Public Information

2025-01-24 16:18:47 +01:00
commit 0bd2038c86
449 changed files with 108655 additions and 0 deletions
--- a/samples/environment/README.md
+++ b/samples/environment/README.md
@@ -0,0 +1,69 @@
+# K8s namespace aka *nplus environment*
+
+*nplus instances* are deployed into K8s namespaces. Always. even if you do not specify a namespace, it uses a namespace: `default`.
+
+In order to use this namespace for *nplus instances*, you need to deploy some shared *nplus components* into it, which are used by the instances. This is done by the environment chart:
+
+```
+helm install \
+  --values demo.yaml \
+  demo nplus/nplus-environment
+```
+
+After that, the K8s namespace is a valid *nplus environment* that can house multiple *nplus instances*.
+
+
+## deploying assets into the environment
+
+Most likely, you will need assets to be used by your instances. Fonts for example: The *nscale Rendition Server* and die *nscale Server Application Layer* both require the Microsoft fonts, that are not allowed to be distributed by neither nscale nor nplus. So this example shows how to upload some missing pieces into the environment:
+
+```
+kubectl cp ./apps/app-installer-9.0.1202.jar nplus-toolbox-0:/conf/pool
+kubectl cp ./fonts nplus-toolbox-0:/conf/pool
+kubectl cp ./copy-snippet.sh nplus-toolbox-0:/conf/pool/scripts
+kubectl cp ./test.md nplus-toolbox-0:/conf/pool/snippets
+kubectl cp ./snc nplus-toolbox-0:/conf/pool
+```
+
+Alternatively, you can also use a `prepper` component, that you can activate on the environment chart, to download assets from any web site and deploy them into the environment:
+
+```
+components:
+  prepper: true
+prepper:
+  download:
+    - "https://git.nplus.cloud/public/nplus/raw/branch/master/assets/sample.tar.gz"
+```
+
+Please see the prepper [README.md](../../charts/prepper/README.md) for more information.
+
+
+## Operator Web UI
+
+The environment comes with the operator, responsible for managing / controlling the [custom resources](../cluster/README.md). It has a Web UI, that can be enabled in the environment chart.
+
+![screenshot operator](assets/operator.png)
+
+## *namespace*-less manifests
+
+Speaking of namespaces: Sometimes you want to drop the namespace from your manifest. This can be done by
+
+```yaml
+utils:
+  includeNamespace: false
+```
+
+when you then call
+
+```bash
+helm template myInstance nplus/nplus-instance > myInstance.yaml
+```
+
+the manifest in `myInstance.yaml` will **not** have a namespace set, so you can apply it to multiple namespaces later:
+
+```bash
+kubectl apply --namespace dev -f myInstance.yaml
+kubectl apply --namespace qa -f myInstance.yaml
+kubectl apply --namespace prod -f myInstance.yaml
+```
+
--- a/samples/environment/assets/operator.png
+++ b/samples/environment/assets/operator.png
--- a/samples/environment/build.sh
+++ b/samples/environment/build.sh
@@ -0,0 +1,39 @@
+#!/bin/bash
+#
+# This sample script builds the example as described. It is also used to build the test environment in our lab,
+# so it should be well tested.
+#
+
+# Make sure it fails immediately, if anything goes wrong
+set -e
+
+# -- ENVironment variables:
+# CHARTS: The path to the source code
+# DEST: The path to the build destination
+# SAMPLE: The name of the sample
+# KUBE_CONTEXT: The name of the kube context, used to build this sample depending on where you run it against. You might have different Environments such as lab, dev, qa, prod, demo, local, ...
+SAMPLE=environment
+
+# Check, if we have the source code available
+if [ ! -d "$CHARTS" ]; then
+    echo "ERROR Building $SAMPLE example: The Charts Sources folder is not set. Please make sure to run this script with the full Source Code available"
+    exit 1
+fi
+if [ ! -d "$DEST" ]; then
+    echo "ERROR Building $SAMPLE example: DEST folder not found."
+    exit 1
+fi
+if [ ! -d "$CHARTS/environment" ]; then
+    echo "ERROR Building $SAMPLE example: Chart Sources in $CHARTS/environment not found. Are you running this script as a subscriber?"
+    exit 1
+fi
+
+# Output what is happening
+echo "Building $SAMPLE for $KUBE_CONTEXT"
+
+# Create the manifest
+mkdir -p $DEST/environment
+helm template --debug --render-subchart-notes \
+    --values $SAMPLES/$SAMPLE/$KUBE_CONTEXT.yaml \
+    $KUBE_CONTEXT $CHARTS/environment > $DEST/environment/$KUBE_CONTEXT.yaml
+
--- a/samples/environment/demo.yaml
+++ b/samples/environment/demo.yaml
@@ -0,0 +1,24 @@
+toolbox:
+  enabled: true
+dav:
+  enabled: true
+nstoreDownloader:
+  enabled: true
+global:
+  environment:
+    utils:
+      renderComments: true
+    ingress:
+      domain: "{{ .instance.group | default .Release.Name }}.demo.nplus.cloud"
+      class: "public"
+      issuer: "nplus-issuer"
+    storage:
+      conf:
+        class: "cephfs"
+      data:
+        class: "ceph-rbd"
+      disk:
+        class: "ceph-rbd"
+      file:
+        class: "cephfs"
+    appInstaller: "/pool/app-installer-9.0.1202.jar"
--- a/samples/environment/dev.yaml
+++ b/samples/environment/dev.yaml
@@ -0,0 +1,26 @@
+toolbox:
+  enabled: true
+dav:
+  enabled: true
+nstoreDownloader:
+  enabled: true
+global:
+  environment:
+    ingress:
+      class: "ingress-internal"
+      domain: "{{ .instance.group | default .Release.Name }}.dev.nplus.cloud"
+      issuer: "nplus-issuer"
+    storage:
+      conf:
+        class: "pv-af-auto"
+      data:
+        class: "pv-disk-auto"
+      file:
+        class: "pv-af-auto"
+    appInstaller: "/pool/app-installer-9.0.1202.jar"
+    security:
+      illumio:
+        enabled: true
+        loc: "samples"
+        supplier: "42i"
+        platform: "nplus.cloud"
--- a/samples/environment/lab.yaml
+++ b/samples/environment/lab.yaml
@@ -0,0 +1,48 @@
+toolbox:
+  enabled: true
+  nstoreDownloader:
+    enabled: true
+dav:
+  enabled: true
+nappl:
+  ingress:
+    enabled: true
+
+# -- In the lab / dev environment, we quite often throw away the data disk while keeping the conf folder
+# the default for the DA_HID.DAT is the conf folder, so they do not match any more.
+# So we switch the check off here.
+nstl:
+  checkHighestDocId: "0"
+nstla:
+  checkHighestDocId: "0"
+nstlb:
+  checkHighestDocId: "0"
+
+global:
+  environment:
+    ingress:
+      domain: "{{ .instance.group | default .Release.Name }}.lab.nplus.cloud"
+      class: "public"
+      issuer: "nplus-issuer"
+      whitelist: "192.168.0.0/16,10.0.0.0/8"
+      namespace: ingress
+      # proxyReadTimeout: "360s"
+    storage:
+      conf:
+        class: "cephfs"
+      ptemp:
+        class: "cephfs"
+      data:
+        class: "ceph-rbd"
+      disk:
+        class: "ceph-rbd"
+      file:
+        class: "cephfs"
+    appInstaller: "/pool/app-installer-9.0.1202.jar"
+    # repoOverride: cr.test.lan
+    security:
+      cni:
+        defaultIngressPolicy: deny
+        defaultEgressPolicy: deny
+        createNetworkPolicy: true
+        excludeUnusedPorts: false
--- a/samples/environment/local.yaml
+++ b/samples/environment/local.yaml
@@ -0,0 +1,12 @@
+toolbox:
+  enabled: true
+dav:
+  enabled: true
+nstoreDownloader:
+  enabled: true
+global:
+  environment:
+    ingress:
+      class: "nginx"
+      domain: "{{ .instance.group | default .Release.Name }}.dev.local"
+    appInstaller: "/pool/app-installer-9.0.1202.jar"
--- a/samples/environment/nodeport.yaml
+++ b/samples/environment/nodeport.yaml
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: nplus-operator-nodeport-access
+spec:
+  type: NodePort
+  selector:
+    nplus/component: operator
+  ports:
+    - port: 8080
+      targetPort: 8080
+      nodePort: 31976