Labels, ingress and probes

helm/dendrite/README.md

@@ -88,8 +88,11 @@ Create a folder `appservices` and place your configurations in there.  The confi
 | federationapi.send_max_retries | int | `16` |  |
 | image.name | string | `"ghcr.io/matrix-org/dendrite-monolith:v0.10.8"` | Docker repository/image to use |
 | image.pullPolicy | string | `"IfNotPresent"` | Kubernetes pullPolicy |
-| ingress.annotations | object | `{}` |  |
+| ingress.annotateFor | string | `""` |  |
+| ingress.annotations | object | `{}` | Extra, custom annotations |
+| ingress.className | string | `""` |  |
 | ingress.enabled | bool | `false` | Create an ingress for a monolith deployment |
+| ingress.hostName | string | `""` |  |
 | ingress.hosts | list | `[]` |  |
 | ingress.tls | list | `[]` |  |
 | mediaapi.dynamic_thumbnails | bool | `false` |  |
@@ -102,7 +105,7 @@ Create a folder `appservices` and place your configurations in there.  The confi
 | persistence.media.existingClaim | string | `""` | Use an existing volume claim for media files |
 | persistence.search.capacity | string | `"1Gi"` |  |
 | persistence.search.existingClaim | string | `""` | Use an existing volume claim for the fulltext search index |
-| persistence.storageClass | string | `"local-path"` |  |
+| persistence.storageClass | string | `""` |  |
 | postgresql.auth.database | string | `"dendrite"` |  |
 | postgresql.auth.password | string | `"changeme"` |  |
 | postgresql.auth.username | string | `"dendrite"` |  |
@@ -111,6 +114,8 @@ Create a folder `appservices` and place your configurations in there.  The confi
 | postgresql.image.tag | string | `"14.4.0"` |  |
 | postgresql.persistence.enabled | bool | `false` |  |
 | resources | object | sets some sane default values | Default resource requests/limits. |
+| service.port | int | `80` |  |
+| service.type | string | `"ClusterIP"` |  |
 | syncapi.real_ip_header | string | `"X-Real-IP"` | This option controls which HTTP header to inspect to find the real remote IP address of the client. This is likely required if Dendrite is running behind a reverse proxy server. |
 | syncapi.search | object | `{"enabled":false,"language":"en"}` | Configuration for the full-text search engine. |
 | syncapi.search.enabled | bool | `false` | Whether or not search is enabled. |

helm/dendrite/templates/_helpers.tpl

@@ -13,7 +13,60 @@
 {{- end -}}
 {{- end -}}
 
+
 {{- define "image.name" -}}
 image: {{ .name }}
 imagePullPolicy: {{ .pullPolicy }}
-{{- end -}}
+{{- end -}}
+
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "dendrite.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "dendrite.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "dendrite.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "dendrite.labels" -}}
+helm.sh/chart: {{ include "dendrite.chart" . }}
+{{ include "dendrite.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "dendrite.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "dendrite.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}

helm/dendrite/templates/deployment.yaml

@@ -10,12 +10,12 @@ metadata:
 spec:
   selector:
     matchLabels:
-      app: {{ $.Chart.Name }}
+      {{- include "dendrite.selectorLabels" . | nindent 6 }}
   replicas: 1
   template:
     metadata:
       labels:
-        app: {{ $.Chart.Name }}
+        {{- include "dendrite.selectorLabels" . | nindent 8 }}
     spec:
       volumes:
       - name: {{ .Release.Name }}-conf-vol
@@ -44,6 +44,10 @@ spec:
         args:
           - '--config'
           - '/etc/dendrite/dendrite.yaml'
+        ports:
+          - name: http
+            containerPort: 8008
+            protocol: TCP
         resources:
         {{- toYaml $.Values.resources | nindent 10 }}
         volumeMounts:
@@ -61,4 +65,28 @@ spec:
         - mountPath: /data/jetstream
           name: {{ .Release.Name }}-jetstream
         - mountPath: /data/search
-          name: {{ .Release.Name }}-search
+          name: {{ .Release.Name }}-search
+        livenessProbe:
+          initialDelaySeconds: 10
+          periodSeconds: 10
+          timeoutSeconds: 5
+          failureThreshold: 10
+          httpGet:
+            path: /_dendrite/monitor/health
+            port: http
+        readinessProbe:
+          initialDelaySeconds: 10
+          periodSeconds: 10
+          timeoutSeconds: 5
+          failureThreshold: 10
+          httpGet:
+            path: /_dendrite/monitor/health
+            port: http
+        startupProbe:
+          initialDelaySeconds: 5
+          periodSeconds: 10
+          timeoutSeconds: 5
+          failureThreshold: 10
+          httpGet:
+            path: /_dendrite/monitor/up
+            port: http

helm/dendrite/templates/ingress.yaml

@@ -1,28 +1,36 @@
 {{- if .Values.ingress.enabled -}}
-{{ $component := "monolith" }}
-{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
+  {{- $fullName := include "dendrite.fullname" . -}}
+  {{- $svcPort := .Values.service.port -}}
+  {{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
   {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
   {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
   {{- end }}
-{{- end }}
-{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
+  {{- end }}
+  {{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
 apiVersion: networking.k8s.io/v1
-{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+  {{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
 apiVersion: networking.k8s.io/v1beta1
-{{- else -}}
+  {{- else -}}
 apiVersion: extensions/v1beta1
-{{- end }}
+  {{- end }}
 kind: Ingress
 metadata:
-  namespace: {{ $.Release.Namespace }}
-  name: {{ $component }}
+  name: {{ $fullName }}
   labels:
-    app: {{ $.Chart.Name }}
-    component: {{ $component }}
-  {{- with .Values.ingress.annotations }}
+    {{- include "dendrite.labels" . | nindent 4 }}
   annotations:
+    {{- if eq .Values.ingress.annotateFor "nginx" }}
+    nginx.ingress.kubernetes.io/upstream-hash-by: "$http_authorization"
+    nginx.org/proxy-connect-timeout: 60s
+    nginx.org/proxy-read-timeout: 60s
+    {{- else if eq .Values.ingress.annotateFor "openshift" }}
+    route.openshift.io/termination: edge
+    haproxy.router.openshift.io/balance: source
+    haproxy.router.openshift.io/timeout: 60000ms
+    {{- end}}
+    {{- with .Values.ingress.annotations }}
     {{- toYaml . | nindent 4 }}
-  {{- end }}
+    {{- end }}
 spec:
   {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
   ingressClassName: {{ .Values.ingress.className }}
@@ -38,25 +46,19 @@ spec:
     {{- end }}
   {{- end }}
   rules:
-    {{- range .Values.ingress.hosts }}
-    - host: {{ .host | quote }}
+    - host: {{ .Values.ingress.hostName | quote }}
       http:
         paths:
-          {{- range .paths }}
-          - path: {{ .path }}
-            {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
-            pathType: {{ .pathType }}
-            {{- end }}
+          - path: /
+            pathType: ImplementationSpecific
             backend:
               {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
               service:
-                name: {{ $component }}
+                name: {{ $fullName }}
                 port:
-                  number: 8008
+                  number: {{ $svcPort }}
               {{- else }}
-              serviceName: {{ $component }}
-              servicePort: 8008
+              serviceName: {{ $fullName }}
+              servicePort: {{ $svcPort }}
               {{- end }}
-          {{- end }}
-    {{- end }}
-{{- end }}
+  {{- end }}

helm/dendrite/values.yaml

@@ -145,7 +145,7 @@ resources:
     memory: "4096Mi"
 
 persistence:
-  storageClass: local-path
+  storageClass: ""
   jetstream:
     # -- Use an existing volume claim for jetstream
     existingClaim: ""
@@ -237,7 +237,15 @@ postgresql:
 ingress:
   # -- Create an ingress for a monolith deployment
   enabled: false
-
-  annotations: {}
   hosts: []
+  className: ""
+  hostName: ""
+  annotateFor: ""  # one of 'openshift' or 'nginx'
+  # -- Extra, custom annotations
+  annotations: {}
+
   tls: []
+
+service:
+  type: ClusterIP
+  port: 80