diff --git a/helm/jupyter-home-nfs/Chart.yaml b/helm/jupyter-home-nfs/Chart.yaml new file mode 100644 index 0000000..b8213b2 --- /dev/null +++ b/helm/jupyter-home-nfs/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v2 +name: jupyter-home-nfs +description: A Helm chart for an in-cluster NFS server with storage quota enforcement +version: 0.0.1 +appVersion: "0.0.1" \ No newline at end of file diff --git a/helm/jupyter-home-nfs/templates/NOTES.txt b/helm/jupyter-home-nfs/templates/NOTES.txt new file mode 100644 index 0000000..a210b5c --- /dev/null +++ b/helm/jupyter-home-nfs/templates/NOTES.txt @@ -0,0 +1,11 @@ +NFS Server has been deployed. +{{- if .Values.eks.enabled }} +Using EKS with volume ID: {{ .Values.eks.volumeId }} +{{- else if .Values.gke.enabled }} +Using GKE with volume ID: {{ .Values.gke.volumeId }} +{{- else }} +Using dynamic provisioning. +{{- end }} + +Your NFS server is now available inside the cluster at the following address: +{{ .Release.Name }}-service.{{ .Release.Namespace }}.svc.cluster.local diff --git a/helm/jupyter-home-nfs/templates/deployment.yaml b/helm/jupyter-home-nfs/templates/deployment.yaml new file mode 100644 index 0000000..0bb5962 --- /dev/null +++ b/helm/jupyter-home-nfs/templates/deployment.yaml @@ -0,0 +1,41 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Release.Name }}-deployment +spec: + replicas: 1 + selector: + matchLabels: + app: nfs-server + template: + metadata: + labels: + app: nfs-server + spec: + containers: + - name: nfs-server + image: "{{ .Values.image.nfsServer.repository }}:{{ .Values.image.nfsServer.tag }}" + ports: + - name: nfs + containerPort: 2049 + - name: mountd + containerPort: 20048 + - name: rpcbind + containerPort: 111 + securityContext: + privileged: true + volumeMounts: + - name: home-directories + mountPath: /export + - name: enforce-xfs-quota + image: "{{ .Values.image.quotaEnforcer.repository }}:{{ .Values.image.quotaEnforcer.tag }}" + command: ["/usr/local/bin/generate.py", "/export", "--hard-quota", "{{ .Values.quotaEnforcer.hardQuota }}"] + securityContext: + privileged: true + volumeMounts: + - name: home-directories + mountPath: /export + volumes: + - name: home-directories + persistentVolumeClaim: + claimName: {{ .Release.Name }}-home-directories-claim \ No newline at end of file diff --git a/helm/jupyter-home-nfs/templates/persistent-volume-claim.yaml b/helm/jupyter-home-nfs/templates/persistent-volume-claim.yaml new file mode 100644 index 0000000..bb9ce93 --- /dev/null +++ b/helm/jupyter-home-nfs/templates/persistent-volume-claim.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ .Release.Name }}-home-directories-claim +spec: + accessModes: + {{- toYaml .Values.persistentVolume.accessModes | nindent 4 }} + volumeMode: Filesystem + resources: + requests: + storage: {{ .Values.persistentVolume.size }} + storageClassName: "" + {{- if or .Values.eks.enabled .Values.gke.enabled }} + volumeName: {{ .Release.Name }}-home-directories-volume + {{- end }} diff --git a/helm/jupyter-home-nfs/templates/persistent-volume.yaml b/helm/jupyter-home-nfs/templates/persistent-volume.yaml new file mode 100644 index 0000000..046c66c --- /dev/null +++ b/helm/jupyter-home-nfs/templates/persistent-volume.yaml @@ -0,0 +1,34 @@ +{{- if or .Values.eks.enabled .Values.gke.enabled -}} +apiVersion: v1 +kind: PersistentVolume +metadata: + name: {{ .Release.Name }}-home-directories-volume +spec: + capacity: + storage: {{ .Values.persistentVolume.size }} + volumeMode: Filesystem + accessModes: + {{- toYaml .Values.persistentVolume.accessModes | nindent 4 }} + persistentVolumeReclaimPolicy: Retain + storageClassName: "" + {{- if .Values.eks.enabled }} + csi: + driver: ebs.csi.aws.com + fsType: xfs + volumeHandle: {{ .Values.eks.volumeId }} + {{- else if .Values.gke.enabled }} + csi: + driver: pd.csi.storage.gke.io + fsType: xfs + volumeHandle: {{ .Values.gke.volumeId }} + {{- end }} + mountOptions: + - rw + - relatime + - nouuid + - attr2 + - inode64 + - logbufs=8 + - logbsize=32k + - pquota +{{- end }} \ No newline at end of file diff --git a/helm/jupyter-home-nfs/templates/service.yaml b/helm/jupyter-home-nfs/templates/service.yaml new file mode 100644 index 0000000..247ae5e --- /dev/null +++ b/helm/jupyter-home-nfs/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ .Release.Name }}-service +spec: + type: {{ .Values.service.type }} + ports: + - name: nfs + port: 2049 + - name: mountd + port: 20048 + - name: rpcbind + port: 111 + selector: + app: nfs-server \ No newline at end of file diff --git a/helm/jupyter-home-nfs/values.yaml b/helm/jupyter-home-nfs/values.yaml new file mode 100644 index 0000000..61c16d3 --- /dev/null +++ b/helm/jupyter-home-nfs/values.yaml @@ -0,0 +1,30 @@ +image: + nfsServer: + repository: ghcr.io/sunu/nfs-ganesha + tag: 402484a8540558e822b5eb092802fa65a09383cb + quotaEnforcer: + repository: ghcr.io/sunu/nfs-get-quota-your-home + tag: f9cf31cf51a1794b4c359dfa9aa7a6fe8a8f4c71 + +persistentVolume: + size: 10Gi + storageClass: "" + accessModes: + - ReadWriteOnce + annotations: {} + +service: + type: ClusterIP + +quotaEnforcer: + # quota in GB + hardQuota: "0.001" + +# Cloud provider specific configurations +eks: + enabled: false + volumeId: "your-eks-volume-id" + +gke: + enabled: false + volumeId: "your-gke-volume-id" \ No newline at end of file