https://github.com/mprove-io/mprove-helm-charts
https://github.com/mprove-io/mprove-helm-charts
Last synced: about 1 month ago
JSON representation
- Host: GitHub
- URL: https://github.com/mprove-io/mprove-helm-charts
- Owner: mprove-io
- License: apache-2.0
- Created: 2022-10-15T10:15:25.000Z (over 2 years ago)
- Default Branch: master
- Last Pushed: 2023-02-02T18:37:07.000Z (about 2 years ago)
- Last Synced: 2025-02-02T22:35:01.470Z (3 months ago)
- Language: Shell
- Size: 177 KB
- Stars: 2
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Mprove Helm Charts
## Prerequisites
- Kubernetes cluster
- Kubectl
- Helm v3.10+
## Setup Kubernetes Cluster
Create namespace:
```
kubectl create namespace mprove
```
Default [mprove/values.yaml](https://github.com/mprove-io/mprove-helm-charts/blob/master/mprove/values.yaml) values should be overrided by your custom values. Values examples:
- [values-mprove-example-managed-demo.yaml](https://github.com/mprove-io/mprove-helm-charts/blob/master/values-mprove-example-managed-demo.yaml)
- [values-mprove-example-no-demo.yaml](https://github.com/mprove-io/mprove-helm-charts/blob/master/values-mprove-example-no-demo.yaml)
- [values-mprove-example-gitclone-demo.yaml](https://github.com/mprove-io/mprove-helm-charts/blob/master/values-mprove-example-gitclone-demo.yaml)
Create **values-mprove.yaml** file to override helm chart default values:
```
curl 'https://raw.githubusercontent.com/mprove-io/mprove-helm-charts/master/values-mprove-example-managed-demo.yaml' > values-mprove.yaml
```
Replace the suggested values in the file with your own.
### Custom Ingress
If you are using your own Ingress, make sure HTTP requests are routed between the Front and Backend services using the "/api" prefix. Check [mprove/templates/ingress/route.yaml](https://github.com/mprove-io/mprove-helm-charts/blob/master/mprove/templates/ingress/route.yaml) for example.
```
ingress:
enabled: false
```
### Mprove Istio Ingress
Install istioctl:
```
brew install istioctl
```
Install Istio to the cluster:
```
istioctl install
```
Add istio-injection label:
```
kubectl label namespace mprove istio-injection=enabled --overwrite
```
Install Cert Manager to the cluster:
```
helm repo add jetstack https://charts.jetstack.io
helm repo update
helm install cert-manager jetstack/cert-manager -n cert-manager --create-namespace --set installCRDs=true
```
Create DNS A record pointing your `real-host.example.com` to your kubernetes cluster's LoadBalancer public IP.
**values-mprove.yaml** overrides example:
```
ingress:
enabled: true
host: real-host.example.com
acmeEmail: [email protected]
```
## Install Mprove Helm Chart
```
helm install -f values-mprove.yaml mprove oci://ghcr.io/mprove-io/mprove-helm-charts/mprove --version -n mprove
```
```
helm upgrade -f values-mprove.yaml mprove oci://ghcr.io/mprove-io/mprove-helm-charts/mprove --version -n mprove
```
```
helm uninstall mprove -n mprove
```
```
helm template -f values-mprove.yaml mprove oci://ghcr.io/mprove-io/mprove-helm-charts/mprove --version -n mprove
```
## First Project (demo/p1)
First Project (p1) belongs to the First Org (demo).
First User gets the role **Owner** for the First Org (demo).
First User gets the role **Admin** for the First Project (p1).
First Project is for demonstration purposes only.
Many user actions in the demo/p1 project are restricted.
Each new registered Mprove user is automatically added to the demo/p1 project.
To disable First Org and First Project, you need to set the environment variables to empty values.
Then delete demo/p1 via UI if they are already created.
```
backendCommon:
envs:
BACKEND_FIRST_ORG_ID=
BACKEND_FIRST_PROJECT_ID=
```
You can also disable demo data warehouses:
```
dwhPostgres:
enabled: false
```
```
dwhClickhouse:
enabled: false
```
## Values Configuration
| Parameter | Description | Default |
| ---------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- |
| **ingress:** | **Kubernetes Ingress (Istio + Cert Manager)** | |
| enabled: | Enables [mprove/templates/ingress/*](https://github.com/mprove-io/mprove-helm-charts/tree/master/mprove/templates/ingress) resources | `false` |
| host: | *Replace with real host*. | `real-host.example.com` |
| acmeEmail: | *Replace with real email*. For cert-manager ClusterIssuer. | `[email protected]` |
| certProdSecretName: | | `cert-prod-secret` |
| certStagingSecretName: | | `cert-staging-secret` |
| routeGrafana: | | |
| enabled: | Enables [mprove/templates/ingress/route-grafana.yaml](https://github.com/mprove-io/mprove-helm-charts/tree/master/mprove/templates/ingress/route-grafana) resource | `false` |
| host: | | `grafana.example.com` |
| destination: | | `grafana-service-name.grafana-namespace.svc.cluster.local` |
| **kubeSystemNodeSetup:** | **Kubernetes Node Setup** | |
| enabled: | Enables [mprove/templates/kube-system-node-setup.yaml](https://github.com/mprove-io/mprove-helm-charts/tree/master/mprove/templates/kube-system-node-setup.yaml) resource. Increases the number of inotify max_user_watches per kubernetes node. | `true` |
| **db:** | **Mprove Application Database** | |
| enabled: | Enables [mprove/templates/db.yaml](https://github.com/mprove-io/mprove-helm-charts/tree/master/mprove/templates/db.yaml) resource | `true` |
| image: | | `mysql` |
| tag: | | `8.0.29` |
| name: | | `db` |
| storage: | | `10Gi` |
| envsSecretName: | Secret name from which db container will get environment variables | `db-envs` |
| createEnvsSecret: | Creates [mprove/templates/secrets/secret-db-envs.yaml](https://github.com/mprove-io/mprove-helm-charts/tree/master/mprove/templates/secrets/secret-db-envs.yaml) secret from envs values | `true` |
| envs: | | |
| MYSQL_ROOT_PASSWORD: | *Replace with your value* | `mysqlpass` |
| MYSQL_DATABASE: | | `mprovedb` |
| MYSQL_USERNAME: | | `root` |
| **rabbit:** | **Mprove Application Message Queue** | |
| enabled: | Enables [mprove/templates/rabbit.yaml](https://github.com/mprove-io/mprove-helm-charts/tree/master/mprove/templates/rabbit.yaml) resource | `true` |
| image: | | `rabbitmq` |
| tag: | | `3.10.6-management` |
| name: | | `rabbit` |
| envsSecretName: | Secret name from which rabbit container will get environment variables | `rabbit-envs` |
| createEnvsSecret: | Creates [mprove/templates/secrets/secret-rabbit-envs.yaml](https://github.com/mprove-io/mprove-helm-charts/tree/master/mprove/templates/secrets/secret-rabbit-envs.yaml) secret from envs values | `true` |
| envs: | | |
| RABBITMQ_DEFAULT_USER: | | `rabbituser` |
| RABBITMQ_DEFAULT_PASS: | *Replace with your value* | `rabbitpass` |
| RABBITMQ_ERLANG_COOKIE: | *Replace with your value* | `rabbitcookie` |
| **front:** | **Mprove Frontend Service (Nginx)** | |
| image: | | `ghcr.io/mprove-io/mprove-front` |
| name: | | `front` |
| replicas: | | `1` |
| **disk:** | **Mprove Disk Service** | |
| image: | | `ghcr.io/mprove-io/mprove-disk` |
| name: | | `disk` |
| storage: | | `2Gi` |
| envsSecretName: | Secret name from which disk containers will get environment variables | `disk-envs` |
| createEnvsSecret: | Creates [mprove/templates/secrets/secret-disk-envs.yaml](https://github.com/mprove-io/mprove-helm-charts/tree/master/mprove/templates/secrets/secret-disk-envs.yaml) secret from envs values | `true` |
| envs: | | |
| NODE_ENV: | | `production` |
| DISK_ENV: | | `PROD` |
| DISK_ORGANIZATIONS_PATH: | | `/root/mprove_data/organizations` |
| DISK_RABBIT_PROTOCOL: | | `amqp` |
| DISK_RABBIT_USER: | | `rabbituser` |
| DISK_RABBIT_PASS: | *Replace with your value* | `rabbitpass` |
| DISK_RABBIT_HOST: | | `rabbit` |
| DISK_RABBIT_PORT: | | `5672` |
| DISK_LOG_IS_JSON: | Value must be `'TRUE'` or `'FALSE'` | `'TRUE'` |
| DISK_LOG_RESPONSE_ERROR: | Value must be `'TRUE'` or `'FALSE'` | `'FALSE'` |
| DISK_LOG_RESPONSE_OK: | Value must be `'TRUE'` or `'FALSE'` | `'FALSE'` |
| **blockmlSingle:** | **Mprove BlockML Service** | |
| name: | | `blockml-single` |
| replicas: | | `1` |
| **blockmlCommon:** | **Mprove common values for BlockML services** | |
| image: | | `ghcr.io/mprove-io/mprove-blockml` |
| envsSecretName: | Secret name from which blockml containers will get environment variables | `blockml-common-envs` |
| createEnvsSecret: | Creates [mprove/templates/secrets/secret-blockml-common-envs.yaml](https://github.com/mprove-io/mprove-helm-charts/tree/master/mprove/templates/secrets/secret-blockml-common-envs.yaml) secret from envs values | `true` |
| envs: | | |
| NODE_ENV: | | `production` |
| BLOCKML_ENV: | | `PROD` |
| BLOCKML_RABBIT_PROTOCOL: | | `amqp` |
| BLOCKML_RABBIT_USER: | | `rabbituser` |
| BLOCKML_RABBIT_PASS: | *Replace with your value* | `rabbitpass` |
| BLOCKML_RABBIT_HOST: | | `rabbit` |
| BLOCKML_RABBIT_PORT: | | `5672` |
| BLOCKML_LOG_IO: | Value must be `'TRUE'` or `'FALSE'` | `'FALSE'` |
| BLOCKML_LOG_FUNC: | | `ALL` |
| BLOCKML_COPY_LOGS_TO_MODELS: | Value must be `'TRUE'` or `'FALSE'` | `'FALSE'` |
| BLOCKML_LOGS_PATH: | | `/root/mprove_data/blockml-logs` |
| BLOCKML_IS_SINGLE: | Value must be `'TRUE'` or `'FALSE'` | `'FALSE'` |
| BLOCKML_IS_MAIN: | Value must be `'TRUE'` or `'FALSE'` | `'FALSE'` |
| BLOCKML_IS_WORKER: | Value must be `'TRUE'` or `'FALSE'` | `'FALSE`' |
| BLOCKML_CONCURRENCY_LIMIT: | | `0` |
| BLOCKML_LOG_IS_JSON: | Value must be `'TRUE'` or `'FALSE'` | `'TRUE'` |
| BLOCKML_LOG_RESPONSE_ERROR: | Value must be `'TRUE'` or `'FALSE'` | `'FALSE'` |
| BLOCKML_LOG_RESPONSE_OK: | Value must be `'TRUE'` or `'FALSE'` | `'FALSE'` |
| **backend:** | **Mprove Backend Service** | |
| name: | | `backend` |
| replicas: | | `1` |
| **backendScheduler:** | **Mprove Backend Scheduler Service** | |
| name: | | `backend-scheduler` |
| **backendCommon:** | **Mprove common values for Backend services** | |
| image: | | `ghcr.io/mprove-io/mprove-backend` |
| envsSecretName: | Secret name from which backend containers will get environment variables | `backend-common-envs` |
| secretFilesSecretName: | Secret name from which backend containers will get secret files | `backend-common-secret-files` |
| createEnvsSecret: | Creates [mprove/templates/secrets/secret-backend-common-envs.yaml](https://github.com/mprove-io/mprove-helm-charts/tree/master/mprove/templates/secrets/secret-backend-common-envs.yaml) secret from envs values | `true` |
| createSecretFilesSecret: | Creates [mprove/templates/secrets/secret-backend-common-secret-files.yaml](https://github.com/mprove-io/mprove-helm-charts/tree/master/mprove/templates/secrets/secret-backend-common-secret-files.yaml) secret from firstProject* values | `true` |
| firstProjectBigqueryCredentials: | *Replace with your value*. Required for first project bigquery connection seed if BACKEND_FIRST_PROJECT_SEED_CONNECTIONS is set to `'TRUE'`. | `{}` |
| firstProjectRemotePrivateKey: | *Replace with your value*. Required if BACKEND FIRST_PROJECT_REMOTE_TYPE is set to `GitClone` | `''` |
| firstProjectRemotePublicKey: | *Replace with your value*. Required if BACKEND FIRST_PROJECT_REMOTE_TYPE is set to `GitClone` | `''` |
| envs: | | |
| NODE_ENV: | | `production` |
| BACKEND_ENV: | | `PROD` |
| BACKEND_MYSQL_DATABASE: | | `mprovedb` |
| BACKEND_MYSQL_PASSWORD: | | `mysqlpass` |
| BACKEND_MYSQL_HOST: | | `db` |
| BACKEND_MYSQL_PORT: | | `3306` |
| BACKEND_MYSQL_USERNAME: | | `root` |
| BACKEND_RABBIT_PROTOCOL: | | `amqp` |
| BACKEND_RABBIT_USER: | | `rabbituser` |
| BACKEND_RABBIT_PASS: | *Replace with your value* | `rabbitpass` |
| BACKEND_RABBIT_HOST: | | `rabbit` |
| BACKEND_RABBIT_PORT: | | `5672` |
| BACKEND_JWT_SECRET: | *Replace with your value* | `jwtsecret` |
| BACKEND_SPECIAL_KEY: | | |
| BACKEND_ALLOW_TEST_ROUTES: | Value must be `'TRUE'` or `'FALSE'`. Value `'TRUE'` should be used for testing purposes only. | `'FALSE'` |
| BACKEND_FIRST_USER_EMAIL: | *Replace with your real email* | `[email protected]` |
| BACKEND_FIRST_USER_PASSWORD: | *Replace with your value* | `userpass` |
| BACKEND_FIRST_ORG_ID: | | `AWNCAHWLFQTQJYCH3ZSE` |
| BACKEND_FIRST_PROJECT_ID: | | `DXYE72ODCP5LWPWH2EXQ` |
| BACKEND_FIRST_PROJECT_REMOTE_TYPE: | Value must be `Managed` or `GitClone`. | `Managed` |
| BACKEND_FIRST_PROJECT_GIT_URL: | *Replace with your value*. Required if BACKEND FIRST_PROJECT_REMOTE_TYPE is set to `GitClone`. Git URL format is `[email protected]:account-name/repo-name.git`. | |
| BACKEND_FIRST_PROJECT_PRIVATE_KEY_PATH: | | `secrets/first-project-remote-private-key.pem` |
| BACKEND_FIRST_PROJECT_PUBLIC_KEY_PATH: | | `secrets/first-project-remote-public-key.pem` |
| BACKEND_FIRST_PROJECT_SEED_CONNECTIONS: | Value must be `'TRUE'` or `'FALSE'` | `'TRUE'` |
| BACKEND_FIRST_PROJECT_DWH_POSTGRES_PASSWORD: | *Replace with your value* | `postgrespass` |
| BACKEND_FIRST_PROJECT_DWH_CLICKHOUSE_PASSWORD: | *Replace with your value* | `clickhousepass` |
| BACKEND_FIRST_PROJECT_DWH_BIGQUERY_CREDENTIALS_PATH: | | `secrets/first-project-bigquery-credentials.json` |
| BACKEND_FIRST_PROJECT_DWH_SNOWFLAKE_ACCOUNT: | *Replace with your value* | `realSnowflakeAccount` |
| BACKEND_FIRST_PROJECT_DWH_SNOWFLAKE_WAREHOUSE: | *Replace with your value* | `realSnowflakeWarehouse` |
| BACKEND_FIRST_PROJECT_DWH_SNOWFLAKE_USERNAME: | *Replace with your value* | `realSnowflakeUsername` |
| BACKEND_FIRST_PROJECT_DWH_SNOWFLAKE_PASSWORD: | *Replace with your value* | `realSnowflakePassword` |
| BACKEND_ALLOW_USERS_TO_CREATE_ORGANIZATIONS: | Value must be `'TRUE'` or `'FALSE'`. If set to `'FALSE'`, then make sure BACKEND_FIRST_USER_EMAIL and BACKEND_FIRST_USER_PASSWORD are not empty, as only the First User will be able to create new organizations. | `'FALSE'` |
| BACKEND_REGISTER_ONLY_INVITED_USERS: | Value must be `'TRUE'` or `'FALSE'`. If set to `'TRUE'`, then make sure BACKEND_FIRST_USER_EMAIL and BACKEND_FIRST_USER_PASSWORD are not empty, as new users will only be able to register if they are invited to a project (by First User or other registered users). | `'TRUE'` |
| BACKEND_HOST_URL: | *Replace with your value* | `https://real-host.example.com` |
| BACKEND_SEND_EMAIL_FROM_NAME: | *Replace with your value* | `My Company Name` |
| BACKEND_SEND_EMAIL_FROM_ADDRESS: | *Replace with your value* | `[email protected]` |
| BACKEND_EMAIL_TRANSPORT: | Value must be `SMTP` or `MAILGUN`. Email delivery is used for transactional emails. Such as inviting new team members to the project, confirming registration or changing the password. Without a working email delivery credentials, users will not be able to confirm registration. | `SMTP` |
| BACKEND_MAILGUN_ACTIVE_API_KEY: | | |
| BACKEND_MAILGUN_DOMAIN: | | |
| BACKEND_SMTP_HOST: | *Replace with your value* | `real-smtp.example.com` |
| BACKEND_SMTP_PORT: | *Replace with your value* | `465` |
| BACKEND_SMTP_SECURE: | Value must be `'TRUE'` or `'FALSE'` | `'TRUE'` |
| BACKEND_SMTP_AUTH_USER: | *Replace with your value* | `realSmtpUser` |
| BACKEND_SMTP_AUTH_PASSWORD: | *Replace with your value* | `realSmtpPassword` |
| BACKEND_LOG_IS_JSON: | Value must be `'TRUE'` or `'FALSE'` | `'TRUE'` |
| BACKEND_LOG_RESPONSE_ERROR: | Value must be `'TRUE'` or `'FALSE'` | `'FALSE'` |
| BACKEND_LOG_RESPONSE_OK: | Value must be `'TRUE'` or `'FALSE'` | `'FALSE'` |
| **dwhPostgres:** | **DWH Postgres container should only be used for First Project demonstration purposes** | |
| enabled: | Enables [mprove/templates/dwh-postgres.yaml](https://github.com/mprove-io/mprove-helm-charts/tree/master/mprove/templates/dwh-postgres.yaml) resource | `true` |
| image: | | `ghcr.io/mprove-io/mprove-dwh-postgres` |
| name: | | `dwh-postgres` |
| storage: | | `2Gi` |
| envsSecretName: | Secret name from which dwhPostgres container will get environment variables | `dwh-postgres-envs` |
| createEnvsSecret: | Creates [mprove/templates/secrets/secret-dwh-postgres-envs.yaml](https://github.com/mprove-io/mprove-helm-charts/tree/master/mprove/templates/secrets/secret-dwh-postgres-envs.yaml) secret from envs values | `true` |
| envs: | | |
| PGDATA: | | `/var/lib/postgresql/data/pgdata` |
| POSTGRES_PASSWORD: | *Replace with your value* | `postgrespass` |
| **dwhClickhouse:** | **DWH ClickHouse container should only be used for First Project demonstration purposes** | |
| enabled: | Enables [mprove/templates/dwh-clickhouse.yaml](https://github.com/mprove-io/mprove-helm-charts/tree/master/mprove/templates/dwh-clickhouse.yaml) resource. | `true` |
| image: | | `ghcr.io/mprove-io/mprove-dwh-clickhouse` |
| name: | | `dwh-clickhouse` |
| storage: | | `2Gi` |
| storageLogs: | | `2Gi` |
| envsSecretName: | Secret name from which dwhClickhouse container will get environment variables | `dwh-clickhouse-envs` |
| createEnvsSecret: | Creates [mprove/templates/secrets/secret-dwh-clickhouse-envs.yaml](https://github.com/mprove-io/mprove-helm-charts/tree/master/mprove/templates/secrets/secret-dwh-clickhouse-envs.yaml) secret from envs values | `true` |
| envs: | | |
| CLICKHOUSE_DB: | | `c_db` |
| CLICKHOUSE_USER: | | `c_user` |
| CLICKHOUSE_PASSWORD: | *Replace with your value* | `clickhousepass` |