# direct access to Keep storage daemons to set this header value to 0.
geo $external_client {
default 1;
- 10.0.0.0/8 0;
+ {{- range .Values.internalIPs }}
+ {{ . }} 0;
+ {{- end }}
}
server {
spec:
dnsConfig:
searches:
- - "arvados-slurm-compute.default.svc.cluster.local"
+ - "arvados-slurm-compute.{{ .Release.Namespace }}.svc.cluster.local"
containers:
- name: {{ .Chart.Name }}
image: "cure/arvados-slurm-runtime"
- name: etc-configmap
mountPath: /etc/arvados/config.yml
subPath: config.yml
+ {{- if .Values.keep.persistence.enabled }}
+ - name: keep-store-storage
+ mountPath: /keepdata
+ {{- end }}
volumes:
- name: etc-configmap
configMap:
name: etc-configmap
-
+ {{- if .Values.keep.persistence.enabled }}
+ volumeClaimTemplates:
+ - metadata:
+ name: keep-store-storage
+ spec:
+ storageClassName: {{ .Values.keep.persistence.storageClass }}
+ accessModes:
+ - ReadWriteOnce
+ resources:
+ requests:
+ storage: {{ .Values.keep.persistence.size }}
+ {{- end }}
# SPDX-License-Identifier: Apache-2.0
apiVersion: apps/v1
-kind: Deployment
+kind: StatefulSet
metadata:
name: "arvados-postgres"
labels:
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
+ replicas: 1
+ podManagementPolicy: Parallel
+ serviceName: arvados-postgres
selector:
matchLabels:
app: arvados-postgres
app: arvados-postgres
release: {{ .Release.Name }}
spec:
+ terminationGracePeriodSeconds: 1
containers:
- name: {{ .Chart.Name }}
image: "postgres:9.5"
imagePullPolicy: {{ .Values.image.pullPolicy }}
env:
- - name: POSTGRES_HOST_AUTH_METHOD
- value: "trust"
+ - name: POSTGRES_HOST_AUTH_METHOD
+ value: "trust"
volumeMounts:
- name: postgres-configmap
mountPath: /docker-entrypoint-initdb.d/create_dbs.sh
subPath: create_dbs.sh
+ {{- if .Values.postgres.persistence.enabled }}
+ - name: postgres-storage
+ mountPath: /var/lib/postgresql/data
+ {{- end }}
volumes:
- name: postgres-configmap
configMap:
name: postgres-configmap
+ {{- if .Values.postgres.persistence.enabled }}
+ - name: postgres-storage
+ persistentVolumeClaim:
+ claimName: {{ .Release.Name }}-postgres-pvc
+ {{- end }}
+ {{- if .Values.postgres.persistence.enabled }}
+ volumeClaimTemplates:
+ - metadata:
+ name: postgres-storage
+ spec:
+ storageClassName: {{ .Values.postgres.persistence.storageClass }}
+ accessModes:
+ - ReadWriteOnce
+ resources:
+ requests:
+ storage: {{ .Values.postgres.persistence.size }}
+ {{- end }}
spec:
dnsConfig:
searches:
- - "arvados-slurm-compute.default.svc.cluster.local"
+ - "arvados-slurm-compute.{{ .Release.Namespace }}.svc.cluster.local"
terminationGracePeriodSeconds: 1
containers:
- name: {{ .Chart.Name }}
spec:
dnsConfig:
searches:
- - "arvados-slurm-compute.default.svc.cluster.local"
+ - "arvados-slurm-compute.{{ .Release.Namespace }}.svc.cluster.local"
terminationGracePeriodSeconds: 1
containers:
- name: {{ .Chart.Name }}
# Must be set to a valid IP address, e.g. by using --set when invoking helm
externalIP: ~
+# A list of CIDRs that have direct access to the Keep store service. All other
+# IP addresses will use the Keep proxy.
+# If hosts outside your cluster are in the default range (10.0.0.0/8), change
+# this to the exact CIDR of your cluster.
+# If using MetaLB with apiServerExternalTrafficPolicy set to Cluster, set this
+# to an empty list, since the source IP will be obscured.
+internalIPs: [10.0.0.0/8]
+
loadBalancer:
# Annotations to add to all LoadBalancer Services.
# This is required for MetalLB, since the same externalIP is reused for all
arvadosCLI: 2.1.1
arvadosLoginSync: 2.1.1
+postgres:
+ persistence:
+ enabled: true
+ storageClass: ~
+ size: 8Gi
+
+keep:
+ persistence:
+ enabled: true
+ storageClass: ~
+ size: 64Gi
+
# A custom bundle of CA certificates to use.
# Useful for corporate networks with TLS proxies.
# Set it by using the --set-file Helm argument.