- name: KEYS_LOG_LEVEL
+ value: "{{ .Values.migrate.logLevel }}"
+{{- end }}
{{- define "keys.env.tasker" -}}
+- name: KEYS_LOG_LEVEL
+ value: "{{ .Values.tasker.logLevel }}"
- name: KEYS_TASKER_DELAY
value: "{{ .Values.tasker.delay }}"
{{- end }}
@@ -247,6 +263,25 @@ app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{ end }}
{{- end }}
+{{- define "keys.env.dgctlStorage" -}}
+- name: KEYS_S3_ENDPOINT
+ value: "{{ .Values.dgctlStorage.host }}"
+- name: KEYS_S3_BUCKET
+ value: "{{ .Values.dgctlStorage.bucket }}"
+- name: KEYS_S3_ACCESS_KEY
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "keys.secret.jobs.name" . }}
+ key: dgctlStorageAccessKey
+- name: KEYS_S3_SECRET_KEY
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "keys.secret.jobs.name" . }}
+ key: dgctlStorageSecretKey
+- name: KEYS_MANIFEST_PATH
+ value: "{{ required "A valid .Values.dgctlStorage.manifest entry required" .Values.dgctlStorage.manifest }}"
+{{- end }}
+
{{/*
Return the target Kubernetes version
*/}}
diff --git a/charts/keys/templates/import/job.yaml b/charts/keys/templates/import/job.yaml
index 1d50b6ac9..6f66db2e4 100644
--- a/charts/keys/templates/import/job.yaml
+++ b/charts/keys/templates/import/job.yaml
@@ -21,12 +21,14 @@ spec:
- name: migrate
image: {{ required "A valid .Values.dgctlDockerRegistry entry required" .Values.dgctlDockerRegistry }}/{{ .Values.backend.image.repository }}:{{ .Values.backend.image.tag }}
imagePullPolicy: {{ .Values.imagePullPolicy }}
- command: [ "keysctl", "import", "/data" ]
+ command: [ "keysctl", "import" ]
resources:
{{- toYaml .Values.import.resources | nindent 12 }}
env:
+ {{- include "keys.env.import" . | nindent 12 }}
{{- include "keys.env.db.jobs" . | nindent 12 }}
{{- include "keys.env.predef" . | nindent 12 }}
+ {{- include "keys.env.dgctlStorage" . | nindent 12 }}
{{- with .Values.import.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
diff --git a/charts/keys/templates/migrate/job.yaml b/charts/keys/templates/migrate/job.yaml
index 2e45f4193..4edc84841 100644
--- a/charts/keys/templates/migrate/job.yaml
+++ b/charts/keys/templates/migrate/job.yaml
@@ -34,6 +34,7 @@ spec:
resources:
{{- toYaml .Values.migrate.resources | nindent 12 }}
env:
+ {{- include "keys.env.migrate" . | nindent 12 }}
{{- include "keys.env.db.jobs" . | nindent 12 }}
{{- with .Values.migrate.nodeSelector }}
nodeSelector:
diff --git a/charts/keys/templates/secret-jobs.yaml b/charts/keys/templates/secret-jobs.yaml
index e7658d934..704455d84 100644
--- a/charts/keys/templates/secret-jobs.yaml
+++ b/charts/keys/templates/secret-jobs.yaml
@@ -10,5 +10,7 @@ metadata:
"helm.sh/hook-weight": "-20"
type: Opaque
data:
- dbROPassword: {{ .Values.postgres.ro.password | b64enc }}
- dbRWPassword: {{ .Values.postgres.rw.password | b64enc }}
+ dbROPassword: {{ .Values.postgres.ro.password | b64enc }}
+ dbRWPassword: {{ .Values.postgres.rw.password | b64enc }}
+ dgctlStorageAccessKey: {{ .Values.dgctlStorage.accessKey | b64enc }}
+ dgctlStorageSecretKey: {{ .Values.dgctlStorage.secretKey | b64enc }}
diff --git a/charts/keys/values.yaml b/charts/keys/values.yaml
index 4d8a806d0..10913e0db 100644
--- a/charts/keys/values.yaml
+++ b/charts/keys/values.yaml
@@ -22,14 +22,14 @@ imagePullPolicy: IfNotPresent
backend:
image:
repository: 2gis-on-premise/keys-backend
- tag: 1.63.0
+ tag: 1.69.0
# @section Admin service settings
admin:
image:
repository: 2gis-on-premise/keys-ui
- tag: 0.5.0
+ tag: 0.6.0
# @param admin.replicas A replica count for the pod.
@@ -132,6 +132,9 @@ api:
adminSessionTTL: 336h
+ # @param api.logLevel Log level for the service. Can be: `trace`, `debug`, `info`, `warning`, `error`, `fatal`.
+ logLevel: warning
+
# @param api.replicas A replica count for the pod.
replicas: 1
@@ -220,6 +223,9 @@ api:
import:
+ # @param import.logLevel Log level for the service. Can be: `trace`, `debug`, `info`, `warning`, `error`, `fatal`.
+ logLevel: warning
+
resources:
requests:
cpu: 10m
@@ -237,6 +243,9 @@ import:
migrate:
+ # @param migrate.logLevel Log level for the service. Can be: `trace`, `debug`, `info`, `warning`, `error`, `fatal`.
+ logLevel: warning
+
# @param migrate.initialDelaySeconds Delay in seconds at the service startup.
initialDelaySeconds: 0
@@ -258,6 +267,9 @@ migrate:
tasker:
+ # @param tasker.logLevel Log level for the service. Can be: `trace`, `debug`, `info`, `warning`, `error`, `fatal`.
+ logLevel: warning
+
resources:
requests:
cpu: 10m
@@ -452,6 +464,20 @@ predefined:
keys: {}
aliases: {}
+# @section Deployment Artifacts Storage settings
+
+# @param dgctlStorage.host S3 endpoint. Format: `host:port`. **Required**
+# @param dgctlStorage.bucket S3 bucket name.
+# @param dgctlStorage.accessKey S3 access key for accessing the bucket. **Required**
+# @param dgctlStorage.secretKey S3 secret key for accessing the bucket. **Required**
+# @param dgctlStorage.manifest The path to the [manifest file](https://docs.2gis.com/en/on-premise/overview#nav-lvl2@paramCommon_deployment_steps). Format: `manifests/0000000000.json`
This file contains the description of pieces of data that the service requires to operate.
+
+dgctlStorage:
+ host: ''
+ bucket: keys
+ accessKey: ''
+ secretKey: ''
+ manifest: manifest.json
# @section Limits
diff --git a/charts/license/Chart.yaml b/charts/license/Chart.yaml
index aaffd82ff..c3602a159 100644
--- a/charts/license/Chart.yaml
+++ b/charts/license/Chart.yaml
@@ -3,7 +3,7 @@ name: license
type: application
description: A Helm chart for Kubernetes to deploy License service
-version: 1.13.0
+version: 1.15.0
appVersion: 2.1.2
maintainers:
diff --git a/charts/mapgl-js-api/Chart.yaml b/charts/mapgl-js-api/Chart.yaml
index 069f12888..fa5e150b7 100644
--- a/charts/mapgl-js-api/Chart.yaml
+++ b/charts/mapgl-js-api/Chart.yaml
@@ -4,7 +4,7 @@ description: Basic WebGL map chart template for 2GIS On-Premise
type: application
-version: 1.13.0
+version: 1.15.0
appVersion: 1.40.0
maintainers:
diff --git a/charts/mapgl-js-api/values.yaml b/charts/mapgl-js-api/values.yaml
index 8d118af4a..0ff3cd07c 100644
--- a/charts/mapgl-js-api/values.yaml
+++ b/charts/mapgl-js-api/values.yaml
@@ -63,8 +63,7 @@ env:
MAPGL_FLOORSSERVER: https://floors-api.ingress.host
MAPGL_KEYSERVER: https://keys-api.ingress.host
MAPGL_RTLPLUGIN: https://mapgl-api.ingress.host/api/js/plugins/rtl-v1.0.0.js
- MAPGL_RTLPLUGINHASH:
- sha512-YAPPEl+Atvsm/cMkrfWefmlQLAlKTGaqFjIkI6urAnDgam2uTVEVVnZZEhHCa91JjYYxa5yr4Ndb4Vl3NUovfA==
+ MAPGL_RTLPLUGINHASH: sha512-YAPPEl+Atvsm/cMkrfWefmlQLAlKTGaqFjIkI6urAnDgam2uTVEVVnZZEhHCa91JjYYxa5yr4Ndb4Vl3NUovfA==
# @section Strategy settings
diff --git a/charts/navi-async-grpc-proxy/Chart.yaml b/charts/navi-async-grpc-proxy/Chart.yaml
index e63801ac8..b5b0a9c7d 100644
--- a/charts/navi-async-grpc-proxy/Chart.yaml
+++ b/charts/navi-async-grpc-proxy/Chart.yaml
@@ -6,7 +6,7 @@ keywords:
- navi
- dm-async-matrix
- async-grpc-proxy
-version: 1.13.0
+version: 1.15.0
appVersion: 0.0.2
maintainers:
- name: 2gis
diff --git a/charts/navi-async-matrix/Chart.yaml b/charts/navi-async-matrix/Chart.yaml
index ca15cfaa3..97b082c0f 100644
--- a/charts/navi-async-matrix/Chart.yaml
+++ b/charts/navi-async-matrix/Chart.yaml
@@ -4,7 +4,7 @@ description: Service implements asynchronous API over Distance Matrix
type: application
-version: 1.13.0
+version: 1.15.0
appVersion: 1.6.2
maintainers:
diff --git a/charts/navi-async-matrix/README.md b/charts/navi-async-matrix/README.md
index 6f7bfdcab..0aad20d80 100644
--- a/charts/navi-async-matrix/README.md
+++ b/charts/navi-async-matrix/README.md
@@ -26,6 +26,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation/distance-
| --------------------- | --------------------------------------------------------------------------------------- | ----- |
| `dgctlDockerRegistry` | Docker Registry endpoint where On-Premise services' images reside. Format: `host:port`. | `""` |
+
### Common settings
| Name | Description | Value |
@@ -47,6 +48,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation/distance-
| `terminationGracePeriodSeconds` | Kubernetes [termination grace period](https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/). | `60` |
| `prometheusEnabled` | If Prometheus scrape is enabled. | `true` |
+
### Deployment settings
| Name | Description | Value |
@@ -55,6 +57,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation/distance-
| `image.tag` | Tag | `1.6.2` |
| `image.pullPolicy` | Pull Policy | `IfNotPresent` |
+
### Service account settings
| Name | Description | Value |
@@ -63,12 +66,23 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation/distance-
| `serviceAccount.annotations` | Annotations to add to the service account. | `{}` |
| `serviceAccount.name` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` |
+
+### RBAC parameters
+
+| Name | Description | Value |
+| ------------------ | ----------------------------------------------- | ------- |
+| `rbac.create` | Whether to create and use RBAC resources or not | `false` |
+| `rbac.annotations` | Role and RoleBinding annotations | `{}` |
+| `rbac.labels` | Role and RoleBinding additional labels | `{}` |
+
+
### Strategy settings
| Name | Description | Value |
| --------------------- | -------------------------------------------------------------------- | --------------- |
| `updateStrategy.type` | Type of Kubernetes deployment. Can be `Recreate` or `RollingUpdate`. | `RollingUpdate` |
+
### Limits
| Name | Description | Value |
@@ -78,6 +92,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation/distance-
| `resources.limits.cpu` | A CPU limit. | |
| `resources.limits.memory` | A memory limit. | |
+
### Service settings
| Name | Description | Value |
@@ -88,6 +103,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation/distance-
| `service.annotations` | Kubernetes [service annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/). | `{}` |
| `service.labels` | Kubernetes [service labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/). | `{}` |
+
### Kubernetes [Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) settings
| Name | Description | Value |
@@ -99,6 +115,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation/distance-
| `ingress.hosts[0].paths[0].pathType` | Type of the path for the Ingress service. | `Prefix` |
| `ingress.tls` | TLS configuration | `[]` |
+
### Kubernetes [Pod Disruption Budget](https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets) settings
| Name | Description | Value |
@@ -107,6 +124,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation/distance-
| `pdb.minAvailable` | How many pods must be available after the eviction. | `""` |
| `pdb.maxUnavailable` | How many pods can be unavailable after the eviction. | `1` |
+
### Kubernetes [Horizontal Pod Autoscaling](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) settings
| Name | Description | Value |
@@ -118,6 +136,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation/distance-
| `hpa.targetMemoryUtilizationPercentage` | Target average memory utilization (represented as a percentage of requested memory) over all the pods; if not specified the default autoscaling policy will be used. | `""` |
| `hpa.behavior` | HPA Behavior | `{}` |
+
### Kubernetes [Vertical Pod Autoscaling](https://github.com/kubernetes/autoscaler/blob/master/vertical-pod-autoscaler/README.md) settings
| Name | Description | Value |
@@ -129,6 +148,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation/distance-
| `vpa.maxAllowed.cpu` | Upper limit for the number of CPUs to which the autoscaler can scale up. | `2000m` |
| `vpa.maxAllowed.memory` | Upper limit for the RAM size to which the autoscaler can scale up. | `2Gi` |
+
### Distance Matrix Async API settings
| Name | Description | Value |
@@ -140,6 +160,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation/distance-
| `dm.citiesUrl` | URL of the information about cities provided by the Navi-Castle service, ex: http://navi-castle.svc/cities.conf. **Required** | `""` |
| `dm.citiesUpdatePeriod` | Period (in seconds) between requesting data from `citiesUrl`. | `3600` |
+
### Database settings
| Name | Description | Value |
@@ -156,20 +177,28 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation/distance-
| `db.tls.key` | Key of postgresql server. | `""` |
| `db.tls.mode` | Level of protection. | `verify-full` |
+
### Kafka settings
-| Name | Description | Value |
-| --------------------------------- | ------------------------------------------------------------------------------------------------------------------------- | ------------------- |
-| `kafka.groupId` | Distance Matrix Async API group identifier. | `navi_async_matrix` |
-| `kafka.statusTopic` | Name of the topic for sending new tasks to. | `status_topic` |
-| `kafka.cancelTopic` | Name of the topic for canceling or receiving information about finished tasks. | `cancel_topic` |
-| `kafka.properties` | Properties as supported by kafka-python. Refer to inline comments for details. | |
-| `kafka.sensitiveProperties` | As kafka.properties, but kept in Secrets. Refer to inlines comments for details. | `{}` |
-| `kafka.fileProperties` | As kafka.properties, but kept in a file, which passed to application as a filename. Refer to inline comments for details. | `{}` |
-| `kafka.taskTopicRules` | **Information about the topics that Distance Matrix Async API will use to send the requests.** | |
-| `kafka.taskTopicRules[].topic` | Name of the topic. | |
-| `kafka.taskTopicRules[].default` | If this topic is used for projects by default. | |
-| `kafka.taskTopicRules[].projects` | List of projects to use this topic for, e.g., `['moscow']`. | |
+| Name | Description | Value |
+| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------- | ------------------- |
+| `kafka.groupId` | Distance Matrix Async API group identifier. | `navi_async_matrix` |
+| `kafka.statusTopic` | Name of the topic for sending new tasks to. | `status_topic` |
+| `kafka.cancelTopic` | Name of the topic for canceling or receiving information about finished tasks. | `cancel_topic` |
+| `kafka.properties` | Properties as supported by kafka-python. Refer to inline comments for details. | |
+| `kafka.sensitiveProperties` | As kafka.properties, but kept in Secrets. Refer to inlines comments for details. | `{}` |
+| `kafka.fileProperties` | As kafka.properties, but kept in a file, which passed to application as a filename. Refer to inline comments for details. | `{}` |
+| `kafka.consumerOverrides.properties` | Consumer specific properties as simple key-value pairs. | `{}` |
+| `kafka.consumerOverrides.sensitiveProperties` | Consumer specific properties mounted as secrets. | `{}` |
+| `kafka.consumerOverrides.fileProperties` | Consumer specific properties mounted as regular files. | `{}` |
+| `kafka.producerOverrides.properties` | Consumer specific properties as simple key-value pairs. | `{}` |
+| `kafka.producerOverrides.sensitiveProperties` | Consumer specific properties mounted as secrets. | `{}` |
+| `kafka.producerOverrides.fileProperties` | Consumer specific properties mounted as regular files. | `{}` |
+| `kafka.taskTopicRules` | **Information about the topics that Distance Matrix Async API will use to send the requests.** | |
+| `kafka.taskTopicRules[].topic` | Name of the topic. | |
+| `kafka.taskTopicRules[].default` | If this topic is used for projects by default. | |
+| `kafka.taskTopicRules[].projects` | List of projects to use this topic for, e.g., `['moscow']`. | |
+
### S3-compatible storage settings
@@ -181,6 +210,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation/distance-
| `s3.secretKey` | S3 secret key for accessing the bucket. **Required** | `""` |
| `s3.publicNetloc` | Announce proxy URL for S3 results instead of s3.url if not empty. | `nil` |
+
### API keys service
| Name | Description | Value |
diff --git a/charts/navi-async-matrix/templates/_helpers.tpl b/charts/navi-async-matrix/templates/_helpers.tpl
index 7e1fb71da..f18deae00 100644
--- a/charts/navi-async-matrix/templates/_helpers.tpl
+++ b/charts/navi-async-matrix/templates/_helpers.tpl
@@ -67,20 +67,26 @@ Create the name of the service account to use
Context:
.kafka.properties
.kafka.fileProperties
+ .overrides.properties
+ .overrides.fileProperties
.mountpoint
File properties values (file contents) replaced with keys (file names).
File names prepended with the supposed directory from .mountpoint.
+ overrides.* are merged with kafka.* accordingly.
+
Returns {"ret": that-merged-dict}.
Folding result in "ret" needed for marshalling.
*/ -}}
{{- define "navi-async-matrix.kafkaProperties" -}}
{{- $ctx := . -}}
{{- $kafkaProperties := dict -}}
- {{- range $key, $_ := $ctx.kafka.fileProperties -}}
+ {{- $fileProperties := deepCopy $ctx.kafka.fileProperties | mustMerge (($ctx.overrides).fileProperties | default dict) -}}
+ {{- range $key, $_ := $fileProperties -}}
{{- $_ := set $kafkaProperties $key (printf "%s/%s" $ctx.mountpoint $key) -}}
{{- end -}}
- {{- $kafkaProperties = mustMerge $kafkaProperties $ctx.kafka.properties -}}
+ {{- $regularProperties := deepCopy $ctx.kafka.properties | mustMerge (($ctx.overrides).properties | default dict) -}}
+ {{- $kafkaProperties = deepCopy $regularProperties | mustMerge $kafkaProperties -}}
{{- dict "ret" $kafkaProperties | toYaml }}
{{- end }}
@@ -90,6 +96,9 @@ Create the name of the service account to use
.kafka.properties
.kafka.fileProperties
.kafka.sensitiveProperties
+ .overrides.properties
+ .overrides.fileProperties
+ .overrides.sensitiveProperties
.mountpoint
.secretname
.prefix
@@ -113,6 +122,8 @@ Create the name of the service account to use
}
}
where secretKeyRef.name is from .secretname
+ overrides.* are merged with kafka.* accordingly.
+
Resulting object folded in {"ret":...} for marshalling.
*/ -}}
{{- define "navi-async-matrix.kafkaPropertiesEnv" -}}
@@ -125,7 +136,8 @@ Create the name of the service account to use
"value" $val
) -}}
{{- end -}}
- {{- range $prop, $val := $ctx.kafka.sensitiveProperties -}}
+ {{- $sensitiveProperties := deepCopy $ctx.kafka.sensitiveProperties | mustMerge (($ctx.overrides).sensitiveProperties | default dict) -}}
+ {{- range $prop, $val := $sensitiveProperties -}}
{{- $env = append $env (dict
"name" (print $ctx.prefix ($prop | upper | replace "." "_"))
"valueFrom" (dict
diff --git a/charts/navi-async-matrix/templates/configmap.yaml b/charts/navi-async-matrix/templates/configmap.yaml
index f4980be98..fbcf74fd4 100644
--- a/charts/navi-async-matrix/templates/configmap.yaml
+++ b/charts/navi-async-matrix/templates/configmap.yaml
@@ -18,9 +18,9 @@ data:
{{- if .Values.kafka.fileProperties }}
"volumes": [
{
- "name": {{ printf "%s-kafka" (include "navi-async-matrix.fullname" .) | mustToJson }},
+ "name": {{ printf "%s-producer" (include "navi-async-matrix.fullname" .) | mustToJson }},
"secret": {
- "secretName": {{ printf "%s-kafka" (include "navi-async-matrix.fullname" .) | mustToJson }}
+ "secretName": {{ printf "%s-producer" (include "navi-async-matrix.fullname" .) | mustToJson }}
}
}
],
@@ -31,11 +31,11 @@ data:
"name": null,
"image": "{{ .Values.dgctlDockerRegistry }}/{{ .Values.dm.archiver.image.repository }}:{{ .Values.dm.archiver.image.tag }}",
"resources": {{ .Values.dm.archiver.resources | mustToJson }},
- {{- if .Values.kafka.fileProperties }}
+ {{- if .Values.kafka.fileProperties | or (.Values.kafka.producerOverrides).fileProperties }}
"volumeMounts": [
{
- "name": {{ printf "%s-kafka" (include "navi-async-matrix.fullname" .) | mustToJson }},
- "mountPath": "/app/secret/"
+ "name": {{ printf "%s-producer" (include "navi-async-matrix.fullname" .) | mustToJson }},
+ "mountPath": "/app/secret/producer"
}
],
{{- end }}
@@ -50,11 +50,12 @@ data:
},
{{- $kafkaPropertiesEnv := include "navi-async-matrix.kafkaPropertiesEnv" (dict
"kafka" .Values.kafka
+ "overrides" .Values.kafka.producerOverrides
"secretname" (print
(include "navi-async-matrix.fullname" .)
- "-kafka"
+ "-producer"
)
- "mountpoint" "/app/secret"
+ "mountpoint" "/app/secret/producer"
"prefix" "KAFKA_PRODUCER_SETTING__CONFIG__"
) | fromYaml -}}
{{- include "navi-async-matrix.partialListToJson" $kafkaPropertiesEnv | nindent 14 -}}
diff --git a/charts/navi-async-matrix/templates/role.yaml b/charts/navi-async-matrix/templates/role.yaml
index 9ec8ca556..f72737d1f 100644
--- a/charts/navi-async-matrix/templates/role.yaml
+++ b/charts/navi-async-matrix/templates/role.yaml
@@ -1,4 +1,4 @@
-{{- if .Values.dm.archiver.enabled }}
+{{- if and .Values.rbac.create .Values.dm.archiver.enabled }}
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
@@ -31,4 +31,4 @@ rules:
- patch
- update
- watch
-{{- end }}{{- /* .Values.dm.archiver.enabled */}}
+{{- end }}{{- /* .Values.rbac.create .Values.dm.archiver.enabled */}}
diff --git a/charts/navi-async-matrix/templates/rolebinding.yaml b/charts/navi-async-matrix/templates/rolebinding.yaml
index 35c81d766..1fba81ce4 100644
--- a/charts/navi-async-matrix/templates/rolebinding.yaml
+++ b/charts/navi-async-matrix/templates/rolebinding.yaml
@@ -1,4 +1,4 @@
-{{- if .Values.dm.archiver.enabled }}
+{{- if and .Values.rbac.create .Values.dm.archiver.enabled }}
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
@@ -19,4 +19,4 @@ roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: {{ include "navi-async-matrix.fullname" . }}
-{{- end }}{{- /* .Values.dm.archiver.enabled */}}
+{{- end }}{{- /* .Values.rbac.create .Values.dm.archiver.enabled */}}
diff --git a/charts/navi-async-matrix/templates/secret.yaml b/charts/navi-async-matrix/templates/secret.yaml
index cc36cdc7e..ff9fbe39e 100644
--- a/charts/navi-async-matrix/templates/secret.yaml
+++ b/charts/navi-async-matrix/templates/secret.yaml
@@ -19,12 +19,16 @@ data:
| b64enc | quote }}
s3key: {{ required "A valid .Values.s3.secretKey entry required" .Values.s3.secretKey | b64enc | quote }}
dmApiKey: {{ .Values.keys.token | b64enc | quote }}
-{{- if or .Values.kafka.sensitiveProperties .Values.kafka.fileProperties }}
+{{- if (
+ (or .Values.kafka.sensitiveProperties .Values.kafka.fileProperties) |
+ or (or .Values.kafka.consumerOverrides.sensitiveProperties .Values.kafka.consumerOverrides.fileProperties) |
+ or (or .Values.kafka.producerOverrides.sensitiveProperties .Values.kafka.producerOverrides.fileProperties)
+ ) }}
---
apiVersion: v1
kind: Secret
metadata:
- name: {{ printf "%s-kafka" (include "navi-async-matrix.fullname" .) | quote }}
+ name: {{ printf "%s-producer" (include "navi-async-matrix.fullname" .) | quote }}
labels:
{{- include "navi-async-matrix.labels" . | nindent 4 }}
{{- if .Values.labels }}
@@ -32,7 +36,26 @@ metadata:
{{- end }}
type: Opaque
data:
- {{- range $prop, $val := merge (deepCopy .Values.kafka.sensitiveProperties) (deepCopy .Values.kafka.fileProperties) }}
+ {{- $producerSensitiveProperties := deepCopy .Values.kafka.sensitiveProperties | mustMerge ((.Values.kafka.producerOverrides).sensitiveProperties | default dict) -}}
+ {{- $producerFileProperties := deepCopy .Values.kafka.fileProperties | mustMerge ((.Values.kafka.producerOverrides).fileProperties | default dict) -}}
+ {{- range $prop, $val := merge (deepCopy $producerSensitiveProperties) (deepCopy $producerFileProperties) }}
+ {{ $prop | quote }}: {{ $val | b64enc | quote }}
+ {{- end }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ printf "%s-consumer" (include "navi-async-matrix.fullname" .) | quote }}
+ labels:
+ {{- include "navi-async-matrix.labels" . | nindent 4 }}
+ {{- if .Values.labels }}
+ {{- toYaml .Values.labels | nindent 4 }}
+ {{- end }}
+type: Opaque
+data:
+ {{- $consumerSensitiveProperties := deepCopy .Values.kafka.sensitiveProperties | mustMerge ((.Values.kafka.consumerOverrides).sensitiveProperties | default dict) -}}
+ {{- $consumerFileProperties := deepCopy .Values.kafka.fileProperties | mustMerge ((.Values.kafka.consumerOverrides).fileProperties | default dict) -}}
+ {{- range $prop, $val := merge (deepCopy $consumerSensitiveProperties) (deepCopy $consumerFileProperties) }}
{{ $prop | quote }}: {{ $val | b64enc | quote }}
{{- end }}
{{- end }}
diff --git a/charts/navi-async-matrix/templates/statefulset.yaml b/charts/navi-async-matrix/templates/statefulset.yaml
index 4b5965899..54e4f885f 100644
--- a/charts/navi-async-matrix/templates/statefulset.yaml
+++ b/charts/navi-async-matrix/templates/statefulset.yaml
@@ -73,10 +73,18 @@ spec:
configMap:
name: {{ printf "%s-configmap" (include "navi-async-matrix.fullname" .) | quote }}
{{- end }}
- {{- if .Values.kafka.fileProperties }}
- - name: {{ printf "%s-kafka" (include "navi-async-matrix.fullname" .) | quote }}
+ {{- $kafkaVolumeMounted := (
+ .Values.kafka.fileProperties |
+ or (.Values.kafka.consumerOverrides).fileProperties |
+ or (.Values.kafka.producerOverrides).fileProperties
+ ) }}
+ {{- if $kafkaVolumeMounted }}
+ - name: {{ printf "%s-consumer" (include "navi-async-matrix.fullname" .) | quote }}
secret:
- secretName: {{ printf "%s-kafka" (include "navi-async-matrix.fullname" .) | quote }}
+ secretName: {{ printf "%s-consumer" (include "navi-async-matrix.fullname" .) | quote }}
+ - name: {{ printf "%s-producer" (include "navi-async-matrix.fullname" .) | quote }}
+ secret:
+ secretName: {{ printf "%s-producer" (include "navi-async-matrix.fullname" .) | quote }}
{{- end }}
{{- if .Values.db.tls.enabled }}
- name: {{ include "navi-async-matrix.fullname-psql-raw" . | quote }}
@@ -137,9 +145,11 @@ spec:
mountPath: /app/src/composite_task_result_archiver/manifests/archive_pod_manifest.json
subPath: archive_pod_manifest.json
{{- end }}
- {{- if .Values.kafka.fileProperties }}
- - name: {{ printf "%s-kafka" (include "navi-async-matrix.fullname" .) | quote }}
- mountPath: /etc/2gis/secret/
+ {{- if $kafkaVolumeMounted }}
+ - name: {{ printf "%s-consumer" (include "navi-async-matrix.fullname" .) | quote }}
+ mountPath: /etc/2gis/secret/consumer/
+ - name: {{ printf "%s-producer" (include "navi-async-matrix.fullname" .) | quote }}
+ mountPath: /etc/2gis/secret/producer/
{{- end }}
{{- if .Values.db.tls.enabled }}
- name: {{ printf "%s-psql" (include "navi-async-matrix.fullname" .) | quote }}
@@ -210,18 +220,21 @@ spec:
- name: DM_ASYNC_SERVICE_BSS__VERSION
value: {{ .Values.bss.version | quote }}
{{- end }}
- {{- range (list
- "DM_ASYNC_SERVICE_KAFKA_PRODUCER_SETTING__KAFKA_PRODUCER_CONFIG__"
- "DM_ASYNC_SERVICE_KAFKA_CONSUMER_SETTING__KAFKA_CONSUMER_CONFIG__"
- ) }}
+ {{- range $kafkaRole, $overridesProperty := (dict
+ "PRODUCER" "producerOverrides"
+ "CONSUMER" "consumerOverrides"
+ ) -}}
+ {{- $kafkaPropertyEnv := print "DM_ASYNC_SERVICE_KAFKA_" $kafkaRole "_SETTING__KAFKA_" $kafkaRole "_CONFIG__" -}}
{{- $kafkaPropertiesEnv := include "navi-async-matrix.kafkaPropertiesEnv" (dict
"kafka" $.Values.kafka
+ "overrides" ($overridesProperty | get $.Values.kafka)
"secretname" (print
(include "navi-async-matrix.fullname" $)
- "-kafka"
+ "-"
+ (lower $kafkaRole)
)
- "mountpoint" "/etc/2gis/secret"
- "prefix" .
+ "mountpoint" (print "/etc/2gis/secret/" (lower $kafkaRole))
+ "prefix" $kafkaPropertyEnv
) | fromYaml }}
{{- get $kafkaPropertiesEnv "ret" | toYaml | nindent 12 }}
{{- end }}{{- /* range */}}
diff --git a/charts/navi-async-matrix/values.yaml b/charts/navi-async-matrix/values.yaml
index bf1e5bff5..371451b46 100644
--- a/charts/navi-async-matrix/values.yaml
+++ b/charts/navi-async-matrix/values.yaml
@@ -65,6 +65,19 @@ serviceAccount:
annotations: {}
name: ''
+
+# @section RBAC parameters
+
+# @param rbac.create Whether to create and use RBAC resources or not
+# @param rbac.annotations Role and RoleBinding annotations
+# @param rbac.labels Role and RoleBinding additional labels
+
+rbac:
+ create: false
+ annotations: {}
+ labels: {}
+
+
# @section Strategy settings
# @param updateStrategy.type Type of Kubernetes deployment. Can be `Recreate` or `RollingUpdate`.
@@ -243,6 +256,12 @@ db:
# @skip kafka.properties.security.protocol
# @param kafka.sensitiveProperties As kafka.properties, but kept in Secrets. Refer to inlines comments for details.
# @param kafka.fileProperties As kafka.properties, but kept in a file, which passed to application as a filename. Refer to inline comments for details.
+# @param kafka.consumerOverrides.properties Consumer specific properties as simple key-value pairs.
+# @param kafka.consumerOverrides.sensitiveProperties Consumer specific properties mounted as secrets.
+# @param kafka.consumerOverrides.fileProperties Consumer specific properties mounted as regular files.
+# @param kafka.producerOverrides.properties Consumer specific properties as simple key-value pairs.
+# @param kafka.producerOverrides.sensitiveProperties Consumer specific properties mounted as secrets.
+# @param kafka.producerOverrides.fileProperties Consumer specific properties mounted as regular files.
# @extra kafka.taskTopicRules **Information about the topics that Distance Matrix Async API will use to send the requests.**
# @extra kafka.taskTopicRules[].topic Name of the topic.
# @extra kafka.taskTopicRules[].default If this topic is used for projects by default.
@@ -260,6 +279,14 @@ kafka:
security.protocol: PLAINTEXT
sensitiveProperties: {}
fileProperties: {}
+ consumerOverrides:
+ properties: {}
+ sensitiveProperties: {}
+ fileProperties: {}
+ producerOverrides:
+ properties: {}
+ sensitiveProperties: {}
+ fileProperties: {}
taskTopicRules:
- topic: task_topic
default: true
diff --git a/charts/navi-back/Chart.yaml b/charts/navi-back/Chart.yaml
index 58dea2296..671407b51 100644
--- a/charts/navi-back/Chart.yaml
+++ b/charts/navi-back/Chart.yaml
@@ -6,7 +6,7 @@ keywords:
- navi
- back
- backend
-version: 1.13.0
+version: 1.15.0
appVersion: 7.10.0
maintainers:
- name: 2gis
diff --git a/charts/navi-back/README.md b/charts/navi-back/README.md
index 9ec46ba9c..7d965c407 100644
--- a/charts/navi-back/README.md
+++ b/charts/navi-back/README.md
@@ -26,6 +26,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation) to learn
| --------------------- | --------------------------------------------------------------------------------------- | ----- |
| `dgctlDockerRegistry` | Docker Registry endpoint where On-Premise services' images reside. Format: `host:port`. | `""` |
+
### Common settings
| Name | Description | Value |
@@ -42,6 +43,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation) to learn
| `affinity` | Kubernetes pod [affinity settings](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity). | `{}` |
| `labels` | Custom labels to set to Deployment resource. | `{}` |
+
### Deployment settings
| Name | Description | Value |
@@ -50,6 +52,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation) to learn
| `image.tag` | Tag | `7.10.0` |
| `image.pullPolicy` | Pull Policy | `IfNotPresent` |
+
### Navi-Back application settings
| Name | Description | Value |
@@ -89,6 +92,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation) to learn
| `naviback.reduceEdgesOptimizationFlag` | Enable optimizations for distance matrix queries processing | |
| `naviback.behindSplitter` | Current instance is behind splitter or not | `false` |
+
### Service account settings
| Name | Description | Value |
@@ -97,6 +101,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation) to learn
| `serviceAccount.annotations` | Annotations to add to the service account. | `{}` |
| `serviceAccount.name` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` |
+
### Service settings
| Name | Description | Value |
@@ -106,6 +111,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation) to learn
| `service.annotations` | Kubernetes [service annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/). | `{}` |
| `service.labels` | Kubernetes [service labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/). | `nil` |
+
### Kubernetes [Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) settings
| Name | Description | Value |
@@ -117,19 +123,16 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation) to learn
| `ingress.hosts[0].paths[0].pathType` | Type of the path for the Ingress service. | `Prefix` |
| `ingress.tls` | TLS configuration | `[]` |
+
### Limits
-| Name | Description | Value |
-| ------------------------------- | ------------------------------- | -------- |
-| `resources.requests.cpu` | A CPU request. | `500m` |
-| `resources.requests.memory` | A memory request. | `1024Mi` |
-| `resources.limits.cpu` | A CPU limit. | `2` |
-| `resources.limits.memory` | A memory limit. | `4000Mi` |
-| `testResources` | **Limits for test connection.** | |
-| `testResources.requests.cpu` | A CPU request. | `100m` |
-| `testResources.requests.memory` | A memory request. | `100Mi` |
-| `testResources.limits.cpu` | A CPU limit. | `100m` |
-| `testResources.limits.memory` | A memory limit. | `100Mi` |
+| Name | Description | Value |
+| --------------------------- | ------------------------------------------- | ----------- |
+| `resources` | Container resources requirements structure. | `{}` |
+| `resources.requests.cpu` | CPU request, recommended value `1000m`. | `undefined` |
+| `resources.requests.memory` | Memory request, recommended value `2Gi`. | `undefined` |
+| `resources.limits.cpu` | CPU limit, recommended value `3000m`. | `undefined` |
+| `resources.limits.memory` | Memory limit, recommended value `8Gi`. | `undefined` |
### Kubernetes [Horizontal Pod Autoscaling](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) settings
@@ -143,6 +146,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation) to learn
| `hpa.targetCPUUtilizationPercentage` | Target average CPU utilization (represented as a percentage of requested CPU) over all the pods; if not specified the default autoscaling policy will be used. | `80` |
| `hpa.targetMemoryUtilizationPercentage` | Target average memory utilization (represented as a percentage of requested memory) over all the pods; if not specified the default autoscaling policy will be used. | `""` |
+
### Kubernetes [Vertical Pod Autoscaling](https://github.com/kubernetes/autoscaler/blob/master/vertical-pod-autoscaler/README.md) settings
| Name | Description | Value |
@@ -154,6 +158,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation) to learn
| `vpa.maxAllowed.cpu` | Upper limit for the number of CPUs to which the autoscaler can scale up. | |
| `vpa.maxAllowed.memory` | Upper limit for the RAM size to which the autoscaler can scale up. | |
+
### Kubernetes [Pod Disruption Budget](https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets) settings
| Name | Description | Value |
@@ -162,6 +167,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation) to learn
| `pdb.minAvailable` | How many pods must be available after the eviction. | `""` |
| `pdb.maxUnavailable` | How many pods can be unavailable after the eviction. | `1` |
+
### Kafka settings for interacting with Distance Matrix Async Service
| Name | Description | Value |
@@ -179,6 +185,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation) to learn
| `kafka.distanceMatrix.requestDownloadTimeoutSec` | Timeout for downloading request data. | `20` |
| `kafka.distanceMatrix.responseUploadTimeoutSec` | Timeout for uploading response data. | `40` |
+
### S3-compatible storage settings for interacting with Distance Matrix Async Service
| Name | Description | Value |
diff --git a/charts/navi-back/templates/tests/test-connection.yaml b/charts/navi-back/templates/tests/test-connection.yaml
deleted file mode 100644
index da239163c..000000000
--- a/charts/navi-back/templates/tests/test-connection.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-apiVersion: v1
-kind: Pod
-metadata:
- name: "{{ include "naviback.fullname" . }}-test-connection"
- labels:
- {{- include "naviback.labels" . | nindent 4 }}
- annotations:
- "helm.sh/hook": test
-spec:
- containers:
- - name: wget
- image: busybox
- command: ['wget']
- resources:
- {{- toYaml .Values.testResources | nindent 8 }}
- args: ['{{ include "naviback.fullname" . }}:{{ .Values.service.port }}']
- restartPolicy: Never
diff --git a/charts/navi-back/values.yaml b/charts/navi-back/values.yaml
index 9d01e5eda..6c756a938 100644
--- a/charts/navi-back/values.yaml
+++ b/charts/navi-back/values.yaml
@@ -231,32 +231,13 @@ ingress:
# @section Limits
-# @param resources.requests.cpu A CPU request.
-# @param resources.requests.memory A memory request.
-# @param resources.limits.cpu A CPU limit.
-# @param resources.limits.memory A memory limit.
-
-# @extra testResources **Limits for test connection.**
-# @param testResources.requests.cpu A CPU request.
-# @param testResources.requests.memory A memory request.
-# @param testResources.limits.cpu A CPU limit.
-# @param testResources.limits.memory A memory limit.
-
-resources:
- limits:
- cpu: 2
- memory: 4000Mi
- requests:
- cpu: 500m
- memory: 1024Mi
-
-testResources:
- limits:
- cpu: 100m
- memory: 100Mi
- requests:
- cpu: 100m
- memory: 100Mi
+# @param resources [nullable] Container resources requirements structure.
+# @param resources.requests.cpu [nullable] CPU request, recommended value `1000m`.
+# @param resources.requests.memory [nullable] Memory request, recommended value `2Gi`.
+# @param resources.limits.cpu [nullable] CPU limit, recommended value `3000m`.
+# @param resources.limits.memory [nullable] Memory limit, recommended value `8Gi`.
+
+resources: {}
# @section Kubernetes [Horizontal Pod Autoscaling](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) settings
diff --git a/charts/navi-castle/Chart.yaml b/charts/navi-castle/Chart.yaml
index 84b30220e..98de27aa1 100644
--- a/charts/navi-castle/Chart.yaml
+++ b/charts/navi-castle/Chart.yaml
@@ -4,8 +4,8 @@ description: Castle Helm chart for Kubernetes
type: application
-version: 1.13.0
-appVersion: 1.0.7
+version: 1.15.0
+appVersion: 1.7.0
maintainers:
- name: 2gis
diff --git a/charts/navi-castle/README.md b/charts/navi-castle/README.md
index 56e665d2a..298eed151 100644
--- a/charts/navi-castle/README.md
+++ b/charts/navi-castle/README.md
@@ -32,34 +32,37 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation) to learn
| ------------------------- | ------------------------------------- | ----------------------------- |
| `castle.image.repository` | Navi-Castle service image repository. | `2gis-on-premise/navi-castle` |
| `castle.image.pullPolicy` | Navi-Castle service pull policy. | `IfNotPresent` |
-| `castle.image.tag` | Navi-Castle service image tag. | `1.0.7` |
+| `castle.image.tag` | Navi-Castle service image tag. | `1.7.0` |
| `nginx.image.repository` | Navi-Front image repository. | `2gis-on-premise/navi-front` |
| `nginx.image.tag` | Navi-Front image tag. | `1.24.1` |
### Deployment Artifacts Storage settings
-| Name | Description | Value |
-| ------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----- |
-| `dgctlStorage.host` | S3 endpoint. Format: `host:port`. | `""` |
-| `dgctlStorage.bucket` | S3 bucket name. | `""` |
-| `dgctlStorage.accessKey` | S3 access key for accessing the bucket. | `""` |
-| `dgctlStorage.secretKey` | S3 secret key for accessing the bucket. | `""` |
-| `dgctlStorage.manifest` | The path to the [manifest file](https://docs.2gis.com/en/on-premise/overview#nav-lvl2@paramCommon_deployment_steps). Format: `manifests/0000000000.json`.
This file contains the description of pieces of data that the service requires to operate. | `""` |
+| Name | Description | Value |
+| ------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
+| `dgctlStorage.host` | S3 endpoint. Format: `host:port`. | `""` |
+| `dgctlStorage.secure` | If S3 uses https. | `false` |
+| `dgctlStorage.region` | S3 region. | `""` |
+| `dgctlStorage.bucket` | S3 bucket name. | `""` |
+| `dgctlStorage.accessKey` | S3 access key for accessing the bucket. | `""` |
+| `dgctlStorage.secretKey` | S3 secret key for accessing the bucket. | `""` |
+| `dgctlStorage.manifest` | The path to the [manifest file](https://docs.2gis.com/en/on-premise/overview#nav-lvl2@paramCommon_deployment_steps). Format: `manifests/0000000000.json`.
This file contains the description of pieces of data that the service requires to operate. | `""` |
### Common settings
-| Name | Description | Value |
-| -------------------- | --------------------------------------------------------------------------------------------------------------------------- | ----- |
-| `replicaCount` | A replica count for the pod. | `1` |
-| `imagePullSecrets` | Kubernetes image pull secrets. | `[]` |
-| `nameOverride` | Base name to use in all the Kubernetes entities deployed by this chart. | `""` |
-| `fullnameOverride` | Base fullname to use in all the Kubernetes entities deployed by this chart. | `""` |
-| `podAnnotations` | Kubernetes [pod annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/). | `{}` |
-| `podSecurityContext` | Kubernetes [pod security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/). | `{}` |
-| `securityContext` | Kubernetes [security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/). | `{}` |
-| `nodeSelector` | Kubernetes [node selectors](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector). | `{}` |
-| `tolerations` | Kubernetes [tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) settings. | `[]` |
-| `affinity` | Kubernetes pod [affinity settings](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity). | `{}` |
+| Name | Description | Value |
+| ------------------------------- | --------------------------------------------------------------------------------------------------------------------------- | ----- |
+| `replicaCount` | A replica count for the pod. | `1` |
+| `imagePullSecrets` | Kubernetes image pull secrets. | `[]` |
+| `nameOverride` | Base name to use in all the Kubernetes entities deployed by this chart. | `""` |
+| `fullnameOverride` | Base fullname to use in all the Kubernetes entities deployed by this chart. | `""` |
+| `podAnnotations` | Kubernetes [pod annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/). | `{}` |
+| `podSecurityContext` | Kubernetes [pod security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/). | `{}` |
+| `securityContext` | Kubernetes [security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/). | `{}` |
+| `nodeSelector` | Kubernetes [node selectors](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector). | `{}` |
+| `tolerations` | Kubernetes [tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) settings. | `[]` |
+| `affinity` | Kubernetes pod [affinity settings](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity). | `{}` |
+| `terminationGracePeriodSeconds` | Maximum time allowed for graceful shutdown. | `60` |
### Service account settings
@@ -89,21 +92,23 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation) to learn
### Limits
-| Name | Description | Value |
-| --------------------------- | -------------------------------- | ----- |
-| `resources.requests.cpu` | A CPU request, e.g., `100m`. | |
-| `resources.requests.memory` | A memory request, e.g., `128Mi`. | |
-| `resources.limits.cpu` | A CPU limit, e.g., `100m`. | |
-| `resources.limits.memory` | A memory limit, e.g., `128Mi`. | |
+| Name | Description | Value |
+| --------------------------- | ------------------------------------------- | ----------- |
+| `resources` | Container resources requirements structure. | `{}` |
+| `resources.requests.cpu` | CPU request, recommended value `100m`. | `undefined` |
+| `resources.requests.memory` | Memory request, recommended value `128Mi`. | `undefined` |
+| `resources.limits.cpu` | CPU limit, recommended value `1000m`. | `undefined` |
+| `resources.limits.memory` | Memory limit, recommended value `512Mi`. | `undefined` |
### Navi-Castle service settings
-| Name | Description | Value |
-| -------------------------- | ------------------------------------ | ------------------------------ |
-| `castle.castleDataPath` | Path to the data directory. | `/opt/castle/data/` |
-| `castle.restrictions.host` | Restrictions API base URL. | `http://restrictions-api.host` |
-| `castle.restrictions.key` | Restrictions API key. | `""` |
-| `castle.jobs` | Number of parallel downloading jobs. | `1` |
+| Name | Description | Value |
+| -------------------------- | --------------------------------------------------- | ------------------------------ |
+| `castle.castleDataPath` | Path to the data directory. | `/opt/castle/data/` |
+| `castle.restrictions` | Section ignored if castle.restriction.enabled=false | |
+| `castle.restrictions.host` | Restrictions API base URL. | `http://restrictions-api.host` |
+| `castle.restrictions.key` | Restrictions API key. | `""` |
+| `castle.jobs` | Number of parallel downloading jobs. | `1` |
### Navi-Front settings
@@ -113,14 +118,25 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation) to learn
### Cron settings
-| Name | Description | Value |
-| --------------------------------- | -------------------------------------------------- | ------------- |
-| `cron.enabled.import` | If the `import` cron job is enabled. | `false` |
-| `cron.enabled.restriction` | If the `restriction` cron job is enabled. | `false` |
-| `cron.schedule.import` | Cron job schedule for `import`. | `11 * * * *` |
-| `cron.schedule.restriction` | Cron job schedule for `restriction`. | `*/5 * * * *` |
-| `cron.concurrencyPolicy` | Cron job concurrency policy: `Allow` or `Forbid`. | `Forbid` |
-| `cron.successfulJobsHistoryLimit` | How many completed and failed jobs should be kept. | `3` |
+| Name | Description | Value |
+| --------------------------------- | ------------------------------------------------------------------- | ------------- |
+| `cron.enabled.import` | If the `import` cron job is enabled. | `false` |
+| `cron.enabled.restriction` | If restrictions API enabled, incompatible with `restrictionImport`. | `false` |
+| `cron.enabled.restrictionImport` | If restrictions import enabled, incompatible with `restriction`. | `false` |
+| `cron.schedule.import` | Cron job schedule for `import`. | `11 * * * *` |
+| `cron.schedule.restriction` | Cron job schedule for `restriction`. | `*/5 * * * *` |
+| `cron.schedule.restrictionImport` | Cron job schedule for `restrictionImport`. | `*/5 * * * *` |
+| `cron.concurrencyPolicy` | Cron job concurrency policy: `Allow` or `Forbid`. | `Forbid` |
+| `cron.successfulJobsHistoryLimit` | How many completed and failed jobs should be kept. | `3` |
+| `cron.prometheusPort` | Container port for supercronic prometheus | `9476` |
+
+### Init settings
+
+| Name | Description | Value |
+| -------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | ------- |
+| `init.enabled.import` | If the `import` on init is enabled. Warning: if disable data not imported. Old data will be lost if not persistentVolume.enabled. | `true` |
+| `init.enabled.restriction` | If restrictions API enabled, incompatible with `restrictionImport`. | `false` |
+| `init.enabled.restrictionImport` | If restrictions import enabled, incompatible with `restriction`. | `false` |
### Kubernetes [Persistence Volumes](https://kubernetes.io/docs/concepts/storage/persistent-volumes/) settings
diff --git a/charts/navi-castle/templates/_helpers.tpl b/charts/navi-castle/templates/_helpers.tpl
index b3f719798..8e4d071bb 100644
--- a/charts/navi-castle/templates/_helpers.tpl
+++ b/charts/navi-castle/templates/_helpers.tpl
@@ -62,7 +62,6 @@ Create the name of the service account to use
{{- end }}
-{{/* vim: set filetype=mustache: */}}
{{/*
Renders a value that contains template.
Usage:
@@ -75,3 +74,12 @@ Usage:
{{- tpl (.value | toYaml) .context }}
{{- end }}
{{- end -}}
+
+
+{{/*
+Determine --service parameter for a specific cron job flavor
+{{ include "castle.serviceParameter" ( dict "flavor" ) }}
+*/}}
+{{- define "castle.serviceParameter" -}}
+{{- eq "restrictionImport" .flavor | ternary "import-restrictions" .flavor -}}
+{{- end -}}
diff --git a/charts/navi-castle/templates/configmapbuilder-runnable.yaml b/charts/navi-castle/templates/configmapbuilder-runnable.yaml
new file mode 100644
index 000000000..4749ea7f6
--- /dev/null
+++ b/charts/navi-castle/templates/configmapbuilder-runnable.yaml
@@ -0,0 +1,24 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "castle.fullname" . }}-runnable
+data:
+ update_services_init.sh: |
+ # intended to run by init
+ # 1. initially runs configured imports
+ # 2. passes control down to supercronic for the same by schedule
+ set -Ceux
+ {{- range $_, $flavor := tuple "import" "restriction" "restrictionImport" }}
+ {{- if index $.Values.init.enabled $flavor }}
+ /opt/configuration_builder --config /opt/config_builder.conf --service={{ include "castle.serviceParameter" ( dict "flavor" $flavor ) }} --jobs={{ $.Values.castle.jobs | default 1 | int }}
+ {{- end }}
+ {{- end }}
+ exec /usr/local/bin/supercronic \
+ -json \
+ -prometheus-listen-address \
+ 0.0.0.0:{{ .Values.cron.prometheusPort | int }} \
+ {{- if .Values.persistentVolume.enabled }}
+ /opt/update_services
+ {{- else }}{{- /* hang indefinitely if imports scheduled as k8s cronjob */}}
+ /dev/null
+ {{- end }}
diff --git a/charts/navi-castle/templates/configmapbuilder.yaml b/charts/navi-castle/templates/configmapbuilder.yaml
index bd0c52b71..06ceb257d 100644
--- a/charts/navi-castle/templates/configmapbuilder.yaml
+++ b/charts/navi-castle/templates/configmapbuilder.yaml
@@ -12,8 +12,6 @@ data:
log_level: 'DEBUG'
log_location:'/var/log/castle-%service%.log'
# PATHS AND FILE PROPERTIES
- # owner for result files
- owner: 'root:root'
# path to store city data
data_destination_dir: {{ .Values.castle.castleDataPath | quote }}
# --------------------------------------------
@@ -35,7 +33,10 @@ data:
# UPDATING CITY DATA
s3:
{
- server: '{{ required "Valid .Values.dgctlStorage.host required!" .Values.dgctlStorage.host }}',
+ server: '{{ .Values.dgctlStorage.secure | ternary "https" "http" }}://{{ required "Valid .Values.dgctlStorage.host required!" .Values.dgctlStorage.host }}',
+ {{- if .Values.dgctlStorage.region }}
+ region: '{{ .Values.dgctlStorage.region }}',
+ {{- end }}
bucket: '{{ required "Valid .Values.dgctlStorage.bucket required!" .Values.dgctlStorage.bucket }}',
login: '{{ required "Valid .Values.dgctlStorage.accessKey required!" .Values.dgctlStorage.accessKey }}',
pwd: '{{ required "Valid .Values.dgctlStorage.secretKey required!" .Values.dgctlStorage.secretKey }}',
@@ -44,34 +45,23 @@ data:
manifest:
{
pattern: '{{ default "/manifests/" .Values.dgctlStorage.manifest }}',
- service: 'navi',
+ service: ['navi','navi-restrictions'],
+ mapping: {
+ 'navi': 'import_package',
+ 'navi-restrictions': 'import_restriction'
+ }
}
# --------------------------------------------
# DATA PACKAGE
- imports:
- {
- remote_name: '%path%',
- remote_dir: '',
-
- package: '%project%.2gis',
- package_info:
- {
- local_name: '%issue-month%_%timestamp%.2gis',
- local_dir: 'packages/%project%',
- },
-
- restriction: '%project%-restriction.json',
- restriction_info:
- {
- local_name: '%current-date%_%hour%.json',
- local_dir: 'restrictions_json/%project%'
- },
-
- unpack: 'tar',
- meta: '%project%.json'
- }
+ {{- /* Guard incompatible services enabling */}}
+ {{- with .Values.cron.enabled }}
+ {{- if (and .restriction .restrictionImport) }}
+ {{- fail "Only one of restriction and restrictionImport can be active at once." }}
+ {{- end }}{{- /* if */}}
+ {{- end }}{{- /* with */}}
+ {{- if or .Values.cron.enabled.restriction .Values.init.enabled.restriction }}
restriction:
{
remote_name: '',
@@ -92,6 +82,40 @@ data:
store_period: 'week'
}
+ {{- end }}{{- /* or .Values.cron.enabled.restriction .Values.init.enabled.restriction */}}
+
+ {{- if or .Values.cron.enabled.restrictionImport .Values.init.enabled.restrictionImport }}
+ import_restriction:
+ {
+ remote_name: '',
+ remote_dir: '',
+
+ local_name: '%current-date%_%hour%.json',
+ local_dir: 'restrictions_json/%project%'
+
+ unpack: 'tar',
+ meta: '%project%.json'
+ content: '%project%-restriction.json',
+ item: 'restriction',
+ store_period: 'week'
+ }
+ {{- end }}{{- /* or .Values.cron.enabled.restrictionImport .Values.init.enabled.restrictionImport */}}
+
+ {{- if or .Values.cron.enabled.import .Values.init.enabled.import }}
+ import_package:
+ {
+ remote_name: '',
+ remote_dir: '',
+ local_name: '%issue-month%_%timestamp%.2gis',
+ local_dir: 'packages/%project%',
+
+ unpack: 'tar',
+ meta: '%project%.json',
+ content: '%project%.2gis',
+ item: 'package',
+ store_period: 'month'
+ }
+ {{- end }}{{- /* or .Values.cron.enabled.import .Values.init.enabled.import */}}
cities_template: |-
[
@@ -109,8 +133,8 @@ data:
]
update_services: |
- {{- range $_, $flavor := tuple "import" "restriction" }}
+ {{- range $_, $flavor := tuple "import" "restriction" "restrictionImport" }}
{{- if index $.Values.cron.enabled $flavor }}
- {{ index $.Values.cron.schedule $flavor }} /opt/configuration_builder --config /opt/config_builder.conf --service={{ $flavor }} --jobs={{ $.Values.castle.jobs | default 1 | int }}
+ {{ index $.Values.cron.schedule $flavor }} /opt/configuration_builder --config /opt/config_builder.conf --service={{ include "castle.serviceParameter" ( dict "flavor" $flavor ) }} --jobs={{ $.Values.castle.jobs | default 1 | int }}
{{- end }}
{{- end }}
diff --git a/charts/navi-castle/templates/configmapnginx.yaml b/charts/navi-castle/templates/configmapnginx.yaml
index d6144b519..bc554000d 100644
--- a/charts/navi-castle/templates/configmapnginx.yaml
+++ b/charts/navi-castle/templates/configmapnginx.yaml
@@ -13,6 +13,13 @@ data:
autoindex on;
}
+ location /spartacus {
+ expires epoch;
+ alias {{ .Values.castle.castleDataPath }}/backup;
+ autoindex on;
+ autoindex_format json;
+ }
+
location /healthcheck {
return 200 "Ok!";
}
diff --git a/charts/navi-castle/templates/cronjob.yaml b/charts/navi-castle/templates/cronjob.yaml
index 2687b933a..ff1011da3 100644
--- a/charts/navi-castle/templates/cronjob.yaml
+++ b/charts/navi-castle/templates/cronjob.yaml
@@ -1,12 +1,12 @@
{{- if .Values.persistentVolume.enabled }}
{{- range $i, $e := until ( .Values.replicaCount | int ) }}
-{{- range $_, $flavor := tuple "import" "restriction" }}
+{{- range $_, $flavor := tuple "import" "restriction" "restrictionImport" }}
{{- if index $.Values.cron.enabled $flavor }}
---
apiVersion: batch/v1
kind: CronJob
metadata:
- name: {{ include "castle.fullname" $ }}-cronjob-{{ $flavor }}-{{ $i }}
+ name: {{ include "castle.fullname" $ }}-cronjob-{{ $flavor | kebabcase }}-{{ $i }}
labels:
{{- include "castle.labels" $ | nindent 4 }}
spec:
@@ -46,7 +46,7 @@ spec:
args:
- --config
- /opt/config_builder.conf
- - --service={{ $flavor }}
+ - --service={{ include "castle.serviceParameter" ( dict "flavor" $flavor ) }}
- --jobs={{ $.Values.castle.jobs | default 1 | int }}
volumeMounts:
- name: {{ include "castle.fullname" $ }}-builder-config
@@ -59,7 +59,7 @@ spec:
mountPath: {{ $.Values.castle.castleDataPath }}
resources:
{{- toYaml $.Values.resources | nindent 16 }}
-{{- end -}} # if
-{{- end -}} # range $flavor
-{{- end -}} # range $i, $e
-{{- end -}} # if
+{{- end -}} {{/* if */}}
+{{- end -}} {{/* range $flavor */}}
+{{- end -}} {{/* range $i, $e */}}
+{{- end -}} {{/* if */}}
diff --git a/charts/navi-castle/templates/ingress.yaml b/charts/navi-castle/templates/ingress.yaml
index 60426b03d..73a171eac 100644
--- a/charts/navi-castle/templates/ingress.yaml
+++ b/charts/navi-castle/templates/ingress.yaml
@@ -1,8 +1,18 @@
{{- if .Values.ingress.enabled -}}
{{- $fullName := include "castle.fullname" . -}}
{{- $svcPort := .Values.service.port -}}
-
+{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
+ {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
+ {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
+ {{- end }}
+{{- end }}
+{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1
+{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1beta1
+{{- else -}}
+apiVersion: extensions/v1beta1
+{{- end }}
kind: Ingress
metadata:
name: {{ $fullName }}
@@ -13,7 +23,9 @@ metadata:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
+ {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
ingressClassName: {{ .Values.ingress.className }}
+ {{- end }}
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
@@ -31,12 +43,19 @@ spec:
paths:
{{- range .paths }}
- path: {{ .path }}
+ {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
pathType: {{ .pathType }}
+ {{- end }}
backend:
+ {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
service:
name: {{ $fullName }}
port:
number: {{ $svcPort }}
+ {{- else }}
+ serviceName: {{ $fullName }}
+ servicePort: {{ $svcPort }}
+ {{- end }}
{{- end }}
{{- end }}
{{- end }}
diff --git a/charts/navi-castle/templates/statefulset.yaml b/charts/navi-castle/templates/statefulset.yaml
index b806838f8..7ee965807 100644
--- a/charts/navi-castle/templates/statefulset.yaml
+++ b/charts/navi-castle/templates/statefulset.yaml
@@ -23,6 +23,7 @@ spec:
metadata:
annotations:
checksum/configbuilder: {{ include (print $.Template.BasePath "/configmapbuilder.yaml") . | sha256sum }}
+ checksum/configbuilder-runnable: {{ include (print $.Template.BasePath "/configmapbuilder-runnable.yaml") . | sha256sum }}
checksum/confignginx: {{ include (print $.Template.BasePath "/configmapnginx.yaml") . | sha256sum }}
{{- with .Values.podAnnotations }}
{{- toYaml . | nindent 8 }}
@@ -37,6 +38,10 @@ spec:
- name: {{ include "castle.fullname" . }}-builder-config
configMap:
name: {{ include "castle.fullname" . }}-builder-config
+ - name: {{ include "castle.fullname" . }}-runnable
+ configMap:
+ name: {{ include "castle.fullname" . }}-runnable
+ defaultMode: 0775
- name: {{ include "castle.fullname" . }}-castle-nginx-config
configMap:
name: {{ include "castle.fullname" . }}-castle-nginx-config
@@ -45,35 +50,6 @@ spec:
emptyDir: {}
{{- end }}
terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }}
- initContainers:
- {{- range $flavor, $init_enabled := dict "import" true "restriction" .Values.cron.enabled.restriction }}
- {{- if $init_enabled }}
- - name: castle-{{ $flavor }}-init
- image: {{ required "A valid $.Values.dgctlDockerRegistry entry required" $.Values.dgctlDockerRegistry }}/{{ $.Values.castle.image.repository }}:{{ $.Values.castle.image.tag }}
- command: [ "/opt/configuration_builder" ]
- args:
- - --config
- - /opt/config_builder.conf
- - --service={{ $flavor }}
- - --jobs={{ $.Values.castle.jobs | default 1 | int }}
- volumeMounts:
- - name: {{ include "castle.fullname" $ }}-builder-config
- mountPath: /opt/config_builder.conf
- subPath: config_builder.conf
- - name: {{ include "castle.fullname" $ }}-builder-config
- mountPath: {{ $.Values.castle.castleDataPath }}/cities_template
- subPath: cities_template
- {{- if $.Values.persistentVolume.enabled }}
- - name: {{ include "castle.fullname" $ }}-pvc
- mountPath: {{ $.Values.castle.castleDataPath }}
- {{- else }}
- - name: {{ include "castle.fullname" $ }}-data
- mountPath: {{ $.Values.castle.castleDataPath }}
- {{- end }}
- resources:
- {{- toYaml $.Values.resources | nindent 12 }}
- {{- end }} # if
- {{- end }} # range
containers:
- name: castle-nginx
image: {{ required "A valid .Values.dgctlDockerRegistry entry required" .Values.dgctlDockerRegistry }}/{{ .Values.nginx.image.repository }}:{{ .Values.nginx.image.tag }}
@@ -102,42 +78,44 @@ spec:
periodSeconds: 5
timeoutSeconds: 3
failureThreshold: 2
- # If Persistent volume is not enabled then cron jobs will be running as sidecar containers
- {{- if (not .Values.persistentVolume.enabled) }}
- name: castle-cron
- image: "{{ required "A valid $.Values.dgctlDockerRegistry entry required" $.Values.dgctlDockerRegistry }}/{{ $.Values.castle.image.repository }}:{{ $.Values.castle.image.tag }}"
+ image: {{ required "A valid $.Values.dgctlDockerRegistry entry required" $.Values.dgctlDockerRegistry }}/{{ $.Values.castle.image.repository }}:{{ $.Values.castle.image.tag }}
command: ["/tini","--"]
args:
- - /usr/local/bin/supercronic
- - -json
- - -prometheus-listen-address
- - '0.0.0.0:9476'
- - /opt/update_services
+ - /opt/update_services_init.sh
resources:
{{- toYaml $.Values.resources | nindent 12 }}
livenessProbe:
+ {{- /* checks if supercronic prometheus port is open */}}
httpGet:
path: /health
- port: 9476
+ port: {{ .Values.cron.prometheusPort | int }}
initialDelaySeconds: 10
periodSeconds: 10
ports:
- name: cron-prom
- containerPort: 9476
+ containerPort: {{ .Values.cron.prometheusPort | int }}
protocol: TCP
volumeMounts:
- name: {{ include "castle.fullname" $ }}-builder-config
mountPath: /opt/config_builder.conf
subPath: config_builder.conf
+ - name: {{ include "castle.fullname" $ }}-runnable
+ mountPath: /opt/update_services_init.sh
+ subPath: update_services_init.sh
- name: {{ include "castle.fullname" $ }}-builder-config
mountPath: {{ $.Values.castle.castleDataPath }}/cities_template
subPath: cities_template
- name: {{ include "castle.fullname" $ }}-builder-config
mountPath: /opt/update_services
subPath: update_services
- - name: {{ include "castle.fullname" $ }}-data
- mountPath: {{ $.Values.castle.castleDataPath }}
- {{- end }}
+ {{- if .Values.persistentVolume.enabled }}
+ - name: {{ include "castle.fullname" . }}-pvc
+ mountPath: {{ .Values.castle.castleDataPath }}
+ {{- else }}
+ - name: {{ include "castle.fullname" . }}-data
+ mountPath: {{ .Values.castle.castleDataPath }}
+ {{- end }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
diff --git a/charts/navi-castle/templates/tests/test-connection.yaml b/charts/navi-castle/templates/tests/test-connection.yaml
deleted file mode 100644
index 4f0e760f9..000000000
--- a/charts/navi-castle/templates/tests/test-connection.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: Pod
-metadata:
- name: "{{ include "castle.fullname" . }}-test-connection"
- labels:
- {{- include "castle.labels" . | nindent 4 }}
- annotations:
- "helm.sh/hook": test
-spec:
- containers:
- - name: wget
- image: busybox
- command: ['wget']
- args: ['{{ include "castle.fullname" . }}:{{ .Values.service.port }}']
- restartPolicy: Never
diff --git a/charts/navi-castle/values.yaml b/charts/navi-castle/values.yaml
index 72e1118a5..299009e4e 100644
--- a/charts/navi-castle/values.yaml
+++ b/charts/navi-castle/values.yaml
@@ -17,6 +17,8 @@ dgctlDockerRegistry: ''
# @section Deployment Artifacts Storage settings
# @param dgctlStorage.host S3 endpoint. Format: `host:port`.
+# @param dgctlStorage.secure If S3 uses https.
+# @param dgctlStorage.region S3 region.
# @param dgctlStorage.bucket S3 bucket name.
# @param dgctlStorage.accessKey S3 access key for accessing the bucket.
# @param dgctlStorage.secretKey S3 secret key for accessing the bucket.
@@ -24,6 +26,8 @@ dgctlDockerRegistry: ''
dgctlStorage:
host: ''
+ secure: false
+ region: ''
bucket: ''
accessKey: ''
secretKey: ''
@@ -42,6 +46,7 @@ dgctlStorage:
# @param nodeSelector Kubernetes [node selectors](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector).
# @param tolerations Kubernetes [tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) settings.
# @param affinity Kubernetes pod [affinity settings](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity).
+# @param terminationGracePeriodSeconds Maximum time allowed for graceful shutdown.
replicaCount: 1
imagePullSecrets: []
@@ -53,6 +58,7 @@ securityContext: {}
nodeSelector: {}
tolerations: []
affinity: {}
+terminationGracePeriodSeconds: 60
# @section Service account settings
@@ -99,14 +105,13 @@ ingress:
# navi-castle.example.com
# secretName: secret.tls
-
# @section Limits
-# @skip resources
-# @extra resources.requests.cpu A CPU request, e.g., `100m`.
-# @extra resources.requests.memory A memory request, e.g., `128Mi`.
-# @extra resources.limits.cpu A CPU limit, e.g., `100m`.
-# @extra resources.limits.memory A memory limit, e.g., `128Mi`.
+# @param resources [nullable] Container resources requirements structure.
+# @param resources.requests.cpu [nullable] CPU request, recommended value `100m`.
+# @param resources.requests.memory [nullable] Memory request, recommended value `128Mi`.
+# @param resources.limits.cpu [nullable] CPU limit, recommended value `1000m`.
+# @param resources.limits.memory [nullable] Memory limit, recommended value `512Mi`.
resources: {}
@@ -114,6 +119,7 @@ resources: {}
# @section Navi-Castle service settings
# @param castle.castleDataPath Path to the data directory.
+# @extra castle.restrictions Section ignored if castle.restriction.enabled=false
# @param castle.restrictions.host Restrictions API base URL.
# @param castle.restrictions.key Restrictions API key.
# @param castle.jobs Number of parallel downloading jobs.
@@ -122,7 +128,7 @@ castle:
image:
repository: 2gis-on-premise/navi-castle
pullPolicy: IfNotPresent
- tag: 1.0.7
+ tag: 1.7.0
castleDataPath: /opt/castle/data/
restrictions:
host: http://restrictions-api.host
@@ -144,21 +150,40 @@ nginx:
# @section Cron settings
# @param cron.enabled.import If the `import` cron job is enabled.
-# @param cron.enabled.restriction If the `restriction` cron job is enabled.
+# @param cron.enabled.restriction If restrictions API enabled, incompatible with `restrictionImport`.
+# @param cron.enabled.restrictionImport If restrictions import enabled, incompatible with `restriction`.
# @param cron.schedule.import Cron job schedule for `import`.
# @param cron.schedule.restriction Cron job schedule for `restriction`.
+# @param cron.schedule.restrictionImport Cron job schedule for `restrictionImport`.
# @param cron.concurrencyPolicy Cron job concurrency policy: `Allow` or `Forbid`.
# @param cron.successfulJobsHistoryLimit How many completed and failed jobs should be kept.
+# @param cron.prometheusPort Container port for supercronic prometheus
cron:
enabled:
import: false
restriction: false
+ restrictionImport: false
schedule:
import: 11 * * * *
restriction: '*/5 * * * *'
+ restrictionImport: '*/5 * * * *'
concurrencyPolicy: Forbid
successfulJobsHistoryLimit: 3
+ prometheusPort: 9476
+
+
+# @section Init settings
+
+# @param init.enabled.import If the `import` on init is enabled. Warning: if disable data not imported. Old data will be lost if not persistentVolume.enabled.
+# @param init.enabled.restriction If restrictions API enabled, incompatible with `restrictionImport`.
+# @param init.enabled.restrictionImport If restrictions import enabled, incompatible with `restriction`.
+
+init:
+ enabled:
+ import: true
+ restriction: false
+ restrictionImport: false
# @section Kubernetes [Persistence Volumes](https://kubernetes.io/docs/concepts/storage/persistent-volumes/) settings
diff --git a/charts/navi-front/Chart.yaml b/charts/navi-front/Chart.yaml
index 6bc818011..341cad6d4 100644
--- a/charts/navi-front/Chart.yaml
+++ b/charts/navi-front/Chart.yaml
@@ -5,7 +5,7 @@ type: application
keywords:
- navi
- front
-version: 1.13.0
+version: 1.15.0
appVersion: 1.24.1
maintainers:
- name: 2gis
diff --git a/charts/navi-front/README.md b/charts/navi-front/README.md
index 26d5b1961..ce6d92d34 100644
--- a/charts/navi-front/README.md
+++ b/charts/navi-front/README.md
@@ -26,6 +26,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation) to learn
| --------------------- | --------------------------------------------------------------------------------------- | ----- |
| `dgctlDockerRegistry` | Docker Registry endpoint where On-Premise services' images reside. Format: `host:port`. | `""` |
+
### Common settings
| Name | Description | Value |
@@ -41,6 +42,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation) to learn
| `tolerations` | Kubernetes [tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) settings. | `[]` |
| `affinity` | Kubernetes pod [affinity settings](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity). | `{}` |
+
### Deployment settings
| Name | Description | Value |
@@ -49,6 +51,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation) to learn
| `image.tag` | Tag | `1.24.1` |
| `image.pullPolicy` | Pull Policy | `IfNotPresent` |
+
### Navi-Front service settings
| Name | Description | Value |
@@ -57,6 +60,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation) to learn
| `front.router.discover` | Enable/disable router autodiscovery. | `true` |
| `front.router.host` | Set router address if autodiscovery is disabled. | `localhost` |
+
### Service account settings
| Name | Description | Value |
@@ -65,6 +69,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation) to learn
| `serviceAccount.annotations` | Annotations to add to the service account. | `{}` |
| `serviceAccount.name` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` |
+
### Service settings
| Name | Description | Value |
@@ -72,6 +77,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation) to learn
| `service.type` | Kubernetes [service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types). | `ClusterIP` |
| `service.port` | Service port. | `80` |
+
### Kubernetes [Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) settings
| Name | Description | Value |
@@ -83,14 +89,16 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation) to learn
| `ingress.hosts[0].paths[0].pathType` | Type of the path for the Ingress service. | `Prefix` |
| `ingress.tls` | TLS configuration | `[]` |
+
### Limits
-| Name | Description | Value |
-| --------------------------- | -------------------------------- | ----- |
-| `resources.requests.cpu` | A CPU request, e.g., `100m`. | |
-| `resources.requests.memory` | A memory request, e.g., `128Mi`. | |
-| `resources.limits.cpu` | A CPU limit, e.g., `100m`. | |
-| `resources.limits.memory` | A memory limit, e.g., `128Mi`. | |
+| Name | Description | Value |
+| --------------------------- | ------------------------------------------- | ----------- |
+| `resources` | Container resources requirements structure. | `{}` |
+| `resources.requests.cpu` | CPU request, recommended value `100m`. | `undefined` |
+| `resources.requests.memory` | Memory request, recommended value `128Mi`. | `undefined` |
+| `resources.limits.cpu` | CPU limit, recommended value `1000m`. | `undefined` |
+| `resources.limits.memory` | Memory limit, recommended value `1Gi`. | `undefined` |
### Kubernetes [Horizontal Pod Autoscaling](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) settings
@@ -104,6 +112,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation) to learn
| `hpa.targetCPUUtilizationPercentage` | Target average CPU utilization (represented as a percentage of requested CPU) over all the pods; if not specified the default autoscaling policy will be used. | `80` |
| `hpa.targetMemoryUtilizationPercentage` | Target average memory utilization (represented as a percentage of requested memory) over all the pods; if not specified the default autoscaling policy will be used. | `""` |
+
### Kubernetes [Pod Disruption Budget](https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets) settings
| Name | Description | Value |
diff --git a/charts/navi-front/templates/configmap-extra.yaml b/charts/navi-front/templates/configmap-extra.yaml
index 7eab54da2..86ba18588 100644
--- a/charts/navi-front/templates/configmap-extra.yaml
+++ b/charts/navi-front/templates/configmap-extra.yaml
@@ -1,7 +1,7 @@
apiVersion: v1
kind: ConfigMap
metadata:
- name: {{ include "front.fullname" . }}-extra-config
+ name: {{ include "front.fullname" . }}-extra
data:
{{- if .Values.serverBlock }}
server-block.conf: |-
diff --git a/charts/navi-front/templates/tests/test-connection.yaml b/charts/navi-front/templates/tests/test-connection.yaml
deleted file mode 100644
index 9a5f24b86..000000000
--- a/charts/navi-front/templates/tests/test-connection.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: Pod
-metadata:
- name: "{{ include "front.fullname" . }}-test-connection"
- labels:
- {{- include "front.labels" . | nindent 4 }}
- annotations:
- "helm.sh/hook": test
-spec:
- containers:
- - name: wget
- image: busybox
- command: ['wget']
- args: ['{{ include "front.fullname" . }}:{{ .Values.service.port }}']
- restartPolicy: Never
diff --git a/charts/navi-front/values.yaml b/charts/navi-front/values.yaml
index d24d2a164..ec37b7739 100644
--- a/charts/navi-front/values.yaml
+++ b/charts/navi-front/values.yaml
@@ -102,11 +102,11 @@ ingress:
# @section Limits
-# @skip resources
-# @extra resources.requests.cpu A CPU request, e.g., `100m`.
-# @extra resources.requests.memory A memory request, e.g., `128Mi`.
-# @extra resources.limits.cpu A CPU limit, e.g., `100m`.
-# @extra resources.limits.memory A memory limit, e.g., `128Mi`.
+# @param resources [nullable] Container resources requirements structure.
+# @param resources.requests.cpu [nullable] CPU request, recommended value `100m`.
+# @param resources.requests.memory [nullable] Memory request, recommended value `128Mi`.
+# @param resources.limits.cpu [nullable] CPU limit, recommended value `1000m`.
+# @param resources.limits.memory [nullable] Memory limit, recommended value `1Gi`.
resources: {}
diff --git a/charts/navi-restrictions/Chart.yaml b/charts/navi-restrictions/Chart.yaml
index 9a453d607..8253da49f 100644
--- a/charts/navi-restrictions/Chart.yaml
+++ b/charts/navi-restrictions/Chart.yaml
@@ -4,7 +4,7 @@ description: A Helm chart for Kubernetes to deploy Restrictions backend
type: application
-version: 1.13.0
+version: 1.15.0
appVersion: 1.0.0
maintainers:
diff --git a/charts/navi-router/Chart.yaml b/charts/navi-router/Chart.yaml
index 21d987356..33ad14cde 100644
--- a/charts/navi-router/Chart.yaml
+++ b/charts/navi-router/Chart.yaml
@@ -5,8 +5,8 @@ type: application
keywords:
- navi
- router
-version: 1.13.0
-appVersion: 6.16.0
+version: 1.15.0
+appVersion: 6.17.0.8
maintainers:
- name: 2gis
url: https://github.com/2gis
diff --git a/charts/navi-router/README.md b/charts/navi-router/README.md
index 13b93bc1a..524b364f2 100644
--- a/charts/navi-router/README.md
+++ b/charts/navi-router/README.md
@@ -26,6 +26,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation) to learn
| --------------------- | --------------------------------------------------------------------------------------- | ----- |
| `dgctlDockerRegistry` | Docker Registry endpoint where On-Premise services' images reside. Format: `host:port`. | `""` |
+
### Common settings
| Name | Description | Value |
@@ -41,14 +42,16 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation) to learn
| `tolerations` | Kubernetes [tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) settings. | `[]` |
| `affinity` | Kubernetes pod [affinity settings](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity). | `{}` |
+
### Deployment settings
| Name | Description | Value |
| ------------------ | ----------- | ----------------------------- |
| `image.repository` | Repository | `2gis-on-premise/navi-router` |
-| `image.tag` | Tag | `6.16.0` |
+| `image.tag` | Tag | `6.17.0.8` |
| `image.pullPolicy` | Pull Policy | `IfNotPresent` |
+
### Navi-Router service settings
| Name | Description | Value |
@@ -61,7 +64,8 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation) to learn
| `router.keyManagementService.host` | Address if key management service server | `http://keys.api.example.com` |
| `router.keyManagementService.refreshIntervalSec` | Keys refresh interval in seconds | `30` |
| `router.keyManagementService.downloadTimeoutSec` | Keys download timeout in seconds | `30` |
-| `router.keyManagementService.apis` | Used API types and their tokens. Format: `type: token` | `nil` |
+| `router.keyManagementService.commonToken` | Mater key to retrieve all per-service API keys, router.keyManagementService.apis ignored, if commonToken set | `""` |
+| `router.keyManagementService.apis` | Used API types and their tokens. Format: `type: token` | `undefined` |
### Service account settings
@@ -71,6 +75,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation) to learn
| `serviceAccount.annotations` | Annotations to add to the service account. | `{}` |
| `serviceAccount.name` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` |
+
### Strategy settings
| Name | Description | Value |
@@ -79,6 +84,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation) to learn
| `strategy.rollingUpdate.maxUnavailable` | Maximum number of pods that can be created over the desired number of pods when doing [rolling update](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment). | `0` |
| `strategy.rollingUpdate.maxSurge` | Maximum number of pods that can be unavailable during the [rolling update](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment) process. | `1` |
+
### Service settings
| Name | Description | Value |
@@ -88,6 +94,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation) to learn
| `service.annotations` | Kubernetes [service annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/). | `{}` |
| `service.labels` | Kubernetes [service labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/). | `nil` |
+
### Kubernetes [Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) settings
| Name | Description | Value |
@@ -99,14 +106,17 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation) to learn
| `ingress.hosts[0].paths[0].pathType` | Type of the path for the Ingress service. | `Prefix` |
| `ingress.tls` | TLS configuration | `[]` |
+
### Limits
-| Name | Description | Value |
-| --------------------------- | -------------------------------- | ----- |
-| `resources.requests.cpu` | A CPU request, e.g., `100m`. | |
-| `resources.requests.memory` | A memory request, e.g., `128Mi`. | |
-| `resources.limits.cpu` | A CPU limit, e.g., `100m`. | |
-| `resources.limits.memory` | A memory limit, e.g., `128Mi`. | |
+| Name | Description | Value |
+| --------------------------- | ------------------------------------------- | ----------- |
+| `resources` | Container resources requirements structure. | `{}` |
+| `resources.requests.cpu` | CPU request, recommended value `500m`. | `undefined` |
+| `resources.requests.memory` | Memory request, recommended value `384Mi`. | `undefined` |
+| `resources.limits.cpu` | CPU limit, recommended value `1000m`. | `undefined` |
+| `resources.limits.memory` | Memory limit, recommended value `768Mi`. | `undefined` |
+
### Kubernetes [Horizontal Pod Autoscaling](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) settings
@@ -120,6 +130,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation) to learn
| `hpa.targetCPUUtilizationPercentage` | Target average CPU utilization (represented as a percentage of requested CPU) over all the pods; if not specified the default autoscaling policy will be used. | `80` |
| `hpa.targetMemoryUtilizationPercentage` | Target average memory utilization (represented as a percentage of requested memory) over all the pods; if not specified the default autoscaling policy will be used. | `""` |
+
### Kubernetes [Pod Disruption Budget](https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets) settings
| Name | Description | Value |
@@ -128,6 +139,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/navigation) to learn
| `pdb.minAvailable` | How many pods must be available after the eviction. | `""` |
| `pdb.maxUnavailable` | How many pods can be unavailable after the eviction. | `1` |
+
### Kubernetes [Vertical Pod Autoscaling](https://github.com/kubernetes/autoscaler/blob/master/vertical-pod-autoscaler/README.md) settings
| Name | Description | Value |
diff --git a/charts/navi-router/templates/configmap.yaml b/charts/navi-router/templates/configmap.yaml
index 8ed3d7d53..b63ed9916 100644
--- a/charts/navi-router/templates/configmap.yaml
+++ b/charts/navi-router/templates/configmap.yaml
@@ -57,6 +57,13 @@ data:
},
"server_info": {
"server_id": "{{ include "router.fullname" . }}"
+ },
+ "local_restrictions_for_keys": {
+ "distance_between_points_km": [
+ {"type" : "directions-api", "value" : 50},
+ {"type" : "distance-matrix-api", "value" : 50},
+ {"type" : "pairs-directions-api", "value" : 50}
+ ]
}
{{- with .Values.router.keyManagementService }}
{{- if .enabled }}
@@ -65,19 +72,7 @@ data:
{
"service_remote_address" : {{ .host | quote }},
"keys_refresh_interval_sec" : {{ .refreshIntervalSec | int }},
- "keys_download_timeout_sec" : {{ .downloadTimeoutSec | int }},
- "service_apis" :
- [
- {{- $first := true }}
- {{- range $type, $token := .apis }}
- {{- if $first }}
- {{- $first = false }}
- {{- else }}
- {{- print "," }}
- {{- end }}
- {"type" : {{ $type | quote }}, "token" : {{ $token | quote }} }
- {{- end }}
- ]
+ "keys_download_timeout_sec" : {{ .downloadTimeoutSec | int }}
}
{{- end }}
{{- end }}
diff --git a/charts/navi-router/templates/deployment.yaml b/charts/navi-router/templates/deployment.yaml
index 46e16dd67..57aa291bc 100644
--- a/charts/navi-router/templates/deployment.yaml
+++ b/charts/navi-router/templates/deployment.yaml
@@ -20,6 +20,7 @@ spec:
metadata:
annotations:
checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
+ checksum/secret: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }}
{{- with .Values.podAnnotations }}
{{- toYaml . | nindent 8 }}
{{- end }}
@@ -72,6 +73,23 @@ spec:
failureThreshold: 3
resources:
{{- toYaml .Values.resources | nindent 12 }}
+ env:
+ {{- range $type, $token := (.Values.router.keyManagementService).apis }}
+ {{- if $token }}
+ - name: {{ $type | replace "-" "_" | upper | quote }}
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "router.fullname" $ | quote }}
+ key: {{ $type | quote }}
+ {{- end }}{{- /* if $token */}}
+ {{- end }}{{- /* range $type, $token */}}
+ {{- if (.Values.router.keyManagementService).commonToken }}
+ - name: COMMON_TOKEN
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "router.fullname" . | quote }}
+ key: common_token
+ {{- end }}
terminationGracePeriodSeconds: {{ .Values.termination_grace_period_seconds | default 60 }}
{{- with .Values.nodeSelector }}
nodeSelector:
diff --git a/charts/navi-router/templates/ingress.yaml b/charts/navi-router/templates/ingress.yaml
index 193d17226..63edd0a72 100644
--- a/charts/navi-router/templates/ingress.yaml
+++ b/charts/navi-router/templates/ingress.yaml
@@ -1,7 +1,18 @@
{{- if .Values.ingress.enabled -}}
{{- $fullName := include "router.fullname" . -}}
{{- $svcPort := .Values.service.port -}}
+{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
+ {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
+ {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
+ {{- end }}
+{{- end }}
+{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1
+{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1beta1
+{{- else -}}
+apiVersion: extensions/v1beta1
+{{- end }}
kind: Ingress
metadata:
name: {{ $fullName }}
@@ -12,7 +23,9 @@ metadata:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
+ {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
ingressClassName: {{ .Values.ingress.className }}
+ {{- end }}
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
@@ -30,12 +43,19 @@ spec:
paths:
{{- range .paths }}
- path: {{ .path }}
+ {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
pathType: {{ .pathType }}
+ {{- end }}
backend:
+ {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
service:
name: {{ $fullName }}
port:
number: {{ $svcPort }}
+ {{- else }}
+ serviceName: {{ $fullName }}
+ servicePort: {{ $svcPort }}
+ {{- end }}
{{- end }}
{{- end }}
{{- end }}
diff --git a/charts/navi-router/templates/secret.yaml b/charts/navi-router/templates/secret.yaml
new file mode 100644
index 000000000..718622483
--- /dev/null
+++ b/charts/navi-router/templates/secret.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "router.fullname" . | quote }}
+ labels:
+ {{- include "router.labels" . | nindent 4 }}
+ {{- if .Values.labels }}
+ {{- toYaml .Values.labels | nindent 4 }}
+ {{- end }}
+type: Opaque
+data:
+ {{- range $type, $token := (.Values.router.keyManagementService).apis }}
+ {{ $type | quote }}: {{ $token | b64enc | quote }}
+ {{- end }}
+ common_token: {{ (.Values.router.keyManagementService).commonToken | default "" | b64enc | quote }}
diff --git a/charts/navi-router/templates/tests/test-connection.yaml b/charts/navi-router/templates/tests/test-connection.yaml
deleted file mode 100644
index 286fd508d..000000000
--- a/charts/navi-router/templates/tests/test-connection.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: Pod
-metadata:
- name: "{{ include "router.fullname" . }}-test-connection"
- labels:
- {{- include "router.labels" . | nindent 4 }}
- annotations:
- "helm.sh/hook": test
-spec:
- containers:
- - name: wget
- image: busybox
- command: ['wget']
- args: ['{{ include "router.fullname" . }}:{{ .Values.service.port }}']
- restartPolicy: Never
diff --git a/charts/navi-router/values.yaml b/charts/navi-router/values.yaml
index ddf7b80d7..ca8708e17 100644
--- a/charts/navi-router/values.yaml
+++ b/charts/navi-router/values.yaml
@@ -39,7 +39,7 @@ affinity: {}
image:
repository: 2gis-on-premise/navi-router
pullPolicy: IfNotPresent
- tag: 6.16.0
+ tag: 6.17.0.8
# @section Navi-Router service settings
@@ -52,7 +52,8 @@ image:
# @param router.keyManagementService.host Address if key management service server
# @param router.keyManagementService.refreshIntervalSec Keys refresh interval in seconds
# @param router.keyManagementService.downloadTimeoutSec Keys download timeout in seconds
-# @param router.keyManagementService.apis Used API types and their tokens. Format: `type: token`
+# @param router.keyManagementService.commonToken Mater key to retrieve all per-service API keys, router.keyManagementService.apis ignored, if commonToken set
+# @param router.keyManagementService.apis [nullable] Used API types and their tokens. Format: `type: token`
router:
appPort: 8080
@@ -64,17 +65,19 @@ router:
host: http://keys.api.example.com
refreshIntervalSec: 30
downloadTimeoutSec: 30
+ commonToken: ''
apis:
- # directions: "DIRECTIONS_TOKEN"
- # distance-matrix: "DISTANCE_MATRIX_TOKEN"
- # pairs-directions: "PAIRS_DIRECTIONS_TOKEN"
- # truck-directions: "TRUCK_DIRECTIONS_TOKEN"
- # public-transport: "PUBLIC_TRANSPORT_TOKEN"
- # isochrone: "ISOCHRONE_TOKEN"
- # map-matching : "MAP_MATCHING_TOKEN"
- # ppnot: "PPNOT_TOKEN"
- # combo-routes: "COMBO_ROUTES_TOKEN"
- # free-roam: "FREE_ROAM_TOKEN"
+ comboroutes-api: ''
+ directions-api: ''
+ distance-matrix-api: ''
+ freeroam-api: ''
+ isochrone-api: ''
+ map-matching-api: ''
+ pairs-directions-api: ''
+ ppnot-api: ''
+ public-transport-api: ''
+ truck-directions-api: ''
+ truck-distance-matrix-api: ''
# @section Service account settings
@@ -141,11 +144,12 @@ ingress:
# @section Limits
-# @skip resources
-# @extra resources.requests.cpu A CPU request, e.g., `100m`.
-# @extra resources.requests.memory A memory request, e.g., `128Mi`.
-# @extra resources.limits.cpu A CPU limit, e.g., `100m`.
-# @extra resources.limits.memory A memory limit, e.g., `128Mi`.
+
+# @param resources [nullable] Container resources requirements structure.
+# @param resources.requests.cpu [nullable] CPU request, recommended value `500m`.
+# @param resources.requests.memory [nullable] Memory request, recommended value `384Mi`.
+# @param resources.limits.cpu [nullable] CPU limit, recommended value `1000m`.
+# @param resources.limits.memory [nullable] Memory limit, recommended value `768Mi`.
resources: {}
diff --git a/charts/navi-splitter/Chart.yaml b/charts/navi-splitter/Chart.yaml
index 49d319768..498eee070 100644
--- a/charts/navi-splitter/Chart.yaml
+++ b/charts/navi-splitter/Chart.yaml
@@ -15,5 +15,5 @@ maintainers:
- name: 2gis
url: https://github.com/2gis
email: on-premise@2gis.com
-version: 1.13.0
+version: 1.15.0
appVersion: 1.0.1
diff --git a/charts/platform/Chart.yaml b/charts/platform/Chart.yaml
index 776ccb2da..4bce3d689 100644
--- a/charts/platform/Chart.yaml
+++ b/charts/platform/Chart.yaml
@@ -3,7 +3,7 @@ name: platform
type: application
description: A Helm chart for Kubernetes to deploy Platform
-version: 1.13.0
+version: 1.15.0
appVersion: 0.5.5
maintainers:
diff --git a/charts/pro-api/Chart.yaml b/charts/pro-api/Chart.yaml
index 243b8da9d..ffe92781a 100644
--- a/charts/pro-api/Chart.yaml
+++ b/charts/pro-api/Chart.yaml
@@ -5,8 +5,8 @@ description: Geo API for getting geo data
type: application
-version: 1.13.0
-appVersion: 1.1.57
+version: 1.15.0
+appVersion: 1.1.60
maintainers:
- name: 2gis
diff --git a/charts/pro-api/README.md b/charts/pro-api/README.md
index 0e528ace8..d4b15761e 100644
--- a/charts/pro-api/README.md
+++ b/charts/pro-api/README.md
@@ -71,7 +71,7 @@
| Name | Description | Value |
| ------------------ | ----------- | ------------------------- |
| `image.repository` | Repository | `2gis-on-premise/pro-api` |
-| `image.tag` | Tag | `1.1.57` |
+| `image.tag` | Tag | `1.1.60` |
| `image.pullPolicy` | Pull Policy | `IfNotPresent` |
### 2GIS PRO Storage configuration
@@ -204,7 +204,7 @@
| Name | Description | Value |
| ------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------ |
| `assetImporter.repository` | Docker Repository Image. | `2gis-on-premise/pro-importer` |
-| `assetImporter.tag` | Docker image tag. | `1.1.57` |
+| `assetImporter.tag` | Docker image tag. | `1.1.60` |
| `assetImporter.schedule` | Import job schedule. | `0 18 * * *` |
| `assetImporter.backoffLimit` | The number of [retries](https://kubernetes.io/docs/concepts/workloads/controllers/job/#pod-backoff-failure-policy) before considering a Job as failed. | `2` |
| `assetImporter.successfulJobsHistoryLimit` | How many completed and failed jobs should be kept. See [docs](https://kubernetes.io/docs/tasks/job/automated-tasks-with-cron-jobs/#jobs-history-limits). | `3` |
diff --git a/charts/pro-api/templates/user-asset-importer.yaml b/charts/pro-api/templates/user-asset-importer.yaml
index d9f54c84b..d654e8b39 100755
--- a/charts/pro-api/templates/user-asset-importer.yaml
+++ b/charts/pro-api/templates/user-asset-importer.yaml
@@ -103,5 +103,4 @@ spec:
value: "{{ .Values.tileGen.url }}"
- name: TileGen__UserDataTileSet
value: "{{ .Values.tileGen.userDataTileSet }}"
-
{{ end }}
diff --git a/charts/pro-api/values.yaml b/charts/pro-api/values.yaml
index fa7fbb07d..b6b6a694a 100644
--- a/charts/pro-api/values.yaml
+++ b/charts/pro-api/values.yaml
@@ -113,14 +113,14 @@ vpa:
image:
repository: 2gis-on-premise/pro-api
- tag: 1.1.57
+ tag: 1.1.60
pullPolicy: IfNotPresent
# @skip permissionsApiImage
permissionsApiImage:
repository: 2gis-on-premise/pro-permissions-api
- tag: 1.1.57
+ tag: 1.1.60
pullPolicy: IfNotPresent
# @section 2GIS PRO Storage configuration
@@ -372,7 +372,7 @@ permissionsApi:
assetImporter:
repository: 2gis-on-premise/pro-importer
- tag: 1.1.57
+ tag: 1.1.60
schedule: 0 18 * * *
backoffLimit: 2
successfulJobsHistoryLimit: 3
@@ -400,7 +400,7 @@ userAssetImporter:
assetPreparer:
repository: 2gis-on-premise/pro-importer
- tag: 1.1.57
+ tag: 1.1.60
schedule: 0 16 * * 6
backoffLimit: 2
successfulJobsHistoryLimit: 1
@@ -450,10 +450,10 @@ ingress:
enabled: false
className: nginx
hosts:
- - host: pro-api.example.com
- paths:
- - path: /
- pathType: Prefix
+ - host: pro-api.example.com
+ paths:
+ - path: /
+ pathType: Prefix
tls: []
# - hosts:
# - pro-api.example.com
diff --git a/charts/pro-ui/Chart.yaml b/charts/pro-ui/Chart.yaml
index 563797ed8..53274b9ad 100644
--- a/charts/pro-ui/Chart.yaml
+++ b/charts/pro-ui/Chart.yaml
@@ -3,8 +3,8 @@ name: pro-ui
type: application
description: A Helm chart for Kubernetes to deploy 2GIS Pro UI service
-version: 1.13.0
-appVersion: 1.2.0
+version: 1.15.0
+appVersion: 1.3.0
maintainers:
diff --git a/charts/pro-ui/README.md b/charts/pro-ui/README.md
index d3773442e..77b6ae428 100644
--- a/charts/pro-ui/README.md
+++ b/charts/pro-ui/README.md
@@ -32,7 +32,7 @@ Use this Helm chart to deploy 2GIS Pro UI service, which is a part of 2GIS's [On
| Name | Description | Value |
| --------------------- | ------------------------------ | ------------------------ |
| `ui.image.repository` | Repository | `2gis-on-premise/pro-ui` |
-| `ui.image.tag` | Tag | `1.2.0` |
+| `ui.image.tag` | Tag | `1.3.0` |
| `imagePullPolicy` | Pull Policy | `IfNotPresent` |
| `imagePullSecrets` | Kubernetes image pull secrets. | `[]` |
diff --git a/charts/pro-ui/values.yaml b/charts/pro-ui/values.yaml
index 1297f5a97..544296e46 100644
--- a/charts/pro-ui/values.yaml
+++ b/charts/pro-ui/values.yaml
@@ -37,7 +37,7 @@ ui:
image:
repository: 2gis-on-premise/pro-ui
- tag: 1.2.0
+ tag: 1.3.0
# @section UI service settings
diff --git a/charts/search-api/Chart.yaml b/charts/search-api/Chart.yaml
index aed665792..572b7396a 100644
--- a/charts/search-api/Chart.yaml
+++ b/charts/search-api/Chart.yaml
@@ -4,7 +4,7 @@ description: Search engine for catalog
type: application
-version: 1.13.0
+version: 1.15.0
appVersion: 7.65.0
maintainers:
diff --git a/charts/stat-receiver/Chart.yaml b/charts/stat-receiver/Chart.yaml
index d9c691bb8..f65fee5a9 100644
--- a/charts/stat-receiver/Chart.yaml
+++ b/charts/stat-receiver/Chart.yaml
@@ -3,7 +3,7 @@ name: stat-receiver
type: application
description: A Helm chart for Kubernetes to deploy Stat Receiver
-version: 1.13.0
+version: 1.15.0
appVersion: 1.11.1
maintainers:
diff --git a/charts/tiles-api/Chart.yaml b/charts/tiles-api/Chart.yaml
index 8b8910fc8..ac5e6215e 100644
--- a/charts/tiles-api/Chart.yaml
+++ b/charts/tiles-api/Chart.yaml
@@ -4,8 +4,8 @@ description: Tiles API for getting cartographic data
type: application
-version: 1.13.0
-appVersion: 4.49.0
+version: 1.15.0
+appVersion: 4.51.1
maintainers:
- name: 2gis
diff --git a/charts/tiles-api/README.md b/charts/tiles-api/README.md
index 1bf199777..6587fd812 100644
--- a/charts/tiles-api/README.md
+++ b/charts/tiles-api/README.md
@@ -48,7 +48,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/map) to learn about:
| `logLevel` | Logging level for 'api', 'proxy', 'importer' (can be overridden by {service}.logLevelOverride option). Allowed options: info|warn|debug|error. If not defined, 'info' level will be used. | `info` |
| `logFormat` | Logging format for 'api', 'proxy', 'importer' (can be overridden by {service}.logFormatOverride option). Allowed options: text|json. If not defined, 'json' format will be used. | `json` |
| `types` | **Tiles [types](https://docs.2gis.com/en/on-premise/map#nav-lvl1@paramArchitecture) enabled in Tiles API** | |
-| `types[0].kind` | Kind of tiles, should be one of: web, raster, native. | `""` |
+| `types[0].kind` | Kind of tiles, should be one of: web, raster, native, mapbox. | `""` |
| `types[0].subtype` | Subtype of the additional tiles data. Should be empty for the regular tiles. | `""` |
| `types[0].name` | Name for the tileset. If empty, the value from the kind is used. | `""` |
| `types[0].keyspace` | Custom user defined keyspace. If the parameter is set, the database cleaning and maintenance processes are skipped. | `""` |
@@ -90,7 +90,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/map) to learn about:
| `proxy.resources.limits.memory` | A memory limit. | `512Mi` |
| `proxy.image` | **Docker image settings** | |
| `proxy.image.repository` | Docker Repository. | `2gis-on-premise/tiles-api-proxy` |
-| `proxy.image.tag` | Docker image tag. | `4.49.0` |
+| `proxy.image.tag` | Docker image tag. | `4.51.1` |
| `proxy.image.pullPolicy` | Kubernetes pull policy for the service's Docker image. | `IfNotPresent` |
| `proxy.access` | **API Keys service access settings** | |
| `proxy.access.enabled` | If access to the [API Keys service](https://docs.2gis.com/en/on-premise/keys) is enabled. | `false` |
@@ -126,7 +126,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/map) to learn about:
| `api.resources.limits.memory` | A memory limit. | `512Mi` |
| `api.image` | **Docker image settings** | |
| `api.image.repository` | Docker Repository. | `2gis-on-premise/tiles-api` |
-| `api.image.tag` | Docker image tag. | `4.49.0` |
+| `api.image.tag` | Docker image tag. | `4.51.1` |
| `api.image.pullPolicy` | Kubernetes pull policy for the service's Docker image. | `IfNotPresent` |
| `api.imagePullSecrets` | Kubernetes image pull secrets. | `[]` |
| `api.strategy.rollingUpdate` | **Service's Rolling Update strategy settings** | |
@@ -201,7 +201,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/map) to learn about:
| `importer.resources.limits.memory` | A memory limit. | `256Mi` |
| `importer.image` | **Docker image settings** | |
| `importer.image.repository` | Docker Repository. | `2gis-on-premise/tiles-api-importer` |
-| `importer.image.tag` | Docker image tag. | `4.49.0` |
+| `importer.image.tag` | Docker image tag. | `4.51.1` |
| `importer.image.pullPolicy` | Kubernetes pull policy for the service's Docker image. | `IfNotPresent` |
| `importer.imagePullSecrets` | Kubernetes image pull secrets. | `[]` |
| `importer.cleaner` | **Cassandra keyspace lifecycle management and Cleaner settings** | |
diff --git a/charts/tiles-api/configs/api.yaml b/charts/tiles-api/configs/api.yaml
index b00698dd3..aecf67a3f 100644
--- a/charts/tiles-api/configs/api.yaml
+++ b/charts/tiles-api/configs/api.yaml
@@ -22,9 +22,8 @@ cassandra-clusters:
{{- range $_, $type := $.Values.types }}
- tileset: {{ $type.name | default (include "tiles.kind" $type) }}
keyspace: {{ include "tiles.keyspace" (merge $type $) }}
- {{- if $type.subtype }}
- type: ald
- {{- else if $default }}
+ type: {{ include "tiles.type" $type }}
+ {{- if and $default (not $type.subtype) }}
default: {{ $default }}
{{- $default = false }}
{{- end }}
diff --git a/charts/tiles-api/templates/_helpers.tpl b/charts/tiles-api/templates/_helpers.tpl
index 4f3f3962f..b5e54ea73 100644
--- a/charts/tiles-api/templates/_helpers.tpl
+++ b/charts/tiles-api/templates/_helpers.tpl
@@ -57,6 +57,18 @@ dgis_tileserver_{{ include "tiles.kind" . }}_{{ required "Valid .Values.cassandr
{{- end -}}
{{- end -}}
+{{- define "tiles.type" -}}
+{{- if .subtype -}}
+ald
+{{- else if has .kind (list "web" "native") -}}
+vector
+{{- else if eq .kind "raster" -}}
+raster
+{{- else if eq .kind "mapbox" -}}
+mapbox
+{{- end -}}
+{{- end -}}
+
{{- define "tiles.checksum" -}}
{{ (include (print $.Template.BasePath .path) $ | fromYaml).data | toYaml | sha256sum }}
{{- end }}
@@ -74,18 +86,21 @@ tiles-api-vector
tiles-api-raster
{{- else if eq . "native" -}}
tiles-api-mobile-sdk
-{{- else -}}
+{{- else if eq . "mapbox" -}}
+tiles-api-mapbox
{{- end -}}
{{- end -}}
{{- define "importer.types" -}}
{{- if .subtype -}}
- {{ .subtype }}
-{{- else if eq .kind "raster" -}}
-- tiles
-{{- else -}}
+{{- else if has .kind (list "web" "native") -}}
- vtiles
- poiicons
+{{- else if eq .kind "raster" -}}
+- tiles
+{{- else if eq .kind "mapbox" -}}
+- mapbox
{{- end -}}
{{- end -}}
diff --git a/charts/tiles-api/templates/import.configmap.yaml b/charts/tiles-api/templates/import.configmap.yaml
index 8a6b3c7f9..3be549254 100644
--- a/charts/tiles-api/templates/import.configmap.yaml
+++ b/charts/tiles-api/templates/import.configmap.yaml
@@ -22,9 +22,7 @@ data:
keyspaces:
- tileset: {{ $type.name | default (include "tiles.kind" $type) }}
keyspace: {{ include "tiles.keyspace" (merge $type $) }}
- {{- if $type.subtype }}
- type: ald
- {{- end }}
+ type: {{ include "tiles.type" $type }}
default: true
partition-size: 4
{{- with $.Values.cassandra }}
diff --git a/charts/tiles-api/values.yaml b/charts/tiles-api/values.yaml
index 932b8da41..153e15f01 100644
--- a/charts/tiles-api/values.yaml
+++ b/charts/tiles-api/values.yaml
@@ -31,7 +31,7 @@ dgctlStorage:
# @param logFormat Logging format for 'api', 'proxy', 'importer' (can be overridden by {service}.logFormatOverride option). Allowed options: text|json. If not defined, 'json' format will be used.
# @extra types **Tiles [types](https://docs.2gis.com/en/on-premise/map#nav-lvl1@paramArchitecture) enabled in Tiles API**
-# @param types[0].kind Kind of tiles, should be one of: web, raster, native.
+# @param types[0].kind Kind of tiles, should be one of: web, raster, native, mapbox.
# @param types[0].subtype Subtype of the additional tiles data. Should be empty for the regular tiles.
# @param types[0].name Name for the tileset. If empty, the value from the kind is used.
# @param types[0].keyspace Custom user defined keyspace. If the parameter is set, the database cleaning and maintenance processes are skipped.
@@ -124,7 +124,7 @@ proxy:
image:
repository: 2gis-on-premise/tiles-api-proxy
- tag: 4.49.0
+ tag: 4.51.1
pullPolicy: IfNotPresent
containerPort: 5000
@@ -181,7 +181,7 @@ api:
image:
repository: 2gis-on-premise/tiles-api
- tag: 4.49.0
+ tag: 4.51.1
pullPolicy: IfNotPresent
terminationGracePeriodSeconds: 30
@@ -339,7 +339,7 @@ importer:
image:
repository: 2gis-on-premise/tiles-api-importer
- tag: 4.49.0
+ tag: 4.51.1
pullPolicy: IfNotPresent
diff --git a/charts/traffic-proxy/Chart.yaml b/charts/traffic-proxy/Chart.yaml
index 42ea4d457..738b42497 100644
--- a/charts/traffic-proxy/Chart.yaml
+++ b/charts/traffic-proxy/Chart.yaml
@@ -4,7 +4,7 @@ description: A Helm chart for Kubernetes to deploy Proxy for traffic jams
type: application
-version: 1.13.0
+version: 1.15.0
appVersion: 1.21.6
maintainers:
diff --git a/charts/twins-api/Chart.yaml b/charts/twins-api/Chart.yaml
index 20cc2451b..33b9e24c0 100644
--- a/charts/twins-api/Chart.yaml
+++ b/charts/twins-api/Chart.yaml
@@ -3,7 +3,7 @@ name: twins-api
type: application
description: A Helm chart for Kubernetes to deploy API Twins service
-version: 1.13.0
+version: 1.15.0
appVersion: 1.6.0
maintainers:
diff --git a/image_versions.txt b/image_versions.txt
index a61393e30..5635dc8c6 100644
--- a/image_versions.txt
+++ b/image_versions.txt
@@ -20,9 +20,9 @@ keycloak
keycloak-themes:0.0.8
keycloak:21.1.1-debian-11-r4
keys
- keys-backend:1.63.0
+ keys-backend:1.69.0
keys-redis:6.2.6-alpine3.15
- keys-ui:0.5.0
+ keys-ui:0.6.0
license
license:2.1.2
mapgl-js-api
@@ -34,7 +34,7 @@ navi-async-matrix
navi-back
navi-back:7.10.0
navi-castle
- navi-castle:1.0.7
+ navi-castle:1.7.0
navi-front:1.24.1
navi-front
navi-front:1.24.1
@@ -42,18 +42,18 @@ navi-restrictions
navi-restrictions-api:1.0.0
navi-restrictions-syncer:1.0.1
navi-router
- navi-router:6.16.0
+ navi-router:6.17.0.8
navi-splitter
navi-splitter:1.0.1
platform
platform-ui:0.5.5
pro-api
- pro-api:1.1.57
- pro-importer:1.1.57
- pro-importer:1.1.57
- pro-permissions-api:1.1.57
+ pro-api:1.1.60
+ pro-importer:1.1.60
+ pro-importer:1.1.60
+ pro-permissions-api:1.1.60
pro-ui
- pro-ui:1.2.0
+ pro-ui:1.3.0
search-api
search-api:7.65.0
search-nginx:1.21.6
@@ -61,9 +61,9 @@ stat-receiver
stat-receiver-api:1.11.1
stat-receiver-streams:1.11.1
tiles-api
- tiles-api-importer:4.49.0
- tiles-api-proxy:4.49.0
- tiles-api:4.49.0
+ tiles-api-importer:4.51.1
+ tiles-api-proxy:4.51.1
+ tiles-api:4.51.1
traffic-proxy
nginx:1.21.6
twins-api