Skip to content

Commit ab479d6

Browse files
authored
Merge pull request wger-project#70 from bbkz/dev
add rc.6
2 parents 76a575a + e698bd3 commit ab479d6

13 files changed

Lines changed: 163 additions & 75 deletions

RELEASENOTES.md

Lines changed: 32 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -9,8 +9,16 @@ file and update your own.
99

1010
First make a backup of your database and media files.
1111

12-
If you update a existing installation you need to set the following,
13-
as the key already exists from the previous installation, alternativly you can delete the secret:
12+
Compared to the docker compose setup the helm chart takes care of the following tasks
13+
automatically, so don't get confused with the documentation:
14+
15+
* creates a jwt private and public key
16+
* setups the powersync database
17+
18+
If you upgrade a existing installation the jwt key already exists
19+
from the previous installation. You have to the jwt secret, alternatively
20+
you can set `update: true`, this will force the private and public key to
21+
be regenerated on every install and upgrade:
1422

1523
```yaml
1624
app:
@@ -22,26 +30,39 @@ app:
2230
2331
The now unused signing key remains in the secret, but serves no purpose.
2432
25-
This chart also takes care of the JWT and powersync setup no manual task is required there.
26-
2733
The first start and even restarting the wger container takes a long time as we now use a
28-
post-install hook the helm command can timeout, use `--timeout 15m`.
34+
post-install hook the helm command can timeout, you have to use `--timeout 15m` on the helm
35+
command.
2936

3037
* upgrade to wger 2.6
3138
* minor upgrade postgres to 15.18
3239
* minor upgrade redis to 8.8.0
3340
* new powersync service for offline sync for the mobile app introduced
3441
* new service accounts introduced for jwt autogeneration and powersync database initialization
3542
* JWT signing key has been removed
36-
* autogenerated JWT keys with a pre-install, pre-update and pre-rollback hook
37-
* appends to the current jwt secret
43+
* autogenerated JWT keys with a pre-install and pre-update hook
44+
* can append to the current jwt secret
3845
* nginx and persistent storage is now mandatory
3946
* nginx get's it's own deployment
4047
* clean up unused volume definitions
41-
* service and target ports changes
42-
* add resource settings for most containers
43-
* separate service settings
44-
* path in nginx for the static and media files changed
48+
* service and target ports changed
49+
* add resource setting possibility for most containers
50+
* reorganize yamls
51+
* path in nginx for the static and media files changed, to match docker compose setup
52+
* celery enabled by default
53+
* REFRESH_TOKEN_LIFETIME default changed from 24 to 2880
54+
* EXERCISE_CACHE_TTL default changed from 18000 to 2419200
55+
* AXES_IPWARE_PROXY_COUNT default changed from 0 to 1
56+
* CELERY_WORKER_CONCURRENCY added with default 4
57+
* CACHE_API_EXERCISES_CELERY added with default True
58+
* CACHE_API_EXERCISES_CELERY_FORCE_UPDATE added with default True
59+
* replaced .Values.app.axes.ipwareProxyCount with .Values.app.proxyCount
60+
* NUMBER_OF_PROXIES added with default 1 for REST Framework
61+
62+
### Post Install Tasks
63+
64+
* Some unused thumbnail sizes have been deleted, run `./manage.py prune-thumbnails` to delete dangling files
65+
* The default location for ingredient images has changed. Please run `./manage migrate-ingredient-image-paths` to migrate existing entries. Note that this is technically optional, as the old paths will continue working, but it is advised for consistency.
4566

4667
## 0.3.0
4768

charts/wger/Chart.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
---
22
apiVersion: v2
3-
version: 1.0.0-rc.4
3+
version: 1.0.0-rc.6
44
appVersion: "2.6"
55
name: wger
66
description: A Helm chart for wger installation on Kubernetes

charts/wger/README.md

Lines changed: 21 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -14,9 +14,9 @@ For a more productive environment you have to enable nginx as a reverse proxy. T
1414

1515
## Prerequisites
1616

17-
* Kubernetes 1.15+
17+
* Kubernetes 1.33+
1818
* Helm 3.0+
19-
* PV infrastructure on the cluster persistence is needed
19+
* PV infrastructure (with ReadWriteMany) on the cluster persistence is needed
2020
* Ingress infrastructure for exposing the installation
2121

2222

@@ -41,6 +41,7 @@ There is a example of the `values.yaml` in the [example folder](/example/) with
4141

4242
Please see the [parameters section](#parameters).
4343

44+
**The startup phase of the wger app container is running database migrations, it is crucial that it runs properly.**
4445

4546
## Parameters
4647

@@ -59,7 +60,7 @@ For additional configuration of the Groundhog2k's PostgreSQL and Redis charts, p
5960
| `app.global.annotations` | Annotations to attach to each resource, apart from the ingress and the persistence objects | Dictionary | `{}` |
6061
| `app.global.replicas` | Number of webserver instances that should be running. | Integer | `1` |
6162
| `app.global.securityContext` | Pod security context | Object | see [values.yaml](charts/wger/values.yaml) |
62-
63+
| `app.global.proxyCount` | Count of proxies | String | `1` |
6364

6465
### Mail
6566

@@ -109,20 +110,23 @@ For additional configuration of the Groundhog2k's PostgreSQL and Redis charts, p
109110

110111
Celery requires persistent volumes.
111112

112-
| Name | Description | Type | Default Value |
113-
|---------------------------------|-------------------------------|------------|-------------------|
114-
| `celery.enabled` | Enable celery for sync | Boolean | `True` |
115-
| `celery.annotations` | Annotations | Dictionary | `{}` |
116-
| `celery.replicas` | Enable celery for sync | Integer | `1` |
117-
| `celery.replicasWorker` | Enable celery for sync | Integer | `1` |
118-
| `celery.securityContext` | Pod security context | Object | see [values.yaml](values.yaml) |
119-
| `celery.syncExercises` | sync exercises | Boolean | `True` |
120-
| `celery.syncImages` | sync exercise images | Boolean | `True` |
121-
| `celery.syncVideos` | sync exercise videos | Boolean | `True` |
122-
| `celery.ingredientsFrom` | source for ingredients, possible values `WGER`,`OFF` | String | `WGER` |
123-
| `celery.flower.enabled` | enable flower webinterface for celery | Boolean | `False` |
124-
| `celery.flower.secret.name` | Name of the secret | String | `flower` |
125-
| `celery.flower.secret.password` | Password for the webinterface | String | `randAlphaNum 50` |
113+
| Name | Description | Type | Default Value |
114+
|----------------------------------|-------------------------------|------------|-------------------|
115+
| `celery.enabled` | Enable celery for sync | Boolean | `True` |
116+
| `celery.annotations` | Annotations | Dictionary | `{}` |
117+
| `celery.replicas` | Enable celery for sync | Integer | `1` |
118+
| `celery.replicasWorker` | Enable celery for sync | Integer | `1` |
119+
| `celery.workerConcurrency` | Set to one if using sqlite | Integer | `4` |
120+
| `celery.securityContext` | Pod security context | Object | see [values.yaml](values.yaml) |
121+
| `celery.syncExercises` | sync exercises | Boolean | `True` |
122+
| `celery.syncImages` | sync exercise images | Boolean | `True` |
123+
| `celery.syncVideos` | sync exercise videos | Boolean | `True` |
124+
| `celery.warmupExercisesCache` | task to warmup cache 1w | Boolean | `True` |
125+
| `celery.warmupExercisesCacheAll` | warmup all exercises | Boolean | `True` |
126+
| `celery.ingredientsFrom` | source for ingredients, possible values `WGER`,`OFF` | String | `WGER` |
127+
| `celery.flower.enabled` | enable flower webinterface for celery | Boolean | `False` |
128+
| `celery.flower.secret.name` | Name of the secret | String | `flower` |
129+
| `celery.flower.secret.password` | Password for the webinterface | String | `randAlphaNum 50` |
126130

127131

128132
## JWT
@@ -145,7 +149,6 @@ Celery requires persistent volumes.
145149
| `app.axes.lockoutParameters` | List (comma separated string) | String | `"ip_address"` |
146150
| `app.axes.failureLimit` | Limit of failed auth | String | `10` |
147151
| `app.axes.cooloffTime` | in Minutes | String | `30` |
148-
| `app.axes.ipwareProxyCount` | Count of proxies | String | `0` |
149152
| `app.axes.ipwareMetaPrecedenceOrder` | Proxy header magnitude | List (comma separated string) | `"HTTP_X_FORWARDED_FOR,REMOTE_ADDR"` |
150153

151154

charts/wger/templates/NOTES.txt

Lines changed: 0 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -19,22 +19,4 @@ Get the postgres user passwords:
1919
kubectl -n {{ .Release.Namespace }} get secret {{ .Release.Name }}-postgres -o jsonpath='{.data.USERDB_PASSWORD}' | base64 -d
2020
```
2121

22-
After the first installation you need to generate the database setting for powersync, this is used from the wger companion app
23-
to authenticate for offline synchronisation:
24-
25-
```
26-
export POD=$(kubectl -n {{ .Release.Namespace }} get pods -l "app.kubernetes.io/name={{ .Release.Name }}-app" -o jsonpath="{.items[0].metadata.name}")
27-
kubectl -n {{ .Release.Namespace }} exec -it pod/$POD -c wger -- ./manage.py setup-powersync-storage
28-
```
29-
30-
{{- end }}
31-
32-
{{- $manipulatejwt := (include "manipulatejwt" .) }}
33-
{{- if eq $manipulatejwt "doit" }}
34-
The jwt keys have been changed you need to restart the deployment to activate the new keys:
35-
36-
```
37-
kubectl -n {{ .Release.Namespace }} rollout restart deploy {{ .Release.Name }}-app {{ .Release.Name }}-powersync {{ .Release.Name }}-nginx {{ .Release.Name }}-celery {{ .Release.Name }}-celery-worker
38-
```
39-
4022
{{- end }}

charts/wger/templates/_helpers.tpl

Lines changed: 29 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -44,7 +44,7 @@ environment:
4444
- name: DJANGO_CACHE_TIMEOUT
4545
value: {{ int .Values.app.django.cache.timeout | default "1296000" | quote }}
4646
- name: EXERCISE_CACHE_TTL
47-
value: "18000"
47+
value: "2419200"
4848
# django general
4949
{{- if .Values.ingress.enabled }}
5050
- name: SITE_URL
@@ -63,6 +63,12 @@ environment:
6363
value: "False"
6464
- name: DJANGO_MEDIA_ROOT
6565
value: "/home/wger/media"
66+
# Django Rest Framework
67+
# The number of proxies in front of the application. In the default configuration
68+
# only nginx is. Change as approtriate if your setup differs. Also note that this
69+
# is only used when throttling API requests.
70+
- name: NUMBER_OF_PROXIES
71+
value: {{ int .Values.app.global.proxyCount | default "1" | quote }}
6672
# axes
6773
- name: AXES_ENABLED
6874
{{- if .Values.app.axes.enabled }}
@@ -77,7 +83,7 @@ environment:
7783
- name: AXES_COOLOFF_TIME
7884
value: {{ int .Values.app.axes.cooloffTime | default "30" | quote }}
7985
- name: AXES_IPWARE_PROXY_COUNT
80-
value: {{ int .Values.app.axes.ipwareProxyCount | default "0" | quote }}
86+
value: {{ int .Values.app.global.proxyCount | default "1" | quote }}
8187
# @todo bad default, use the default from axes REMOTE_ADDR only
8288
- name: AXES_IPWARE_META_PRECEDENCE_ORDER
8389
value: {{ .Values.app.axes.ipwareMetaPrecedenceOrder | default "HTTP_X_FORWARDED_FOR,REMOTE_ADDR" | quote }}
@@ -87,7 +93,7 @@ environment:
8793
- name: ACCESS_TOKEN_LIFETIME
8894
value: {{ int .Values.app.jwt.accessTokenLifetime | default "10" | quote }}
8995
- name: REFRESH_TOKEN_LIFETIME
90-
value: {{ int .Values.app.jwt.refreshTokenLifetime | default "24" | quote }}
96+
value: {{ int .Values.app.jwt.refreshTokenLifetime | default "2880" | quote }}
9197
# gunicorn settings
9298
- name: WGER_USE_GUNICORN
9399
value: "True"
@@ -126,6 +132,12 @@ environment:
126132
value: {{ .Values.celery.syncVideos | default "True" | quote }}
127133
- name: DOWNLOAD_INGREDIENTS_FROM
128134
value: {{ .Values.celery.ingredientsFrom | default "WGER" | quote }}
135+
- name: CELERY_WORKER_CONCURRENCY
136+
value: {{ .Values.celery.workerConcurrency | default "4" | quote }}
137+
- name: CACHE_API_EXERCISES_CELERY
138+
value: {{ .Values.celery.warmupExercisesCache | default "True" | quote }}
139+
- name: CACHE_API_EXERCISES_CELERY_FORCE_UPDATE
140+
value: {{ .Values.celery.warmupExercisesCacheAll | default "True" | quote }}
129141
{{- end }}
130142
{{- end }}
131143

@@ -162,7 +174,7 @@ environment:
162174

163175
{{/*
164176
database settings
165-
used for wger-app and celery containers
177+
used for wger-app, celery and powersync containers
166178
*/}}
167179
{{- define "database.settings" }}
168180
- name: DJANGO_DB_HOST
@@ -211,6 +223,8 @@ environment:
211223

212224
{{/*
213225
powersync settings
226+
requires database.settings
227+
used for wger-app, celery and powersync containers
214228
*/}}
215229
{{- define "powersync.settings" }}
216230
- name: JWT_PRIVATE_KEY
@@ -285,17 +299,23 @@ environment:
285299
{{- end }}
286300

287301
{{/*
288-
initContainer web command
289-
used for celery containers
302+
initContainer app command
303+
used for celery and powersync containers
290304
*/}}
291-
{{- define "initContainer.web.command" }}
305+
{{- define "initContainer.app.command" }}
292306
{{- $dbhost := .Values.app.django.existingDatabase.host | default (print .Release.Name "-postgres") | quote }}
293307
{{- $dbport := .Values.app.django.existingDatabase.port | default .Values.postgres.service.port | int | quote }}
308+
{{- $svcport := .Values.app.service.port | default 8000 | int | quote }}
294309
- /bin/sh
295310
- -c
296-
- until nc -zvw10 {{ $dbhost }} {{ $dbport }}; do echo "Waiting for postgres service ({{ $dbhost }}:{{ $dbport }}) "; sleep 2; done &&
311+
# sleep 35; wait for terminationGracePeriodSeconds of the wger-app container
312+
# this prevents using the wger-app container which are in the process of termination
313+
# @todo find a better solution to prevent starting powersync
314+
# on upgrades before the new wger-app container is ready
315+
# -> this may be only relevant when upgrading from a "non" powersync setup
316+
- sleep 35; until nc -zvw10 {{ $dbhost }} {{ $dbport }}; do echo "Waiting for postgres service ({{ $dbhost }}:{{ $dbport }}) "; sleep 2; done &&
297317
until nc -zvw10 {{ .Release.Name }}-redis {{ .Values.redis.service.serverPort }}; do echo "Waiting for redis service ({{ .Release.Name }}-redis:{{ .Values.redis.service.serverPort }})"; sleep 2; done &&
298-
until wget --spider http://{{ .Release.Name }}-http:80; do echo "Waiting for nginx service ({{ .Release.Name }}-http:80)"; sleep 2; done
318+
until nc -zvw10 {{ .Release.Name }}-app {{ $svcport }}; do echo "Waiting for wger app service ({{ .Release.Name }}-app:{{ $svcport }})"; sleep 2; done
299319
{{- end }}
300320

301321
{{/*

charts/wger/templates/configmap-powersync.yaml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -76,6 +76,14 @@ data:
7676
# JWKS audience
7777
audience: ["powersync"]
7878
79+
# System-level configuration options
80+
system:
81+
# Service logging configuration
82+
logging:
83+
# Log level for the service logs
84+
level: info # 'silly', 'debug', 'verbose', 'http', 'info', 'warn', 'error'
85+
format: text # 'json' or 'text'
86+
7987
sync_rules.yaml: |
8088
# Note that changes to this file are not watched.
8189
# The service needs to be restarted for changes to take effect.

charts/wger/templates/deployment-celery.yaml

Lines changed: 23 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,9 @@ metadata:
88
app.kubernetes.io/name: {{ .Release.Name }}
99
spec:
1010
replicas: {{ .Values.celery.replicas }}
11+
strategy:
12+
# kills all old Pods first
13+
type: Recreate
1114
selector:
1215
matchLabels:
1316
app.kubernetes.io/name: {{ .Release.Name }}-celery
@@ -16,6 +19,8 @@ spec:
1619
labels:
1720
app.kubernetes.io/name: {{ .Release.Name }}-celery
1821
annotations:
22+
# restart on upgrade
23+
rollme: {{ randAlphaNum 5 | quote }}
1924
{{- with .Values.celery.annotations }}
2025
{{- range $key, $value := . }}
2126
{{ $key }}: {{ $value | quote}}
@@ -149,8 +154,9 @@ spec:
149154
initContainers:
150155
- name: init-container
151156
image: docker.io/busybox:latest
157+
imagePullPolicy: {{ .Values.app.global.image.PullPolicy }}
152158
command:
153-
{{- include "initContainer.web.command" . | indent 10 }}
159+
{{- include "initContainer.app.command" . | indent 10 }}
154160
volumes:
155161
- name: wger-celery-beat
156162
persistentVolumeClaim:
@@ -171,6 +177,9 @@ metadata:
171177
{{- end }}
172178
spec:
173179
replicas: {{ .Values.celery.replicasWorker }}
180+
strategy:
181+
# kills all old Pods first
182+
type: Recreate
174183
selector:
175184
matchLabels:
176185
app.kubernetes.io/name: {{ .Release.Name }}-celery-worker
@@ -179,6 +188,8 @@ spec:
179188
labels:
180189
app.kubernetes.io/name: {{ .Release.Name }}-celery-worker
181190
annotations:
191+
# restart on upgrade
192+
rollme: {{ randAlphaNum 5 | quote }}
182193
{{- with .Values.celery.annotations }}
183194
{{- range $key, $value := . }}
184195
{{ $key }}: {{ $value | quote}}
@@ -239,6 +250,15 @@ spec:
239250
key: "password"
240251
{{- end }}
241252
command: ["/start-worker"]
253+
readinessProbe:
254+
exec:
255+
command:
256+
- /bin/sh
257+
- -c
258+
- celery -A wger inspect ping
259+
initialDelaySeconds: 30
260+
periodSeconds: 10
261+
timeoutSeconds: 5
242262
volumeMounts:
243263
- name: wger-media
244264
mountPath: /home/wger/media
@@ -252,8 +272,9 @@ spec:
252272
initContainers:
253273
- name: init-container
254274
image: docker.io/busybox:latest
275+
imagePullPolicy: {{ .Values.app.global.image.PullPolicy }}
255276
command:
256-
{{- include "initContainer.web.command" . | indent 10 }}
277+
{{- include "initContainer.app.command" . | indent 10 }}
257278
volumes:
258279
- name: wger-media
259280
persistentVolumeClaim:

charts/wger/templates/deployment-powersync.yaml

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,9 @@ metadata:
77
app.kubernetes.io/name: {{ .Release.Name }}
88
spec:
99
replicas: {{ .Values.powersync.replicas }}
10+
strategy:
11+
# kills all old Pods first
12+
type: Recreate
1013
selector:
1114
matchLabels:
1215
app.kubernetes.io/name: {{ .Release.Name }}-powersync
@@ -15,6 +18,8 @@ spec:
1518
labels:
1619
app.kubernetes.io/name: {{ .Release.Name }}-powersync
1720
annotations:
21+
# restart on upgrade
22+
rollme: {{ randAlphaNum 5 | quote }}
1823
{{- with .Values.powersync.annotations }}
1924
{{- range $key, $value := . }}
2025
{{ $key }}: {{ $value | quote}}
@@ -71,8 +76,9 @@ spec:
7176
initContainers:
7277
- name: init-container
7378
image: docker.io/alpine:latest
79+
imagePullPolicy: {{ .Values.powersync.image.PullPolicy }}
7480
command:
75-
{{- include "initContainer.web.command" . | indent 10 }}
81+
{{- include "initContainer.app.command" . | indent 10 }}
7682
volumes:
7783
- name: powersync-conf
7884
configMap:

0 commit comments

Comments
 (0)