Merge pull request #50 from emqx/add_chart

Add chart

Makefile

@@ -87,14 +87,14 @@ cross_build: cross_prepare
 
 .PHONY: docker
 docker:
-	docker build --no-cache -t $(TARGET):$(VERSION) -f .
+	docker build --no-cache -t $(TARGET):$(VERSION) -f deploy/docker/docker-entrypoint.sh.
 
 .PHONY:cross_docker
 cross_docker: cross_prepare
 	docker buildx build --no-cache \
 	--platform=linux/amd64,linux/arm64,linux/arm/v7,linux/386,linux/ppc64le \
 	-t $(TARGET):$(VERSION) \
-	-f docker/Dockerfile . \
+	-f deploy/docker/docker-entrypoint.sh . \
 	--push
 
 .PHONY: clean

deploy/chart/kuiper/.helmignore

@@ -0,0 +1,22 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

deploy/chart/kuiper/Chart.yaml

@@ -0,0 +1,21 @@
+apiVersion: v2
+name: kuiper
+description: A lightweight IoT edge analytic software
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+version: 0.0.3
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application.
+appVersion: 0.0.3-55-gb2e037d

deploy/chart/kuiper/README_zh.md

@@ -0,0 +1,207 @@
+Kuiper 可以通过 Helm chart 部署在 k3s / k8s 集群上。
+下面以 k3s 为例演示如何部署 Kuiper：
+
+## Prepare：
+
++ 安装 K3S: 
+  ```
+  $ curl -sfL https://get.k3s.io | sh -
+  $ sudo chmod 755 /etc/rancher/k3s/k3s.yaml
+  $ kubectl get nodes
+  NAME               STATUS   ROLES    AGE     VERSION
+  ip-172-31-16-120   Ready    master   4m31s   v1.16.3-k3s.2
+  ```
+
++ 安装 helm3
+  ```
+  $ curl -sfL https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash -
+  Downloading https://get.helm.sh/helm-v3.0.1-linux-amd64.tar.gz
+  Preparing to install helm into /usr/local/bin
+  helm installed into /usr/local/bin/helm
+  
+  ## K8S 可以跳过这一步
+  $ export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
+  ```
+
+## 获取 Kuiper Helm Chart
+
++ 可以通过一下两种方法的任意一种获取 Kuiper Helm Chart，本文以使用 `git clone` 拉取代码的方式为例讲解。
+
+  + Git clone
+
+    ```
+    $ git clone https://github.com/emqx/kuiper
+    $ cd kuiper/deploy/chart/kuiper
+    ```
+
+  + Helm repo (TODO)
+
+    + 添加Helm repo
+
+      ```
+      $ helm repo add emqx https://repos.emqx.io/charts
+      ```
+
+    + 查询 Kuiper
+
+      ```
+      helm search kuiper
+      NAME     		CHART VERSION	APP VERSION  	DESCRIPTION
+      emqx/kuiper	0.0.3	        0.0.3	        A lightweight IoT edge analytic software
+      ```
+
++ 可以通过编辑 `values.yaml` 文件或使用 `helm install --set` 命令编辑 Kuiper Helm Chart 的配置
+
+  ##### Kuiper Helm Chart 配置项
+
+  | 参数                           | 描述                                | Default Value            |
+  | ------------------------------ | ----------------------------------- | ------------------------ |
+  | `replicaCount`                 | 部署kuiper数量                      | 1                        |
+  | `image.repository`             | 拉取镜像名称                        | emqx/kuiper              |
+  | `image.pullPolicy`             | 拉取镜像策略                        | IfNotPresent             |
+  | `persistence.enabled`          | 是否启用 PVC                        | false                    |
+  | `persistence.storageClass`     | Storage class 名称                  | `nil`                    |
+  | `persistence.existingClaim`    | PV 名称                             | ""                       |
+  | `persistence.accessMode`       | PVC 访问模式                        | ReadWriteOnce            |
+  | `persistence.size`             | PVC 容量                            | 20Mi                     |
+  | `resources`                    | CPU/内存资源                        | {}                       |
+  | `nodeSelector`                 | 节点选择                            | {}                       |
+  | `tolerations`                  | 污点容忍                            | []                       |
+  | `affinity`                     | 节点亲和性                          | {}                       |
+  | `mqtt.servers`                 | mqtt服务器的代理地址                | `[tcp://127.0.0.1:1883]` |
+  | `mqtt.qos`                     | 消息转发的服务质量                  | 1                        |
+  | `mqtt.sharedSubscription`      | 是否使用共享订阅                    | true                     |
+  | `mqtt.username`                | 连接用户名                          |                          |
+  | `mqtt.password`                | 连接密码                            |                          |
+  | `mqtt.certificationSecretName` | 通过证书文件创建的 Secre 资源的名字 |                          |
+  | `mqtt.privateKeySecretName`    | 通过私钥文件创建的 Secre 资源的名字 |                          |
+  | `mqtt.certificationPath`       | 证书路径。必须是绝对路径。          |                          |
+  | `mqtt.privateKeyPath`          | 私钥路径。必须绝对路径。            |                          |
+
+## 通过 Helm 部署 Kuiper
+
+#### 快速部署Kuiper
+
++ 使用 Helm 部署 Kuiper
+
+  ```
+  $ helm install my-kuiper .
+  NAME: my-kuiper
+  LAST DEPLOYED: Mon Dec  9 09:56:32 2019
+  NAMESPACE: default
+  STATUS: deployed
+  REVISION: 1
+  TEST SUITE: None
+  ```
+
++ 部署成功
+
+  ```
+  $ kubectl get pods
+  NAME       READY   STATUS    RESTARTS   AGE
+  my-kuiper-0   1/1     Running   0          19s
+
+  $ kubectl exec -it  my-kuiper-0 sh
+  /kuiper # ./bin/cli
+  Connecting to 127.0.0.1:20498...
+  ```
+
+#### 部署持久化的 Kuiper
+
++ Kuiper 通过 创建 PVC 资源挂载 `/kuiper/data` 目录实现持久化 `pods`，**在部署 Kuiper 之前，用户需要自行在 Kubernetes 中创建 PVC 资源或 Storage Classes 资源**
+
++ 编辑 `values.yaml` 文件，设置 `persistence.enabled=true`
+
+  + 如果用户部署了 PVC 资源，那么设置 `persistence.existingClaim=your_pv_name`
++ 如果用户部署了 Storage Classes 资源，那么设置`persistence.storageClass=your_storageClass_name`
+  
++ 使用 Helm 部署 Kuiper
+
+  ```
+  $ helm install my-kuiper .
+  NAME: my-kuiper
+  LAST DEPLOYED: Mon Dec  9 09:56:32 2019
+  NAMESPACE: default
+  STATUS: deployed
+  REVISION: 1
+  TEST SUITE: None
+  ```
+
++ 部署成功
+
+  ```
+  $ kubectl get pods
+  NAME       READY   STATUS    RESTARTS   AGE
+  my-kuiper-0   1/1     Running   0          19s
+
+  $ kubectl exec -it  my-kuiper-0 sh
+  /kuiper # ./bin/cli
+  Connecting to 127.0.0.1:20498...
+  ```
+
+#### 部署Kuiper并使用证书
+
++ 使用 `kubectl create secret` 将证书文件和私钥创建成 Secret 资源，`kubectl create secret` 命令的语法如下：
+
+  ```
+  $ kubectl create secret generic your-secret-name --from-file=/path/to/file
+  ```
+
+  创建证书文件 Secret 资源：
+
+  ```
+  $ kubectl create secret generic client-cert --from-file=certs/client-cert.pem
+  ```
+
+  创建私钥文件 Secret 资源：
+
+  ```
+  $ kubectl create secret generic client-key --from-file=certs/client-key.pem
+  ```
+
+  查看 Secret 资源：
+
+  ```
+  $ kubectl get secret
+  NAME                                         TYPE                                  DATA   AGE
+  client-cert                                  Opaque                                1      25m
+  client-key                                   Opaque                                1      24m
+  ```
+
++ 编辑 `values.yaml` 文件
+
+  + 设置 `mqtt.certificationSecretName` 为证书文件 Secret 资源： `mqtt.certificationSecretName: client-cert`
+  + 设置 `mqtt.privateKeySecretName` 为私钥文件 Secret 资源：`mqtt.privateKeySecretName: client-key`
+  + 设置证书文件部署路径：`mqtt.certificationPath: /var/kuiper/certificate.pem`
+  + 设置私钥文件部署路径：`mqtt.privateKeyPath: /var/kuiper/private.pem.key`
+
++ 使用 Helm 部署 Kuiper
+
+  ```
+  $ helm install my-kuiper .
+  NAME: my-kuiper
+  LAST DEPLOYED: Mon Dec  9 09:56:32 2019
+  NAMESPACE: default
+  STATUS: deployed
+  REVISION: 1
+  TEST SUITE: None
+  ```
+
++ 部署成功
+
+  ```
+  $ kubectl get pods
+  NAME       READY   STATUS    RESTARTS   AGE
+  my-kuiper-0   1/1     Running   0          19s
+
+  $ kubectl exec -it my-kuiper-0 -- ls -al /var/kuiper
+  total 8
+  drwxr-xr-x    4 root     root          4096 Dec 10 02:23 .
+  drwxr-xr-x    1 root     root          4096 Dec 10 02:23 ..
+  drwxrwxrwt    3 root     root           100 Dec 10 02:23 certificate.pem
+  drwxrwxrwt    3 root     root           100 Dec 10 02:23 private.pem.key
+
+  $ kubectl exec -it  my-kuiper-0 sh
+  /kuiper # ./bin/cli
+  Connecting to 127.0.0.1:20498...
+  ```

deploy/chart/kuiper/templates/StatefulSet.yaml

@@ -0,0 +1,101 @@
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: {{ include "kuiper.fullname" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "kuiper.labels" . | nindent 4 }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  serviceName: {{ include "kuiper.fullname" . }}-headless
+  {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
+  volumeClaimTemplates:
+    - metadata:
+        name: kuiper-data
+        namespace: {{ .Release.Namespace }}
+        labels:
+          {{- include "kuiper.labels" . | nindent 4 }}
+        annotations:
+        {{- if .Values.persistence.storageClass }}
+          volume.beta.kubernetes.io/storage-class: {{ .Values.persistence.storageClass | quote }}
+        {{- else }}
+          volume.alpha.kubernetes.io/storage-class: default
+        {{- end }}
+      spec:
+        accessModes:
+          - {{ .Values.persistence.accessMode | quote }}
+        resources:
+         requests:
+           storage: {{ .Values.persistence.size | quote }}
+  {{- end }}
+  selector:
+    matchLabels:
+      {{- include "kuiper.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      labels:
+        {{- include "kuiper.selectorLabels" . | nindent 8 }}
+    spec:
+      # securityContext:
+      #   fsGroup: 1000
+      volumes:
+      {{- if not .Values.persistence.enabled }}
+      - name: kuiper-data
+        emptyDir: {}
+      {{- else if .Values.persistence.existingClaim }}
+      - name: kuiper-data
+        persistentVolumeClaim:
+        {{- with .Values.persistence.existingClaim }}
+          claimName: {{ tpl . $ }}
+        {{- end }}
+      {{- end }}
+      - name: mqtt
+        configMap:
+          name: {{ include "kuiper.fullname" . }}
+          items:
+          - key: mqtt.yaml
+            path: mqtt.yaml
+      {{- if .Values.mqtt.certificationSecretName }}
+      - name: kuiper-certification
+        secret:
+          secretName: {{ .Values.mqtt.certificationSecretName }}
+      {{- end }}
+      {{- if .Values.mqtt.privateKeySecretName }}
+      - name: kuiper-private-key
+        secret:
+          secretName: {{ .Values.mqtt.privateKeySecretName }}
+      {{- end }}
+      containers:
+        - name: kuiper
+          image: "{{ .Values.image.repository }}:{{ .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          volumeMounts:
+          - name: kuiper-data
+            mountPath: "/kuiper/data"
+          - name: mqtt
+            mountPath: "/kuiper/etc/sources/mqtt.yaml"
+            subPath: "mqtt.yaml"
+          {{ if .Values.mqtt.certificationSecretName  }}
+          - name: kuiper-certification
+            mountPath: {{ .Values.mqtt.certificationPath | default "/var/kuiper/certificate.pem" }}
+            readOnly: true
+          {{ end }}
+          {{ if .Values.mqtt.privateKeySecretName  }}
+          - name: kuiper-private-key
+            mountPath: {{ .Values.mqtt.privateKeyPath | default "/var/kuiper/private.pem.key" }}
+            readOnly: true
+          {{ end }}
+          resources:
+          {{- toYaml .Values.resources | nindent 12 }}
+    {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+    {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+    {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}

deploy/chart/kuiper/templates/_helpers.tpl

@@ -0,0 +1,63 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "kuiper.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "kuiper.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "kuiper.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Common labels
+*/}}
+{{- define "kuiper.labels" -}}
+helm.sh/chart: {{ include "kuiper.chart" . }}
+{{ include "kuiper.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end -}}
+
+{{/*
+Selector labels
+*/}}
+{{- define "kuiper.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "kuiper.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end -}}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "kuiper.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create -}}
+    {{ default (include "kuiper.fullname" .) .Values.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.serviceAccount.name }}
+{{- end -}}
+{{- end -}}

deploy/chart/kuiper/templates/configmap.yaml

@@ -0,0 +1,39 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "kuiper.fullname" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "kuiper.labels" . | nindent 4 }}
+data:
+    "random.yaml": |
+      default:
+        interval: 1000
+        pattern:
+          count: 50
+      ext:
+        interval: 300
+        seed: 1
+        pattern:
+          count: 50
+    "zmq.yaml": |
+      #Global Zmq configurations
+      default:
+        server: tcp://127.0.0.1:5563
+    "mqtt.yaml": |
+      #Global MQTT configurations
+      default:
+        {{- toYaml .Values.mqtt | nindent 8 }}
+      #Override the global configurations
+      demo_conf: #Conf_key
+        qos: 0
+        servers: [tcp://10.211.55.6:1883, tcp://127.0.0.1]
+    "client.yaml": |
+      basic:
+        host: 127.0.0.1
+        port: 20498
+    "kuiper.yaml": |
+      basic:
+        # true|false, with debug level, it prints more debug info
+        debug: false
+        port: 20498

deploy/chart/kuiper/templates/sevice.yaml

@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "kuiper.fullname" . }}-headless
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "kuiper.labels" . | nindent 4 }}
+spec:
+  type: ClusterIP
+  sessionAffinity: None
+  clusterIP: None
+  selector:
+    {{- include "kuiper.selectorLabels" . | nindent 4 }}

deploy/chart/kuiper/values.yaml

@@ -0,0 +1,51 @@
+# Default values for kuiper.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+  repository: emqx/kuiper
+  pullPolicy: IfNotPresent
+
+persistence:
+  enabled: false
+  size: 20Mi
+  ## If defined, volume.beta.kubernetes.io/storage-class: <storageClass>
+  ## Default: volume.alpha.kubernetes.io/storage-class: default
+  # storageClass: "-"
+  accessMode: ReadWriteOnce
+  ## Existing PersistentVolumeClaims
+  ## The value is evaluated as a template
+  ## So, for example, the name can depend on .Release or .Chart
+  # existingClaim: ""
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
+
+mqtt:
+  #Global MQTT configurations
+  qos: 1
+  sharedSubscription: true
+  servers: [tcp://127.0.0.1:1883]
+  #username: user1
+  #password: password
+  certificationSecretName: client-cert
+  privateKeySecretName: client-key
+  #certificationPath: /var/kuiper/certificate.pem
+  #privateKeyPath: /var/kuiper/private.pem.key