apunkt/trustgraph
1
0
Fork 0
mirror of https://github.com/trustgraph-ai/trustgraph.git synced 2026-04-29 18:36:22 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Added GCP and Minikube output (#59)

Browse source 
* Added a config to create Minikube k8s, uses hostpath volumes
* Reworked templater to produce docker compose and minikube output
* Fix config templates
This commit is contained in:
cybermaggedon 2024-09-09 17:16:50 +01:00 committed by GitHub
parent f661791bbf
commit 0ae6feddb0
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
62 changed files with 37961 additions and 7077 deletions
Download patch file Download diff file Expand all files Collapse all files

191
templates/engine/docker-compose.jsonnet Normal file
View file

@ -0,0 +1,191 @@
{
// Extract resources usnig the engine
package:: function(patterns)
std.foldl(
function(state, p) state + p.create(self),
std.objectValues(patterns),
{}
),
container:: function(name)
{
local container = self,
name: name,
limits: {},
reservations: {},
ports: [],
volumes: [],
with_image:: function(x) self + { image: x },
with_command:: function(x) self + { command: x },
with_environment:: function(x) self + { environment: x },
with_limits:: function(c, m) self + { limits: { cpus: c, memory: m } },
with_reservations::
function(c, m) self + { reservations: { cpus: c, memory: m } },
with_volume_mount::
function(vol, mnt)
self + {
volumes: super.volumes + [{
volume: vol, mount: mnt
}]
},
with_port::
function(src, dest, name) self + {
ports: super.ports + [
{ src: src, dest: dest, name : name }
]
},
add:: function() {
services +: {
[container.name]: {
image: container.image,
deploy: {
resources: {
limits: container.limits,
reservations: container.reservations,
}
},
restart: "on-failure:100",
} +
(if std.objectHas(container, "command") then
{ command: container.command }
else {}) +
(if std.objectHas(container, "environment") then
{ environment: container.environment }
else {}) +
(if std.length(container.ports) > 0 then
{
ports: [
"%d:%d" % [port.src, port.dest]
for port in container.ports
]
}
else {}) +
(if std.length(container.volumes) > 0 then
{
volumes: [
"%s:%s" % [vol.volume.name, vol.mount]
for vol in container.volumes
]
}
else {})
}
}
},
internalService:: function(containers)
{
local service = self,
name: containers.name,
with_port:: function(src, dest, name)
self + { port: [src, dest] },
add:: function() {
}
},
service:: function(containers)
{
local service = self,
name: containers.name,
with_port:: function(src, dest, name)
self + { port: [src, dest] },
add:: function() {
}
},
volume:: function(name)
{
local volume = self,
name: name,
with_size:: function(size) self + { size: size },
add:: function() {
volumes +: {
[volume.name]: {}
}
}
},
configVolume:: function(name, dir, parts)
{
local volume = self,
name: dir,
with_size:: function(size) self + { size: size },
add:: function() {
}
},
secretVolume:: function(name, dir, parts)
{
local volume = self,
name: dir,
with_size:: function(size) self + { size: size },
add:: function() {
}
},
containers:: function(name, containers)
{
local cont = self,
name: name,
containers: containers,
add:: function() std.foldl(
function(state, c) state + c.add(),
cont.containers,
{}
),
},
resources:: function(res)
std.foldl(
function(state, c) state + c.add(),
res,
{}
),
}

44
templates/engine/gcp-k8s.jsonnet Normal file
View file

@ -0,0 +1,44 @@
local k8s = import "k8s.jsonnet";
local ns = {
apiVersion: "v1",
kind: "Namespace",
metadata: {
name: "trustgraph",
},
"spec": {
},
};
local sc = {
apiVersion: "storage.k8s.io/v1",
kind: "StorageClass",
metadata: {
name: "tg",
},
provisioner: "pd.csi.storage.gke.io",
parameters: {
type: "pd-balanced",
"csi.storage.k8s.io/fstype": "ext4",
},
reclaimPolicy: "Delete",
volumeBindingMode: "WaitForFirstConsumer",
};
k8s + {
// Extract resources usnig the engine
package:: function(patterns)
local resources = [sc, ns] + std.flattenArrays([
p.create(self) for p in std.objectValues(patterns)
]);
local resourceList = {
apiVersion: "v1",
kind: "List",
items: [ns, sc] + resources,
};
resourceList
}

307
templates/engine/k8s.jsonnet Normal file
View file

@ -0,0 +1,307 @@
{
container:: function(name)
{
local container = self,
name: name,
limits: {},
reservations: {},
ports: [],
volumes: [],
with_image:: function(x) self + { image: x },
with_command:: function(x) self + { command: x },
with_environment:: function(x) self + { environment: x },
with_limits:: function(c, m) self + { limits: { cpu: c, memory: m } },
with_reservations::
function(c, m) self + { reservations: { cpu: c, memory: m } },
with_volume_mount::
function(vol, mnt)
self + {
volumes: super.volumes + [{
volume: vol, mount: mnt
}]
},
with_port::
function(src, dest, name) self + {
ports: super.ports + [
{ src: src, dest: dest, name : name }
]
},
add:: function() [
{
apiVersion: "apps/v1",
kind: "Deployment",
metadata: {
name: container.name,
namespace: "trustgraph",
labels: {
app: container.name
}
},
spec: {
replicas: 1,
selector: {
matchLabels: {
app: container.name,
}
},
template: {
metadata: {
labels: {
app: container.name,
}
},
spec: {
containers: [
{
name: container.name,
image: container.image,
// FIXME: Make everything run as
// root. Needed to get filesystems
// to be accessible. There's a
// better way of doing this?
securityContext: {
runAsUser: 0,
runAsGroup: 0,
},
resources: {
requests: container.reservations,
limits: container.limits
},
} + (
if std.length(container.ports) > 0 then
{
ports: [
{
hostPort: port.src,
containerPort: port.dest,
}
for port in container.ports
]
} else
{}) +
(if std.objectHas(container, "command") then
{ command: container.command }
else {}) +
(if std.objectHas(container, "environment") then
{ env: [ {
name: e.key, value: e.value
}
for e in
std.objectKeysValues(
container.environment
)
]
}
else {}) +
(if std.length(container.volumes) > 0 then
{
volumeMounts: [
{
mountPath: vol.mount,
name: vol.volume.name,
}
for vol in container.volumes
]
}
else
{}
)
],
volumes: [
vol.volume.volRef()
for vol in container.volumes
]
}
},
} + {}
}
]
},
// Just an alias
internalService:: self.service,
service:: function(containers)
{
local service = self,
name: containers.name,
ports: [],
with_port::
function(src, dest, name)
self + {
ports: super.ports + [
{ src: src, dest: dest, name: name }
]
},
add:: function() [
{
apiVersion: "v1",
kind: "Service",
metadata: {
name: service.name,
namespace: "trustgraph",
},
spec: {
selector: {
app: service.name,
},
ports: [
{
port: port.src,
targetPort: port.dest,
name: port.name,
}
for port in service.ports
],
}
}
],
},
volume:: function(name)
{
local volume = self,
name: name,
with_size:: function(size) self + { size: size },
add:: function() [
{
apiVersion: "v1",
kind: "PersistentVolumeClaim",
metadata: {
name: volume.name,
namespace: "trustgraph",
},
spec: {
storageClassName: "tg",
accessModes: [ "ReadWriteOnce" ],
resources: {
requests: {
storage: volume.size,
}
},
}
}
],
volRef:: function() {
name: volume.name,
persistentVolumeClaim: { claimName: volume.name },
}
},
configVolume:: function(name, dir, parts)
{
local volume = self,
name: name,
with_size:: function(size) self + { size: size },
add:: function() [
{
apiVersion: "v1",
kind: "ConfigMap",
metadata: {
name: volume.name,
namespace: "trustgraph",
},
data: parts
},
],
volRef:: function() {
name: volume.name,
configMap: { name: volume.name },
}
},
secretVolume:: function(name, dir, parts)
{
local volume = self,
name: name,
with_size:: function(size) self + { size: size },
add:: function() [
{
apiVersion: "v1",
kind: "Secret",
metadata: {
name: volume.name,
namespace: "trustgraph",
},
data: {
[item.key]: std.base64(item.value)
for item in std.objectKeysValues(parts)
}
},
],
volRef:: function() {
name: volume.name,
secret: { secretName: volume.name },
}
},
containers:: function(name, containers)
{
local cont = self,
name: name,
containers: containers,
add:: function() std.flattenArrays(
[ c.add() for c in cont.containers ]
),
},
resources:: function(res)
std.flattenArrays(
[ c.add() for c in res ]
),
}

115
templates/engine/minikube-k8s.jsonnet Normal file
View file

@ -0,0 +1,115 @@
local k8s = import "k8s.jsonnet";
local ns = {
apiVersion: "v1",
kind: "Namespace",
metadata: {
name: "trustgraph",
},
"spec": {
},
};
k8s + {
// Extract resources usnig the engine
package:: function(patterns)
local resources = [ns] + std.flattenArrays([
p.create(self) for p in std.objectValues(patterns)
]);
local resourceList = {
apiVersion: "v1",
kind: "List",
items: resources,
};
resourceList,
volume:: function(name)
{
local volume = self,
name: name,
with_size:: function(size) self + { size: size },
add:: function() [
{
apiVersion: "v1",
kind: "PersistentVolume",
metadata: {
name: volume.name,
},
spec: {
accessModes: [ "ReadWriteOnce" ],
capacity: {
storage: volume.size,
},
persistentVolumeReclaimPolicy: "Delete",
hostPath: {
path: "/data/pv-" + volume.name,
},
}
},
{
apiVersion: "v1",
kind: "PersistentVolumeClaim",
metadata: {
name: volume.name,
namespace: "trustgraph",
},
spec: {
accessModes: [ "ReadWriteOnce" ],
resources: {
requests: {
storage: volume.size,
}
},
}
}
],
volRef:: function() {
name: volume.name,
persistentVolumeClaim: { claimName: volume.name },
}
},
service:: function(containers)
{
local service = self,
name: containers.name,
ports: [],
with_port::
function(src, dest, name)
self + {
ports: super.ports + [
{ src: src, dest: dest, name: name }
]
},
add:: function() [
{
apiVersion: "v1",
kind: "Service",
metadata: {
name: service.name,
namespace: "trustgraph",
},
spec: {
selector: {
app: service.name,
},
type: "LoadBalancer",
ports: [
{
port: port.src,
targetPort: port.dest,
name: port.name,
}
for port in service.ports
],
}
}
],
},
}