KuroNET/django-helm-chart
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: KuroNET:master
Branches Tags
KuroNET:master
KuroNET:1.0.0
KuroNET:0.3.1
KuroNET:0.3.0
KuroNET:0.2.1
KuroNET:0.2.0
KuroNET:0.1.0
..
compare: KuroNET:0.3.0
Branches Tags
KuroNET:master
KuroNET:1.0.0
KuroNET:0.3.1
KuroNET:0.3.0
KuroNET:0.2.1
KuroNET:0.2.0
KuroNET:0.1.0

No commits in common. "master" and "0.3.0" have entirely different histories.
master ... 0.3.0

20 changed files with 69 additions and 372 deletions
Show stats Expand all files Collapse all files

9
CHANGELOG.md
View file

@ -1,9 +0,0 @@
No release is stable. Do not use in production.
# Unreleased
# 1.0.0
- Add volume mounts
- Latest major postgres/redis versions
- Rename preInstall to migrateJob

8
Chart.lock
View file

@ -1,9 +1,9 @@
dependencies:
- name: postgresql
repository: https://charts.bitnami.com/bitnami
version: 15.5.16
version: 12.1.2
- name: redis
repository: https://charts.bitnami.com/bitnami
version: 19.6.1
digest: sha256:5e21575062cdcef4e947b4f89741e95138d93207f91d5074d53397d9c414f0a1
generated: "2024-07-15T13:58:06.767935373-04:00"
version: 17.3.11
digest: sha256:0c139fd65845bf087c3c0ba0ac094e9b29033371e7477213c555cd8053f6f62f
generated: "2022-11-17T09:52:38.038446631-05:00"

6
Chart.yaml
View file

@ -14,7 +14,7 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
version: 1.0.0
version: 0.3.0
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application.
@ -22,10 +22,10 @@ appVersion: 1.0.0
dependencies:
- name: postgresql
version: ^15.5.16
version: ~12.1.2
repository: https://charts.bitnami.com/bitnami
condition: postgresql.enabled
- name: redis
version: ^19.6.1
version: ~17.3.11
repository: https://charts.bitnami.com/bitnami
condition: redis.enabled

9
README.md
View file

@ -1,8 +1,8 @@
# Django Helm Chart
A generic Django (plus Celery) Helm chart demonstration. Do not use directly in production.
A generic Django (plus Celery) Helm chart.
Contributions may be accepted as merge requests. Be respectful of my time. I will not review if I do not have time. Fork the project instead. Please only open issues that you'd like to implement yourself or fund. Do not open support or feature requests. This chart is **not** intended to cover every use case with Django and Helm. It's a personal project that you are welcome to view and fork. Breaking changes to your workflow may happen at any time and without warning.
Contributions are welcome as merge requests. Please only open issues that you'd like to implement yourself or fund. Do not open support or feature requests. This chart is **not** intended to cover every use case with Django and Helm. It's a personal project that you are welcome to view and fork. Breaking changes to your workflow may happen at any time and without warning.
# Preparing your Django app
@ -39,8 +39,6 @@ Remember that Kubernetes "args" are Docker's CMD (or command). Pretty confusing!
# Usage
Use only for demonstration purposes. Fork the repo for production.
1. Add our Helm chart repo `helm repo add django https://gitlab.com/api/v4/projects/26807467/packages/helm/stable`
2. Review our values.yaml. At a minimum you'll need to set env.secret.SECRET_KEY and env.secret.DATABASE_URL.
3. Install the chart `helm install your-app django/django -f your-values.yml`
@ -58,7 +56,6 @@ I suggest either
- Keep them in a values.yml file in a private repo
- Make use of --reuse-values and --set
- Keep them in a non helm chart managed service
- Use the opentofu helm provider, with a secure state backend or encrypted state.
## Deploying in CI
@ -72,5 +69,3 @@ Maintaining this chart takes time. Considering supporting it by
- Check out [GlitchTip](https://glitchtip.com) error tracking, which is where this project started
Commercial support is available - email info@burkesoftware.com
If you want the scope of this project to include more, such as better merge request review or stable releases. You should consider forking it, talk to me about being a maintainer, or fund it.

BIN
charts/postgresql-12.1.2.tgz Normal file
View file

Binary file not shown.

BIN
charts/postgresql-15.5.16.tgz
View file

Binary file not shown.

BIN
charts/redis-17.3.11.tgz Normal file
View file

Binary file not shown.

BIN
charts/redis-19.6.1.tgz
View file

Binary file not shown.

12
templates/_tplvalues.tpl
View file

@ -1,12 +0,0 @@
{{/*
Renders a value that contains template.
Usage:
{{ include "common.tplvalues.render" ( dict "value" .Values.path.to.the.Value "context" $) }}
*/}}
{{- define "common.tplvalues.render" -}}
{{- if typeIs "string" .value }}
{{- tpl .value .context }}
{{- else }}
{{- tpl (.value | toYaml) .context }}
{{- end }}
{{- end -}}

11
templates/beat/deployment.yaml
View file

@ -19,9 +19,6 @@ spec:
checksum/secret: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }}
checksum/configmap: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
tag: "{{ .Values.image.tag }}"
{{- if .Values.beat.podAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.beat.podAnnotations "context" $ ) | nindent 8 }}
{{- end }}
labels:
{{- include "django.selectorLabels" . | nindent 8 }}
app.kubernetes.io/component: beat
@ -62,10 +59,6 @@ spec:
{{- end }}
- configMapRef:
name: {{ include "django.fullname" . }}
{{- with .Values.extraVolumeMounts }}
volumeMounts:
{{- toYaml . | nindent 10 }}
{{- end }}
{{- with .Values.beat.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
@ -78,9 +71,5 @@ spec:
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.extraVolumes }}
volumes:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- end }}
{{- end }}

72
templates/flower/deployment.yaml
View file

@ -1,72 +0,0 @@
{{- if .Values.flower.enabled -}}
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "django.fullname" . }}-flower
labels:
{{- include "django.labels" . | nindent 4 }}
app.kubernetes.io/component: flower
spec:
replicas: 1
selector:
matchLabels:
{{- include "django.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: flower
template:
metadata:
annotations:
checksum/secret: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }}
checksum/configmap: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
{{- if .Values.flower.podAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.flower.podAnnotations "context" $ ) | nindent 8 }}
{{- end }}
labels:
{{- include "django.selectorLabels" . | nindent 8 }}
app.kubernetes.io/component: flower
spec:
{{- with .Values.flower.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
- name: {{ .Chart.Name }}
{{- if .Values.flower.args }}
args: {{- toYaml .Values.flower.args | nindent 10}}
{{- end }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.flower.image.repository }}:{{ .Values.flower.image.tag }}"
imagePullPolicy: {{ .Values.flower.image.pullPolicy }}
ports:
- containerPort: 5555
name: http
protocol: TCP
resources:
{{- toYaml .Values.flower.resources | nindent 12 }}
env:
- name: SERVER_ROLE
value: "flower"
envFrom:
- secretRef:
name: {{ include "django.fullname" . }}
{{- if .Values.existingSecret }}
- secretRef:
name: {{ .Values.existingSecret }}
{{- end }}
- configMapRef:
name: {{ include "django.fullname" . }}
{{- with .Values.flower.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.flower.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.flower.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}

66
templates/flower/ingress.yaml
View file

@ -1,66 +0,0 @@
{{- if .Values.flower.ingress.enabled -}}
{{- $fullName := include "django.fullname" . -}}
{{- $svcPort := .Values.flower.service.port -}}
{{- if and .Values.flower.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
{{- if not (hasKey .Values.flower.ingress.annotations "kubernetes.io/ingress.class") }}
{{- $_ := set .Values.flower.ingress.annotations "kubernetes.io/ingress.class" .Values.flower.ingress.className}}
{{- end }}
{{- end }}
{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1
{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1beta1
{{- else -}}
apiVersion: extensions/v1beta1
{{- end }}
kind: Ingress
metadata:
name: {{ $fullName }}-flower
labels:
{{- include "django.labels" . | nindent 4 }}
{{- with .Values.flower.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if and .Values.flower.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
ingressClassName: {{ .Values.flower.ingress.className }}
{{- end }}
{{- if .Values.flower.ingress.tls }}
tls:
{{- range .Values.flower.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.flower.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
{{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
pathType: {{ .pathType }}
{{- end }}
{{- if .backend }}
backend:
{{- toYaml .backend | nindent 14 }}
{{- else }}
backend:
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
service:
name: {{ $fullName }}-flower
port:
number: {{ $svcPort }}
{{- else }}
serviceName: {{ $fullName }}
servicePort: {{ $svcPort }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}

18
templates/flower/service.yaml
View file

@ -1,18 +0,0 @@
{{- if .Values.flower.enabled -}}
apiVersion: v1
kind: Service
metadata:
name: {{ include "django.fullname" . }}-flower
labels:
{{- include "django.labels" . | nindent 4 }}
spec:
type: {{ .Values.flower.service.type }}
ports:
- port: {{ .Values.flower.service.port }}
targetPort: http
protocol: TCP
name: http
selector:
{{- include "django.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: flower
{{- end }}

66
templates/migrate-job.yaml
View file

@ -1,66 +0,0 @@
{{- if .Values.migrationJob.enabled -}}
apiVersion: batch/v1
kind: Job
metadata:
name: {{ include "django.fullname" . }}-migrate
labels:
{{- include "django.labels" . | nindent 4 }}
annotations:
"helm.sh/hook": post-install,pre-upgrade
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
"helm.sh/hook-weight": "0"
checksum/secret: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }}
checksum/configmap: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
tag: "{{ .Values.image.tag }}"
spec:
activeDeadlineSeconds: {{ default 900 .Values.migrationJob.activeDeadlineSeconds }}
template:
metadata:
labels:
app.kubernetes.io/component: migrate-job
{{- include "django.selectorLabels" . | nindent 8 }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "django.serviceAccountName" . }}
restartPolicy: Never
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
- name: migrate-job
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- if .Values.migrationJob.resources }}
resources: {{ toYaml .Values.migrationJob.resources | nindent 12 }}
{{- end }}
command: {{ .Values.migrationJob.command | default (list "./manage.py" "migrate") | toJson }}
env:
{{- if .Values.postgresql.enabled }}
- name: DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: {{ default (include "django.postgresql.fullname" .) .Values.postgresql.auth.existingSecret }}
key: postgres-password
{{- end }}
envFrom:
- secretRef:
name: {{ include "django.fullname" . }}
{{- if .Values.existingSecret }}
- secretRef:
name: {{ .Values.existingSecret }}
{{- end }}
- configMapRef:
name: {{ include "django.fullname" . }}
{{- with .Values.extraVolumeMounts }}
volumeMounts:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.extraVolumes }}
volumes:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- end }}

50
templates/pre-install-job.yaml Normal file
View file

@ -0,0 +1,50 @@
apiVersion: batch/v1
kind: Job
metadata:
name: {{ include "django.fullname" . }}
labels:
{{- include "django.labels" . | nindent 4 }}
annotations:
"helm.sh/hook": post-install,pre-upgrade
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
"helm.sh/hook-weight": "0"
checksum/secret: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }}
checksum/configmap: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
tag: "{{ .Values.image.tag }}"
spec:
activeDeadlineSeconds: 600
template:
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
restartPolicy: Never
containers:
- name: pre-install-job
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
command: ["./manage.py","migrate"]
env:
- name: DEBUG
value: "False"
{{- if .Values.env.secret.DATABASE_URL }}
- name: DATABASE_URL
value: {{ .Values.env.secret.DATABASE_URL }}
{{- end }}
{{- if .Values.postgresql.enabled }}
- name: DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "django.postgresql.fullname" . }}
key: postgres-password
{{- end }}
- name: SECRET_KEY
value: {{ required "env.secret.SECRET_KEY is a required value." .Values.env.secret.SECRET_KEY }}
{{- range $k, $v := .Values.env.normal }}
- name: {{ $k }}
value: {{ $v | quote }}
{{- end }}
envFrom:
- configMapRef:
name: {{ include "django.fullname" . }}

11
templates/web/deployment.yaml
View file

@ -19,9 +19,6 @@ spec:
checksum/secret: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }}
checksum/configmap: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
tag: "{{ .Values.image.tag }}"
{{- if .Values.web.podAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.web.podAnnotations "context" $ ) | nindent 8 }}
{{- end }}
labels:
{{- include "django.selectorLabels" . | nindent 8 }}
app.kubernetes.io/component: web
@ -83,10 +80,6 @@ spec:
{{- end }}
- configMapRef:
name: {{ include "django.fullname" . }}
{{- with .Values.extraVolumeMounts }}
volumeMounts:
{{- toYaml . | nindent 10 }}
{{- end }}
{{- with .Values.web.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
@ -99,7 +92,3 @@ spec:
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.extraVolumes }}
volumes:
{{- toYaml . | nindent 6 }}
{{- end }}

14
templates/web/hpa.yaml
View file

@ -1,5 +1,5 @@
{{- if .Values.web.autoscaling.enabled -}}
apiVersion: autoscaling/v2
apiVersion: autoscaling/v2beta1
kind: HorizontalPodAutoscaler
metadata:
name: {{ template "django.fullname" . }}-web
@ -13,20 +13,16 @@ spec:
minReplicas: {{ .Values.web.autoscaling.minReplicas }}
maxReplicas: {{ .Values.web.autoscaling.maxReplicas }}
metrics:
{{- if .Values.web.autoscaling.targetCPU }}
{{- if .Values.web.autoscaling.targetCPUUtilizationPercentage }}
- type: Resource
resource:
name: cpu
target:
type: "Utilization"
averageUtilization: {{ .Values.web.autoscaling.targetCPU }}
targetAverageUtilization: {{ .Values.web.autoscaling.targetCPUUtilizationPercentage }}
{{- end }}
{{- if .Values.web.autoscaling.targetMemory }}
{{- if .Values.web.autoscaling.targetMemoryUtilizationPercentage }}
- type: Resource
resource:
name: memory
target:
type: "Utilization"
averageUtilization: {{ .Values.web.autoscaling.targetMemory }}
targetAverageUtilization: {{ .Values.web.autoscaling.targetMemoryUtilizationPercentage }}
{{- end }}
{{- end }}

16
templates/worker/deployment.yaml
View file

@ -18,9 +18,6 @@ spec:
checksum/secret: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }}
checksum/configmap: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
tag: "{{ .Values.image.tag }}"
{{- if .Values.worker.podAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.worker.podAnnotations "context" $ ) | nindent 8 }}
{{- end }}
labels:
{{- include "django.selectorLabels" . | nindent 8 }}
app.kubernetes.io/component: worker
@ -29,7 +26,6 @@ spec:
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "django.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
@ -41,10 +37,6 @@ spec:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- if .Values.worker.livenessProbe }}
livenessProbe:
{{- .Values.worker.livenessProbe | toYaml | nindent 12 }}
{{- end }}
resources:
{{- toYaml .Values.worker.resources | nindent 12 }}
env:
@ -66,10 +58,6 @@ spec:
{{- end }}
- configMapRef:
name: {{ include "django.fullname" . }}
{{- with .Values.extraVolumeMounts }}
volumeMounts:
{{- toYaml . | nindent 10 }}
{{- end }}
{{- with .Values.worker.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
@ -82,8 +70,4 @@ spec:
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.extraVolumes }}
volumes:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- end }}

14
templates/worker/hpa.yaml
View file

@ -1,5 +1,5 @@
{{- if .Values.worker.autoscaling.enabled -}}
apiVersion: autoscaling/v2
apiVersion: autoscaling/v2beta1
kind: HorizontalPodAutoscaler
metadata:
name: {{ template "django.fullname" . }}-worker
@ -13,20 +13,16 @@ spec:
minReplicas: {{ .Values.worker.autoscaling.minReplicas }}
maxReplicas: {{ .Values.worker.autoscaling.maxReplicas }}
metrics:
{{- if .Values.worker.autoscaling.targetCPU }}
{{- if .Values.worker.autoscaling.targetCPUUtilizationPercentage }}
- type: Resource
resource:
name: cpu
target:
type: "Utilization"
averageUtilization: {{ .Values.worker.autoscaling.targetCPU }}
targetAverageUtilization: {{ .Values.worker.autoscaling.targetCPUUtilizationPercentage }}
{{- end }}
{{- if .Values.worker.autoscaling.targetMemory }}
{{- if .Values.worker.autoscaling.targetMemoryUtilizationPercentage }}
- type: Resource
resource:
name: memory
target:
type: "Utilization"
averageUtilization: {{ .Values.worker.autoscaling.targetMemory }}
targetAverageUtilization: {{ .Values.worker.autoscaling.targetMemoryUtilizationPercentage }}
{{- end }}
{{- end }}

59
values.yaml
View file

@ -11,14 +11,6 @@ imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
migrationJob:
enabled: true
command: [] # Default ./manage.py migrate
activeDeadlineSeconds: 900
resources:
limits: {}
requests: {}
env:
normal: {}
secret: {}
@ -27,8 +19,6 @@ env:
# REDIS_URL:
existingSecret: ""
extraVolumeMounts: []
extraVolumes: []
web:
replicaCount: 2
@ -51,7 +41,6 @@ web:
memory: 128Mi
nodeSelector: {}
tolerations: []
podAnnotations: {}
affinity: {}
# podAntiAffinity:
# preferredDuringSchedulingIgnoredDuringExecution:
@ -103,15 +92,6 @@ worker:
maxReplicas: 100
targetCPUUtilizationPercentage: 90
# targetMemoryUtilizationPercentage: 80
livenessProbe: {}
# initialDelaySeconds: 10
# periodSeconds: 60
# timeoutSeconds: 30
# exec:
# command:
# - "bash"
# - "-c"
# - "celery -A django inspect ping -d celery@$HOSTNAME | grep -q OK"
resources:
limits:
cpu: 900m
@ -121,7 +101,6 @@ worker:
memory: 128Mi
nodeSelector: {}
tolerations: []
podAnnotations: {}
affinity: {}
beat:
@ -135,45 +114,8 @@ beat:
memory: 90Mi
nodeSelector: {}
tolerations: []
podAnnotations: {}
affinity: {}
flower:
enabled: false
image:
repository: mher/flower
tag: latest
pullPolicy: IfNotPresent
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 50m
memory: 256Mi
nodeSelector: {}
tolerations: []
podAnnotations: {}
affinity: {}
service:
type: ClusterIP
port: 80
ingress:
enabled: false
annotations:
{}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts:
- host: chart-example.local
paths:
- path: /
pathType: ImplementationSpecific
tls: []
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
serviceAccount:
# Specifies whether a service account should be created
create: false
@ -196,4 +138,3 @@ postgresql:
enabled: false
#auth:
# postgresqlPassword: # Must be set