Helm/py-kms
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

initialize py-kms

Browse Source
This commit is contained in:
Mr. Swordsteel
2025-08-31 00:13:52 +02:00
commit 8dad64654c
9 changed files with 252 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
.gitea/workflows/release.yaml Normal file
View File

@@ -0,0 +1,11 @@
name: Publish Helm Chart
on:
workflow_dispatch:
jobs:
call-helm-ci:
uses: helm/common-workflows/.gitea/workflows/release.yaml@master
secrets:
CI_BOT_USERNAME: ${{ secrets.CI_BOT_USERNAME }}
CI_BOT_TOKEN: ${{ secrets.CI_BOT_TOKEN }}

1
.gitignore vendored Normal file
View File

@@ -0,0 +1 @@
.idea/

94
README.md Normal file
View File

@@ -0,0 +1,94 @@
# py-kms
## Basic stuff
### Install
```shell
helm install py-kms ./helm --namespace py-kms --create-namespace
```
### Update
```shell
helm -n py-kms upgrade py-kms ./helm/
```
### Check
```shell
kubectl -n py-kms get cm,pvc,pod,svc
```
### Tail Log
```shell
kubectl -n py-kms logs -f pykms-0
```
### Delete
```shell
kubectl delete ns py-kms
```
## Immigration
We need to find the location for the files
### Step 1
```shell
kubectl -n py-kms get pvc data-py-kms-0 -o wide
```
Output:
```
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS VOLUMEATTRIBUTESCLASS AGE VOLUMEMODE
data-py-kms-0 Bound pvc-b84dce5e-bc04-456c-83c1-6f6f5f326040 1Gi RWO microk8s-hostpath <unset> 1m Filesystem
```
we need the volume name in this case `pvc-b84dce5e-bc04-456c-83c1-6f6f5f326040`
### Step 2
```shell
kubectl get pv pvc-b84dce5e-bc04-456c-83c1-6f6f5f326040 -o yaml
```
Output:
```
apiVersion: v1
kind: PersistentVolume
metadata:
...
spec:
accessModes:
- ReadWriteOnce
capacity:
storage: 1Gi
claimRef:
...
hostPath:
path: /var/snap/microk8s/common/default-storage/py-kms-data-py-kms-0-pvc-b84dce5e-bc04-456c-83c1-6f6f5f326040
type: DirectoryOrCreate
nodeAffinity:
...
persistentVolumeReclaimPolicy: Delete
storageClassName: microk8s-hostpath
volumeMode: Filesystem
status:
...
```
We need `spec -> hostPath -> path` in this case `/var/snap/microk8s/common/default-storage/py-kms-data-py-kms-0-pvc-b84dce5e-bc04-456c-83c1-6f6f5f326040`
### Step 2
Login to the old server. and use rsync, don't forget stuff like puid, pgid, file access and stuff.
```shell
rsync -avz -e ssh ./ username@0.0.0.0:/var/snap/microk8s/common/default-storage/py-kms-data-py-kms-0-pvc-b84dce5e-bc04-456c-83c1-6f6f5f326040
```

6
helm/Chart.yaml Normal file
View File

@@ -0,0 +1,6 @@
apiVersion: v2
name: py-kms
description: Helm chart for py-kms with MetalLB and StatefulSet
type: application
version: 0.1.0
appVersion: "python3"

7
helm/templates/_helpers.tpl Normal file
View File

@@ -0,0 +1,7 @@
{{ define "pykms.name" -}}
{{ .Chart.Name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{ define "pykms.environment" -}}
{{ printf "environment-%s" .Chart.Name | trunc 51 | trimSuffix "-" }}
{{- end }}

7
helm/templates/configmap.yaml Normal file
View File

@@ -0,0 +1,7 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "pykms.environment" . }}
data:
PGID: {{ .Values.environment.PGID | quote }}
PUID: {{ .Values.environment.PUID | quote }}

20
helm/templates/service.yaml Normal file
View File

@@ -0,0 +1,20 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "pykms.name" . }}
labels:
app: {{ include "pykms.name" . }}
spec:
type: {{ .Values.service.type }}
{{- if and .Values.service.loadBalancerIP (ne .Values.service.loadBalancerIP "") }}
loadBalancerIP: {{ .Values.service.loadBalancerIP }}
{{- end }}
selector:
app: {{ include "pykms.name" . }}
ports:
- name: http
port: {{ .Values.service.uiPort }}
targetPort: 8080
- name: kms
port: {{ .Values.service.kmsPort }}
targetPort: 1688

77
helm/templates/statefulset.yaml Normal file
View File

@@ -0,0 +1,77 @@
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ include "pykms.name" . }}
labels:
app: {{ include "pykms.name" . }}
spec:
serviceName: {{ include "pykms.name" . }}
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
app: {{ include "pykms.name" . }}
template:
metadata:
labels:
app: {{ include "pykms.name" . }}
spec:
containers:
- name: {{ include "pykms.name" . }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
envFrom:
- configMapRef:
name: {{ include "pykms.environment" . }}
ports:
- name: http
containerPort: 8080
protocol: TCP
- name: kms
containerPort: 1688
protocol: TCP
volumeMounts:
- name: data
mountPath: /home/py-kms/db
{{- if .Values.resources }}
resources:
{{- if .Values.resources.requests }}
requests:
{{- if .Values.resources.requests.cpu }}
cpu: "{{ .Values.resources.requests.cpu }}"
{{- end }}
{{- if .Values.resources.requests.memory }}
memory: "{{ .Values.resources.requests.memory }}"
{{- end }}
{{- end }}
{{- if .Values.resources.limits }}
limits:
{{- if .Values.resources.limits.cpu }}
cpu: "{{ .Values.resources.limits.cpu }}"
{{- end }}
{{- if .Values.resources.limits.memory }}
memory: "{{ .Values.resources.limits.memory }}"
{{- end }}
{{- end }}
{{- end }}
startupProbe:
httpGet:
port: http
path: /readyz
failureThreshold: 30
periodSeconds: 1
livenessProbe:
httpGet:
path: /livez
port: http
periodSeconds: 20
volumeClaimTemplates:
- metadata:
name: data
spec:
accessModes: {{ .Values.persistence.accessModes }}
resources:
requests:
storage: {{ .Values.persistence.size }}
{{- if and .Values.persistence.storageClass (ne .Values.persistence.storageClass "") }}
storageClassName: {{ .Values.persistence.storageClass | quote }}
{{- end }}

29
helm/values.yaml Normal file
View File

@@ -0,0 +1,29 @@
replicaCount: 1
image:
repository: "ghcr.io/py-kms-organization/py-kms"
tag: "python3"
pullPolicy: IfNotPresent
persistence:
accessModes:
- ReadWriteOnce
size: 1Gi
storageClass:
environment:
PGID: 1000
PUID: 1000
resources:
requests:
cpu: "100m"
memory: "64Mi"
limits:
cpu: "500m"
memory: "256Mi"
service:
type: ClusterIP
uiPort: 80
kmsPort: 1688