From e4aa0c38e0029bf0d928e939a011d8d362309173 Mon Sep 17 00:00:00 2001
From: mprudnikov3 <139206622+mprudnikov3@users.noreply.github.com>
Date: Thu, 24 Oct 2024 14:11:21 +0700
Subject: [PATCH] Release 1.30.0 (#526)
---
.../{mm-notify.yaml => mm-pr-notify.yaml} | 9 +-
.github/workflows/mm-release-notify.yaml | 27 ++
Breaking-Changes.md | 8 +
CHANGELOG.md | 38 +++
charts/catalog-api/Chart.yaml | 2 +-
charts/citylens/Chart.yaml | 4 +-
charts/citylens/README.md | 17 +-
charts/citylens/templates/web/configmap.yaml | 5 +
charts/citylens/values.yaml | 11 +-
charts/dgtt/Chart.yaml | 2 +-
charts/floors-api/Chart.yaml | 2 +-
charts/generic-chart/Chart.yaml | 2 +-
charts/gis-platform/Chart.yaml | 2 +-
charts/gis-platform/README.md | 8 +-
.../gis-platform-portal-configmap.yaml | 2 +-
.../templates/gis-platform-portal-dep.yaml | 4 +-
.../gis-platform-websocket-ingress.yaml | 2 +-
charts/gis-platform/values.yaml | 10 +-
charts/keycloak/Chart.yaml | 2 +-
charts/keys/Chart.yaml | 4 +-
charts/keys/README.md | 104 +++++---
charts/keys/templates/cleaner/cronjob.yaml | 49 ++++
.../keys/templates/dispatcher/deployment.yaml | 78 ++++++
charts/keys/templates/helpers.tpl | 42 +++
charts/keys/values.yaml | 109 +++++++-
charts/license/Chart.yaml | 2 +-
charts/mapgl-js-api/Chart.yaml | 2 +-
charts/navi-async-grpc-proxy/Chart.yaml | 2 +-
charts/navi-async-matrix/Chart.yaml | 2 +-
charts/navi-back/Chart.yaml | 2 +-
charts/navi-castle/Chart.yaml | 2 +-
charts/navi-front/Chart.yaml | 2 +-
charts/navi-restrictions/Chart.yaml | 2 +-
charts/navi-router/Chart.yaml | 2 +-
charts/navi-splitter/Chart.yaml | 2 +-
charts/platform/Chart.yaml | 2 +-
charts/pro-api/Chart.yaml | 4 +-
charts/pro-api/README.md | 221 ++++++++--------
charts/pro-api/templates/_helpers.tpl | 4 +-
charts/pro-api/templates/deployment.yaml | 10 +-
.../templates/permissions-api-deployment.yaml | 4 +-
charts/pro-api/templates/secrets.yaml | 4 +-
charts/pro-api/values.yaml | 241 ++++++++++--------
charts/pro-ui/Chart.yaml | 2 +-
charts/pro-ui/README.md | 2 +-
charts/pro-ui/values.yaml | 2 +-
charts/search-api/Chart.yaml | 2 +-
charts/stat-receiver/Chart.yaml | 2 +-
charts/styles-api/Chart.yaml | 2 +-
charts/tiles-api/Chart.yaml | 4 +-
charts/tiles-api/README.md | 7 +-
.../tiles-api/configs/importer/importer.yaml | 1 +
charts/tiles-api/values.yaml | 8 +-
charts/traffic-proxy/Chart.yaml | 2 +-
charts/traffic-proxy/README.md | 22 +-
charts/traffic-proxy/templates/configmap.yaml | 31 ++-
charts/traffic-proxy/values.yaml | 46 ++++
charts/twins-api/Chart.yaml | 2 +-
image_versions.txt | 26 +-
styleguide.md | 9 +-
60 files changed, 880 insertions(+), 343 deletions(-)
rename .github/workflows/{mm-notify.yaml => mm-pr-notify.yaml} (92%)
create mode 100644 .github/workflows/mm-release-notify.yaml
create mode 100644 charts/keys/templates/cleaner/cronjob.yaml
create mode 100644 charts/keys/templates/dispatcher/deployment.yaml
diff --git a/.github/workflows/mm-notify.yaml b/.github/workflows/mm-pr-notify.yaml
similarity index 92%
rename from .github/workflows/mm-notify.yaml
rename to .github/workflows/mm-pr-notify.yaml
index ce6453bf3..055676671 100644
--- a/.github/workflows/mm-notify.yaml
+++ b/.github/workflows/mm-pr-notify.yaml
@@ -4,7 +4,12 @@ name: Send notification to Mattermost
on:
pull_request:
- types: [opened, reopened, edited, ready_for_review]
+ types:
+ - opened
+ - reopened
+ - edited
+ - ready_for_review
+
jobs:
build:
runs-on: ubuntu-latest
@@ -21,7 +26,7 @@ jobs:
- uses: mattermost/action-mattermost-notify@master
if: ${{ (github.event.pull_request.draft == false && startsWith(github.event.pull_request.title, 'WIP:') == false && github.event.action == 'edited' && startsWith(github.event.changes.title.from, 'WIP:') == true ) || github.event.action == 'ready_for_review'}}
with:
- MATTERMOST_WEBHOOK_URL: ${{ secrets.MM_WEBHOOK_URL }}
+ MATTERMOST_WEBHOOK_URL: ${{ secrets.MM_WH_PR }}
MATTERMOST_USERNAME: Github
MATTERMOST_ICON_URL: https://upload.wikimedia.org/wikipedia/commons/thumb/c/c2/GitHub_Invertocat_Logo.svg/256px-GitHub_Invertocat_Logo.svg.png
TEXT: |
diff --git a/.github/workflows/mm-release-notify.yaml b/.github/workflows/mm-release-notify.yaml
new file mode 100644
index 000000000..bb75c0b83
--- /dev/null
+++ b/.github/workflows/mm-release-notify.yaml
@@ -0,0 +1,27 @@
+---
+
+name: Send release notification to Mattermost
+
+on:
+ workflow_run:
+ workflows:
+ - "Release Charts"
+ push:
+ tags:
+ - \d+\.\d+\.\d+
+ types:
+ - completed
+
+jobs:
+ build:
+ runs-on: ubuntu-latest
+ steps:
+ - uses: mattermost/action-mattermost-notify@master
+ if: ${{ github.event.workflow_run.conclusion == 'success' }}
+ with:
+ MATTERMOST_WEBHOOK_URL: ${{ secrets.MM_WH_ON_PREMISE_RELEASE }}
+ MATTERMOST_USERNAME: Github
+ MATTERMOST_ICON_URL: https://upload.wikimedia.org/wikipedia/commons/thumb/c/c2/GitHub_Invertocat_Logo.svg/256px-GitHub_Invertocat_Logo.svg.png
+ TEXT: |
+ Опубликован On-Premise: ${{ github.ref_name }}
+ Документация: https://confluence.2gis.ru/display/Karta/Release+${{ github.ref_name }}+On-Premise
diff --git a/Breaking-Changes.md b/Breaking-Changes.md
index 5663b344b..f90a78d90 100644
--- a/Breaking-Changes.md
+++ b/Breaking-Changes.md
@@ -1,5 +1,13 @@
# 2GIS On-Premise Breaking-Changes
+## [1.30.0]
+
+### pro-api
+- api.pod.appName renamed api.appName
+- api.settings.enableUserAssetsImporter renamed to api.settings.backgroundJobs.enableUserAssetsImporter
+- api.settings.enableAssetsStreaming renamed to api.settings.backgroundJobs.enableAssetsStreaming
+- api.settings.auth.permissionsApiKey renamed permissions.settings.auth.apiKey
+
## [1.29.0]
### mapgl-js-api
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 699499879..f2fb5d692 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,43 @@
# 2GIS On-Premise Changelog
+## [1.30.0] (2024-10-24)
+#### [Breaking-Changes](Breaking-Changes.md#1300)
+#### Images
+```
+citylens
+ - citylens-api:1.13.1
+ + citylens-api:1.14.2
+ - citylens-database:1.13.0
+ + citylens-database:1.14.0
+ - citylens-web:1.13.0
+ + citylens-web:1.14.2
+ - citylens-workers:1.13.0
+ + citylens-workers:1.14.2
+keys
+ - keys-backend:1.87.0
+ + keys-backend:1.89.0
+pro-api
+ - pro-api:1.35.0
+ + pro-api:1.41.0
+ - pro-importer:1.35.0
+ + pro-importer:1.41.0
+ - pro-importer:1.35.0
+ + pro-importer:1.41.0
+ - pro-permissions-api:1.35.0
+ + pro-permissions-api:1.41.0
+pro-ui
+ - pro-importer:1.35.0
+ + pro-importer:1.41.0
+tiles-api
+ - tiles-api-importer:4.54.0
+ + tiles-api-importer:4.61.0
+ - tiles-api-proxy:4.54.0
+ + tiles-api-proxy:4.61.0
+ - tiles-api:4.54.0
+ + tiles-api:4.61.0
+
+```
+
## [1.29.0] (2024-10-02)
#### [Breaking-Changes](Breaking-Changes.md#1290)
#### Images
diff --git a/charts/catalog-api/Chart.yaml b/charts/catalog-api/Chart.yaml
index fd35e1524..861982e1a 100644
--- a/charts/catalog-api/Chart.yaml
+++ b/charts/catalog-api/Chart.yaml
@@ -3,7 +3,7 @@ name: catalog-api
type: application
description: A Helm chart for Kubernetes to deploy Catalog APIs
-version: 1.29.0
+version: 1.30.0
appVersion: 3.625.0
maintainers:
diff --git a/charts/citylens/Chart.yaml b/charts/citylens/Chart.yaml
index 66c091798..f8cc8d890 100644
--- a/charts/citylens/Chart.yaml
+++ b/charts/citylens/Chart.yaml
@@ -3,8 +3,8 @@ name: citylens
type: application
description: A Helm chart for Kubernetes to deploy Citylens service
-version: 1.29.0
-appVersion: 1.13.1
+version: 1.30.0
+appVersion: 1.14.2
maintainers:
- name: 2gis
diff --git a/charts/citylens/README.md b/charts/citylens/README.md
index 11925c672..2421360fe 100644
--- a/charts/citylens/README.md
+++ b/charts/citylens/README.md
@@ -47,7 +47,7 @@ See the [documentation]() to learn about:
| Name | Description | Value |
| ---------------------- | ------------ | ------------------------------ |
| `api.image.repository` | Repository. | `2gis-on-premise/citylens-api` |
-| `api.image.tag` | Tag. | `1.13.1` |
+| `api.image.tag` | Tag. | `1.14.2` |
| `api.image.pullPolicy` | Pull Policy. | `IfNotPresent` |
### Resources settings
@@ -133,7 +133,7 @@ See the [documentation]() to learn about:
| Name | Description | Value |
| ---------------------- | ------------ | ------------------------------ |
| `web.image.repository` | Repository. | `2gis-on-premise/citylens-web` |
-| `web.image.tag` | Tag. | `1.13.0` |
+| `web.image.tag` | Tag. | `1.14.2` |
| `web.image.pullPolicy` | Pull Policy. | `IfNotPresent` |
### Resources settings
@@ -185,10 +185,11 @@ See the [documentation]() to learn about:
### Custom settings
-| Name | Description | Value |
-| -------------------- | ------------------------------------------------------ | -------------- |
-| `web.logLevel` | Log level. | `WARNING` |
-| `web.metricsAppName` | Value for service prometheus metrics label "app_name". | `citylens-web` |
+| Name | Description | Value |
+| -------------------- | ------------------------------------------------------------------------ | -------------- |
+| `web.logLevel` | Log level. | `WARNING` |
+| `web.metricsAppName` | Value for service prometheus metrics label "app_name". | `citylens-web` |
+| `web.pgPoolSize` | Postgres: maximum number of connections in connections pool to maintain. | `5` |
### Metadata settings
@@ -351,7 +352,7 @@ See the [documentation]() to learn about:
| Name | Description | Value |
| -------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------- |
| `worker.dashboardBatchEvents.image.repository` | Repository. | `2gis-on-premise/citylens-workers` |
-| `worker.dashboardBatchEvents.image.tag` | Tag. | `1.13.0` |
+| `worker.dashboardBatchEvents.image.tag` | Tag. | `1.14.2` |
| `worker.dashboardBatchEvents.image.pullPolicy` | Pull Policy. | `IfNotPresent` |
| `worker.dashboardBatchEvents.logLevel` | Worker's log level. | `INFO` |
| `worker.dashboardBatchEvents.revisionHistoryLimit` | Revision history limit (used for [rolling back](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) a deployment). | `3` |
@@ -369,7 +370,7 @@ See the [documentation]() to learn about:
| -------------------------------------- | ----------------------------------------------------------------------------------------------------------------------- | ----------------------------------- |
| `migrations.enabled` | If migrations needed. | `true` |
| `migrations.image.repository` | Repository. | `2gis-on-premise/citylens-database` |
-| `migrations.image.tag` | Tag. | `1.13.0` |
+| `migrations.image.tag` | Tag. | `1.14.0` |
| `migrations.image.pullPolicy` | Pull Policy | `IfNotPresent` |
| `migrations.resources.requests.cpu` | A CPU request. | `100m` |
| `migrations.resources.requests.memory` | A memory request. | `1Gi` |
diff --git a/charts/citylens/templates/web/configmap.yaml b/charts/citylens/templates/web/configmap.yaml
index 0aca2d866..376add551 100644
--- a/charts/citylens/templates/web/configmap.yaml
+++ b/charts/citylens/templates/web/configmap.yaml
@@ -29,6 +29,7 @@ data:
metrics_app_name: {{ .Values.web.metricsAppName }}
db_connections:
postgres: {{ include "citylens.pgDSN" . | squote }}
+ postgres_pool_size: {{ .Values.web.pgPoolSize }}
kafka:
{{- with .Values.kafka }}
bootstrap_servers: {{ required "A valid .Values.kafka.bootstrap.servers entry required" .bootstrapServer | squote }}
@@ -44,6 +45,7 @@ data:
{{- with .Values.s3 }}
bucket_prefix: {{ required "A valid .Values.s3.bucketPrefix entry required" .bucketPrefix | squote }}
logs_bucket_prefix: {{ required "A valid .Values.s3.logsBucketPrefix entry required" .logsBucketPrefix | squote }}
+ videos_bucket_prefix: ''
{{- if .setPublicReadACL }}
set_public_read_acl: {{ .setPublicReadACL }}
{{- end }}
@@ -51,12 +53,15 @@ data:
log: '{track_uuid}/log_{log_timestamp_ms}'
log_prefix: '{track_uuid}/log_'
frame: {{ include "citylens.s3_constants.frame_key_template" . | squote }}
+ videos: '{track_uuid}/{resource_type}'
client_params:
aws_access_key_id: {{ required "A valid .Values.s3.accessKey entry required" .accessKey | squote }}
aws_secret_access_key: {{ required "A valid .Values.s3.secretAccessKey entry required" .secretAccessKey | squote }}
endpoint_url: {{ required "A valid .Values.s3.endpoint entry required" .endpoint | squote }}
region_name: {{ .region }}
verify: {{ .verifySsl }}
+ config:
+ max_pool_connections: 10
{{- end }}
tracks_uploader:
api: {{ .Values.worker.tracksUploader.api | squote }}
diff --git a/charts/citylens/values.yaml b/charts/citylens/values.yaml
index 22395787f..9485c003b 100644
--- a/charts/citylens/values.yaml
+++ b/charts/citylens/values.yaml
@@ -99,7 +99,7 @@ api:
image:
repository: 2gis-on-premise/citylens-api
pullPolicy: IfNotPresent
- tag: 1.13.1
+ tag: 1.14.2
replicas: 4
@@ -214,6 +214,7 @@ api:
# @param web.logLevel Log level.
# @param web.metricsAppName Value for service prometheus metrics label "app_name".
+# @param web.pgPoolSize Postgres: maximum number of connections in connections pool to maintain.
# @section Metadata settings
@@ -230,7 +231,7 @@ web:
image:
repository: 2gis-on-premise/citylens-web
pullPolicy: IfNotPresent
- tag: 1.13.0
+ tag: 1.14.2
replicas: 1
@@ -277,6 +278,8 @@ web:
verifySsl: true
pkce: false
+ pgPoolSize: 5
+
logLevel: WARNING
metricsAppName: citylens-web
@@ -611,7 +614,7 @@ worker:
image:
repository: 2gis-on-premise/citylens-workers
pullPolicy: IfNotPresent
- tag: 1.13.0
+ tag: 1.14.2
revisionHistoryLimit: 3
@@ -647,7 +650,7 @@ migrations:
image:
repository: 2gis-on-premise/citylens-database
pullPolicy: IfNotPresent
- tag: 1.13.0
+ tag: 1.14.0
resources:
requests:
diff --git a/charts/dgtt/Chart.yaml b/charts/dgtt/Chart.yaml
index 4fee8e3d8..bded37c3f 100644
--- a/charts/dgtt/Chart.yaml
+++ b/charts/dgtt/Chart.yaml
@@ -3,7 +3,7 @@ name: dgtt
description: DGTT Helm chart for Kubernetes
type: application
-version: 1.29.0
+version: 1.30.0
appVersion: 0.2.27-b188673e09
maintainers:
diff --git a/charts/floors-api/Chart.yaml b/charts/floors-api/Chart.yaml
index d5029c3cd..dcca97988 100644
--- a/charts/floors-api/Chart.yaml
+++ b/charts/floors-api/Chart.yaml
@@ -3,7 +3,7 @@ name: floors-api
description: Helm for floors service
type: application
-version: 1.29.0
+version: 1.30.0
appVersion: 1.0.4
maintainers:
diff --git a/charts/generic-chart/Chart.yaml b/charts/generic-chart/Chart.yaml
index b3c1beadb..9f7dc0f55 100644
--- a/charts/generic-chart/Chart.yaml
+++ b/charts/generic-chart/Chart.yaml
@@ -4,7 +4,7 @@ description: Generic library Helm chart for 2Gis
type: library
keywords:
- library
-version: 1.29.0
+version: 1.30.0
maintainers:
- name: 2gis
url: https://github.com/2gis
diff --git a/charts/gis-platform/Chart.yaml b/charts/gis-platform/Chart.yaml
index b2cedfe28..98388be68 100644
--- a/charts/gis-platform/Chart.yaml
+++ b/charts/gis-platform/Chart.yaml
@@ -4,7 +4,7 @@ description: GIS Platform
type: application
-version: 1.29.0
+version: 1.30.0
appVersion: 2023.8.3-0
dependencies:
diff --git a/charts/gis-platform/README.md b/charts/gis-platform/README.md
index 297054be8..feb10c9d3 100644
--- a/charts/gis-platform/README.md
+++ b/charts/gis-platform/README.md
@@ -84,11 +84,11 @@ See the [documentation](https://docs.2gis.com/en/on-premise/gis-platform) to lea
| `spcore.postgres.name` | PostgreSQL database name **Required** | `""` |
| `spcore.postgres.poolsize` | PostgreSQL connection pool size. | `25` |
| `spcore.admin` | **Admin access settings.** | |
-| `spcore.admin.email` | Admin email **Required** | `admin@example.com` |
-| `spcore.admin.password` | Admin password **Required** | `123456` |
+| `spcore.admin.email` | Admin email **Required** Example: admin@example.com | `""` |
+| `spcore.admin.password` | Admin password **Required** | `""` |
| `spcore.jwt` | **JSON Web Token (JWT) settings.** | |
-| `spcore.jwt.tokenKey` | JWT default user token **Required** | `supersecrettoken` |
-| `spcore.jwt.tokenAdmin` | JWT admin user token **Required** | `supersecrettoken` |
+| `spcore.jwt.tokenKey` | JWT default user token **Required** | `""` |
+| `spcore.jwt.tokenAdmin` | JWT admin user token **Required** | `""` |
| `spcore.catalog` | **Catalog settings.** | |
| `spcore.catalog.url` | Catalog service URL **Required** Example: `http://catalog-api` | `""` |
| `spcore.catalog.key` | Catalog access key **Required** | `""` |
diff --git a/charts/gis-platform/templates/gis-platform-portal-configmap.yaml b/charts/gis-platform/templates/gis-platform-portal-configmap.yaml
index 68bff4141..e8edce5c8 100644
--- a/charts/gis-platform/templates/gis-platform-portal-configmap.yaml
+++ b/charts/gis-platform/templates/gis-platform-portal-configmap.yaml
@@ -9,5 +9,5 @@ metadata:
data:
nginx.conf: |-
{{- tpl (.Files.Get "configs/portal/nginx.conf.template") . | nindent 4 }}
- default.conf.template: |-
+ default.conf: |-
{{- tpl (.Files.Get "configs/portal/default.conf.template") . | nindent 4 }}
diff --git a/charts/gis-platform/templates/gis-platform-portal-dep.yaml b/charts/gis-platform/templates/gis-platform-portal-dep.yaml
index 08c3ce06d..5f531e6a1 100644
--- a/charts/gis-platform/templates/gis-platform-portal-dep.yaml
+++ b/charts/gis-platform/templates/gis-platform-portal-dep.yaml
@@ -40,8 +40,8 @@ spec:
{{- toYaml .Values.portal.resources | nindent 12 }}
volumeMounts:
- name: {{ include "gis-platform-portal.name" . }}-configmap
- mountPath: /etc/nginx/templates/default.conf.template
- subPath: default.conf.template
+ mountPath: /etc/nginx/conf.d/default.conf
+ subPath: default.conf
- name: {{ include "gis-platform-portal.name" . }}-configmap
mountPath: /etc/nginx/nginx.conf
subPath: nginx.conf
diff --git a/charts/gis-platform/templates/gis-platform-websocket-ingress.yaml b/charts/gis-platform/templates/gis-platform-websocket-ingress.yaml
index a14fa1104..0b56eaba8 100644
--- a/charts/gis-platform/templates/gis-platform-websocket-ingress.yaml
+++ b/charts/gis-platform/templates/gis-platform-websocket-ingress.yaml
@@ -11,7 +11,7 @@ metadata:
nginx.ingress.kubernetes.io/proxy-connect-timeout: {{ .Values.portal.websocket.timeout | quote }}
nginx.ingress.kubernetes.io/proxy-read-timeout: {{ .Values.portal.websocket.timeout | quote }}
nginx.ingress.kubernetes.io/proxy-send-timeout: {{ .Values.portal.websocket.timeout | quote }}
- nginx.org/websocket-services: websocket
+ nginx.org/websocket-services: {{ $fullName }}
{{- if .Values.ingress.annotations }}
{{- with .Values.ingress.annotations }}
{{- toYaml . | nindent 4 }}
diff --git a/charts/gis-platform/values.yaml b/charts/gis-platform/values.yaml
index 3db9f23f3..bde507027 100644
--- a/charts/gis-platform/values.yaml
+++ b/charts/gis-platform/values.yaml
@@ -126,20 +126,20 @@ spcore:
poolsize: 25
# @extra spcore.admin **Admin access settings.**
- # @param spcore.admin.email Admin email **Required**
+ # @param spcore.admin.email Admin email **Required** Example: admin@example.com
# @param spcore.admin.password Admin password **Required**
admin:
- email: admin@example.com
- password: '123456'
+ email: ''
+ password: ''
# @extra spcore.jwt **JSON Web Token (JWT) settings.**
# @param spcore.jwt.tokenKey JWT default user token **Required**
# @param spcore.jwt.tokenAdmin JWT admin user token **Required**
jwt:
- tokenKey: supersecrettoken
- tokenAdmin: supersecrettoken
+ tokenKey: ''
+ tokenAdmin: ''
# @extra spcore.catalog **Catalog settings.**
# @param spcore.catalog.url Catalog service URL **Required** Example: `http://catalog-api`
diff --git a/charts/keycloak/Chart.yaml b/charts/keycloak/Chart.yaml
index 1b000468d..1ab557058 100644
--- a/charts/keycloak/Chart.yaml
+++ b/charts/keycloak/Chart.yaml
@@ -3,7 +3,7 @@ name: keycloak
type: application
description: Keycloak is a high performance Java-based identity and access management solution. It lets developers add an authentication layer to their applications with minimum effort.
-version: 1.29.0
+version: 1.30.0
appVersion: 21.1.1-debian-11-r4
maintainers:
diff --git a/charts/keys/Chart.yaml b/charts/keys/Chart.yaml
index 01fa60b1d..eb3ef77bb 100644
--- a/charts/keys/Chart.yaml
+++ b/charts/keys/Chart.yaml
@@ -3,8 +3,8 @@ name: keys
type: application
description: A Helm chart for Kubernetes to deploy API Keys service
-version: 1.29.0
-appVersion: 1.87.0
+version: 1.30.0
+appVersion: 1.89.0
maintainers:
- name: 2gis
diff --git a/charts/keys/README.md b/charts/keys/README.md
index 7995d7c67..93192e295 100644
--- a/charts/keys/README.md
+++ b/charts/keys/README.md
@@ -31,7 +31,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/keys) to learn about
| `imagePullSecrets` | Kubernetes image pull secrets. | `[]` |
| `imagePullPolicy` | Pull policy. | `IfNotPresent` |
| `backend.image.repository` | Backend service image repository. | `2gis-on-premise/keys-backend` |
-| `backend.image.tag` | Backend service image tag. | `1.87.0` |
+| `backend.image.tag` | Backend service image tag. | `1.89.0` |
| `admin.image.repository` | Admin service image repository. | `2gis-on-premise/keys-ui` |
| `admin.image.tag` | Admin service image tag. | `0.8.0` |
| `redis.image.repository` | Redis image repository. | `2gis-on-premise/keys-redis` |
@@ -157,6 +157,34 @@ See the [documentation](https://docs.2gis.com/en/on-premise/keys) to learn about
| `tasker.affinity` | Kubernetes pod [affinity settings](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity). | `{}` |
| `tasker.tolerations` | Kubernetes [tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) settings. | `{}` |
+### Dispatcher settings
+
+| Name | Description | Value |
+| ---------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------- |
+| `dispatcher.enabled` | If dispatcher worker is deployed. | `false` |
+| `dispatcher.logLevel` | Log level for the service. Can be: `trace`, `debug`, `info`, `warning`, `error`, `fatal`. | `warning` |
+| `dispatcher.replicas` | A replica count for the pod. | `1` |
+| `dispatcher.auditEvents.sendInterval` | Send audit events interval | `1m` |
+| `dispatcher.auditEvents.batchMaxSize` | Max batch size when sending audit events | `1000` |
+| `dispatcher.auditEvents.holdDuration` | In case of an unsuccessful attempt to send messages, the service will not resend it for a given duration | `10m` |
+| `dispatcher.strategy.type` | Type of Kubernetes deployment. Can be `Recreate` or `RollingUpdate`. | `RollingUpdate` |
+| `dispatcher.strategy.rollingUpdate.maxUnavailable` | Maximum number of pods that can be created over the desired number of pods when doing [rolling update](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment). | `0` |
+| `dispatcher.strategy.rollingUpdate.maxSurge` | Maximum number of pods that can be unavailable during the [rolling update](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment) process. | `1` |
+| `dispatcher.annotations` | Kubernetes [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/). | `{}` |
+| `dispatcher.labels` | Kubernetes [labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/). | `{}` |
+| `dispatcher.podAnnotations` | Kubernetes [pod annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/). | `{}` |
+| `dispatcher.podLabels` | Kubernetes [pod labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/). | `{}` |
+| `dispatcher.nodeSelector` | Kubernetes [node selectors](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector). | `{}` |
+| `dispatcher.affinity` | Kubernetes pod [affinity settings](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity). | `{}` |
+| `dispatcher.tolerations` | Kubernetes [tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) settings. | `{}` |
+| `dispatcher.cleaner` | **Settings for cronjob that cleans sent messages from database** | |
+| `dispatcher.cleaner.logLevel` | Log level for the service. Can be: `trace`, `debug`, `info`, `warning`, `error`, `fatal`. | `warning` |
+| `dispatcher.cleaner.auditEvents.retentionDuration` | Retention period for successfully sent audit messages. | `4320h` |
+| `dispatcher.cleaner.cron.schedule` | Cron job schedule. | `0 1 * * *` |
+| `dispatcher.cleaner.cron.successfulJobsHistoryLimit` | Specifies the number of successful finished jobs to keep. See [jobs history limits](https://kubernetes.io/docs/concepts/workloads/controllers/cron-jobs/#jobs-history-limits). | `3` |
+| `dispatcher.cleaner.cron.suspend` | You can suspend execution of Jobs for a CronJob, by setting the field to true. See [schedule suspension](https://kubernetes.io/docs/concepts/workloads/controllers/cron-jobs/#schedule-suspension). | `false` |
+| `dispatcher.cleaner.nodeSelector` | Kubernetes [node selectors](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector). | `{}` |
+
### Redis settings
| Name | Description | Value |
@@ -251,38 +279,48 @@ See the [documentation](https://docs.2gis.com/en/on-premise/keys) to learn about
### Limits
-| Name | Description | Value |
-| ----------------------------------- | ---------------------------------- | ------- |
-| `admin.resources` | **Limits for the Admin service** | |
-| `admin.resources.requests.cpu` | A CPU request. | `300m` |
-| `admin.resources.requests.memory` | A memory request. | `256Mi` |
-| `admin.resources.limits.cpu` | A CPU limit. | `1` |
-| `admin.resources.limits.memory` | A memory limit. | `384Mi` |
-| `api.resources` | **Limits for the API service** | |
-| `api.resources.requests.cpu` | A CPU request. | `50m` |
-| `api.resources.requests.memory` | A memory request. | `128Mi` |
-| `api.resources.limits.cpu` | A CPU limit. | `1` |
-| `api.resources.limits.memory` | A memory limit. | `256Mi` |
-| `import.resources` | **Limits for the Import service** | |
-| `import.resources.requests.cpu` | A CPU request. | `10m` |
-| `import.resources.requests.memory` | A memory request. | `32Mi` |
-| `import.resources.limits.cpu` | A CPU limit. | `100m` |
-| `import.resources.limits.memory` | A memory limit. | `64Mi` |
-| `migrate.resources` | **Limits for the Migrate service** | |
-| `migrate.resources.requests.cpu` | A CPU request. | `10m` |
-| `migrate.resources.requests.memory` | A memory request. | `32Mi` |
-| `migrate.resources.limits.cpu` | A CPU limit. | `100m` |
-| `migrate.resources.limits.memory` | A memory limit. | `64Mi` |
-| `tasker.resources` | **Limits for the Tasker service** | |
-| `tasker.resources.requests.cpu` | A CPU request. | `10m` |
-| `tasker.resources.requests.memory` | A memory request. | `32Mi` |
-| `tasker.resources.limits.cpu` | A CPU limit. | `100m` |
-| `tasker.resources.limits.memory` | A memory limit. | `64Mi` |
-| `redis.resources` | **Limits for Redis** | |
-| `redis.resources.requests.cpu` | A CPU request. | `50m` |
-| `redis.resources.requests.memory` | A memory request. | `32Mi` |
-| `redis.resources.limits.cpu` | A CPU limit. | `1` |
-| `redis.resources.limits.memory` | A memory limit. | `256Mi` |
+| Name | Description | Value |
+| ---------------------------------------------- | ------------------------------------- | ------- |
+| `admin.resources` | **Limits for the Admin service** | |
+| `admin.resources.requests.cpu` | A CPU request. | `300m` |
+| `admin.resources.requests.memory` | A memory request. | `256Mi` |
+| `admin.resources.limits.cpu` | A CPU limit. | `1` |
+| `admin.resources.limits.memory` | A memory limit. | `384Mi` |
+| `api.resources` | **Limits for the API service** | |
+| `api.resources.requests.cpu` | A CPU request. | `50m` |
+| `api.resources.requests.memory` | A memory request. | `128Mi` |
+| `api.resources.limits.cpu` | A CPU limit. | `1` |
+| `api.resources.limits.memory` | A memory limit. | `256Mi` |
+| `import.resources` | **Limits for the Import service** | |
+| `import.resources.requests.cpu` | A CPU request. | `10m` |
+| `import.resources.requests.memory` | A memory request. | `32Mi` |
+| `import.resources.limits.cpu` | A CPU limit. | `100m` |
+| `import.resources.limits.memory` | A memory limit. | `64Mi` |
+| `migrate.resources` | **Limits for the Migrate service** | |
+| `migrate.resources.requests.cpu` | A CPU request. | `10m` |
+| `migrate.resources.requests.memory` | A memory request. | `32Mi` |
+| `migrate.resources.limits.cpu` | A CPU limit. | `100m` |
+| `migrate.resources.limits.memory` | A memory limit. | `64Mi` |
+| `tasker.resources` | **Limits for the Tasker service** | |
+| `tasker.resources.requests.cpu` | A CPU request. | `10m` |
+| `tasker.resources.requests.memory` | A memory request. | `32Mi` |
+| `tasker.resources.limits.cpu` | A CPU limit. | `100m` |
+| `tasker.resources.limits.memory` | A memory limit. | `64Mi` |
+| `dispatcher.resources` | **Limits for the Dispatcher service** | |
+| `dispatcher.resources.requests.cpu` | A CPU request. | `10m` |
+| `dispatcher.resources.requests.memory` | A memory request. | `32Mi` |
+| `dispatcher.resources.limits.cpu` | A CPU limit. | `100m` |
+| `dispatcher.resources.limits.memory` | A memory limit. | `64Mi` |
+| `dispatcher.cleaner.resources` | **Limits for the Cleaner service** | |
+| `dispatcher.cleaner.resources.requests.cpu` | A CPU request. | `10m` |
+| `dispatcher.cleaner.resources.requests.memory` | A memory request. | `32Mi` |
+| `dispatcher.cleaner.resources.limits.cpu` | A CPU limit. | `100m` |
+| `dispatcher.cleaner.resources.limits.memory` | A memory limit. | `64Mi` |
+| `redis.resources` | **Limits for Redis** | |
+| `redis.resources.requests.cpu` | A CPU request. | `50m` |
+| `redis.resources.requests.memory` | A memory request. | `32Mi` |
+| `redis.resources.limits.cpu` | A CPU limit. | `1` |
+| `redis.resources.limits.memory` | A memory limit. | `256Mi` |
### customCAs **Custom Certificate Authority**
diff --git a/charts/keys/templates/cleaner/cronjob.yaml b/charts/keys/templates/cleaner/cronjob.yaml
new file mode 100644
index 000000000..a3711c4ef
--- /dev/null
+++ b/charts/keys/templates/cleaner/cronjob.yaml
@@ -0,0 +1,49 @@
+{{- if .Values.dispatcher.enabled }}
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+ name: {{ include "keys.cleaner.name" . }}
+ labels:
+ {{- include "keys.cleaner.labels" . | nindent 4 }}
+
+spec:
+ concurrencyPolicy: Forbid
+ schedule: "{{ .Values.dispatcher.cleaner.cron.schedule }}"
+ successfulJobsHistoryLimit: {{ .Values.dispatcher.cleaner.cron.successfulJobsHistoryLimit }}
+ suspend: {{ .Values.dispatcher.cleaner.cron.suspend }}
+ jobTemplate:
+ spec:
+ template:
+ metadata:
+ name: {{ include "keys.cleaner.name" . }}
+ labels:
+ {{- include "keys.cleaner.labels" . | nindent 12 }}
+ spec:
+ restartPolicy: Never
+ containers:
+ - name: clean
+ image: {{ required "A valid .Values.dgctlDockerRegistry entry required" .Values.dgctlDockerRegistry }}/{{ .Values.backend.image.repository }}:{{ .Values.backend.image.tag }}
+ imagePullPolicy: {{ .Values.imagePullPolicy }}
+ command: [ "keysctl", "clear" ]
+ args: [ "audit_events" ]
+ resources:
+ {{- toYaml .Values.dispatcher.cleaner.resources | nindent 16 }}
+ env:
+ {{- include "keys.env.db.deploys" . | nindent 16 }}
+ {{- include "keys.env.cleaner" . | nindent 16 }}
+ {{- if .Values.customCAs.bundle }}
+ {{- include "keys.env.custom.ca.path" . | nindent 16 }}
+ {{- end }}
+ {{- if .Values.customCAs.bundle }}
+ volumeMounts:
+ {{- include "keys.custom.ca.volumeMounts" . | nindent 16 }}
+ {{- end }}
+ {{- if .Values.customCAs.bundle }}
+ volumes:
+ {{- include "keys.custom.ca.jobs.volumes" . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.dispatcher.cleaner.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+{{- end }}
diff --git a/charts/keys/templates/dispatcher/deployment.yaml b/charts/keys/templates/dispatcher/deployment.yaml
new file mode 100644
index 000000000..a66518f38
--- /dev/null
+++ b/charts/keys/templates/dispatcher/deployment.yaml
@@ -0,0 +1,78 @@
+{{- if .Values.dispatcher.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ include "keys.dispatcher.name" . }}
+ {{- if or .Values.dispatcher.annotations .Values.customCAs.bundle }}
+ annotations:
+ {{- if .Values.customCAs.bundle }}
+ checksum/config: {{ include (print $.Template.BasePath "/configmap-deploys.yaml") . | sha256sum }}
+ {{- end }}
+ {{- with .Values.dispatcher.annotations }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ {{- end }}
+ labels:
+ {{- include "keys.dispatcher.labels" . | nindent 4 }}
+ {{- with .Values.dispatcher.labels }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ replicas: {{ .Values.dispatcher.replicas }}
+ strategy:
+ {{- toYaml .Values.dispatcher.strategy | nindent 4 }}
+ selector:
+ matchLabels:
+ {{- include "keys.dispatcher.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.dispatcher.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ {{- include "keys.dispatcher.labels" . | nindent 8 }}
+ {{- with .Values.dispatcher.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ spec:
+ containers:
+ - name: dispatcher
+ image: {{ required "A valid .Values.dgctlDockerRegistry entry required" .Values.dgctlDockerRegistry }}/{{ .Values.backend.image.repository }}:{{ .Values.backend.image.tag }}
+ imagePullPolicy: {{ .Values.imagePullPolicy }}
+ command: [ "keys-dispatcher" ]
+ resources:
+ {{- toYaml .Values.dispatcher.resources | nindent 12 }}
+ env:
+ {{- include "keys.env.db.deploys" . | nindent 12 }}
+ {{- include "keys.env.dispatcher" . | nindent 12 }}
+ {{- include "keys.env.kafka.audit" . | nindent 12 }}
+ {{- include "keys.env.featureFlags" . | nindent 12 }}
+ {{- if .Values.customCAs.bundle }}
+ {{- include "keys.env.custom.ca.path" . | nindent 12 }}
+ {{- end }}
+ {{- if .Values.customCAs.bundle }}
+ volumeMounts:
+ {{- include "keys.custom.ca.volumeMounts" . | nindent 12 }}
+ {{- end }}
+ {{- if .Values.customCAs.bundle }}
+ volumes:
+ {{- include "keys.custom.ca.deploys.volumes" . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.dispatcher.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.dispatcher.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.dispatcher.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+{{- end }}
diff --git a/charts/keys/templates/helpers.tpl b/charts/keys/templates/helpers.tpl
index 97c148dff..6f6f7c3b5 100644
--- a/charts/keys/templates/helpers.tpl
+++ b/charts/keys/templates/helpers.tpl
@@ -10,6 +10,14 @@
{{ include "keys.name" . }}-tasker
{{- end }}
+{{- define "keys.dispatcher.name" -}}
+{{ include "keys.name" . }}-dispatcher
+{{- end }}
+
+{{- define "keys.cleaner.name" -}}
+{{ include "keys.name" . }}-cleaner
+{{- end }}
+
{{- define "keys.migrate.name" -}}
{{ include "keys.name" . }}-migrate
{{- end }}
@@ -80,6 +88,22 @@ app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
+{{- define "keys.dispatcher.selectorLabels" -}}
+app.kubernetes.io/name: {{ .Chart.Name }}-dispatcher
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{- define "keys.dispatcher.labels" -}}
+{{ include "keys.dispatcher.selectorLabels" . }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+
+{{- define "keys.cleaner.labels" -}}
+app.kubernetes.io/name: {{ .Chart.Name }}-cleaner
+app.kubernetes.io/instance: {{ .Release.Name }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+
{{- define "keys.import.labels" -}}
app.kubernetes.io/name: {{ .Chart.Name }}-import
app.kubernetes.io/instance: {{ .Release.Name }}
@@ -132,6 +156,24 @@ app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
value: "{{ .Values.tasker.delay }}"
{{- end }}
+{{- define "keys.env.dispatcher" -}}
+- name: KEYS_LOG_LEVEL
+ value: "{{ .Values.dispatcher.logLevel }}"
+- name: KEYS_AUDIT_EVENTS_SEND_INTERVAL
+ value: "{{ .Values.dispatcher.auditEvents.sendInterval }}"
+- name: KEYS_AUDIT_EVENTS_BATCH_MAX_SIZE
+ value: "{{ .Values.dispatcher.auditEvents.batchMaxSize }}"
+- name: KEYS_AUDIT_EVENTS_HOLD_DURATION
+ value: "{{ .Values.dispatcher.auditEvents.holdDuration }}"
+{{- end }}
+
+{{- define "keys.env.cleaner" -}}
+- name: KEYS_LOG_LEVEL
+ value: "{{ .Values.dispatcher.cleaner.logLevel }}"
+- name: KEYS_AUDIT_EVENTS_RETENTION_DURATION
+ value: "{{ .Values.dispatcher.cleaner.auditEvents.retentionDuration }}"
+{{- end -}}
+
{{- define "keys.env.db" -}}
- name: KEYS_DB_RO_HOST
value: "{{ required "A valid .Values.postgres.ro.host required" .Values.postgres.ro.host }}"
diff --git a/charts/keys/values.yaml b/charts/keys/values.yaml
index 4fd7c3b0d..9f25e2ddc 100644
--- a/charts/keys/values.yaml
+++ b/charts/keys/values.yaml
@@ -31,7 +31,7 @@ featureFlags:
backend:
image:
repository: 2gis-on-premise/keys-backend
- tag: 1.87.0
+ tag: 1.89.0
# @section Admin service settings
@@ -342,6 +342,101 @@ tasker:
tolerations: {}
+# @section Dispatcher settings
+
+dispatcher:
+
+ # @param dispatcher.enabled If dispatcher worker is deployed.
+ enabled: false
+
+ # @param dispatcher.logLevel Log level for the service. Can be: `trace`, `debug`, `info`, `warning`, `error`, `fatal`.
+ logLevel: warning
+
+ # @param dispatcher.replicas A replica count for the pod.
+ replicas: 1
+
+ resources:
+ requests:
+ cpu: 10m
+ memory: 32Mi
+ limits:
+ cpu: 100m
+ memory: 64Mi
+
+ # @param dispatcher.auditEvents.sendInterval Send audit events interval
+ # @param dispatcher.auditEvents.batchMaxSize Max batch size when sending audit events
+ # @param dispatcher.auditEvents.holdDuration In case of an unsuccessful attempt to send messages, the service will not resend it for a given duration
+
+ auditEvents:
+ sendInterval: 1m
+ batchMaxSize: 1000
+ holdDuration: 10m
+
+ # @param dispatcher.strategy.type Type of Kubernetes deployment. Can be `Recreate` or `RollingUpdate`.
+ # @param dispatcher.strategy.rollingUpdate.maxUnavailable Maximum number of pods that can be created over the desired number of pods when doing [rolling update](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment).
+ # @param dispatcher.strategy.rollingUpdate.maxSurge Maximum number of pods that can be unavailable during the [rolling update](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment) process.
+
+ strategy:
+ type: RollingUpdate
+ rollingUpdate:
+ maxUnavailable: 0
+ maxSurge: 1
+
+ # @param dispatcher.annotations Kubernetes [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/).
+ # @param dispatcher.labels Kubernetes [labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/).
+
+ annotations: {}
+ labels: {}
+
+ # @param dispatcher.podAnnotations Kubernetes [pod annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/).
+ # @param dispatcher.podLabels Kubernetes [pod labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/).
+
+ podAnnotations: {}
+ podLabels: {}
+
+ # @param dispatcher.nodeSelector Kubernetes [node selectors](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector).
+ # @param dispatcher.affinity Kubernetes pod [affinity settings](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity).
+ # @param dispatcher.tolerations Kubernetes [tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) settings.
+
+ nodeSelector: {}
+ affinity: {}
+ tolerations: {}
+
+
+ # @extra dispatcher.cleaner **Settings for cronjob that cleans sent messages from database**
+
+ cleaner:
+
+ # @param dispatcher.cleaner.logLevel Log level for the service. Can be: `trace`, `debug`, `info`, `warning`, `error`, `fatal`.
+ logLevel: warning
+
+ # @param dispatcher.cleaner.auditEvents.retentionDuration Retention period for successfully sent audit messages.
+
+ auditEvents:
+ retentionDuration: 4320h
+
+ resources:
+ requests:
+ cpu: 10m
+ memory: 32Mi
+ limits:
+ cpu: 100m
+ memory: 64Mi
+
+ # @param dispatcher.cleaner.cron.schedule Cron job schedule.
+ # @param dispatcher.cleaner.cron.successfulJobsHistoryLimit Specifies the number of successful finished jobs to keep. See [jobs history limits](https://kubernetes.io/docs/concepts/workloads/controllers/cron-jobs/#jobs-history-limits).
+ # @param dispatcher.cleaner.cron.suspend You can suspend execution of Jobs for a CronJob, by setting the field to true. See [schedule suspension](https://kubernetes.io/docs/concepts/workloads/controllers/cron-jobs/#schedule-suspension).
+
+ cron:
+ schedule: 0 1 * * *
+ successfulJobsHistoryLimit: 3
+ suspend: false
+
+ # @param dispatcher.cleaner.nodeSelector Kubernetes [node selectors](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector).
+
+ nodeSelector: {}
+
+
# @section Redis settings
redis:
@@ -568,6 +663,18 @@ dgctlStorage:
# @param tasker.resources.limits.cpu A CPU limit.
# @param tasker.resources.limits.memory A memory limit.
+# @extra dispatcher.resources **Limits for the Dispatcher service**
+# @param dispatcher.resources.requests.cpu A CPU request.
+# @param dispatcher.resources.requests.memory A memory request.
+# @param dispatcher.resources.limits.cpu A CPU limit.
+# @param dispatcher.resources.limits.memory A memory limit.
+
+# @extra dispatcher.cleaner.resources **Limits for the Cleaner service**
+# @param dispatcher.cleaner.resources.requests.cpu A CPU request.
+# @param dispatcher.cleaner.resources.requests.memory A memory request.
+# @param dispatcher.cleaner.resources.limits.cpu A CPU limit.
+# @param dispatcher.cleaner.resources.limits.memory A memory limit.
+
# @extra redis.resources **Limits for Redis**
# @param redis.resources.requests.cpu A CPU request.
# @param redis.resources.requests.memory A memory request.
diff --git a/charts/license/Chart.yaml b/charts/license/Chart.yaml
index fd5858e7b..236d37a69 100644
--- a/charts/license/Chart.yaml
+++ b/charts/license/Chart.yaml
@@ -3,7 +3,7 @@ name: license
type: application
description: A Helm chart for Kubernetes to deploy License service
-version: 1.29.0
+version: 1.30.0
appVersion: 2.2.3
maintainers:
diff --git a/charts/mapgl-js-api/Chart.yaml b/charts/mapgl-js-api/Chart.yaml
index dba618f3b..66773891d 100644
--- a/charts/mapgl-js-api/Chart.yaml
+++ b/charts/mapgl-js-api/Chart.yaml
@@ -4,7 +4,7 @@ description: Basic WebGL map chart template for 2GIS On-Premise
type: application
-version: 1.29.0
+version: 1.30.0
appVersion: 1.51.0
maintainers:
diff --git a/charts/navi-async-grpc-proxy/Chart.yaml b/charts/navi-async-grpc-proxy/Chart.yaml
index b0be35a30..88633c128 100644
--- a/charts/navi-async-grpc-proxy/Chart.yaml
+++ b/charts/navi-async-grpc-proxy/Chart.yaml
@@ -6,7 +6,7 @@ keywords:
- navi
- dm-async-matrix
- async-grpc-proxy
-version: 1.29.0
+version: 1.30.0
appVersion: 0.0.2
maintainers:
- name: 2gis
diff --git a/charts/navi-async-matrix/Chart.yaml b/charts/navi-async-matrix/Chart.yaml
index d350995a6..621bf6a3b 100644
--- a/charts/navi-async-matrix/Chart.yaml
+++ b/charts/navi-async-matrix/Chart.yaml
@@ -4,7 +4,7 @@ description: Service implements asynchronous API over Distance Matrix
type: application
-version: 1.29.0
+version: 1.30.0
appVersion: 1.11.2
maintainers:
diff --git a/charts/navi-back/Chart.yaml b/charts/navi-back/Chart.yaml
index 131789c58..e3c83e53c 100644
--- a/charts/navi-back/Chart.yaml
+++ b/charts/navi-back/Chart.yaml
@@ -6,7 +6,7 @@ keywords:
- navi
- back
- backend
-version: 1.29.0
+version: 1.30.0
appVersion: 7.27.1.2
dependencies:
- name: generic-chart
diff --git a/charts/navi-castle/Chart.yaml b/charts/navi-castle/Chart.yaml
index 6e9beccb3..0080cae33 100644
--- a/charts/navi-castle/Chart.yaml
+++ b/charts/navi-castle/Chart.yaml
@@ -4,7 +4,7 @@ description: Castle Helm chart for Kubernetes
type: application
-version: 1.29.0
+version: 1.30.0
appVersion: 1.9.2
maintainers:
diff --git a/charts/navi-front/Chart.yaml b/charts/navi-front/Chart.yaml
index f0315fe0e..f69750652 100644
--- a/charts/navi-front/Chart.yaml
+++ b/charts/navi-front/Chart.yaml
@@ -5,7 +5,7 @@ type: application
keywords:
- navi
- front
-version: 1.29.0
+version: 1.30.0
appVersion: 1.24.1
maintainers:
- name: 2gis
diff --git a/charts/navi-restrictions/Chart.yaml b/charts/navi-restrictions/Chart.yaml
index 743b19fb8..7bd265524 100644
--- a/charts/navi-restrictions/Chart.yaml
+++ b/charts/navi-restrictions/Chart.yaml
@@ -4,7 +4,7 @@ description: A Helm chart for Kubernetes to deploy Restrictions backend
type: application
-version: 1.29.0
+version: 1.30.0
appVersion: 1.24.1
maintainers:
diff --git a/charts/navi-router/Chart.yaml b/charts/navi-router/Chart.yaml
index 4740b9cb0..4def4c763 100644
--- a/charts/navi-router/Chart.yaml
+++ b/charts/navi-router/Chart.yaml
@@ -5,7 +5,7 @@ type: application
keywords:
- navi
- router
-version: 1.29.0
+version: 1.30.0
appVersion: 6.24.0.3
maintainers:
- name: 2gis
diff --git a/charts/navi-splitter/Chart.yaml b/charts/navi-splitter/Chart.yaml
index 001ee1da8..2712eff5a 100644
--- a/charts/navi-splitter/Chart.yaml
+++ b/charts/navi-splitter/Chart.yaml
@@ -15,5 +15,5 @@ maintainers:
- name: 2gis
url: https://github.com/2gis
email: on-premise@2gis.com
-version: 1.29.0
+version: 1.30.0
appVersion: 1.0.1
diff --git a/charts/platform/Chart.yaml b/charts/platform/Chart.yaml
index b487ad650..5fb4fb9c0 100644
--- a/charts/platform/Chart.yaml
+++ b/charts/platform/Chart.yaml
@@ -3,7 +3,7 @@ name: platform
type: application
description: A Helm chart for Kubernetes to deploy Platform
-version: 1.29.0
+version: 1.30.0
appVersion: 0.15.1
maintainers:
diff --git a/charts/pro-api/Chart.yaml b/charts/pro-api/Chart.yaml
index e01669dfe..9cb7b13b3 100644
--- a/charts/pro-api/Chart.yaml
+++ b/charts/pro-api/Chart.yaml
@@ -4,8 +4,8 @@ description: Geo API for getting geo data
type: application
-version: 1.29.0
-appVersion: 1.35.0
+version: 1.30.0
+appVersion: 1.41.0
maintainers:
- name: 2gis
diff --git a/charts/pro-api/README.md b/charts/pro-api/README.md
index e32d76d93..be5f296af 100644
--- a/charts/pro-api/README.md
+++ b/charts/pro-api/README.md
@@ -4,91 +4,108 @@
### Geo API configuration & settings
-| Name | Description | Value |
-| ----------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------- |
-| `Image` | settings | |
-| `api.image.repository` | Repository | `2gis-on-premise/pro-api` |
-| `api.image.tag` | Tag | `1.35.0` |
-| `api.image.pullPolicy` | Pull Policy | `IfNotPresent` |
-| `Ingress` | settings | |
-| `api.ingress.enabled` | If Ingress is enabled for the service. | `false` |
-| `api.ingress.className` | Name of the Ingress controller class. | `nginx` |
-| `api.ingress.hosts[0].host` | Hostname for the Ingress service. | `pro-api.example.com` |
-| `api.ingress.hosts[0].paths[0].path` | Path of the host for the Ingress service. | `/` |
-| `api.ingress.hosts[0].paths[0].pathType` | Type of the path for the Ingress service. | `Prefix` |
-| `api.ingress.tls` | TLS configuration | `[]` |
-| `Pod` | settings | |
-| `api.pod.appName` | Name of the service. | `pro-api` |
-| `api.pod.replicaCount` | A replica count for the pod. | `2` |
-| `api.pod.imagePullSecrets` | Kubernetes image pull secrets. | `[]` |
-| `api.pod.nameOverride` | Base name to use in all the Kubernetes entities deployed by this chart. | `""` |
-| `api.pod.fullnameOverride` | Base fullname to use in all the Kubernetes entities deployed by this chart. | `""` |
-| `api.pod.nodeSelector` | Kubernetes [node selectors](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector). | `{}` |
-| `api.pod.affinity` | Kubernetes pod [affinity settings](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity). | `{}` |
-| `api.pod.priorityClassName` | Kubernetes [pod priority](https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/). | `""` |
-| `api.pod.terminationGracePeriodSeconds` | Kubernetes [termination grace period](https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/). Should be at least 300 seconds | `300` |
-| `api.pod.tolerations` | Kubernetes [tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) settings. | `[]` |
-| `api.pod.podAnnotations` | Kubernetes [pod annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/). | `{}` |
-| `api.pod.podLabels` | Kubernetes [pod labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/). | `{}` |
-| `api.pod.annotations` | Kubernetes [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/). | `{}` |
-| `api.pod.labels` | Kubernetes [labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/). | `{}` |
-| `api.pod.revisionHistoryLimit` | Revision history limit (used for [rolling back](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) a deployment). | `3` |
-| `api.pod.resources` | **Limits for the application service** | |
-| `api.pod.resources.requests.cpu` | A CPU request. | `400m` |
-| `api.pod.resources.requests.memory` | A memory request. | `256M` |
-| `api.pod.resources.limits.cpu` | A CPU limit. | `1` |
-| `api.pod.resources.limits.memory` | A memory limit. | `1024M` |
-| `api.pod.strategy.type` | Type of Kubernetes deployment. Can be `Recreate` or `RollingUpdate`. | `RollingUpdate` |
-| `api.pod.strategy.rollingUpdate.maxUnavailable` | Maximum number of pods that can be created over the desired number of pods when doing [rolling update](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment). | `0` |
-| `api.pod.strategy.rollingUpdate.maxSurge` | Maximum number of pods that can be unavailable during the [rolling update](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment) process. | `1` |
-| `VPA` | settings [Vertical Pod Autoscaling](https://github.com/kubernetes/autoscaler/blob/master/vertical-pod-autoscaler/README.md) | |
-| `api.vpa.enabled` | If VPA is enabled for the service. | `false` |
-| `api.vpa.updateMode` | VPA [update mode](https://github.com/kubernetes/autoscaler/tree/master/vertical-pod-autoscaler#quick-start). | `Auto` |
-| `api.vpa.minAllowed.cpu` | Lower limit for the number of CPUs to which the autoscaler can scale down. | `400m` |
-| `api.vpa.minAllowed.memory` | Lower limit for the RAM size to which the autoscaler can scale down. | `256M` |
-| `api.vpa.maxAllowed.cpu` | Upper limit for the number of CPUs to which the autoscaler can scale up. | `1` |
-| `api.vpa.maxAllowed.memory` | Upper limit for the RAM size to which the autoscaler can scale up. | `1024M` |
-| `Service` | settings | |
-| `api.service.annotations` | Kubernetes [service annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) | `{}` |
-| `api.service.labels` | Kubernetes [service labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/). | `{}` |
-| `api.service.type` | Kubernetes [service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types). | `ClusterIP` |
-| `api.service.port` | PRO API service port. | `80` |
-| `api.service.serviceAccount` | Kubernetes service account | `runner` |
-| `api.service.serviceAccountOverride` | The name of an existing custom service account. If specified, the services in the chart will use this existing service account. If not specified, a new service account will be created and used with the name from the variable `api.serviceAccount`. | `""` |
-| `Geo` | API settings | |
-| `api.settings.licenseKey` | License key. **Required** | `""` |
-| `api.settings.tempPath` | Path to directory used for temp data | `/tmp` |
-| `api.settings.allowAnyOrigin` | Cors policy: allow any origin to perform requests to pro-api service | `false` |
-| `api.settings.logging` | Logging settings | |
-| `api.settings.logging.format` | Log message format, possible options: 'default' - compact json, 'renderedCompactJson' - rendered json format, 'simple' - plain text | `simple` |
-| `api.settings.logging.targets` | Collection of logging targets divided by comma. Currently only 'console' and 'database' are supported. Console is used by default (no need to specify). | `""` |
-| `api.settings.rateLimiter` | rate limiter settings | |
-| `api.settings.rateLimiter.requestsLimit` | max number of requests from one user during time window (0 means rate limiter is disabled) | `1024` |
-| `api.settings.rateLimiter.windowSizeInSeconds` | the size of time windows to count and limit incoming requests | `1` |
-| `api.settings.enableUserAssetsImporter` | If user data importer job is enabled for the service. | `true` |
-| `api.settings.enableAssetsStreaming` | If the streaming data processing job is enabled for the service. | `false` |
-| `api.settings.auth.type` | Authentication type: 'none' - disabled, 'openid10' - [OpenId 1.0 / OAuth 2.0 authentication protocol](https://openid.net/specs/openid-connect-core-1_0.html), 'urbi' - urbi authentication protocol | `none` |
-| `api.settings.auth.url` | API URL of authentication service. Example: `http(s)://keycloak.ingress.host` | `""` |
-| `api.settings.auth.userInfoEndpoint` | The [UserInfo endpoint](https://openid.net/specs/openid-connect-core-1_0.html#UserInfo). Example: `realms/URBI_Pro/protocol/openid-connect/userinfo` | `""` |
-| `api.settings.auth.wellKnownConfigEndpoint` | The [Well-Known Config endpoint](https://openid.net/specs/openid-connect-discovery-1_0.html). Example: `realms/URBI_Pro/.well-known/openid-configuration` | `""` |
-| `api.settings.auth.apiKey` | Secret API Key to perform authorized service actions, random string. Must be set if type not 'none'. Example: `4230b288-301e-4ec6-82c6-db6a8a72c2af` | `""` |
-| `api.settings.auth.permissionsApiKey` | Secret Permissions API Key to perform authorized service actions, random string. Must be set if type not 'none'. Example: `c7d74870-ec28-4543-b408-b49bfed84399` | `""` |
-| `api.settings.auth.turnOffCertValidation` | Turn off certificate validation for auth.url | `false` |
-| `api.settings.auth.shareKeys` | Secret keys for creating and validating shared links. Must contain at least 32 characters. All keys are used for validation. The last one is used for creation. Example: `m7nShlX1a8+IqE9ZcDqRCVjlhEud850ucT0av9bS+tcMTwIwUOUqpNikM+G8teDR` | `[]` |
+| Name | Description | Value |
+| ----------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------- |
+| `api.appName` | Name of the service | `pro-api` |
+| `api.image.repository` | Repository | `2gis-on-premise/pro-api` |
+| `api.image.tag` | Tag | `1.41.0` |
+| `api.image.pullPolicy` | Pull Policy | `IfNotPresent` |
+| `api.ingress.enabled` | If Ingress is enabled for the service. | `false` |
+| `api.ingress.className` | Name of the Ingress controller class. | `nginx` |
+| `api.ingress.hosts[0].host` | Hostname for the Ingress service. | `pro-api.example.com` |
+| `api.ingress.hosts[0].paths[0].path` | Path of the host for the Ingress service. | `/` |
+| `api.ingress.hosts[0].paths[0].pathType` | Type of the path for the Ingress service. | `Prefix` |
+| `api.ingress.tls` | TLS configuration | `[]` |
+| `api.pod.replicaCount` | A replica count for the pod. | `2` |
+| `api.pod.imagePullSecrets` | Kubernetes image pull secrets. | `[]` |
+| `api.pod.nameOverride` | Base name to use in all the Kubernetes entities deployed by this chart. | `""` |
+| `api.pod.fullnameOverride` | Base fullname to use in all the Kubernetes entities deployed by this chart. | `""` |
+| `api.pod.nodeSelector` | Kubernetes [node selectors](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector). | `{}` |
+| `api.pod.affinity` | Kubernetes pod [affinity settings](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity). | `{}` |
+| `api.pod.priorityClassName` | Kubernetes [pod priority](https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/). | `""` |
+| `api.pod.terminationGracePeriodSeconds` | Kubernetes [termination grace period](https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/). Should be at least 300 seconds | `300` |
+| `api.pod.tolerations` | Kubernetes [tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) settings. | `[]` |
+| `api.pod.podAnnotations` | Kubernetes [pod annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/). | `{}` |
+| `api.pod.podLabels` | Kubernetes [pod labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/). | `{}` |
+| `api.pod.annotations` | Kubernetes [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/). | `{}` |
+| `api.pod.labels` | Kubernetes [labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/). | `{}` |
+| `api.pod.revisionHistoryLimit` | Revision history limit (used for [rolling back](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) a deployment). | `3` |
+| `api.pod.resources` | **Limits for the application service** | |
+| `api.pod.resources.requests.cpu` | A CPU request. | `400m` |
+| `api.pod.resources.requests.memory` | A memory request. | `256M` |
+| `api.pod.resources.limits.cpu` | A CPU limit. | `1` |
+| `api.pod.resources.limits.memory` | A memory limit. | `1024M` |
+| `api.pod.strategy.type` | Type of Kubernetes deployment. Can be `Recreate` or `RollingUpdate`. | `RollingUpdate` |
+| `api.pod.strategy.rollingUpdate.maxUnavailable` | Maximum number of pods that can be created over the desired number of pods when doing [rolling update](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment). | `0` |
+| `api.pod.strategy.rollingUpdate.maxSurge` | Maximum number of pods that can be unavailable during the [rolling update](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment) process. | `1` |
+| `api.vpa.enabled` | If VPA is enabled for the service. | `false` |
+| `api.vpa.updateMode` | VPA [update mode](https://github.com/kubernetes/autoscaler/tree/master/vertical-pod-autoscaler#quick-start). | `Auto` |
+| `api.vpa.minAllowed.cpu` | Lower limit for the number of CPUs to which the autoscaler can scale down. | `400m` |
+| `api.vpa.minAllowed.memory` | Lower limit for the RAM size to which the autoscaler can scale down. | `256M` |
+| `api.vpa.maxAllowed.cpu` | Upper limit for the number of CPUs to which the autoscaler can scale up. | `1` |
+| `api.vpa.maxAllowed.memory` | Upper limit for the RAM size to which the autoscaler can scale up. | `1024M` |
+| `api.service.annotations` | Kubernetes [service annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) | `{}` |
+| `api.service.labels` | Kubernetes [service labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/). | `{}` |
+| `api.service.type` | Kubernetes [service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types). | `ClusterIP` |
+| `api.service.port` | PRO API service port. | `80` |
+| `api.service.serviceAccount` | Kubernetes service account | `runner` |
+| `api.service.serviceAccountOverride` | The name of an existing custom service account. If specified, the services in the chart will use this existing service account. If not specified, a new service account will be created and used with the name from the variable `api.serviceAccount`. | `""` |
+| `api.settings.licenseKey` | License key. **Required** | `""` |
+| `api.settings.tempPath` | Path to directory used for temp data | `/tmp` |
+| `api.settings.allowAnyOrigin` | Cors policy: allow any origin to perform requests to pro-api service | `false` |
+| `api.settings.logging` | Logging settings | |
+| `api.settings.logging.format` | Log message format, possible options: 'default' - compact json, 'renderedCompactJson' - rendered json format, 'simple' - plain text | `simple` |
+| `api.settings.logging.targets` | Collection of logging targets divided by comma. Currently only 'console' and 'database' are supported. Console is used by default (no need to specify). | `""` |
+| `api.settings.rateLimiter` | rate limiter settings | |
+| `api.settings.rateLimiter.requestsLimit` | max number of requests from one user during time window (0 means rate limiter is disabled) | `1024` |
+| `api.settings.rateLimiter.windowSizeInSeconds` | the size of time windows to count and limit incoming requests | `1` |
+| `api.settings.auth.type` | Authentication type: 'none' - disabled, 'openid10' - [OpenId 1.0 / OAuth 2.0 authentication protocol](https://openid.net/specs/openid-connect-core-1_0.html), 'urbi' - urbi authentication protocol | `none` |
+| `api.settings.auth.url` | API URL of authentication service. Example: `http(s)://keycloak.ingress.host` | `""` |
+| `api.settings.auth.userInfoEndpoint` | The [UserInfo endpoint](https://openid.net/specs/openid-connect-core-1_0.html#UserInfo). Example: `realms/URBI_Pro/protocol/openid-connect/userinfo` | `""` |
+| `api.settings.auth.wellKnownConfigEndpoint` | The [Well-Known Config endpoint](https://openid.net/specs/openid-connect-discovery-1_0.html). Example: `realms/URBI_Pro/.well-known/openid-configuration` | `""` |
+| `api.settings.auth.apiKey` | Secret API Key to perform authorized service actions, random string. Must be set if type not 'none'. Example: `4230b288-301e-4ec6-82c6-db6a8a72c2af` | `""` |
+| `api.settings.auth.turnOffCertValidation` | Turn off certificate validation for auth.url | `false` |
+| `api.settings.auth.shareKeys` | Secret keys for creating and validating shared links. Must contain at least 32 characters. All keys are used for validation. The last one is used for creation. Example: `m7nShlX1a8+IqE9ZcDqRCVjlhEud850ucT0av9bS+tcMTwIwUOUqpNikM+G8teDR` | `[]` |
+| `api.settings.backgroundJobs.enableUserAssetsImporter` | If user data importer job is enabled for the service. | `true` |
+| `api.settings.backgroundJobs.enableAssetsStreaming` | If the streaming data processing job is enabled for the service. | `false` |
+| `api.settings.layerGeneration.isochroneLayerMaxPointsCount` | If layer contains more points, isochrone is not avalible | `500` |
### Permissions API configuration & settings
-| Name | Description | Value |
-| ------------------------------------------------ | --------------------------------------------- | --------------------------------- |
-| `Ingress` | settings | |
-| `permissions.ingress.enabled` | If Ingress is enabled for the service. | `false` |
-| `permissions.ingress.className` | Name of the Ingress controller class. | `nginx` |
-| `permissions.ingress.hosts[0].host` | Hostname for the Ingress service. | `pro-permissions-api.example.com` |
-| `permissions.ingress.hosts[0].paths[0].path` | Path of the host for the Ingress service. | `/` |
-| `permissions.ingress.hosts[0].paths[0].pathType` | Type of the path for the Ingress service. | `Prefix` |
-| `permissions.ingress.tls` | TLS configuration | `[]` |
-| `Permissions` | API settings | |
-| `permissions.settings.enabled` | If permissionsApi is enabled for the service. | `false` |
+| Name | Description | Value |
+| ------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------- |
+| `permissions.image.repository` | Repository | `2gis-on-premise/pro-permissions-api` |
+| `permissions.image.tag` | Tag | `1.41.0` |
+| `permissions.image.pullPolicy` | Pull Policy | `IfNotPresent` |
+| `permissions.ingress.enabled` | If Ingress is enabled for the service | `false` |
+| `permissions.ingress.className` | Name of the Ingress controller class | `nginx` |
+| `permissions.ingress.hosts[0].host` | Hostname for the Ingress service | `pro-permissions-api.example.com` |
+| `permissions.ingress.hosts[0].paths[0].path` | Path of the host for the Ingress service | `/` |
+| `permissions.ingress.hosts[0].paths[0].pathType` | Type of the path for the Ingress service | `Prefix` |
+| `permissions.ingress.tls` | TLS configuration | `[]` |
+| `permissions.pod.replicaCount` | A replica count for the pod. | `1` |
+| `permissions.pod.imagePullSecrets` | Kubernetes image pull secrets. | `[]` |
+| `permissions.pod.nodeSelector` | Kubernetes [node selectors](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector). | `{}` |
+| `permissions.pod.affinity` | Kubernetes pod [affinity settings](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity). | `{}` |
+| `permissions.pod.priorityClassName` | Kubernetes [pod priority](https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/). | `""` |
+| `permissions.pod.terminationGracePeriodSeconds` | Kubernetes [termination grace period](https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/). Should be at least 300 seconds | `60` |
+| `permissions.pod.tolerations` | Kubernetes [tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) settings. | `[]` |
+| `permissions.pod.podAnnotations` | Kubernetes [pod annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/). | `{}` |
+| `permissions.pod.podLabels` | Kubernetes [pod labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/). | `{}` |
+| `permissions.pod.annotations` | Kubernetes [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/). | `{}` |
+| `permissions.pod.labels` | Kubernetes [labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/). | `{}` |
+| `permissions.pod.revisionHistoryLimit` | Revision history limit (used for [rolling back](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) a deployment). | `3` |
+| `permissions.pod.resources` | **Limits for the application service** | |
+| `permissions.pod.resources.requests.cpu` | A CPU request. | `300m` |
+| `permissions.pod.resources.requests.memory` | A memory request. | `256M` |
+| `permissions.pod.resources.limits.cpu` | A CPU limit. | `1` |
+| `permissions.pod.resources.limits.memory` | A memory limit. | `1G` |
+| `permissions.service.annotations` | Kubernetes [service annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) | `{}` |
+| `permissions.service.labels` | Kubernetes [service labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/). | `{}` |
+| `permissions.service.type` | Kubernetes [service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types). | `ClusterIP` |
+| `permissions.service.port` | PRO API service port. | `80` |
+| `permissions.settings.enabled` | Set to `true` if authorization is used | `false` |
+| `permissions.settings.auth.apiKey` | Secret Permissions API Key to perform authorized service actions, random string. Must be set if type not 'none'. Example: `c7d74870-ec28-4543-b408-b49bfed84399` | `""` |
### asset importer settings
@@ -96,7 +113,7 @@
| -------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------ |
| `assetImporter.appName` | Data Import job name. | `asset-importer` |
| `assetImporter.repository` | Docker Repository Image. | `2gis-on-premise/pro-importer` |
-| `assetImporter.tag` | Docker image tag. | `1.35.0` |
+| `assetImporter.tag` | Docker image tag. | `1.41.0` |
| `assetImporter.schedule` | Import job schedule. | `0 18 * * *` |
| `assetImporter.backoffLimit` | The number of [retries](https://kubernetes.io/docs/concepts/workloads/controllers/job/#pod-backoff-failure-policy) before considering a Job as failed. | `2` |
| `assetImporter.successfulJobsHistoryLimit` | How many completed and failed jobs should be kept. See [docs](https://kubernetes.io/docs/tasks/job/automated-tasks-with-cron-jobs/#jobs-history-limits). | `3` |
@@ -160,24 +177,25 @@
### Kafka settings (supported version 2.7)
-| Name | Description | Value |
-| -------------------------------------- | --------------------------------------------------------------------------------------------------------------- | --------------- |
-| `kafka.bootstrapServers` | Kafka bootstrap servers. Format: 'host1:port1,host2:port2' | `""` |
-| `kafka.securityProtocol` | Kafka security protocol. Supported options: SaslPlaintext. | `SaslPlaintext` |
-| `kafka.sasl` | **Kafka sasl settings** (see [the documentation](https://kafka.apache.org/documentation/#security_sasl_config)) | |
-| `kafka.sasl.mechanism` | Kafka sasl mechanism. Supported options: ScramSha512. | `ScramSha512` |
-| `kafka.sasl.username` | Kafka sasl username. | `""` |
-| `kafka.sasl.password` | Kafka sasl password. | `""` |
-| `kafka.assetTopicsReaderGroupId` | Kafka consumer group for reading streaming assets data. | `""` |
-| `kafka.importTasksTopic` | Kafka topic settings to run import tasks. | |
-| `kafka.importTasksTopic.name` | Kafka topic name. | `""` |
-| `kafka.importTasksTopic.readerGroupId` | Kafka consumer group for reading importing tasks. | `""` |
-| `kafka.eventsTopic` | Kafka topic settings to manage events. | |
-| `kafka.eventsTopic.name` | Kafka events topic name. **Required** | `""` |
-| `kafka.eventsTopic.readerGroupId` | Kafka consumer group for reading events. **Required** | `""` |
-| `kafka.assetDataTopic` | Kafka topic settings to manage asset data updates. | |
-| `kafka.assetDataTopic.name` | Kafka topic name. | `""` |
-| `kafka.refreshAssetsIntervalMinutes` | Refresh interval for reading streaming assets settings in minutes. | `60` |
+| Name | Description | Value |
+| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | --------------- |
+| `kafka.bootstrapServers` | Kafka bootstrap servers. Format: 'host1:port1,host2:port2' | `""` |
+| `kafka.securityProtocol` | Kafka security protocol. Supported options: SaslPlaintext. | `SaslPlaintext` |
+| `kafka.sasl` | **Kafka sasl settings** (see [the documentation](https://kafka.apache.org/documentation/#security_sasl_config)) | |
+| `kafka.sasl.mechanism` | Kafka sasl mechanism. Supported options: ScramSha512. | `ScramSha512` |
+| `kafka.sasl.username` | Kafka sasl username. | `""` |
+| `kafka.sasl.password` | Kafka sasl password. | `""` |
+| `kafka.assetTopicsReaderGroupId` | Kafka consumer group for reading streaming assets data. | `""` |
+| `kafka.importTasksTopic` | Kafka topic settings to run import tasks. | |
+| `kafka.importTasksTopic.name` | Kafka topic name. | `""` |
+| `kafka.importTasksTopic.readerGroupId` | Kafka consumer group for reading importing tasks. | `""` |
+| `kafka.eventsTopic` | Kafka topic settings to manage events. | |
+| `kafka.eventsTopic.name` | Kafka events topic name. **Required** | `""` |
+| `kafka.eventsTopic.readerGroupId` | Kafka consumer group for reading events. **Required** | `""` |
+| `kafka.assetDataTopic` | Kafka topic settings to manage asset data updates. | |
+| `kafka.assetDataTopic.name` | Kafka topic name. | `""` |
+| `kafka.refreshAssetsIntervalMinutes` | Refresh interval for reading streaming assets settings in minutes. | `60` |
+| `kafka.useReplicaTopics` | Use topic replica when using multiple kafka clusters. Each topic in the kafka settings must have a corresponding ".replica" topic | `false` |
### ElasticSearch settings (supported version 7.x)
@@ -234,6 +252,7 @@
| ------------ | ------------------------------------------------------------------------------------------------ | ----- |
| `search.url` | URL for [Search API](https://docs.2gis.com/en/on-premise/search). Example: http://search-api.svc | `""` |
+
## Installing
1. Create a configuration file values-api.yaml and fill in all the required parameters according to the docs above.
diff --git a/charts/pro-api/templates/_helpers.tpl b/charts/pro-api/templates/_helpers.tpl
index 13c15d1fe..109f0afed 100644
--- a/charts/pro-api/templates/_helpers.tpl
+++ b/charts/pro-api/templates/_helpers.tpl
@@ -2,7 +2,7 @@
{{- if .Values.api.pod.fullnameOverride -}}
{{- .Values.api.pod.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
-{{- $name := default .Values.api.pod.appName .Values.api.pod.nameOverride -}}
+{{- $name := default .Values.api.appName .Values.api.pod.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
@@ -56,7 +56,7 @@
{{- end -}}
{{- define "pro-api.chart" -}}
-{{- printf "%s-%s" .Values.api.pod.appName .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- printf "%s-%s" .Values.api.appName .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- define "pro-api.selectorLabels" -}}
diff --git a/charts/pro-api/templates/deployment.yaml b/charts/pro-api/templates/deployment.yaml
index de7ff3b9f..048b4510d 100644
--- a/charts/pro-api/templates/deployment.yaml
+++ b/charts/pro-api/templates/deployment.yaml
@@ -112,9 +112,9 @@ spec:
- name: DEBUG
value: "{{ .Values.api.settings.debug }}"
- name: Import__EnableUserAssetsImporter
- value: "{{ .Values.api.settings.enableUserAssetsImporter }}"
+ value: "{{ .Values.api.settings.backgroundJobs.enableUserAssetsImporter }}"
- name: Import__EnableAssetsStreaming
- value: "{{ .Values.api.settings.enableAssetsStreaming }}"
+ value: "{{ .Values.api.settings.backgroundJobs.enableAssetsStreaming }}"
- name: Import__AssetImporterJobName
value: {{ include "pro-api.asset-importer-name" . }}
- name: Import__ExternalLinksProxyUrl
@@ -226,6 +226,8 @@ spec:
value: {{ required "A valid .Values.kafka.eventsTopic.name entry required" $.Values.kafka.eventsTopic.name }}
- name: Kafka__EventsTopicSettings__ReaderGroupId
value: {{ required "A valid .Values.kafka.eventsTopic.readerGroupId entry required" $.Values.kafka.eventsTopic.readerGroupId }}
+ - name: Kafka__UseReplicaTopics
+ value: "{{ $.Values.kafka.useReplicaTopics }}"
- name: Auth__Type
value: "{{ .Values.api.settings.auth.type }}"
- name: Auth__Url
@@ -247,7 +249,7 @@ spec:
{{ end }}
- name: Auth__PermissionsApiUrl
value: {{ include "pro-api.permissions-url" . }}
- {{ if .Values.api.settings.auth.permissionsApiKey }}
+ {{ if .Values.permissions.settings.auth.apiKey }}
- name: Auth__PermissionsApiKey
valueFrom:
secretKeyRef:
@@ -300,6 +302,8 @@ spec:
value: "{{ .Values.api.settings.localCache.trackStatistics }}"
- name: LicensingService__BaseUri
value: {{ required "A valid .Values.license.url entry required" $.Values.license.url }}
+ - name: LayerGeneration__IsochroneLayerMaxPointsCount
+ value: "{{ .Values.api.settings.layerGeneration.isochroneLayerMaxPointsCount }}"
{{- range $i, $s := .Values.api.settings.openApi.servers }}
- name: OpenApi__Servers__{{$i}}
value: "{{ $s }}"
diff --git a/charts/pro-api/templates/permissions-api-deployment.yaml b/charts/pro-api/templates/permissions-api-deployment.yaml
index c0136b7f0..e1a6b40dd 100644
--- a/charts/pro-api/templates/permissions-api-deployment.yaml
+++ b/charts/pro-api/templates/permissions-api-deployment.yaml
@@ -130,7 +130,7 @@ spec:
name: {{ include "pro-api.name" . }}-secret
- name: Auth__Type
value: {{ required "A valid .Values.api.settings.auth.type entry required" $.Values.api.settings.auth.type }}
- {{ if .Values.api.settings.auth.permissionsApiKey }}
+ {{ if .Values.permissions.settings.auth.apiKey }}
- name: Auth__PermissionsApiKey
valueFrom:
secretKeyRef:
@@ -186,6 +186,8 @@ spec:
value: "{{ $.Values.kafka.permissionsTopic.readerGroupId }}"
- name: Kafka__EventsTopicSettings__Name
value: {{ required "A valid .Values.kafka.eventsTopic.name entry required" $.Values.kafka.eventsTopic.name }}
+ - name: Kafka__UseReplicaTopics
+ value: "{{ $.Values.kafka.useReplicaTopics }}"
- name: LocalCache__Enabled
value: "{{ .Values.permissions.settings.localCache.enabled }}"
- name: LocalCache__TrackStatistics
diff --git a/charts/pro-api/templates/secrets.yaml b/charts/pro-api/templates/secrets.yaml
index 9092ceef5..e0bdbd78e 100644
--- a/charts/pro-api/templates/secrets.yaml
+++ b/charts/pro-api/templates/secrets.yaml
@@ -12,8 +12,8 @@ data:
{{ if .Values.digger.password }}
diggerPassword: {{ .Values.digger.password | b64enc }}
{{ end }}
- {{ if .Values.api.settings.auth.permissionsApiKey }}
- permissionsApiKey: {{ required "Valid .Values.api.settings.auth.permissionsApiKey required!" .Values.api.settings.auth.permissionsApiKey | b64enc }}
+ {{ if .Values.permissions.settings.auth.apiKey }}
+ permissionsApiKey: {{ required "Valid .Values.permissions.settings.auth.apiKey required!" .Values.permissions.settings.auth.apiKey | b64enc }}
{{ end }}
{{ if .Values.elastic.credentials }}
esCredentials: {{ .Values.elastic.credentials | b64enc }}
diff --git a/charts/pro-api/values.yaml b/charts/pro-api/values.yaml
index 7d8c61e7b..1b97a02a0 100644
--- a/charts/pro-api/values.yaml
+++ b/charts/pro-api/values.yaml
@@ -1,89 +1,24 @@
# @section Geo API configuration & settings
-# @extra Image settings
-# @param api.image.repository Repository
-# @param api.image.tag Tag
-# @param api.image.pullPolicy Pull Policy
-# @extra Ingress settings
-# @param api.ingress.enabled If Ingress is enabled for the service.
-# @param api.ingress.className Name of the Ingress controller class.
-# @param api.ingress.hosts[0].host Hostname for the Ingress service.
-# @param api.ingress.hosts[0].paths[0].path Path of the host for the Ingress service.
-# @param api.ingress.hosts[0].paths[0].pathType Type of the path for the Ingress service.
-# @param api.ingress.tls TLS configuration
-# @extra Pod settings
-# @param api.pod.appName Name of the service.
-# @param api.pod.replicaCount A replica count for the pod.
-# @param api.pod.imagePullSecrets Kubernetes image pull secrets.
-# @param api.pod.nameOverride Base name to use in all the Kubernetes entities deployed by this chart.
-# @param api.pod.fullnameOverride Base fullname to use in all the Kubernetes entities deployed by this chart.
-# @param api.pod.nodeSelector Kubernetes [node selectors](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector).
-# @param api.pod.affinity Kubernetes pod [affinity settings](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity).
-# @param api.pod.priorityClassName Kubernetes [pod priority](https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/).
-# @param api.pod.terminationGracePeriodSeconds Kubernetes [termination grace period](https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/). Should be at least 300 seconds
-# @param api.pod.tolerations Kubernetes [tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) settings.
-# @param api.pod.podAnnotations Kubernetes [pod annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/).
-# @param api.pod.podLabels Kubernetes [pod labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/).
-# @param api.pod.annotations Kubernetes [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/).
-# @param api.pod.labels Kubernetes [labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/).
-# @param api.pod.revisionHistoryLimit Revision history limit (used for [rolling back](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) a deployment).
-# @extra api.pod.resources **Limits for the application service**
-# @param api.pod.resources.requests.cpu A CPU request.
-# @param api.pod.resources.requests.memory A memory request.
-# @param api.pod.resources.limits.cpu A CPU limit.
-# @param api.pod.resources.limits.memory A memory limit.
-# @param api.pod.strategy.type Type of Kubernetes deployment. Can be `Recreate` or `RollingUpdate`.
-# @param api.pod.strategy.rollingUpdate.maxUnavailable Maximum number of pods that can be created over the desired number of pods when doing [rolling update](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment).
-# @param api.pod.strategy.rollingUpdate.maxSurge Maximum number of pods that can be unavailable during the [rolling update](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment) process.
-# @extra VPA settings [Vertical Pod Autoscaling](https://github.com/kubernetes/autoscaler/blob/master/vertical-pod-autoscaler/README.md)
-# @param api.vpa.enabled If VPA is enabled for the service.
-# @param api.vpa.updateMode VPA [update mode](https://github.com/kubernetes/autoscaler/tree/master/vertical-pod-autoscaler#quick-start).
-# @param api.vpa.minAllowed.cpu Lower limit for the number of CPUs to which the autoscaler can scale down.
-# @param api.vpa.minAllowed.memory Lower limit for the RAM size to which the autoscaler can scale down.
-# @param api.vpa.maxAllowed.cpu Upper limit for the number of CPUs to which the autoscaler can scale up.
-# @param api.vpa.maxAllowed.memory Upper limit for the RAM size to which the autoscaler can scale up.
-# @extra Service settings
-# @param api.service.annotations Kubernetes [service annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/)
-# @param api.service.labels Kubernetes [service labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/).
-# @param api.service.type Kubernetes [service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types).
-# @param api.service.port PRO API service port.
-# @param api.service.serviceAccount Kubernetes service account
-# @param api.service.serviceAccountOverride The name of an existing custom service account. If specified, the services in the chart will use this existing service account. If not specified, a new service account will be created and used with the name from the variable `api.serviceAccount`.
-# @extra Geo API settings
-# @param api.settings.licenseKey License key. **Required**
-# @param api.settings.tempPath Path to directory used for temp data
-# @param api.settings.allowAnyOrigin Cors policy: allow any origin to perform requests to pro-api service
-# @skip api.settings.logEsQueries
-# @skip api.settings.debug
-# @skip api.settings.env
-# @skip api.settings.filterByZoneCodes
-# @skip api.settings.esDataCentersCount
-# @extra api.settings.logging Logging settings
-# @param api.settings.logging.format Log message format, possible options: 'default' - compact json, 'renderedCompactJson' - rendered json format, 'simple' - plain text
-# @param api.settings.logging.targets Collection of logging targets divided by comma. Currently only 'console' and 'database' are supported. Console is used by default (no need to specify).
-# @extra api.settings.rateLimiter rate limiter settings
-# @param api.settings.rateLimiter.requestsLimit max number of requests from one user during time window (0 means rate limiter is disabled)
-# @param api.settings.rateLimiter.windowSizeInSeconds the size of time windows to count and limit incoming requests
-# @skip api.settings.localCache.enabled
-# @skip api.settings.localCache.trackStatistics
-# @skip api.settings.openApi.servers
-# @param api.settings.enableUserAssetsImporter If user data importer job is enabled for the service.
-# @param api.settings.enableAssetsStreaming If the streaming data processing job is enabled for the service.
-# @param api.settings.auth.type Authentication type: 'none' - disabled, 'openid10' - [OpenId 1.0 / OAuth 2.0 authentication protocol](https://openid.net/specs/openid-connect-core-1_0.html), 'urbi' - urbi authentication protocol
-# @param api.settings.auth.url API URL of authentication service. Example: `http(s)://keycloak.ingress.host`
-# @param api.settings.auth.userInfoEndpoint The [UserInfo endpoint](https://openid.net/specs/openid-connect-core-1_0.html#UserInfo). Example: `realms/URBI_Pro/protocol/openid-connect/userinfo`
-# @param api.settings.auth.wellKnownConfigEndpoint The [Well-Known Config endpoint](https://openid.net/specs/openid-connect-discovery-1_0.html). Example: `realms/URBI_Pro/.well-known/openid-configuration`
-# @param api.settings.auth.apiKey Secret API Key to perform authorized service actions, random string. Must be set if type not 'none'. Example: `4230b288-301e-4ec6-82c6-db6a8a72c2af`
-# @param api.settings.auth.permissionsApiKey Secret Permissions API Key to perform authorized service actions, random string. Must be set if type not 'none'. Example: `c7d74870-ec28-4543-b408-b49bfed84399`
-# @skip api.settings.auth.autoRegisterUsers
-# @param api.settings.auth.turnOffCertValidation Turn off certificate validation for auth.url
-# @param api.settings.auth.shareKeys Secret keys for creating and validating shared links. Must contain at least 32 characters. All keys are used for validation. The last one is used for creation. Example: `m7nShlX1a8+IqE9ZcDqRCVjlhEud850ucT0av9bS+tcMTwIwUOUqpNikM+G8teDR`
-
api:
+
+ # @param api.appName Name of the service
+ appName: pro-api
+
+ # @param api.image.repository Repository
+ # @param api.image.tag Tag
+ # @param api.image.pullPolicy Pull Policy
image:
repository: 2gis-on-premise/pro-api
- tag: 1.35.0
+ tag: 1.41.0
pullPolicy: IfNotPresent
+
+ # @param api.ingress.enabled If Ingress is enabled for the service.
+ # @param api.ingress.className Name of the Ingress controller class.
+ # @param api.ingress.hosts[0].host Hostname for the Ingress service.
+ # @param api.ingress.hosts[0].paths[0].path Path of the host for the Ingress service.
+ # @param api.ingress.hosts[0].paths[0].pathType Type of the path for the Ingress service.
+ # @param api.ingress.tls TLS configuration
ingress:
enabled: false
className: nginx
@@ -96,8 +31,30 @@ api:
# - hosts:
# - pro-api.example.com
# secretName: secret.tls
+
+ # @param api.pod.replicaCount A replica count for the pod.
+ # @param api.pod.imagePullSecrets Kubernetes image pull secrets.
+ # @param api.pod.nameOverride Base name to use in all the Kubernetes entities deployed by this chart.
+ # @param api.pod.fullnameOverride Base fullname to use in all the Kubernetes entities deployed by this chart.
+ # @param api.pod.nodeSelector Kubernetes [node selectors](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector).
+ # @param api.pod.affinity Kubernetes pod [affinity settings](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity).
+ # @param api.pod.priorityClassName Kubernetes [pod priority](https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/).
+ # @param api.pod.terminationGracePeriodSeconds Kubernetes [termination grace period](https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/). Should be at least 300 seconds
+ # @param api.pod.tolerations Kubernetes [tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) settings.
+ # @param api.pod.podAnnotations Kubernetes [pod annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/).
+ # @param api.pod.podLabels Kubernetes [pod labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/).
+ # @param api.pod.annotations Kubernetes [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/).
+ # @param api.pod.labels Kubernetes [labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/).
+ # @param api.pod.revisionHistoryLimit Revision history limit (used for [rolling back](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) a deployment).
+ # @extra api.pod.resources **Limits for the application service**
+ # @param api.pod.resources.requests.cpu A CPU request.
+ # @param api.pod.resources.requests.memory A memory request.
+ # @param api.pod.resources.limits.cpu A CPU limit.
+ # @param api.pod.resources.limits.memory A memory limit.
+ # @param api.pod.strategy.type Type of Kubernetes deployment. Can be `Recreate` or `RollingUpdate`.
+ # @param api.pod.strategy.rollingUpdate.maxUnavailable Maximum number of pods that can be created over the desired number of pods when doing [rolling update](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment).
+ # @param api.pod.strategy.rollingUpdate.maxSurge Maximum number of pods that can be unavailable during the [rolling update](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment) process.
pod:
- appName: pro-api
replicaCount: 2
imagePullSecrets: []
nameOverride: ''
@@ -124,6 +81,13 @@ api:
rollingUpdate:
maxUnavailable: 0
maxSurge: 1
+
+ # @param api.vpa.enabled If VPA is enabled for the service.
+ # @param api.vpa.updateMode VPA [update mode](https://github.com/kubernetes/autoscaler/tree/master/vertical-pod-autoscaler#quick-start).
+ # @param api.vpa.minAllowed.cpu Lower limit for the number of CPUs to which the autoscaler can scale down.
+ # @param api.vpa.minAllowed.memory Lower limit for the RAM size to which the autoscaler can scale down.
+ # @param api.vpa.maxAllowed.cpu Upper limit for the number of CPUs to which the autoscaler can scale up.
+ # @param api.vpa.maxAllowed.memory Upper limit for the RAM size to which the autoscaler can scale up.
vpa:
enabled: false
updateMode: Auto
@@ -133,6 +97,13 @@ api:
maxAllowed:
cpu: 1
memory: 1024M
+
+ # @param api.service.annotations Kubernetes [service annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/)
+ # @param api.service.labels Kubernetes [service labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/).
+ # @param api.service.type Kubernetes [service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types).
+ # @param api.service.port PRO API service port.
+ # @param api.service.serviceAccount Kubernetes service account
+ # @param api.service.serviceAccountOverride The name of an existing custom service account. If specified, the services in the chart will use this existing service account. If not specified, a new service account will be created and used with the name from the variable `api.serviceAccount`.
service:
annotations: {}
labels: {}
@@ -140,6 +111,35 @@ api:
port: 80
serviceAccount: runner
serviceAccountOverride: ''
+
+ # @param api.settings.licenseKey License key. **Required**
+ # @param api.settings.tempPath Path to directory used for temp data
+ # @param api.settings.allowAnyOrigin Cors policy: allow any origin to perform requests to pro-api service
+ # @skip api.settings.logEsQueries
+ # @skip api.settings.debug
+ # @skip api.settings.env
+ # @skip api.settings.filterByZoneCodes
+ # @skip api.settings.esDataCentersCount
+ # @extra api.settings.logging Logging settings
+ # @param api.settings.logging.format Log message format, possible options: 'default' - compact json, 'renderedCompactJson' - rendered json format, 'simple' - plain text
+ # @param api.settings.logging.targets Collection of logging targets divided by comma. Currently only 'console' and 'database' are supported. Console is used by default (no need to specify).
+ # @extra api.settings.rateLimiter rate limiter settings
+ # @param api.settings.rateLimiter.requestsLimit max number of requests from one user during time window (0 means rate limiter is disabled)
+ # @param api.settings.rateLimiter.windowSizeInSeconds the size of time windows to count and limit incoming requests
+ # @skip api.settings.localCache.enabled
+ # @skip api.settings.localCache.trackStatistics
+ # @skip api.settings.openApi.servers
+ # @param api.settings.auth.type Authentication type: 'none' - disabled, 'openid10' - [OpenId 1.0 / OAuth 2.0 authentication protocol](https://openid.net/specs/openid-connect-core-1_0.html), 'urbi' - urbi authentication protocol
+ # @param api.settings.auth.url API URL of authentication service. Example: `http(s)://keycloak.ingress.host`
+ # @param api.settings.auth.userInfoEndpoint The [UserInfo endpoint](https://openid.net/specs/openid-connect-core-1_0.html#UserInfo). Example: `realms/URBI_Pro/protocol/openid-connect/userinfo`
+ # @param api.settings.auth.wellKnownConfigEndpoint The [Well-Known Config endpoint](https://openid.net/specs/openid-connect-discovery-1_0.html). Example: `realms/URBI_Pro/.well-known/openid-configuration`
+ # @param api.settings.auth.apiKey Secret API Key to perform authorized service actions, random string. Must be set if type not 'none'. Example: `4230b288-301e-4ec6-82c6-db6a8a72c2af`
+ # @skip api.settings.auth.autoRegisterUsers
+ # @param api.settings.auth.turnOffCertValidation Turn off certificate validation for auth.url
+ # @param api.settings.auth.shareKeys Secret keys for creating and validating shared links. Must contain at least 32 characters. All keys are used for validation. The last one is used for creation. Example: `m7nShlX1a8+IqE9ZcDqRCVjlhEud850ucT0av9bS+tcMTwIwUOUqpNikM+G8teDR`
+ # @param api.settings.backgroundJobs.enableUserAssetsImporter If user data importer job is enabled for the service.
+ # @param api.settings.backgroundJobs.enableAssetsStreaming If the streaming data processing job is enabled for the service.
+ # @param api.settings.layerGeneration.isochroneLayerMaxPointsCount If layer contains more points, isochrone is not avalible
settings:
licenseKey: ''
tempPath: /tmp
@@ -160,43 +160,39 @@ api:
trackStatistics: false
openApi:
servers: []
- enableUserAssetsImporter: true
- enableAssetsStreaming: false
auth:
type: none
url: ''
userInfoEndpoint: ''
wellKnownConfigEndpoint: ''
apiKey: ''
- permissionsApiKey: ''
autoRegisterUsers: true
turnOffCertValidation: false
shareKeys: []
-
+ backgroundJobs:
+ enableUserAssetsImporter: true
+ enableAssetsStreaming: false
+ layerGeneration:
+ isochroneLayerMaxPointsCount: 500
# @section Permissions API configuration & settings
-# @skip permissions.image
-# @extra Ingress settings
-# @param permissions.ingress.enabled If Ingress is enabled for the service.
-# @param permissions.ingress.className Name of the Ingress controller class.
-# @param permissions.ingress.hosts[0].host Hostname for the Ingress service.
-# @param permissions.ingress.hosts[0].paths[0].path Path of the host for the Ingress service.
-# @param permissions.ingress.hosts[0].paths[0].pathType Type of the path for the Ingress service.
-# @param permissions.ingress.tls TLS configuration
-# @skip permissions.pod
-# @skip permissions.service
-# @extra Permissions API settings
-# @skip permissions.settings.host
-# @param permissions.settings.enabled If permissionsApi is enabled for the service.
-# @skip permissions.settings.localCache.enabled
-# @skip permissions.settings.localCache.trackStatistics
-
permissions:
+
+ # @param permissions.image.repository Repository
+ # @param permissions.image.tag Tag
+ # @param permissions.image.pullPolicy Pull Policy
image:
repository: 2gis-on-premise/pro-permissions-api
- tag: 1.35.0
+ tag: 1.41.0
pullPolicy: IfNotPresent
+
+ # @param permissions.ingress.enabled If Ingress is enabled for the service
+ # @param permissions.ingress.className Name of the Ingress controller class
+ # @param permissions.ingress.hosts[0].host Hostname for the Ingress service
+ # @param permissions.ingress.hosts[0].paths[0].path Path of the host for the Ingress service
+ # @param permissions.ingress.hosts[0].paths[0].pathType Type of the path for the Ingress service
+ # @param permissions.ingress.tls TLS configuration
ingress:
enabled: false
className: nginx
@@ -206,9 +202,25 @@ permissions:
- path: /
pathType: Prefix
tls: []
- # - hosts:
- # - pro-permissions-api.example.com
# secretName: secret.tls
+
+ # @param permissions.pod.replicaCount A replica count for the pod.
+ # @param permissions.pod.imagePullSecrets Kubernetes image pull secrets.
+ # @param permissions.pod.nodeSelector Kubernetes [node selectors](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector).
+ # @param permissions.pod.affinity Kubernetes pod [affinity settings](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity).
+ # @param permissions.pod.priorityClassName Kubernetes [pod priority](https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/).
+ # @param permissions.pod.terminationGracePeriodSeconds Kubernetes [termination grace period](https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/). Should be at least 300 seconds
+ # @param permissions.pod.tolerations Kubernetes [tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) settings.
+ # @param permissions.pod.podAnnotations Kubernetes [pod annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/).
+ # @param permissions.pod.podLabels Kubernetes [pod labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/).
+ # @param permissions.pod.annotations Kubernetes [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/).
+ # @param permissions.pod.labels Kubernetes [labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/).
+ # @param permissions.pod.revisionHistoryLimit Revision history limit (used for [rolling back](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) a deployment).
+ # @extra permissions.pod.resources **Limits for the application service**
+ # @param permissions.pod.resources.requests.cpu A CPU request.
+ # @param permissions.pod.resources.requests.memory A memory request.
+ # @param permissions.pod.resources.limits.cpu A CPU limit.
+ # @param permissions.pod.resources.limits.memory A memory limit.
pod:
replicaCount: 1
imagePullSecrets: []
@@ -229,17 +241,30 @@ permissions:
limits:
cpu: 1
memory: 1G
+
+ # @param permissions.service.annotations Kubernetes [service annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/)
+ # @param permissions.service.labels Kubernetes [service labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/).
+ # @param permissions.service.type Kubernetes [service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types).
+ # @param permissions.service.port PRO API service port.
service:
annotations: {}
labels: {}
type: ClusterIP
port: 80
+
+ # @skip permissions.settings.host
+ # @param permissions.settings.enabled Set to `true` if authorization is used
+ # @skip permissions.settings.localCache.enabled
+ # @skip permissions.settings.localCache.trackStatistics
+ # @param permissions.settings.auth.apiKey Secret Permissions API Key to perform authorized service actions, random string. Must be set if type not 'none'. Example: `c7d74870-ec28-4543-b408-b49bfed84399`
settings:
host: ''
enabled: false
localCache:
enabled: true
trackStatistics: false
+ auth:
+ apiKey: ''
# @section asset importer settings
@@ -271,7 +296,7 @@ permissions:
assetImporter:
appName: asset-importer
repository: 2gis-on-premise/pro-importer
- tag: 1.35.0
+ tag: 1.41.0
schedule: 0 18 * * *
backoffLimit: 2
successfulJobsHistoryLimit: 3
@@ -303,7 +328,7 @@ assetImporter:
assetPreparer:
appName: asset-preparer
repository: 2gis-on-premise/pro-importer
- tag: 1.35.0
+ tag: 1.41.0
schedule: 0 16 * * 6
backoffLimit: 2
successfulJobsHistoryLimit: 1
@@ -317,6 +342,7 @@ assetPreparer:
memory: 512M
enabled: true
settings:
+ files: ''
maxParallelJobs: 1
@@ -398,6 +424,7 @@ postgres:
# @param kafka.assetDataTopic.name Kafka topic name.
# @skip kafka.permissionsTopic
# @param kafka.refreshAssetsIntervalMinutes Refresh interval for reading streaming assets settings in minutes.
+# @param kafka.useReplicaTopics Use topic replica when using multiple kafka clusters. Each topic in the kafka settings must have a corresponding ".replica" topic
kafka:
bootstrapServers: ''
@@ -419,6 +446,7 @@ kafka:
name: ''
readerGroupId: ''
refreshAssetsIntervalMinutes: 60
+ useReplicaTopics: false
# @section ElasticSearch settings (supported version 7.x)
@@ -507,6 +535,7 @@ license:
search:
url: ''
+
# @skip tileGen
tileGen:
diff --git a/charts/pro-ui/Chart.yaml b/charts/pro-ui/Chart.yaml
index f16c1db1e..ab3ce3214 100644
--- a/charts/pro-ui/Chart.yaml
+++ b/charts/pro-ui/Chart.yaml
@@ -3,7 +3,7 @@ name: pro-ui
type: application
description: A Helm chart for Kubernetes to deploy 2GIS Pro UI service
-version: 1.29.0
+version: 1.30.0
appVersion: 2.27.0
maintainers:
diff --git a/charts/pro-ui/README.md b/charts/pro-ui/README.md
index 47b3c7a8c..b579824d4 100644
--- a/charts/pro-ui/README.md
+++ b/charts/pro-ui/README.md
@@ -179,7 +179,7 @@ Use this Helm chart to deploy 2GIS Pro UI service, which is a part of 2GIS's [On
| ------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------ |
| `stylesImporter.name` | Styles Import job name. | `styles-importer` |
| `stylesImporter.image.repository` | Docker Repository Image. | `2gis-on-premise/pro-importer` |
-| `stylesImporter.image.tag` | Docker image tag. | `1.35.0` |
+| `stylesImporter.image.tag` | Docker image tag. | `1.41.0` |
| `stylesImporter.backoffLimit` | The number of [retries](https://kubernetes.io/docs/concepts/workloads/controllers/job/#pod-backoff-failure-policy) before considering a Job as failed. | `2` |
| `stylesImporter.successfulJobsHistoryLimit` | How many completed and failed jobs should be kept. See [docs](https://kubernetes.io/docs/tasks/job/automated-tasks-with-cron-jobs/#jobs-history-limits). | `3` |
| `stylesImporter.nodeSelector` | Kubernetes [node selectors](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector). | `{}` |
diff --git a/charts/pro-ui/values.yaml b/charts/pro-ui/values.yaml
index 828219900..e139ad82e 100644
--- a/charts/pro-ui/values.yaml
+++ b/charts/pro-ui/values.yaml
@@ -292,7 +292,7 @@ stylesImporter:
name: styles-importer
image:
repository: 2gis-on-premise/pro-importer
- tag: 1.35.0
+ tag: 1.41.0
backoffLimit: 2
successfulJobsHistoryLimit: 3
nodeSelector: {}
diff --git a/charts/search-api/Chart.yaml b/charts/search-api/Chart.yaml
index b234795ce..bdab4ab85 100644
--- a/charts/search-api/Chart.yaml
+++ b/charts/search-api/Chart.yaml
@@ -4,7 +4,7 @@ description: Search engine for catalog
type: application
-version: 1.29.0
+version: 1.30.0
appVersion: 7.80.0
maintainers:
diff --git a/charts/stat-receiver/Chart.yaml b/charts/stat-receiver/Chart.yaml
index cc9d5b4e4..4d242a98a 100644
--- a/charts/stat-receiver/Chart.yaml
+++ b/charts/stat-receiver/Chart.yaml
@@ -3,7 +3,7 @@ name: stat-receiver
type: application
description: A Helm chart for Kubernetes to deploy Stat Receiver
-version: 1.29.0
+version: 1.30.0
appVersion: 1.11.1
maintainers:
diff --git a/charts/styles-api/Chart.yaml b/charts/styles-api/Chart.yaml
index 8e9354feb..401bee3d5 100644
--- a/charts/styles-api/Chart.yaml
+++ b/charts/styles-api/Chart.yaml
@@ -3,7 +3,7 @@ name: styles-api
type: application
description: A Helm chart for Kubernetes to deploy API Styles service
-version: 1.29.0
+version: 1.30.0
appVersion: 0.30.0
maintainers:
diff --git a/charts/tiles-api/Chart.yaml b/charts/tiles-api/Chart.yaml
index 3d5101152..a0b0e0875 100644
--- a/charts/tiles-api/Chart.yaml
+++ b/charts/tiles-api/Chart.yaml
@@ -4,8 +4,8 @@ description: Tiles API for getting cartographic data
type: application
-version: 1.29.0
-appVersion: 4.54.0
+version: 1.30.0
+appVersion: 4.61.0
maintainers:
- name: 2gis
diff --git a/charts/tiles-api/README.md b/charts/tiles-api/README.md
index cce8c0aca..788dea89a 100644
--- a/charts/tiles-api/README.md
+++ b/charts/tiles-api/README.md
@@ -33,6 +33,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/map) to learn about:
| `dgctlStorage.host` | S3 endpoint. Format: `host:port`. | `""` |
| `dgctlStorage.secure` | If S3 uses https. | `false` |
| `dgctlStorage.bucket` | S3 bucket name. | `""` |
+| `dgctlStorage.region` | S3 region. | `""` |
| `dgctlStorage.accessKey` | S3 access key for accessing the bucket. | `""` |
| `dgctlStorage.secretKey` | S3 secret key for accessing the bucket. | `""` |
| `dgctlStorage.manifest` | The path to the [manifest file](https://docs.2gis.com/en/on-premise/overview#nav-lvl2@paramCommon_deployment_steps). Format: `manifests/0000000000.json`.
This file contains the description of pieces of data that the service requires to operate. | `""` |
@@ -89,7 +90,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/map) to learn about:
| `proxy.resources.limits.memory` | A memory limit. | `512Mi` |
| `proxy.image` | **Docker image settings** | |
| `proxy.image.repository` | Docker Repository. | `2gis-on-premise/tiles-api-proxy` |
-| `proxy.image.tag` | Docker image tag. | `4.54.0` |
+| `proxy.image.tag` | Docker image tag. | `4.61.0` |
| `proxy.image.pullPolicy` | Kubernetes pull policy for the service's Docker image. | `IfNotPresent` |
| `proxy.access` | **API Keys service access settings** | |
| `proxy.access.enabled` | If access to the [API Keys service](https://docs.2gis.com/en/on-premise/keys) is enabled. | `false` |
@@ -125,7 +126,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/map) to learn about:
| `api.resources.limits.memory` | A memory limit. | `512Mi` |
| `api.image` | **Docker image settings** | |
| `api.image.repository` | Docker Repository. | `2gis-on-premise/tiles-api` |
-| `api.image.tag` | Docker image tag. | `4.54.0` |
+| `api.image.tag` | Docker image tag. | `4.61.0` |
| `api.image.pullPolicy` | Kubernetes pull policy for the service's Docker image. | `IfNotPresent` |
| `api.imagePullSecrets` | Kubernetes image pull secrets. | `[]` |
| `api.strategy.rollingUpdate` | **Service's Rolling Update strategy settings** | |
@@ -200,7 +201,7 @@ See the [documentation](https://docs.2gis.com/en/on-premise/map) to learn about:
| `importer.resources.limits.memory` | A memory limit. | `256Mi` |
| `importer.image` | **Docker image settings** | |
| `importer.image.repository` | Docker Repository. | `2gis-on-premise/tiles-api-importer` |
-| `importer.image.tag` | Docker image tag. | `4.54.0` |
+| `importer.image.tag` | Docker image tag. | `4.61.0` |
| `importer.image.pullPolicy` | Kubernetes pull policy for the service's Docker image. | `IfNotPresent` |
| `importer.imagePullSecrets` | Kubernetes image pull secrets. | `[]` |
| `importer.cleaner` | **Cassandra keyspace lifecycle management and Cleaner settings** | |
diff --git a/charts/tiles-api/configs/importer/importer.yaml b/charts/tiles-api/configs/importer/importer.yaml
index 0a5c06374..e5effae47 100644
--- a/charts/tiles-api/configs/importer/importer.yaml
+++ b/charts/tiles-api/configs/importer/importer.yaml
@@ -12,6 +12,7 @@ storage:
host: {{ required "Valid .Values.dgctlStorage.host required!" .Values.dgctlStorage.host }}
secure: {{ .Values.dgctlStorage.secure }}
bucket: {{ required "Valid .Values.dgctlStorage.bucket required!" .Values.dgctlStorage.bucket }}
+ region: {{ .Values.dgctlStorage.region }}
url-lifetime-period: 60m
k8s:
diff --git a/charts/tiles-api/values.yaml b/charts/tiles-api/values.yaml
index 52d828d2e..74eeaf3dd 100644
--- a/charts/tiles-api/values.yaml
+++ b/charts/tiles-api/values.yaml
@@ -9,6 +9,7 @@ dgctlDockerRegistry: ''
# @param dgctlStorage.host S3 endpoint. Format: `host:port`.
# @param dgctlStorage.secure If S3 uses https.
# @param dgctlStorage.bucket S3 bucket name.
+# @param dgctlStorage.region S3 region.
# @param dgctlStorage.accessKey S3 access key for accessing the bucket.
# @param dgctlStorage.secretKey S3 secret key for accessing the bucket.
# @param dgctlStorage.manifest The path to the [manifest file](https://docs.2gis.com/en/on-premise/overview#nav-lvl2@paramCommon_deployment_steps). Format: `manifests/0000000000.json`.
This file contains the description of pieces of data that the service requires to operate.
@@ -17,6 +18,7 @@ dgctlStorage:
host: ''
secure: false
bucket: ''
+ region: ''
accessKey: ''
secretKey: ''
manifest: ''
@@ -122,7 +124,7 @@ proxy:
image:
repository: 2gis-on-premise/tiles-api-proxy
- tag: 4.54.0
+ tag: 4.61.0
pullPolicy: IfNotPresent
containerPort: 5000
@@ -179,7 +181,7 @@ api:
image:
repository: 2gis-on-premise/tiles-api
- tag: 4.54.0
+ tag: 4.61.0
pullPolicy: IfNotPresent
terminationGracePeriodSeconds: 30
@@ -337,7 +339,7 @@ importer:
image:
repository: 2gis-on-premise/tiles-api-importer
- tag: 4.54.0
+ tag: 4.61.0
pullPolicy: IfNotPresent
diff --git a/charts/traffic-proxy/Chart.yaml b/charts/traffic-proxy/Chart.yaml
index 5151db4a8..5035695f1 100644
--- a/charts/traffic-proxy/Chart.yaml
+++ b/charts/traffic-proxy/Chart.yaml
@@ -4,7 +4,7 @@ description: A Helm chart for Kubernetes to deploy Proxy for traffic jams
type: application
-version: 1.29.0
+version: 1.30.0
appVersion: 1.21.6
maintainers:
diff --git a/charts/traffic-proxy/README.md b/charts/traffic-proxy/README.md
index ed9df5966..f7b6f885d 100644
--- a/charts/traffic-proxy/README.md
+++ b/charts/traffic-proxy/README.md
@@ -44,13 +44,21 @@ See the [documentation](https://docs.2gis.com/en/on-premise/traffic-proxy) to le
### Proxy server settings
-| Name | Description | Value |
-| --------------------- | --------------------------------------------------------------------------------------- | ------ |
-| `proxy.host` | URL for the proxy server to serve, ex: https://traffic0.edromaps.2gis.com. **Required** | `""` |
-| `proxy.listen` | Port for the proxy server to listen. | `8080` |
-| `proxy.cache.enabled` | If caching should be enabled for the proxy server. | `true` |
-| `proxy.cache.age` | Cache validity period. | `1m` |
-| `proxy.cache.size` | Maximum cache size. | `32m` |
+| Name | Description | Value |
+| -------------------------- | ------------------------------------------------------------------------------------------------------ | ------- |
+| `proxy.host` | URL for the proxy server to serve, ex: https://traffic0.edromaps.2gis.com. **Required** | `""` |
+| `proxy.listen` | Port for the proxy server to listen. | `8080` |
+| `proxy.cache.enabled` | If caching should be enabled for the proxy server. | `true` |
+| `proxy.cache.age` | Cache validity period. | `1m` |
+| `proxy.cache.size` | Maximum cache size. | `32m` |
+| `proxy.worker.processes` | Number of worker processes. | `2` |
+| `proxy.worker.connections` | Number of worker connections. | `1024` |
+| `proxy.log.errorLog.level` | Error log level. Allowed values: `debug`, `info`, `notice`, `warn`, `error`, `crit`, `alert`, `emerg`. | `error` |
+| `proxy.log.accessLog` | Access log definition. | `off` |
+| `proxy.keepaliveTimeout` | Keepalive timeout. | `65` |
+| `proxy.log.customFormats` | List of custom log formats to be used in NGINX configuration | `[]` |
+| `proxy.locations` | List of additional location blocks to be included in the NGINX configuration | `[]` |
+| `proxy.httpServers` | List of additional server blocks to be included in the NGINX configuration | `{}` |
### Deployment settings
diff --git a/charts/traffic-proxy/templates/configmap.yaml b/charts/traffic-proxy/templates/configmap.yaml
index 75e1031d5..3532cb917 100644
--- a/charts/traffic-proxy/templates/configmap.yaml
+++ b/charts/traffic-proxy/templates/configmap.yaml
@@ -8,12 +8,12 @@ metadata:
{{- include "traffic-proxy.labels" . | nindent 4 }}
data:
nginx.conf: |
- worker_processes 2;
+ worker_processes {{ .Values.proxy.worker.processes }};
pid /run/nginx.pid;
events {
- worker_connections 1024;
+ worker_connections {{ .Values.proxy.worker.connections }};
}
http {
@@ -44,12 +44,19 @@ data:
'"request_id":"$http_x_request_id",'
'"upstream_request_id":"$upstream_http_x_request_id"}';
- access_log off;
- error_log /dev/stderr error;
+ {{- if .Values.proxy.log.customFormats }}
+ {{ range .Values.proxy.log.customFormats }}
+ log_format {{ .name }} escape={{ .escape }} {{ .format | nindent 36 | trim }};
+ {{- end }}
+ {{- end }}
+
+ access_log {{ required "A valid .Values.proxy.log.accessLog required" .Values.proxy.log.accessLog }};
+
+ error_log /dev/stderr {{ required "A valid .Values.proxy.log.errorLog.level required" .Values.proxy.log.errorLog.level }};
sendfile on;
tcp_nopush on;
- keepalive_timeout 65;
+ keepalive_timeout {{ .Values.proxy.keepaliveTimeout }};
{{ if .Values.proxy.cache.enabled }}
proxy_cache_path /var/cache/nginx/trafficcache keys_zone=trafficcache:{{ .Values.proxy.cache.size }};
@@ -81,5 +88,19 @@ data:
default_type text/html;
return 200 "OK
\n";
}
+
+ {{ if .Values.proxy.locations }}
+ {{ range .Values.proxy.locations }}
+ location {{ .path }} {
+ {{- .definition | trim | nindent 14}}
+ }
+ {{ end }}
+ {{ end }}
}
+
+ {{ if .Values.proxy.httpServers }}
+ {{ range .Values.proxy.httpServers }}
+ {{- . | trim | nindent 6 }}
+ {{ end }}
+ {{ end }}
}
diff --git a/charts/traffic-proxy/values.yaml b/charts/traffic-proxy/values.yaml
index 622b8d8a5..543d8d60f 100644
--- a/charts/traffic-proxy/values.yaml
+++ b/charts/traffic-proxy/values.yaml
@@ -39,6 +39,12 @@ podLabels: {}
# @param proxy.cache.enabled If caching should be enabled for the proxy server.
# @param proxy.cache.age Cache validity period.
# @param proxy.cache.size Maximum cache size.
+# @param proxy.worker.processes Number of worker processes.
+# @param proxy.worker.connections Number of worker connections.
+# @param proxy.log.errorLog.level Error log level. Allowed values: `debug`, `info`, `notice`, `warn`, `error`, `crit`, `alert`, `emerg`.
+# @param proxy.log.accessLog Access log definition.
+# @param proxy.keepaliveTimeout Keepalive timeout.
+
proxy:
host: ''
@@ -49,6 +55,46 @@ proxy:
enabled: true
age: 1m
size: 32m
+ worker:
+ processes: 2
+ connections: 1024
+ log:
+ # @param proxy.log.customFormats List of custom log formats to be used in NGINX configuration
+ customFormats: []
+ # - name: small
+ # escape: json
+ # format: |
+ # '{"time_local":"$time_local",'
+ # '"remote_addr":"$remote_addr",'
+ # '"request":"$request",'
+ # '"status":"$status",'
+ # '"host":"$host"}'
+ errorLog:
+ level: error
+
+ accessLog: off
+ # accessLog: '/dev/stdout main'
+
+ keepaliveTimeout: 65
+
+ # @param proxy.locations List of additional location blocks to be included in the NGINX configuration
+ locations: []
+ # - path: /test/
+ # definition: |
+ # default_type text/html;
+ # return 200 "test page
\n";
+
+ # @param proxy.httpServers List of additional server blocks to be included in the NGINX configuration
+ httpServers: {}
+ # examplecfg: |
+ # server {
+ # listen 0.0.0.0:8080;
+
+ # location / {
+ # default_type text/html;
+ # return 200 "test page
\n";
+ # }
+ # }
# @section Deployment settings
diff --git a/charts/twins-api/Chart.yaml b/charts/twins-api/Chart.yaml
index 853b4b68a..caf15e205 100644
--- a/charts/twins-api/Chart.yaml
+++ b/charts/twins-api/Chart.yaml
@@ -3,7 +3,7 @@ name: twins-api
type: application
description: A Helm chart for Kubernetes to deploy API Twins service
-version: 1.29.0
+version: 1.30.0
appVersion: 1.13.0
maintainers:
diff --git a/image_versions.txt b/image_versions.txt
index 8e552efa5..1d7d37b3c 100644
--- a/image_versions.txt
+++ b/image_versions.txt
@@ -2,10 +2,10 @@ catalog-api
catalog-api:3.625.0
catalog-importer:1.7.0
citylens
- citylens-api:1.13.1
- citylens-database:1.13.0
- citylens-web:1.13.0
- citylens-workers:1.13.0
+ citylens-api:1.14.2
+ citylens-database:1.14.0
+ citylens-web:1.14.2
+ citylens-workers:1.14.2
dgtt
dgtt:0.2.27-b188673e09
floors-api
@@ -22,7 +22,7 @@ keycloak
keycloak-themes:0.0.8
keycloak:21.1.1-debian-11-r4
keys
- keys-backend:1.87.0
+ keys-backend:1.89.0
keys-redis:6.2.6-alpine3.15
keys-ui:0.8.0
license
@@ -52,12 +52,12 @@ navi-splitter
platform
platform-ui:0.15.1
pro-api
- pro-api:1.35.0
- pro-importer:1.35.0
- pro-importer:1.35.0
- pro-permissions-api:1.35.0
+ pro-api:1.41.0
+ pro-importer:1.41.0
+ pro-importer:1.41.0
+ pro-permissions-api:1.41.0
pro-ui
- pro-importer:1.35.0
+ pro-importer:1.41.0
pro-ui:2.27.0
search-api
search-api:7.80.0
@@ -68,9 +68,9 @@ stat-receiver
styles-api
styles-api:0.30.0
tiles-api
- tiles-api-importer:4.54.0
- tiles-api-proxy:4.54.0
- tiles-api:4.54.0
+ tiles-api-importer:4.61.0
+ tiles-api-proxy:4.61.0
+ tiles-api:4.61.0
traffic-proxy
nginx:1.21.6
twins-api
diff --git a/styleguide.md b/styleguide.md
index c3540f0d6..985885bad 100644
--- a/styleguide.md
+++ b/styleguide.md
@@ -10,7 +10,7 @@
Файлы `README.md` формируются полуавтоматически. Для каждого чарта сначала необходимо создать файл `README.md` с общим описанием сервиса и пустым разделом «Values», а затем запустить инструмент [`readme-generator-for-helm`](https://github.com/bitnami-labs/readme-generator-for-helm) от Bitnami, чтобы автоматически заполнить раздел «Values» описаниями настроек на основе комментариев из `values.yaml`. Подробнее об использовании генератора можно прочитать в [документе](https://docs.google.com/document/d/1iEPG8tcCYu9q5iZssTAPOd43xh8uCQhNXyXhFPUTir8/edit).
-Генератор можно запускать напрямую или с помощью [`Makefile`](Makefile), например:
+Генератор можно запускать напрямую или с помощью [`Makefile`](Makefile) (лучше это делать на linux. На windows были замечены проблемы с лишними пустыми строками при генерации README.md), например:
```sh
make prepare
@@ -49,8 +49,8 @@ make charts/navi-back
- В переменных, где предполагается конечный список значений, всегда его явно перечисляем.
```yaml
- # @param LOG_LEVEL Log level: `error`, `warn`, `info` or `debug`.
- LOG_LEVEL: error
+ # @param logLevel Log level: `trace`, `debug`, `info`, `warning`, `error`, `fatal`.
+ logLevel: error
```
- Константы или переменные, которые никогда не меняются при типовом использовании сервиса, следует скрывать из `README.md` при помощи тэга `@skip`.
@@ -89,6 +89,9 @@ make charts/navi-back
- verticalPodAutoscaler - vpa
- podDisruptionBudget - pdb
- serviceAccount.yaml - serviceAccount
+ - Настройки логгирования:
+ - logLevel: `trace`, `debug`, `info`, `warning`, `error`, `fatal`
+ - logFormat: `json`, `plaintext`
- Группы настроек называем везде одинаково. Предпочтение отдаём не сокращённым, а полным названиям. По возможности используем [официальные названия](https://github.com/helm/helm/blob/main/pkg/releaseutil/kind_sorter.go#L72).
- Исключения: hpa, vpa, pdb