From bece6ea4b30545bbccab43b1db9ff5657f8bcbaf Mon Sep 17 00:00:00 2001 From: Yong Zheng Date: Fri, 9 Aug 2024 19:22:28 -0500 Subject: [PATCH 01/38] Initial helm work --- helm/polaris/.helmignore | 23 ++ helm/polaris/Chart.yaml | 12 + helm/polaris/README.md | 133 +++++++ helm/polaris/README.md.gotmpl | 54 +++ helm/polaris/templates/_helpers.tpl | 62 ++++ helm/polaris/templates/configmap.yaml | 142 ++++++++ helm/polaris/templates/deployment.yaml | 92 +++++ helm/polaris/templates/hpa.yaml | 46 +++ helm/polaris/templates/ingress.yaml | 55 +++ helm/polaris/templates/service.yaml | 23 ++ helm/polaris/templates/serviceaccount.yaml | 12 + .../templates/tests/test-connection.yaml | 19 + helm/polaris/values.yaml | 341 ++++++++++++++++++ 13 files changed, 1014 insertions(+) create mode 100644 helm/polaris/.helmignore create mode 100644 helm/polaris/Chart.yaml create mode 100644 helm/polaris/README.md create mode 100644 helm/polaris/README.md.gotmpl create mode 100644 helm/polaris/templates/_helpers.tpl create mode 100644 helm/polaris/templates/configmap.yaml create mode 100644 helm/polaris/templates/deployment.yaml create mode 100644 helm/polaris/templates/hpa.yaml create mode 100644 helm/polaris/templates/ingress.yaml create mode 100644 helm/polaris/templates/service.yaml create mode 100644 helm/polaris/templates/serviceaccount.yaml create mode 100644 helm/polaris/templates/tests/test-connection.yaml create mode 100644 helm/polaris/values.yaml diff --git a/helm/polaris/.helmignore b/helm/polaris/.helmignore new file mode 100644 index 000000000..0e8a0eb36 --- /dev/null +++ b/helm/polaris/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/polaris/Chart.yaml b/helm/polaris/Chart.yaml new file mode 100644 index 000000000..be93215c7 --- /dev/null +++ b/helm/polaris/Chart.yaml @@ -0,0 +1,12 @@ +apiVersion: v2 +name: polaris +description: A Helm chart for Polaris +type: application +version: 0.1.0 +home: https://polaris.io/ +icon: https://raw.githubusercontent.com/polaris-catalog/polaris/main/docs/img/logos/polaris-brandmark.png +sources: + - https://github.com/polaris-catalog/polaris +keywords: + - polaris + - iceberg diff --git a/helm/polaris/README.md b/helm/polaris/README.md new file mode 100644 index 000000000..501b588ff --- /dev/null +++ b/helm/polaris/README.md @@ -0,0 +1,133 @@ + + +# Nessie Helm chart + +![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) + +A Helm chart for Polaris. + +**Homepage:** + +## Maintainers + +## Source Code + +* + +## Documentation + +TODO + +## Installation + +### From Helm repo +```bash +$ #TODO +``` + +### From local directory (for development purposes) + +From Polaris repo root: + +```bash +$ helm install --namespace polaris polaris helm/polaris +``` + +### Uninstalling the chart + +```bash +$ helm uninstall --namespace polaris polaris +``` + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | Affinity and anti-affinity for nessie pods. See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. | +| autoscaling.enabled | bool | `false` | Specifies whether automatic horizontal scaling should be enabled. Do not enable this when using ROCKSDB version store type. | +| autoscaling.maxReplicas | int | `3` | The maximum number of replicas to maintain. | +| autoscaling.minReplicas | int | `1` | The minimum number of replicas to maintain. | +| autoscaling.targetCPUUtilizationPercentage | int | `80` | Optional; set to zero or empty to disable. | +| autoscaling.targetMemoryUtilizationPercentage | string | `nil` | Optional; set to zero or empty to disable. | +| configMapLabels | object | `{}` | Additional Labels to apply to nessie configmap. | +| image.configDir | string | `"/app/config"` | The path to the directory where the polaris-server.yml file should be mounted. | +| image.pullPolicy | string | `"IfNotPresent"` | The image pull policy. | +| image.repository | string | `"localhost:5001/polaris"` | The image repository to pull from. | +| image.tag | string | `""` | Overrides the image tag whose default is the chart version. | +| imagePullSecrets | list | `[]` | References to secrets in the same namespace to use for pulling any of the images used by this chart. Each entry is a LocalObjectReference to an existing secret in the namespace. The secret must contain a .dockerconfigjson key with a base64-encoded Docker configuration file. See https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ for more information. | +| ingress.annotations | object | `{}` | Annotations to add to the ingress. | +| ingress.className | string | `""` | Specifies the ingressClassName; leave empty if you don't want to customize it | +| ingress.enabled | bool | `false` | Specifies whether an ingress should be created. | +| ingress.hosts | list | `[{"host":"chart-example.local","paths":[]}]` | A list of host paths used to configure the ingress. | +| ingress.tls | list | `[]` | A list of TLS certificates; each entry has a list of hosts in the certificate, along with the secret name used to terminate TLS traffic on port 443. | +| nodeSelector | object | `{}` | Node labels which must match for the nessie pod to be scheduled on that node. See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. | +| podAnnotations | object | `{}` | Annotations to apply to polaris pods. | +| podLabels | object | `{}` | Additional Labels to apply to nessie pods. | +| podSecurityContext | object | `{}` | Security context for the polaris pod. See https://kubernetes.io/docs/tasks/configure-pod-container/security-context/. | +| polaris_config.authenticator.class | string | `"io.polaris.service.auth.TestInlineBearerTokenPolarisAuthenticator"` | | +| polaris_config.baseCatalogType | string | `"polaris"` | | +| polaris_config.callContextResolver.type | string | `"default"` | | +| polaris_config.cors.allowed-credentials | bool | `true` | | +| polaris_config.cors.allowed-headers[0] | string | `"*"` | | +| polaris_config.cors.allowed-methods[0] | string | `"PATCH"` | | +| polaris_config.cors.allowed-methods[1] | string | `"POST"` | | +| polaris_config.cors.allowed-methods[2] | string | `"DELETE"` | | +| polaris_config.cors.allowed-methods[3] | string | `"GET"` | | +| polaris_config.cors.allowed-methods[4] | string | `"PUT"` | | +| polaris_config.cors.allowed-origins[0] | string | `"http://localhost:8080"` | | +| polaris_config.cors.allowed-timing-origins[0] | string | `"http://localhost:8080"` | | +| polaris_config.cors.exposed-headers[0] | string | `"*"` | | +| polaris_config.cors.preflight-max-age | int | `600` | | +| polaris_config.defaultRealms[0] | string | `"default-realm"` | | +| polaris_config.featureConfiguration.DISABLE_TOKEN_GENERATION_FOR_USER_PRINCIPALS | bool | `true` | | +| polaris_config.featureConfiguration.ENFORCE_PRINCIPAL_CREDENTIAL_ROTATION_REQUIRED_CHECKING | bool | `false` | | +| polaris_config.featureConfiguration.SUPPORTED_CATALOG_STORAGE_TYPES[0] | string | `"S3"` | | +| polaris_config.featureConfiguration.SUPPORTED_CATALOG_STORAGE_TYPES[1] | string | `"GCS"` | | +| polaris_config.featureConfiguration.SUPPORTED_CATALOG_STORAGE_TYPES[2] | string | `"AZURE"` | | +| polaris_config.featureConfiguration.SUPPORTED_CATALOG_STORAGE_TYPES[3] | string | `"FILE"` | | +| polaris_config.logging.appenders[0].logFormat | string | `"%-5p [%d{ISO8601} - %-6r] [%t] [%X{aid}%X{sid}%X{tid}%X{wid}%X{oid}%X{srv}%X{job}%X{rid}] %c{30}: %m %kvp%n%ex"` | | +| polaris_config.logging.appenders[0].threshold | string | `"ALL"` | | +| polaris_config.logging.appenders[0].type | string | `"console"` | | +| polaris_config.logging.appenders[1].archivedFileCount | int | `14` | | +| polaris_config.logging.appenders[1].archivedLogFilenamePattern | string | `"./logs/polaris-%d.log.gz"` | | +| polaris_config.logging.appenders[1].currentLogFilename | string | `"./logs/polaris.log"` | | +| polaris_config.logging.appenders[1].layout.flattenKeyValues | bool | `false` | | +| polaris_config.logging.appenders[1].layout.includeKeyValues | bool | `true` | | +| polaris_config.logging.appenders[1].layout.type | string | `"polaris"` | | +| polaris_config.logging.appenders[1].threshold | string | `"ALL"` | | +| polaris_config.logging.appenders[1].type | string | `"file"` | | +| polaris_config.logging.level | string | `"INFO"` | | +| polaris_config.logging.loggers."io.polaris" | string | `"DEBUG"` | | +| polaris_config.logging.loggers."org.apache.iceberg.rest" | string | `"DEBUG"` | | +| polaris_config.metaStoreManager.type | string | `"in-memory"` | | +| polaris_config.oauth2.type | string | `"test"` | | +| polaris_config.realmContextResolver.type | string | `"default"` | | +| polaris_config.server.adminConnectors[0].port | int | `8182` | | +| polaris_config.server.adminConnectors[0].type | string | `"http"` | | +| polaris_config.server.applicationConnectors[0].port | int | `8181` | | +| polaris_config.server.applicationConnectors[0].type | string | `"http"` | | +| polaris_config.server.maxThreads | int | `200` | | +| polaris_config.server.minThreads | int | `10` | | +| polaris_config.server.requestLog.appenders[0].type | string | `"console"` | | +| polaris_config.server.requestLog.appenders[1].archive | bool | `true` | | +| polaris_config.server.requestLog.appenders[1].archivedFileCount | int | `14` | | +| polaris_config.server.requestLog.appenders[1].archivedLogFilenamePattern | string | `"./logs/requests-%d.log.gz"` | | +| polaris_config.server.requestLog.appenders[1].currentLogFilename | string | `"./logs/request.log"` | | +| polaris_config.server.requestLog.appenders[1].type | string | `"file"` | | +| replicaCount | int | `1` | The number of replicas to deploy (horizontal scaling). Beware that replicas are stateless; don't set this number > 1 when using in-memory meta store manager. | +| resources | object | `{}` | Configures the resources requests and limits for nessie pods. We usually recommend not to specify default resources and to leave this as a conscious choice for the user. This also increases chances charts run on environments with little resources, such as Minikube. If you do want to specify resources, uncomment the following lines, adjust them as necessary, and remove the curly braces after 'resources:'. | +| securityContext | object | `{}` | Security context for the polaris container. See https://kubernetes.io/docs/tasks/configure-pod-container/security-context/. | +| service.annotations | object | `{}` | Annotations to add to the service. | +| service.ports | object | `{"polaris-metrics":8182,"polaris-service":8181}` | The ports the service will listen on. Two ports are required: one for the Polaris service and one for the metrics API. Other ports can be declared as needed. The metrics port is handled differently from other ports as a dedicated headless service is created for it. Note: port names must be unique and no more than 15 characters long. | +| service.sessionAffinity | string | `"None"` | The session affinity for the service. Valid values are: None, ClientIP. ClientIP enables sticky sessions based on the client's IP address. This is generally beneficial to Nessie deployments, but some testing may be required in order to make sure that the load is distributed evenly among the pods. Also, this setting affects only internal clients, not external ones. If Ingress is enabled, it is recommended to set sessionAffinity to None. | +| service.type | string | `"ClusterIP"` | The type of service to create. | +| serviceAccount.annotations | object | `{}` | Annotations to add to the service account. | +| serviceAccount.create | bool | `true` | Specifies whether a service account should be created. | +| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template. | +| tolerations | list | `[]` | A list of tolerations to apply to nessie pods. See https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/. | \ No newline at end of file diff --git a/helm/polaris/README.md.gotmpl b/helm/polaris/README.md.gotmpl new file mode 100644 index 000000000..e61614d64 --- /dev/null +++ b/helm/polaris/README.md.gotmpl @@ -0,0 +1,54 @@ + + +# Nessie Helm chart + +{{ template "chart.deprecationWarning" . }} + +{{ template "chart.badgesSection" . }} + +{{ template "chart.description" . }}. + +{{ template "chart.homepageLine" . }} + +{{ template "chart.maintainersHeader" . }} + +{{- range .Maintainers }} +* [{{ .Name }}]({{ if .Url }}{{ .Url }}{{ else }}https://github.com/{{ .Name }}{{ end }}) +{{- end }} + +{{ template "chart.sourcesSection" . }} + +{{ template "chart.requirementsSection" . }} + +## Documentation + +TODO + +## Installation + +### From Helm repo +```bash +$ #TODO +``` + +### From local directory (for development purposes) + +From Polaris repo root: + +```bash +$ helm install --namespace polaris polaris helm/polaris +``` + +### Uninstalling the chart + +```bash +$ helm uninstall --namespace polaris polaris +``` + +{{ template "chart.valuesSection" . }} \ No newline at end of file diff --git a/helm/polaris/templates/_helpers.tpl b/helm/polaris/templates/_helpers.tpl new file mode 100644 index 000000000..d685e8792 --- /dev/null +++ b/helm/polaris/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "polaris.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "polaris.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "polaris.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "polaris.labels" -}} +helm.sh/chart: {{ include "polaris.chart" . }} +{{ include "polaris.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "polaris.selectorLabels" -}} +app.kubernetes.io/name: {{ include "polaris.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "polaris.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "polaris.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/polaris/templates/configmap.yaml b/helm/polaris/templates/configmap.yaml new file mode 100644 index 000000000..9005bb52e --- /dev/null +++ b/helm/polaris/templates/configmap.yaml @@ -0,0 +1,142 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "polaris.fullname" . }} + labels: + {{- include "polaris.labels" . | nindent 4 }} + {{- if .Values.configMapLabels }} + {{- tpl (toYaml .Values.configMapLabels) . | nindent 4 }} + {{- end }} +data: + polaris-server.yml: |- + server: + maxThreads: {{ .Values.polaris_config.server.maxThreads }} + minThreads: {{ .Values.polaris_config.server.minThreads }} + applicationConnectors: + - type: http + port: {{ index .Values "service" "ports" "polaris-service" }} + adminConnectors: + - type: http + port: {{ index .Values "service" "ports" "polaris-metrics" }} + {{- if .Values.polaris_config.server.bindHost }} + bindHost: {{ .Values.polaris_config.server.bindHost }} + {{- end }} + {{- if .Values.polaris_config.server.ssl }} + ssl: + keyStore: {{ .Values.polaris_config.server.ssl.keyStore }} + keyStorePassword: {{ .Values.polaris_config.server.ssl.keyStorePassword }} + {{- if .Values.polaris_config.server.ssl.keyStoreType }} + keyStoreType: {{ .Values.polaris_config.server.ssl.keyStoreType }} + {{- end }} + {{- end }} + requestLog: + appenders: + {{- range .Values.polaris_config.server.requestLog.appenders }} + - type: {{ .type }} + {{- if .currentLogFilename }} + currentLogFilename: {{ .currentLogFilename }} + archivedLogFilenamePattern: {{ .archivedLogFilenamePattern }} + archivedFileCount: {{ .archivedFileCount }} + archive: {{ .archive }} + {{- end }} + {{- end }} + + baseCatalogType: "{{ .Values.polaris_config.baseCatalogType }}" + + featureConfiguration: + ENFORCE_PRINCIPAL_CREDENTIAL_ROTATION_REQUIRED_CHECKING: {{ .Values.polaris_config.featureConfiguration.ENFORCE_PRINCIPAL_CREDENTIAL_ROTATION_REQUIRED_CHECKING }} + DISABLE_TOKEN_GENERATION_FOR_USER_PRINCIPALS: {{ .Values.polaris_config.featureConfiguration.DISABLE_TOKEN_GENERATION_FOR_USER_PRINCIPALS }} + SUPPORTED_CATALOG_STORAGE_TYPES: + {{- range .Values.polaris_config.featureConfiguration.SUPPORTED_CATALOG_STORAGE_TYPES }} + - {{ . }} + {{- end }} + + callContextResolver: + type: {{ .Values.polaris_config.callContextResolver.type }} + + realmContextResolver: + type: {{ .Values.polaris_config.realmContextResolver.type }} + + defaultRealms: + {{- range .Values.polaris_config.defaultRealms }} + - {{ . }} + {{- end }} + + metaStoreManager: + type: {{ .Values.polaris_config.metaStoreManager.type }} + {{- if index .Values "polaris_config" "metaStoreManager" "persistence-unit" }} + persistence-unit: {{ index .Values "polaris_config" "metaStoreManager" "persistence-unit" }} + {{- end }} + {{- if index .Values "polaris_config" "metaStoreManager" "conf-file" }} + conf-file: {{ index .Values "polaris_config" "metaStoreManager" "conf-file" }} + {{- end }} + + oauth2: + type: {{ .Values.polaris_config.oauth2.type }} + {{- if .Values.polaris_config.oauth2.tokenBroker }} + tokenBroker: + type: {{ .Values.polaris_config.oauth2.tokenBroker.type }} + secret: {{ .Values.polaris_config.oauth2.tokenBroker.secret }} + {{- end }} + + authenticator: + class: {{ .Values.polaris_config.authenticator.class }} + {{- if .Values.polaris_config.authenticator.tokenBroker }} + tokenBroker: + type: {{ .Values.polaris_config.authenticator.tokenBroker.type }} + secret: {{ .Values.polaris_config.authenticator.tokenBroker.secret }} + {{- end }} + + cors: + allowed-origins: + {{- range $_, $value := index .Values "polaris_config" "cors" "allowed-origins" }} + - {{ $value }} + {{- end }} + allowed-timing-origins: + {{- range $_, $value := index .Values "polaris_config" "cors" "allowed-timing-origins" }} + - {{ $value }} + {{- end }} + allowed-methods: + {{- range $_, $value := index .Values "polaris_config" "cors" "allowed-methods" }} + - {{ $value }} + {{- end }} + allowed-headers: + {{- range $_, $value := index .Values "polaris_config" "cors" "allowed-headers" }} + - "{{ $value }}" + {{- end }} + exposed-headers: + {{- range $_, $value := index .Values "polaris_config" "cors" "exposed-headers" }} + - "{{ $value }}" + {{- end }} + preflight-max-age: {{ index .Values "polaris_config" "cors" "preflight-max-age" }} + allowed-credentials: {{ index .Values "polaris_config" "cors" "allowed-credentials" }} + + logging: + level: {{ .Values.polaris_config.logging.level }} + loggers: + {{- range $key, $value := .Values.polaris_config.logging.loggers }} + {{ $key }}: {{ $value }} + {{- end }} + appenders: + {{- range .Values.polaris_config.logging.appenders }} + - type: {{ .type }} + threshold: {{ .threshold }} + {{- if .logFormat }} + logFormat: "{{ .logFormat }}" + {{- end }} + {{- if .layout }} + layout: + type: {{ .layout.type }} + flattenKeyValues: {{ .layout.flattenKeyValues }} + includeKeyValues: {{ .layout.includeKeyValues }} + {{- end }} + {{- if .currentLogFilename }} + currentLogFilename: {{ .currentLogFilename }} + {{- end }} + {{- if .archivedLogFilenamePattern }} + archivedLogFilenamePattern: {{ .archivedLogFilenamePattern }} + {{- end }} + {{- if .archivedFileCount }} + archivedFileCount: {{ .archivedFileCount }} + {{- end }} + {{- end }} \ No newline at end of file diff --git a/helm/polaris/templates/deployment.yaml b/helm/polaris/templates/deployment.yaml new file mode 100644 index 000000000..cc1fa39e8 --- /dev/null +++ b/helm/polaris/templates/deployment.yaml @@ -0,0 +1,92 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "polaris.fullname" . }} + labels: + {{- include "polaris.labels" . | nindent 4 }} + {{- if .Values.podLabels }} + {{- tpl (toYaml .Values.podLabels) . | nindent 4 }} + {{- end }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "polaris.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + {{- if .Values.podAnnotations }} + {{- tpl (toYaml .Values.podAnnotations) . | nindent 8 }} + {{- end }} + labels: + {{- include "polaris.selectorLabels" . | nindent 8 }} + {{- if .Values.podLabels }} + {{- tpl (toYaml .Values.podLabels) . | nindent 8 }} + {{- end }} + spec: + {{- if .Values.imagePullSecrets }} + imagePullSecrets: + {{- tpl (toYaml .Values.imagePullSecrets) . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "polaris.serviceAccountName" . }} + securityContext: + {{- tpl (toYaml .Values.podSecurityContext) . | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- tpl (toYaml .Values.securityContext) . | nindent 12 }} + image: "{{ tpl .Values.image.repository . }}:{{ tpl .Values.image.tag . | default .Chart.Version }}" + imagePullPolicy: {{ tpl .Values.image.pullPolicy . }} + command: ["java"] + args: ["-jar", "/app/polaris-service-1.0.0-all.jar", "server", "{{ trimSuffix "/" .Values.image.configDir }}/polaris-server.yml"] + volumeMounts: + - name: polaris-config + mountPath: {{ trimSuffix "/" .Values.image.configDir }}/polaris-server.yml + subPath: polaris-server.yml + ports: + {{- range $portName, $portNumber := .Values.service.ports }} + - name: {{ $portName }} + containerPort: {{ $portNumber }} + protocol: TCP + {{- end }} + livenessProbe: + httpGet: + path: /healthcheck + port: "polaris-metrics" + scheme: HTTP + initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.livenessProbe.periodSeconds }} + successThreshold: {{ .Values.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.livenessProbe.failureThreshold }} + timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} + terminationGracePeriodSeconds: {{ .Values.livenessProbe.terminationGracePeriodSeconds }} + readinessProbe: + httpGet: + path: /healthcheck + port: "polaris-metrics" + scheme: HTTP + initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.readinessProbe.periodSeconds }} + successThreshold: {{ .Values.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.readinessProbe.failureThreshold }} + timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} + resources: + {{- tpl (toYaml .Values.resources) . | nindent 12 }} + volumes: + - name: polaris-config + configMap: + name: {{ include "polaris.fullname" . }} + {{- if .Values.nodeSelector }} + nodeSelector: + {{- tpl (toYaml .Values.nodeSelector) . | nindent 8 }} + {{- end }} + {{- if .Values.affinity }} + affinity: + {{- tpl (toYaml .Values.affinity) . | nindent 8 }} + {{- end }} + {{- if .Values.tolerations }} + tolerations: + {{- tpl (toYaml .Values.tolerations) . | nindent 8 }} + {{- end }} diff --git a/helm/polaris/templates/hpa.yaml b/helm/polaris/templates/hpa.yaml new file mode 100644 index 000000000..df842738c --- /dev/null +++ b/helm/polaris/templates/hpa.yaml @@ -0,0 +1,46 @@ +{{- if .Values.autoscaling.enabled }} +{{- if .Capabilities.APIVersions.Has "autoscaling/v2" -}} +apiVersion: autoscaling/v2 +{{- else if .Capabilities.APIVersions.Has "autoscaling/v2beta2" -}} +apiVersion: autoscaling/v2beta2 +{{- else -}} +apiVersion: autoscaling/v2beta1 +{{- end }} +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "polaris.fullname" . }} + labels: + {{- include "polaris.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "polaris.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + {{- if or (.Capabilities.APIVersions.Has "autoscaling/v2") (.Capabilities.APIVersions.Has "autoscaling/v2beta2") }} + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- else }} + targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + {{- if or (.Capabilities.APIVersions.Has "autoscaling/v2") (.Capabilities.APIVersions.Has "autoscaling/v2beta2") }} + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- else }} + targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/polaris/templates/ingress.yaml b/helm/polaris/templates/ingress.yaml new file mode 100644 index 000000000..e76c386c9 --- /dev/null +++ b/helm/polaris/templates/ingress.yaml @@ -0,0 +1,55 @@ +{{- $kubeVersion := .Capabilities.KubeVersion.Version -}} +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "polaris.fullname" . -}} +{{- $svcPort := coalesce .Values.service.port (index .Values.service.ports "polaris-service") -}} +{{- if semverCompare ">=1.22-0" $kubeVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" $kubeVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "polaris.labels" . | nindent 4 }} + annotations: + {{- if .Values.ingress.annotations }} + {{- tpl (toYaml .Values.ingress.annotations) . | nindent 4 }} + {{- end }} +spec: + {{- if .Values.ingress.className }} + ingressClassName: {{ .Values.ingress.className | quote }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + pathType: {{ .pathType }} + backend: + {{- if semverCompare ">=1.22-0" $kubeVersion }} + service: + name: {{ .backend.service.name }} + port: + number: {{ .backend.service.port.number }} + {{- else }} + serviceName: {{ .backend.service.name }} + servicePort: {{ .backend.service.port.number }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} \ No newline at end of file diff --git a/helm/polaris/templates/service.yaml b/helm/polaris/templates/service.yaml new file mode 100644 index 000000000..f72ace7a2 --- /dev/null +++ b/helm/polaris/templates/service.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "polaris.fullname" . | printf "%s-service" | quote }} + labels: + {{- include "polaris.labels" . | nindent 4 }} + annotations: + {{- if .Values.service.annotations }} + {{- tpl (toYaml .Values.service.annotations) . | nindent 4 }} + {{- end }} +spec: + type: {{ .Values.service.type }} + selector: + {{- include "polaris.selectorLabels" . | nindent 4 }} + ports: + {{- range $portName, $portNumber := .Values.service.ports }} + - port: {{ $portNumber }} + targetPort: {{ $portNumber }} + protocol: TCP + name: {{ $portName }} + {{- end }} + sessionAffinity: {{ .Values.service.sessionAffinity }} + diff --git a/helm/polaris/templates/serviceaccount.yaml b/helm/polaris/templates/serviceaccount.yaml new file mode 100644 index 000000000..377bf93d4 --- /dev/null +++ b/helm/polaris/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "polaris.serviceAccountName" . }} + labels: + {{- include "polaris.labels" . | nindent 4 }} + annotations: + {{- if .Values.serviceAccount.annotations }} + {{- tpl (toYaml .Values.serviceAccount.annotations) . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/helm/polaris/templates/tests/test-connection.yaml b/helm/polaris/templates/tests/test-connection.yaml new file mode 100644 index 000000000..90e1e4806 --- /dev/null +++ b/helm/polaris/templates/tests/test-connection.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "polaris.fullname" . }}-test-connection" + labels: + helm.sh/chart: {{ include "polaris.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + {{- if .Chart.AppVersion }} + app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} + {{- end }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "polaris.fullname" . | printf "%s-metrics" }}:{{ index .Values.service.ports "polaris-metrics" }}/healthcheck'] + restartPolicy: Never \ No newline at end of file diff --git a/helm/polaris/values.yaml b/helm/polaris/values.yaml new file mode 100644 index 000000000..beb90efdc --- /dev/null +++ b/helm/polaris/values.yaml @@ -0,0 +1,341 @@ +# -- The number of replicas to deploy (horizontal scaling). +# Beware that replicas are stateless; don't set this number > 1 when using in-memory meta store manager. +replicaCount: 1 + +image: + # -- The image repository to pull from. + repository: localhost:5001/polaris + # -- The image pull policy. + pullPolicy: IfNotPresent + # -- Overrides the image tag. + tag: "latest" + # -- The path to the directory where the polaris-server.yml file should be mounted. + configDir: /app/config + +# -- References to secrets in the same namespace to use for pulling any of the images used by this +# chart. Each entry is a LocalObjectReference to an existing secret in the namespace. The secret +# must contain a .dockerconfigjson key with a base64-encoded Docker configuration file. See +# https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ for more +# information. +imagePullSecrets: [] +# - name: registry-creds + + +serviceAccount: + # -- Specifies whether a service account should be created. + create: true + # -- Annotations to add to the service account. + annotations: {} + # -- The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template. + name: "" + + +# -- Annotations to apply to polaris pods. +podAnnotations: {} + +# -- Additional Labels to apply to nessie pods. +podLabels: {} + +# -- Additional Labels to apply to nessie configmap. +configMapLabels: {} + +# -- Security context for the polaris pod. See https://kubernetes.io/docs/tasks/configure-pod-container/security-context/. +podSecurityContext: + {} + # fsGroup: 2000 + +# -- Security context for the polaris container. See https://kubernetes.io/docs/tasks/configure-pod-container/security-context/. +securityContext: + {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +# Polaris service settings. +service: + # -- The type of service to create. + type: ClusterIP + # -- The ports the service will listen on. Two ports are required: one for the Polaris service and + # one for the metrics API. Other ports can be declared as needed. The metrics port is + # handled differently from other ports as a dedicated headless service is created for it. + # Note: port names must be unique and no more than 15 characters long. + ports: + # polaris-server: The port the Polaris server listens on for API requests. + polaris-service: 8181 + # polaris-mgmt: The port the Polaris server listens on for metrics API requests (health checks, metrics, etc.). + polaris-metrics: 8182 + # -- The session affinity for the service. Valid values are: None, ClientIP. + # ClientIP enables sticky sessions based on the client's IP address. + # This is generally beneficial to Nessie deployments, but some testing may be + # required in order to make sure that the load is distributed evenly among the pods. + # Also, this setting affects only internal clients, not external ones. + # If Ingress is enabled, it is recommended to set sessionAffinity to None. + sessionAffinity: None + # -- Annotations to add to the service. + annotations: {} + +# Polaris Ingress settings. +# These settings generate an Ingress resource that routes external traffic to the Nessie service +# using the "polaris-service" port described above. +# Consider enabling sticky sessions based on the remote client's IP address; +# this is generally beneficial to Nessie deployments, but some testing may be +# required in order to make sure that the load is distributed evenly among the pods. +# Check your ingress controller's documentation. +ingress: + # -- Specifies the ingressClassName; leave empty if you don't want to customize it + className: "" + # -- Specifies whether an ingress should be created. + enabled: false + # -- Annotations to add to the ingress. + annotations: { + # nginx.ingress.kubernetes.io/upstream-hash-by: "$binary_remote_addr" + } + # -- A list of host paths used to configure the ingress. + hosts: + - host: chart-example.local + paths: [] + # -- A list of TLS certificates; each entry has a list of hosts in the certificate, + # along with the secret name used to terminate TLS traffic on port 443. + tls: [] +# - hosts: +# - chart-example1.local +# - chart-example2.local +# secretName: secret1 + +# -- Configures the resources requests and limits for nessie pods. +# We usually recommend not to specify default resources and to leave this as a conscious +# choice for the user. This also increases chances charts run on environments with little +# resources, such as Minikube. If you do want to specify resources, uncomment the following +# lines, adjust them as necessary, and remove the curly braces after 'resources:'. +resources: + {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + # -- Specifies whether automatic horizontal scaling should be enabled. + # Do not enable this when using ROCKSDB version store type. + enabled: false + # -- The minimum number of replicas to maintain. + minReplicas: 1 + # -- The maximum number of replicas to maintain. + maxReplicas: 3 + # -- Optional; set to zero or empty to disable. + targetCPUUtilizationPercentage: 80 + # -- Optional; set to zero or empty to disable. + targetMemoryUtilizationPercentage: + +# -- Node labels which must match for the nessie pod to be scheduled on that node. See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. +nodeSelector: + {} + # kubernetes.io/os: linux + +# -- A list of tolerations to apply to nessie pods. See https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/. +tolerations: [] +# - key: "node-role.kubernetes.io/control-plane" +# operator: "Exists" +# effect: "NoSchedule" + +# -- Affinity and anti-affinity for nessie pods. See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. +affinity: {} +# podAffinity: +# preferredDuringSchedulingIgnoredDuringExecution: +# - weight: 100 +# podAffinityTerm: +# topologyKey: kubernetes.io/hostname +# labelSelector: +# matchExpressions: +# - key: app.kubernetes.io/name +# operator: In +# values: +# - nessie + +# -- Configures the liveness probe for nessie pods. +livenessProbe: + # -- Number of seconds after the container has started before liveness probes are initiated. Minimum value is 0. + initialDelaySeconds: 5 + # -- How often (in seconds) to perform the probe. Minimum value is 1. + periodSeconds: 10 + # -- Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1. + successThreshold: 1 + # -- Minimum consecutive failures for the probe to be considered failed after having succeeded. Minimum value is 1. + failureThreshold: 3 + # -- Number of seconds after which the probe times out. Minimum value is 1. + timeoutSeconds: 10 + # -- Optional duration in seconds the pod needs to terminate gracefully upon probe failure. Minimum value is 1. + terminationGracePeriodSeconds: 30 + +# -- Configures the readiness probe for nessie pods. +readinessProbe: + # -- Number of seconds after the container has started before readiness probes are initiated. Minimum value is 0. + initialDelaySeconds: 5 + # -- How often (in seconds) to perform the probe. Minimum value is 1. + periodSeconds: 10 + # -- Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1. + successThreshold: 1 + # -- Minimum consecutive failures for the probe to be considered failed after having succeeded. Minimum value is 1. + failureThreshold: 3 + # -- Number of seconds after which the probe times out. Minimum value is 1. + timeoutSeconds: 10 + +# -- Configures Polaris service. +polaris_config: + server: + # Maximum number of threads. + maxThreads: 200 + # Minimum number of thread to keep alive. + minThreads: 10 + applicationConnectors: + # HTTP-specific options. + - type: http + # The port on which the HTTP server listens for service requests. + port: 8181 + adminConnectors: + - type: http + # The port on which the HTTP server listens for metrics requests. + port: 8182 + + # The hostname of the interface to which the HTTP server socket wil be found. If omitted, the + # socket will listen on all interfaces. + #bindHost: localhost + + # ssl: + # keyStore: ./example.keystore + # keyStorePassword: example + # + # keyStoreType: JKS # (optional, JKS is default) + + # HTTP request log settings + requestLog: + appenders: + # Settings for logging to stdout. + - type: console + + # Settings for logging to a file. + - type: file + + # The file to which statements will be logged. + currentLogFilename: ./logs/request.log + + # When the log file rolls over, the file will be archived to requests-2012-03-15.log.gz, + # requests.log will be truncated, and new statements written to it. + archivedLogFilenamePattern: ./logs/requests-%d.log.gz + + # The maximum number of log files to archive. + archivedFileCount: 14 + + # Enable archiving if the request log entries go to the their own file + archive: true + + # Either 'jdbc' or 'polaris'; specifies the underlying delegate catalog + baseCatalogType: "polaris" + + featureConfiguration: + ENFORCE_PRINCIPAL_CREDENTIAL_ROTATION_REQUIRED_CHECKING: false + DISABLE_TOKEN_GENERATION_FOR_USER_PRINCIPALS: true + SUPPORTED_CATALOG_STORAGE_TYPES: + - S3 + - GCS + - AZURE + - FILE + + + # Whether we want to enable Snowflake OAuth locally. Setting this to true requires + # that you go through the setup outlined in the `README.md` file, specifically the + # `OAuth + Snowflake: Local Testing And Then Some` section + callContextResolver: + type: default + + realmContextResolver: + type: default + + defaultRealms: + - default-realm + + metaStoreManager: + type: in-memory + # type: eclipse-link # uncomment to use eclipse-link as metastore + # persistence-unit: polaris + + + # TODO - avoid duplicating token broker config + oauth2: + type: test + # type: default # - uncomment to support Auth0 JWT tokens + # tokenBroker: + # type: symmetric-key + # secret: polaris + + authenticator: + class: io.polaris.service.auth.TestInlineBearerTokenPolarisAuthenticator + # class: io.polaris.service.auth.DefaultPolarisAuthenticator # - uncomment to support Auth0 JWT tokens + # tokenBroker: + # type: symmetric-key + # secret: polaris + + cors: + allowed-origins: + - http://localhost:8080 + allowed-timing-origins: + - http://localhost:8080 + allowed-methods: + - PATCH + - POST + - DELETE + - GET + - PUT + allowed-headers: + - "*" + exposed-headers: + - "*" + preflight-max-age: 600 + allowed-credentials: true + + # Logging settings. + + logging: + + # The default level of all loggers. Can be OFF, ERROR, WARN, INFO, DEBUG, TRACE, or ALL. + level: INFO + + # Logger-specific levels. + loggers: + org.apache.iceberg.rest: DEBUG + io.polaris: DEBUG + + appenders: + + - type: console + # If true, write log statements to stdout. + # enabled: true + # Do not display log statements below this threshold to stdout. + threshold: ALL + # Custom Logback PatternLayout with threadname. + logFormat: "%-5p [%d{ISO8601} - %-6r] [%t] [%X{aid}%X{sid}%X{tid}%X{wid}%X{oid}%X{srv}%X{job}%X{rid}] %c{30}: %m %kvp%n%ex" + + # Settings for logging to a file. + - type: file + # If true, write log statements to a file. + # enabled: true + # Do not write log statements below this threshold to the file. + threshold: ALL + layout: + type: polaris + flattenKeyValues: false + includeKeyValues: true + + # The file to which statements will be logged. + currentLogFilename: ./logs/polaris.log + # When the log file rolls over, the file will be archived to snowflake-2012-03-15.log.gz, + # snowflake.log will be truncated, and new statements written to it. + archivedLogFilenamePattern: ./logs/polaris-%d.log.gz + # The maximum number of log files to archive. + archivedFileCount: 14 \ No newline at end of file From 0af80ad137dd296d0dd704e7b0e76daa30517578 Mon Sep 17 00:00:00 2001 From: Yong Zheng Date: Fri, 9 Aug 2024 20:51:43 -0500 Subject: [PATCH 02/38] Initial helm work --- helm/polaris/README.md | 77 ++++++----------------------- helm/polaris/README.md.gotmpl | 11 +---- helm/polaris/templates/ingress.yaml | 8 +-- helm/polaris/templates/service.yaml | 2 +- 4 files changed, 22 insertions(+), 76 deletions(-) diff --git a/helm/polaris/README.md b/helm/polaris/README.md index 501b588ff..b412a6652 100644 --- a/helm/polaris/README.md +++ b/helm/polaris/README.md @@ -20,23 +20,14 @@ A Helm chart for Polaris. * -## Documentation - -TODO - ## Installation -### From Helm repo -```bash -$ #TODO -``` - ### From local directory (for development purposes) From Polaris repo root: ```bash -$ helm install --namespace polaris polaris helm/polaris +$ helm install polaris helm/polaris --namespace polaris --create-namespace ``` ### Uninstalling the chart @@ -59,67 +50,31 @@ $ helm uninstall --namespace polaris polaris | image.configDir | string | `"/app/config"` | The path to the directory where the polaris-server.yml file should be mounted. | | image.pullPolicy | string | `"IfNotPresent"` | The image pull policy. | | image.repository | string | `"localhost:5001/polaris"` | The image repository to pull from. | -| image.tag | string | `""` | Overrides the image tag whose default is the chart version. | +| image.tag | string | `"latest"` | Overrides the image tag. | | imagePullSecrets | list | `[]` | References to secrets in the same namespace to use for pulling any of the images used by this chart. Each entry is a LocalObjectReference to an existing secret in the namespace. The secret must contain a .dockerconfigjson key with a base64-encoded Docker configuration file. See https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ for more information. | | ingress.annotations | object | `{}` | Annotations to add to the ingress. | | ingress.className | string | `""` | Specifies the ingressClassName; leave empty if you don't want to customize it | | ingress.enabled | bool | `false` | Specifies whether an ingress should be created. | | ingress.hosts | list | `[{"host":"chart-example.local","paths":[]}]` | A list of host paths used to configure the ingress. | | ingress.tls | list | `[]` | A list of TLS certificates; each entry has a list of hosts in the certificate, along with the secret name used to terminate TLS traffic on port 443. | +| livenessProbe | object | `{"failureThreshold":3,"initialDelaySeconds":5,"periodSeconds":10,"successThreshold":1,"terminationGracePeriodSeconds":30,"timeoutSeconds":10}` | Configures the liveness probe for nessie pods. | +| livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the probe to be considered failed after having succeeded. Minimum value is 1. | +| livenessProbe.initialDelaySeconds | int | `5` | Number of seconds after the container has started before liveness probes are initiated. Minimum value is 0. | +| livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the probe. Minimum value is 1. | +| livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1. | +| livenessProbe.terminationGracePeriodSeconds | int | `30` | Optional duration in seconds the pod needs to terminate gracefully upon probe failure. Minimum value is 1. | +| livenessProbe.timeoutSeconds | int | `10` | Number of seconds after which the probe times out. Minimum value is 1. | | nodeSelector | object | `{}` | Node labels which must match for the nessie pod to be scheduled on that node. See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. | | podAnnotations | object | `{}` | Annotations to apply to polaris pods. | | podLabels | object | `{}` | Additional Labels to apply to nessie pods. | | podSecurityContext | object | `{}` | Security context for the polaris pod. See https://kubernetes.io/docs/tasks/configure-pod-container/security-context/. | -| polaris_config.authenticator.class | string | `"io.polaris.service.auth.TestInlineBearerTokenPolarisAuthenticator"` | | -| polaris_config.baseCatalogType | string | `"polaris"` | | -| polaris_config.callContextResolver.type | string | `"default"` | | -| polaris_config.cors.allowed-credentials | bool | `true` | | -| polaris_config.cors.allowed-headers[0] | string | `"*"` | | -| polaris_config.cors.allowed-methods[0] | string | `"PATCH"` | | -| polaris_config.cors.allowed-methods[1] | string | `"POST"` | | -| polaris_config.cors.allowed-methods[2] | string | `"DELETE"` | | -| polaris_config.cors.allowed-methods[3] | string | `"GET"` | | -| polaris_config.cors.allowed-methods[4] | string | `"PUT"` | | -| polaris_config.cors.allowed-origins[0] | string | `"http://localhost:8080"` | | -| polaris_config.cors.allowed-timing-origins[0] | string | `"http://localhost:8080"` | | -| polaris_config.cors.exposed-headers[0] | string | `"*"` | | -| polaris_config.cors.preflight-max-age | int | `600` | | -| polaris_config.defaultRealms[0] | string | `"default-realm"` | | -| polaris_config.featureConfiguration.DISABLE_TOKEN_GENERATION_FOR_USER_PRINCIPALS | bool | `true` | | -| polaris_config.featureConfiguration.ENFORCE_PRINCIPAL_CREDENTIAL_ROTATION_REQUIRED_CHECKING | bool | `false` | | -| polaris_config.featureConfiguration.SUPPORTED_CATALOG_STORAGE_TYPES[0] | string | `"S3"` | | -| polaris_config.featureConfiguration.SUPPORTED_CATALOG_STORAGE_TYPES[1] | string | `"GCS"` | | -| polaris_config.featureConfiguration.SUPPORTED_CATALOG_STORAGE_TYPES[2] | string | `"AZURE"` | | -| polaris_config.featureConfiguration.SUPPORTED_CATALOG_STORAGE_TYPES[3] | string | `"FILE"` | | -| polaris_config.logging.appenders[0].logFormat | string | `"%-5p [%d{ISO8601} - %-6r] [%t] [%X{aid}%X{sid}%X{tid}%X{wid}%X{oid}%X{srv}%X{job}%X{rid}] %c{30}: %m %kvp%n%ex"` | | -| polaris_config.logging.appenders[0].threshold | string | `"ALL"` | | -| polaris_config.logging.appenders[0].type | string | `"console"` | | -| polaris_config.logging.appenders[1].archivedFileCount | int | `14` | | -| polaris_config.logging.appenders[1].archivedLogFilenamePattern | string | `"./logs/polaris-%d.log.gz"` | | -| polaris_config.logging.appenders[1].currentLogFilename | string | `"./logs/polaris.log"` | | -| polaris_config.logging.appenders[1].layout.flattenKeyValues | bool | `false` | | -| polaris_config.logging.appenders[1].layout.includeKeyValues | bool | `true` | | -| polaris_config.logging.appenders[1].layout.type | string | `"polaris"` | | -| polaris_config.logging.appenders[1].threshold | string | `"ALL"` | | -| polaris_config.logging.appenders[1].type | string | `"file"` | | -| polaris_config.logging.level | string | `"INFO"` | | -| polaris_config.logging.loggers."io.polaris" | string | `"DEBUG"` | | -| polaris_config.logging.loggers."org.apache.iceberg.rest" | string | `"DEBUG"` | | -| polaris_config.metaStoreManager.type | string | `"in-memory"` | | -| polaris_config.oauth2.type | string | `"test"` | | -| polaris_config.realmContextResolver.type | string | `"default"` | | -| polaris_config.server.adminConnectors[0].port | int | `8182` | | -| polaris_config.server.adminConnectors[0].type | string | `"http"` | | -| polaris_config.server.applicationConnectors[0].port | int | `8181` | | -| polaris_config.server.applicationConnectors[0].type | string | `"http"` | | -| polaris_config.server.maxThreads | int | `200` | | -| polaris_config.server.minThreads | int | `10` | | -| polaris_config.server.requestLog.appenders[0].type | string | `"console"` | | -| polaris_config.server.requestLog.appenders[1].archive | bool | `true` | | -| polaris_config.server.requestLog.appenders[1].archivedFileCount | int | `14` | | -| polaris_config.server.requestLog.appenders[1].archivedLogFilenamePattern | string | `"./logs/requests-%d.log.gz"` | | -| polaris_config.server.requestLog.appenders[1].currentLogFilename | string | `"./logs/request.log"` | | -| polaris_config.server.requestLog.appenders[1].type | string | `"file"` | | +| polaris_config | object | `{"authenticator":{"class":"io.polaris.service.auth.TestInlineBearerTokenPolarisAuthenticator"},"baseCatalogType":"polaris","callContextResolver":{"type":"default"},"cors":{"allowed-credentials":true,"allowed-headers":["*"],"allowed-methods":["PATCH","POST","DELETE","GET","PUT"],"allowed-origins":["http://localhost:8080"],"allowed-timing-origins":["http://localhost:8080"],"exposed-headers":["*"],"preflight-max-age":600},"defaultRealms":["default-realm"],"featureConfiguration":{"DISABLE_TOKEN_GENERATION_FOR_USER_PRINCIPALS":true,"ENFORCE_PRINCIPAL_CREDENTIAL_ROTATION_REQUIRED_CHECKING":false,"SUPPORTED_CATALOG_STORAGE_TYPES":["S3","GCS","AZURE","FILE"]},"logging":{"appenders":[{"logFormat":"%-5p [%d{ISO8601} - %-6r] [%t] [%X{aid}%X{sid}%X{tid}%X{wid}%X{oid}%X{srv}%X{job}%X{rid}] %c{30}: %m %kvp%n%ex","threshold":"ALL","type":"console"},{"archivedFileCount":14,"archivedLogFilenamePattern":"./logs/polaris-%d.log.gz","currentLogFilename":"./logs/polaris.log","layout":{"flattenKeyValues":false,"includeKeyValues":true,"type":"polaris"},"threshold":"ALL","type":"file"}],"level":"INFO","loggers":{"io.polaris":"DEBUG","org.apache.iceberg.rest":"DEBUG"}},"metaStoreManager":{"type":"in-memory"},"oauth2":{"type":"test"},"realmContextResolver":{"type":"default"},"server":{"adminConnectors":[{"port":8182,"type":"http"}],"applicationConnectors":[{"port":8181,"type":"http"}],"maxThreads":200,"minThreads":10,"requestLog":{"appenders":[{"type":"console"},{"archive":true,"archivedFileCount":14,"archivedLogFilenamePattern":"./logs/requests-%d.log.gz","currentLogFilename":"./logs/request.log","type":"file"}]}}}` | Configures Polaris service. | +| readinessProbe | object | `{"failureThreshold":3,"initialDelaySeconds":5,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":10}` | Configures the readiness probe for nessie pods. | +| readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the probe to be considered failed after having succeeded. Minimum value is 1. | +| readinessProbe.initialDelaySeconds | int | `5` | Number of seconds after the container has started before readiness probes are initiated. Minimum value is 0. | +| readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the probe. Minimum value is 1. | +| readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1. | +| readinessProbe.timeoutSeconds | int | `10` | Number of seconds after which the probe times out. Minimum value is 1. | | replicaCount | int | `1` | The number of replicas to deploy (horizontal scaling). Beware that replicas are stateless; don't set this number > 1 when using in-memory meta store manager. | | resources | object | `{}` | Configures the resources requests and limits for nessie pods. We usually recommend not to specify default resources and to leave this as a conscious choice for the user. This also increases chances charts run on environments with little resources, such as Minikube. If you do want to specify resources, uncomment the following lines, adjust them as necessary, and remove the curly braces after 'resources:'. | | securityContext | object | `{}` | Security context for the polaris container. See https://kubernetes.io/docs/tasks/configure-pod-container/security-context/. | diff --git a/helm/polaris/README.md.gotmpl b/helm/polaris/README.md.gotmpl index e61614d64..84126744f 100644 --- a/helm/polaris/README.md.gotmpl +++ b/helm/polaris/README.md.gotmpl @@ -26,23 +26,14 @@ helm-docs --chart-search-root=helm {{ template "chart.requirementsSection" . }} -## Documentation - -TODO - ## Installation -### From Helm repo -```bash -$ #TODO -``` - ### From local directory (for development purposes) From Polaris repo root: ```bash -$ helm install --namespace polaris polaris helm/polaris +$ helm install polaris helm/polaris --namespace polaris --create-namespace ``` ### Uninstalling the chart diff --git a/helm/polaris/templates/ingress.yaml b/helm/polaris/templates/ingress.yaml index e76c386c9..f2a94dab1 100644 --- a/helm/polaris/templates/ingress.yaml +++ b/helm/polaris/templates/ingress.yaml @@ -43,12 +43,12 @@ spec: backend: {{- if semverCompare ">=1.22-0" $kubeVersion }} service: - name: {{ .backend.service.name }} + name: {{ $fullName }} port: - number: {{ .backend.service.port.number }} + number: {{ $svcPort }} {{- else }} - serviceName: {{ .backend.service.name }} - servicePort: {{ .backend.service.port.number }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} {{- end }} {{- end }} {{- end }} diff --git a/helm/polaris/templates/service.yaml b/helm/polaris/templates/service.yaml index f72ace7a2..ba6828737 100644 --- a/helm/polaris/templates/service.yaml +++ b/helm/polaris/templates/service.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Service metadata: - name: {{ include "polaris.fullname" . | printf "%s-service" | quote }} + name: {{ include "polaris.fullname" . }} labels: {{- include "polaris.labels" . | nindent 4 }} annotations: From 2a3cc2732667a041a3b142771127f48a3d0bdcbf Mon Sep 17 00:00:00 2001 From: Yong Zheng Date: Fri, 9 Aug 2024 21:24:32 -0500 Subject: [PATCH 03/38] Initial helm work --- helm/polaris/templates/tests/test-connection.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm/polaris/templates/tests/test-connection.yaml b/helm/polaris/templates/tests/test-connection.yaml index 90e1e4806..a90e55cb3 100644 --- a/helm/polaris/templates/tests/test-connection.yaml +++ b/helm/polaris/templates/tests/test-connection.yaml @@ -15,5 +15,5 @@ spec: - name: wget image: busybox command: ['wget'] - args: ['{{ include "polaris.fullname" . | printf "%s-metrics" }}:{{ index .Values.service.ports "polaris-metrics" }}/healthcheck'] + args: ['{{ include "polaris.fullname" . }}:{{ index .Values.service.ports "polaris-metrics" }}/healthcheck'] restartPolicy: Never \ No newline at end of file From 7cebb098d1428dd6671f09c3dccd4acb37bf0684 Mon Sep 17 00:00:00 2001 From: Yong Zheng Date: Sat, 10 Aug 2024 13:31:54 -0500 Subject: [PATCH 04/38] license header --- helm/polaris/Chart.yaml | 16 ++++++++++++++++ helm/polaris/README.md | 16 ++++++++++++++++ helm/polaris/README.md.gotmpl | 16 ++++++++++++++++ helm/polaris/templates/_helpers.tpl | 16 ++++++++++++++++ helm/polaris/templates/configmap.yaml | 16 ++++++++++++++++ helm/polaris/templates/deployment.yaml | 16 ++++++++++++++++ helm/polaris/templates/hpa.yaml | 16 ++++++++++++++++ helm/polaris/templates/ingress.yaml | 16 ++++++++++++++++ helm/polaris/templates/service.yaml | 16 ++++++++++++++++ helm/polaris/templates/serviceaccount.yaml | 16 ++++++++++++++++ .../templates/tests/test-connection.yaml | 17 +++++++++++++++++ helm/polaris/values.yaml | 16 ++++++++++++++++ 12 files changed, 193 insertions(+) diff --git a/helm/polaris/Chart.yaml b/helm/polaris/Chart.yaml index be93215c7..efbebaa66 100644 --- a/helm/polaris/Chart.yaml +++ b/helm/polaris/Chart.yaml @@ -1,3 +1,19 @@ +# +# Copyright (c) 2024 Snowflake Computing Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + apiVersion: v2 name: polaris description: A Helm chart for Polaris diff --git a/helm/polaris/README.md b/helm/polaris/README.md index b412a6652..9a4532c16 100644 --- a/helm/polaris/README.md +++ b/helm/polaris/README.md @@ -1,3 +1,19 @@ + + + # Nessie Helm chart diff --git a/helm/polaris/README.md.gotmpl b/helm/polaris/README.md.gotmpl index 0e69d1d2b..d2f306bb2 100644 --- a/helm/polaris/README.md.gotmpl +++ b/helm/polaris/README.md.gotmpl @@ -1,25 +1,25 @@ # Nessie Helm chart diff --git a/helm/polaris/templates/_helpers.tpl b/helm/polaris/templates/_helpers.tpl index d7306fa1d..5489a6f5d 100644 --- a/helm/polaris/templates/_helpers.tpl +++ b/helm/polaris/templates/_helpers.tpl @@ -1,30 +1,30 @@ {{/* -Copyright (c) 2024 Snowflake Computing Inc. + Copyright (c) 2024 Snowflake Computing Inc. -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at - http://www.apache.org/licenses/LICENSE-2.0 + http://www.apache.org/licenses/LICENSE-2.0 -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. */}} {{/* -Expand the name of the chart. + Expand the name of the chart. */}} {{- define "polaris.name" -}} {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} {{- end }} {{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. + Create a default fully qualified app name. + We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). + If release name contains chart name it will be used as a full name. */}} {{- define "polaris.fullname" -}} {{- if .Values.fullnameOverride }} @@ -40,14 +40,14 @@ If release name contains chart name it will be used as a full name. {{- end }} {{/* -Create chart name and version as used by the chart label. + Create chart name and version as used by the chart label. */}} {{- define "polaris.chart" -}} {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} {{- end }} {{/* -Common labels + Common labels */}} {{- define "polaris.labels" -}} helm.sh/chart: {{ include "polaris.chart" . }} @@ -59,7 +59,7 @@ app.kubernetes.io/managed-by: {{ .Release.Service }} {{- end }} {{/* -Selector labels + Selector labels */}} {{- define "polaris.selectorLabels" -}} app.kubernetes.io/name: {{ include "polaris.name" . }} @@ -67,7 +67,7 @@ app.kubernetes.io/instance: {{ .Release.Name }} {{- end }} {{/* -Create the name of the service account to use + Create the name of the service account to use */}} {{- define "polaris.serviceAccountName" -}} {{- if .Values.serviceAccount.create }} diff --git a/helm/polaris/templates/configmap.yaml b/helm/polaris/templates/configmap.yaml index b31c6b04d..c5ffc2fa8 100644 --- a/helm/polaris/templates/configmap.yaml +++ b/helm/polaris/templates/configmap.yaml @@ -1,17 +1,17 @@ {{/* -Copyright (c) 2024 Snowflake Computing Inc. + Copyright (c) 2024 Snowflake Computing Inc. -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at - http://www.apache.org/licenses/LICENSE-2.0 + http://www.apache.org/licenses/LICENSE-2.0 -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. */}} apiVersion: v1 diff --git a/helm/polaris/templates/deployment.yaml b/helm/polaris/templates/deployment.yaml index f12e08dee..cab36584c 100644 --- a/helm/polaris/templates/deployment.yaml +++ b/helm/polaris/templates/deployment.yaml @@ -1,17 +1,17 @@ {{/* -Copyright (c) 2024 Snowflake Computing Inc. + Copyright (c) 2024 Snowflake Computing Inc. -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at - http://www.apache.org/licenses/LICENSE-2.0 + http://www.apache.org/licenses/LICENSE-2.0 -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. */}} apiVersion: apps/v1 diff --git a/helm/polaris/templates/hpa.yaml b/helm/polaris/templates/hpa.yaml index 64ac13d8b..f66b90585 100644 --- a/helm/polaris/templates/hpa.yaml +++ b/helm/polaris/templates/hpa.yaml @@ -1,17 +1,17 @@ {{/* -Copyright (c) 2024 Snowflake Computing Inc. + Copyright (c) 2024 Snowflake Computing Inc. -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at - http://www.apache.org/licenses/LICENSE-2.0 + http://www.apache.org/licenses/LICENSE-2.0 -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. */}} {{- if .Values.autoscaling.enabled }} diff --git a/helm/polaris/templates/ingress.yaml b/helm/polaris/templates/ingress.yaml index 463b1c689..b411c44a7 100644 --- a/helm/polaris/templates/ingress.yaml +++ b/helm/polaris/templates/ingress.yaml @@ -1,17 +1,17 @@ {{/* -Copyright (c) 2024 Snowflake Computing Inc. + Copyright (c) 2024 Snowflake Computing Inc. -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at - http://www.apache.org/licenses/LICENSE-2.0 + http://www.apache.org/licenses/LICENSE-2.0 -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. */}} {{- $kubeVersion := .Capabilities.KubeVersion.Version -}} diff --git a/helm/polaris/templates/service.yaml b/helm/polaris/templates/service.yaml index e24ad80c9..a6811c25e 100644 --- a/helm/polaris/templates/service.yaml +++ b/helm/polaris/templates/service.yaml @@ -1,17 +1,17 @@ {{/* -Copyright (c) 2024 Snowflake Computing Inc. + Copyright (c) 2024 Snowflake Computing Inc. -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at - http://www.apache.org/licenses/LICENSE-2.0 + http://www.apache.org/licenses/LICENSE-2.0 -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. */}} apiVersion: v1 diff --git a/helm/polaris/templates/serviceaccount.yaml b/helm/polaris/templates/serviceaccount.yaml index eb697937c..f2902f15e 100644 --- a/helm/polaris/templates/serviceaccount.yaml +++ b/helm/polaris/templates/serviceaccount.yaml @@ -1,17 +1,17 @@ {{/* -Copyright (c) 2024 Snowflake Computing Inc. + Copyright (c) 2024 Snowflake Computing Inc. -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at - http://www.apache.org/licenses/LICENSE-2.0 + http://www.apache.org/licenses/LICENSE-2.0 -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. */}} {{- if .Values.serviceAccount.create -}} diff --git a/helm/polaris/templates/tests/test-connection.yaml b/helm/polaris/templates/tests/test-connection.yaml index b4e9a6c95..ccc50f52f 100644 --- a/helm/polaris/templates/tests/test-connection.yaml +++ b/helm/polaris/templates/tests/test-connection.yaml @@ -1,17 +1,17 @@ {{/* -Copyright (c) 2024 Snowflake Computing Inc. + Copyright (c) 2024 Snowflake Computing Inc. -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at - http://www.apache.org/licenses/LICENSE-2.0 + http://www.apache.org/licenses/LICENSE-2.0 -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. */}} From 2a5d48039c4e900a831668d952ab700e4a9d5544 Mon Sep 17 00:00:00 2001 From: Yong Zheng Date: Sun, 11 Aug 2024 18:23:13 -0500 Subject: [PATCH 07/38] Use toYaml to load entire config file directly --- helm/polaris/templates/configmap.yaml | 132 +------------------------- helm/polaris/values.yaml | 6 +- 2 files changed, 5 insertions(+), 133 deletions(-) diff --git a/helm/polaris/templates/configmap.yaml b/helm/polaris/templates/configmap.yaml index c5ffc2fa8..3fc9aeeff 100644 --- a/helm/polaris/templates/configmap.yaml +++ b/helm/polaris/templates/configmap.yaml @@ -25,134 +25,4 @@ metadata: {{- end }} data: polaris-server.yml: |- - server: - maxThreads: {{ .Values.polaris_config.server.maxThreads }} - minThreads: {{ .Values.polaris_config.server.minThreads }} - applicationConnectors: - - type: http - port: {{ index .Values "service" "ports" "polaris-service" }} - adminConnectors: - - type: http - port: {{ index .Values "service" "ports" "polaris-metrics" }} - {{- if .Values.polaris_config.server.bindHost }} - bindHost: {{ .Values.polaris_config.server.bindHost }} - {{- end }} - {{- if .Values.polaris_config.server.ssl }} - ssl: - keyStore: {{ .Values.polaris_config.server.ssl.keyStore }} - keyStorePassword: {{ .Values.polaris_config.server.ssl.keyStorePassword }} - {{- if .Values.polaris_config.server.ssl.keyStoreType }} - keyStoreType: {{ .Values.polaris_config.server.ssl.keyStoreType }} - {{- end }} - {{- end }} - requestLog: - appenders: - {{- range .Values.polaris_config.server.requestLog.appenders }} - - type: {{ .type }} - {{- if .currentLogFilename }} - currentLogFilename: {{ .currentLogFilename }} - archivedLogFilenamePattern: {{ .archivedLogFilenamePattern }} - archivedFileCount: {{ .archivedFileCount }} - archive: {{ .archive }} - {{- end }} - {{- end }} - - baseCatalogType: "{{ .Values.polaris_config.baseCatalogType }}" - - featureConfiguration: - ENFORCE_PRINCIPAL_CREDENTIAL_ROTATION_REQUIRED_CHECKING: {{ .Values.polaris_config.featureConfiguration.ENFORCE_PRINCIPAL_CREDENTIAL_ROTATION_REQUIRED_CHECKING }} - DISABLE_TOKEN_GENERATION_FOR_USER_PRINCIPALS: {{ .Values.polaris_config.featureConfiguration.DISABLE_TOKEN_GENERATION_FOR_USER_PRINCIPALS }} - SUPPORTED_CATALOG_STORAGE_TYPES: - {{- range .Values.polaris_config.featureConfiguration.SUPPORTED_CATALOG_STORAGE_TYPES }} - - {{ . }} - {{- end }} - - callContextResolver: - type: {{ .Values.polaris_config.callContextResolver.type }} - - realmContextResolver: - type: {{ .Values.polaris_config.realmContextResolver.type }} - - defaultRealms: - {{- range .Values.polaris_config.defaultRealms }} - - {{ . }} - {{- end }} - - metaStoreManager: - type: {{ .Values.polaris_config.metaStoreManager.type }} - {{- if index .Values "polaris_config" "metaStoreManager" "persistence-unit" }} - persistence-unit: {{ index .Values "polaris_config" "metaStoreManager" "persistence-unit" }} - {{- end }} - {{- if index .Values "polaris_config" "metaStoreManager" "conf-file" }} - conf-file: {{ index .Values "polaris_config" "metaStoreManager" "conf-file" }} - {{- end }} - - oauth2: - type: {{ .Values.polaris_config.oauth2.type }} - {{- if .Values.polaris_config.oauth2.tokenBroker }} - tokenBroker: - type: {{ .Values.polaris_config.oauth2.tokenBroker.type }} - secret: {{ .Values.polaris_config.oauth2.tokenBroker.secret }} - {{- end }} - - authenticator: - class: {{ .Values.polaris_config.authenticator.class }} - {{- if .Values.polaris_config.authenticator.tokenBroker }} - tokenBroker: - type: {{ .Values.polaris_config.authenticator.tokenBroker.type }} - secret: {{ .Values.polaris_config.authenticator.tokenBroker.secret }} - {{- end }} - - cors: - allowed-origins: - {{- range $_, $value := index .Values "polaris_config" "cors" "allowed-origins" }} - - {{ $value }} - {{- end }} - allowed-timing-origins: - {{- range $_, $value := index .Values "polaris_config" "cors" "allowed-timing-origins" }} - - {{ $value }} - {{- end }} - allowed-methods: - {{- range $_, $value := index .Values "polaris_config" "cors" "allowed-methods" }} - - {{ $value }} - {{- end }} - allowed-headers: - {{- range $_, $value := index .Values "polaris_config" "cors" "allowed-headers" }} - - "{{ $value }}" - {{- end }} - exposed-headers: - {{- range $_, $value := index .Values "polaris_config" "cors" "exposed-headers" }} - - "{{ $value }}" - {{- end }} - preflight-max-age: {{ index .Values "polaris_config" "cors" "preflight-max-age" }} - allowed-credentials: {{ index .Values "polaris_config" "cors" "allowed-credentials" }} - - logging: - level: {{ .Values.polaris_config.logging.level }} - loggers: - {{- range $key, $value := .Values.polaris_config.logging.loggers }} - {{ $key }}: {{ $value }} - {{- end }} - appenders: - {{- range .Values.polaris_config.logging.appenders }} - - type: {{ .type }} - threshold: {{ .threshold }} - {{- if .logFormat }} - logFormat: "{{ .logFormat }}" - {{- end }} - {{- if .layout }} - layout: - type: {{ .layout.type }} - flattenKeyValues: {{ .layout.flattenKeyValues }} - includeKeyValues: {{ .layout.includeKeyValues }} - {{- end }} - {{- if .currentLogFilename }} - currentLogFilename: {{ .currentLogFilename }} - {{- end }} - {{- if .archivedLogFilenamePattern }} - archivedLogFilenamePattern: {{ .archivedLogFilenamePattern }} - {{- end }} - {{- if .archivedFileCount }} - archivedFileCount: {{ .archivedFileCount }} - {{- end }} - {{- end }} \ No newline at end of file +{{ toYaml .Values.polaris_config | indent 4 }} \ No newline at end of file diff --git a/helm/polaris/values.yaml b/helm/polaris/values.yaml index f15201d72..e41abcbd7 100644 --- a/helm/polaris/values.yaml +++ b/helm/polaris/values.yaml @@ -207,16 +207,18 @@ polaris_config: server: # Maximum number of threads. maxThreads: 200 + # Minimum number of thread to keep alive. minThreads: 10 applicationConnectors: # HTTP-specific options. - type: http + # The port on which the HTTP server listens for service requests. port: 8181 + adminConnectors: - type: http - # The port on which the HTTP server listens for metrics requests. port: 8182 # The hostname of the interface to which the HTTP server socket wil be found. If omitted, the @@ -354,4 +356,4 @@ polaris_config: # snowflake.log will be truncated, and new statements written to it. archivedLogFilenamePattern: ./logs/polaris-%d.log.gz # The maximum number of log files to archive. - archivedFileCount: 14 \ No newline at end of file + archivedFileCount: 14 From 80510753473f7bd1c3653d029166f9ffe677bf9d Mon Sep 17 00:00:00 2001 From: Yong Zheng Date: Mon, 12 Aug 2024 22:48:50 -0500 Subject: [PATCH 08/38] Add ability to load custom persistence config and perform bootstrap --- helm/polaris/Chart.yaml | 16 ----- helm/polaris/LICENSE | 13 ++++ helm/polaris/README.md | 19 +---- helm/polaris/README.md.gotmpl | 16 ----- helm/polaris/templates/configmap.yaml | 22 ++---- helm/polaris/templates/deployment.yaml | 39 +++++----- helm/polaris/templates/hpa.yaml | 16 ----- helm/polaris/templates/ingress.yaml | 16 ----- helm/polaris/templates/job.yaml | 84 ++++++++++++++++++++++ helm/polaris/templates/service.yaml | 16 ----- helm/polaris/templates/serviceaccount.yaml | 16 ----- helm/polaris/values.yaml | 46 +++++++----- 12 files changed, 154 insertions(+), 165 deletions(-) create mode 100644 helm/polaris/LICENSE create mode 100644 helm/polaris/templates/job.yaml diff --git a/helm/polaris/Chart.yaml b/helm/polaris/Chart.yaml index efbebaa66..be93215c7 100644 --- a/helm/polaris/Chart.yaml +++ b/helm/polaris/Chart.yaml @@ -1,19 +1,3 @@ -# -# Copyright (c) 2024 Snowflake Computing Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - apiVersion: v2 name: polaris description: A Helm chart for Polaris diff --git a/helm/polaris/LICENSE b/helm/polaris/LICENSE new file mode 100644 index 000000000..c55c644a4 --- /dev/null +++ b/helm/polaris/LICENSE @@ -0,0 +1,13 @@ + Copyright (c) 2024 Snowflake Computing Inc. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. \ No newline at end of file diff --git a/helm/polaris/README.md b/helm/polaris/README.md index b804e8284..0e3ddd0e9 100644 --- a/helm/polaris/README.md +++ b/helm/polaris/README.md @@ -1,19 +1,3 @@ - - - -# Nessie Helm chart +# Polaris Helm chart ![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) @@ -40,13 +40,13 @@ $ helm uninstall --namespace polaris polaris | Key | Type | Default | Description | |-----|------|---------|-------------| -| affinity | object | `{}` | Affinity and anti-affinity for nessie pods. See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. | +| affinity | object | `{}` | Affinity and anti-affinity for polaris pods. See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. | | autoscaling.enabled | bool | `false` | Specifies whether automatic horizontal scaling should be enabled. Do not enable this when using ROCKSDB version store type. | | autoscaling.maxReplicas | int | `3` | The maximum number of replicas to maintain. | | autoscaling.minReplicas | int | `1` | The minimum number of replicas to maintain. | | autoscaling.targetCPUUtilizationPercentage | int | `80` | Optional; set to zero or empty to disable. | | autoscaling.targetMemoryUtilizationPercentage | string | `nil` | Optional; set to zero or empty to disable. | -| configMapLabels | object | `{}` | Additional Labels to apply to nessie configmap. | +| configMapLabels | object | `{}` | Additional Labels to apply to polaris configmap. | | image.configDir | string | `"/app/config"` | The path to the directory where the polaris-server.yml file should be mounted. | | image.pullPolicy | string | `"IfNotPresent"` | The image pull policy. | | image.repository | string | `"localhost:5001/polaris"` | The image repository to pull from. | @@ -57,33 +57,33 @@ $ helm uninstall --namespace polaris polaris | ingress.enabled | bool | `false` | Specifies whether an ingress should be created. | | ingress.hosts | list | `[{"host":"chart-example.local","paths":[]}]` | A list of host paths used to configure the ingress. | | ingress.tls | list | `[]` | A list of TLS certificates; each entry has a list of hosts in the certificate, along with the secret name used to terminate TLS traffic on port 443. | -| livenessProbe | object | `{"failureThreshold":3,"initialDelaySeconds":5,"periodSeconds":10,"successThreshold":1,"terminationGracePeriodSeconds":30,"timeoutSeconds":10}` | Configures the liveness probe for nessie pods. | +| livenessProbe | object | `{"failureThreshold":3,"initialDelaySeconds":5,"periodSeconds":10,"successThreshold":1,"terminationGracePeriodSeconds":30,"timeoutSeconds":10}` | Configures the liveness probe for polaris pods. | | livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the probe to be considered failed after having succeeded. Minimum value is 1. | | livenessProbe.initialDelaySeconds | int | `5` | Number of seconds after the container has started before liveness probes are initiated. Minimum value is 0. | | livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the probe. Minimum value is 1. | | livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1. | | livenessProbe.terminationGracePeriodSeconds | int | `30` | Optional duration in seconds the pod needs to terminate gracefully upon probe failure. Minimum value is 1. | | livenessProbe.timeoutSeconds | int | `10` | Number of seconds after which the probe times out. Minimum value is 1. | -| nodeSelector | object | `{}` | Node labels which must match for the nessie pod to be scheduled on that node. See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. | -| persistenceConfig | string | `"\n\n \n org.eclipse.persistence.jpa.PersistenceProvider\n io.polaris.core.persistence.models.ModelEntity\n io.polaris.core.persistence.models.ModelEntityActive\n io.polaris.core.persistence.models.ModelEntityChangeTracking\n io.polaris.core.persistence.models.ModelEntityDropped\n io.polaris.core.persistence.models.ModelGrantRecord\n io.polaris.core.persistence.models.ModelPrincipalSecrets\n io.polaris.core.persistence.models.ModelSequenceId\n NONE\n \n \n \n \n \n \n \n \n \n \n"` | | +| nodeSelector | object | `{}` | Node labels which must match for the polaris pod to be scheduled on that node. See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. | +| persistenceConfig | string | `"\n\n \n org.eclipse.persistence.jpa.PersistenceProvider\n io.polaris.core.persistence.models.ModelEntity\n io.polaris.core.persistence.models.ModelEntityActive\n io.polaris.core.persistence.models.ModelEntityChangeTracking\n io.polaris.core.persistence.models.ModelEntityDropped\n io.polaris.core.persistence.models.ModelGrantRecord\n io.polaris.core.persistence.models.ModelPrincipalSecrets\n io.polaris.core.persistence.models.ModelSequenceId\n NONE\n \n \n \n \n \n \n \n \n \n \n"` | Configures persistence.xml for servu | | podAnnotations | object | `{}` | Annotations to apply to polaris pods. | -| podLabels | object | `{}` | Additional Labels to apply to nessie pods. | +| podLabels | object | `{}` | Additional Labels to apply to polaris pods. | | podSecurityContext | object | `{}` | Security context for the polaris pod. See https://kubernetes.io/docs/tasks/configure-pod-container/security-context/. | | polarisServerConfig | object | `{"authenticator":{"class":"io.polaris.service.auth.TestInlineBearerTokenPolarisAuthenticator"},"baseCatalogType":"polaris","callContextResolver":{"type":"default"},"cors":{"allowed-credentials":true,"allowed-headers":["*"],"allowed-methods":["PATCH","POST","DELETE","GET","PUT"],"allowed-origins":["http://localhost:8080"],"allowed-timing-origins":["http://localhost:8080"],"exposed-headers":["*"],"preflight-max-age":600},"defaultRealms":["default-realm"],"featureConfiguration":{"DISABLE_TOKEN_GENERATION_FOR_USER_PRINCIPALS":true,"ENFORCE_PRINCIPAL_CREDENTIAL_ROTATION_REQUIRED_CHECKING":false,"SUPPORTED_CATALOG_STORAGE_TYPES":["S3","GCS","AZURE","FILE"]},"logging":{"appenders":[{"logFormat":"%-5p [%d{ISO8601} - %-6r] [%t] [%X{aid}%X{sid}%X{tid}%X{wid}%X{oid}%X{srv}%X{job}%X{rid}] %c{30}: %m %kvp%n%ex","threshold":"ALL","type":"console"},{"archivedFileCount":14,"archivedLogFilenamePattern":"./logs/polaris-%d.log.gz","currentLogFilename":"./logs/polaris.log","layout":{"flattenKeyValues":false,"includeKeyValues":true,"type":"polaris"},"threshold":"ALL","type":"file"}],"level":"INFO","loggers":{"io.polaris":"DEBUG","org.apache.iceberg.rest":"DEBUG"}},"metaStoreManager":{"type":"in-memory"},"oauth2":{"type":"test"},"realmContextResolver":{"type":"default"},"server":{"adminConnectors":[{"port":8182,"type":"http"}],"applicationConnectors":[{"port":8181,"type":"http"}],"maxThreads":200,"minThreads":10,"requestLog":{"appenders":[{"type":"console"},{"archive":true,"archivedFileCount":14,"archivedLogFilenamePattern":"./logs/requests-%d.log.gz","currentLogFilename":"./logs/request.log","type":"file"}]}}}` | Configures Polaris service. | -| readinessProbe | object | `{"failureThreshold":3,"initialDelaySeconds":5,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":10}` | Configures the readiness probe for nessie pods. | +| readinessProbe | object | `{"failureThreshold":3,"initialDelaySeconds":5,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":10}` | Configures the readiness probe for polaris pods. | | readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the probe to be considered failed after having succeeded. Minimum value is 1. | | readinessProbe.initialDelaySeconds | int | `5` | Number of seconds after the container has started before readiness probes are initiated. Minimum value is 0. | | readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the probe. Minimum value is 1. | | readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1. | | readinessProbe.timeoutSeconds | int | `10` | Number of seconds after which the probe times out. Minimum value is 1. | | replicaCount | int | `1` | The number of replicas to deploy (horizontal scaling). Beware that replicas are stateless; don't set this number > 1 when using in-memory meta store manager. | -| resources | object | `{}` | Configures the resources requests and limits for nessie pods. We usually recommend not to specify default resources and to leave this as a conscious choice for the user. This also increases chances charts run on environments with little resources, such as Minikube. If you do want to specify resources, uncomment the following lines, adjust them as necessary, and remove the curly braces after 'resources:'. | +| resources | object | `{}` | Configures the resources requests and limits for polaris pods. We usually recommend not to specify default resources and to leave this as a conscious choice for the user. This also increases chances charts run on environments with little resources, such as Minikube. If you do want to specify resources, uncomment the following lines, adjust them as necessary, and remove the curly braces after 'resources:'. | | securityContext | object | `{}` | Security context for the polaris container. See https://kubernetes.io/docs/tasks/configure-pod-container/security-context/. | | service.annotations | object | `{}` | Annotations to add to the service. | | service.ports | object | `{"polaris-metrics":8182,"polaris-service":8181}` | The ports the service will listen on. Two ports are required: one for the Polaris service and one for the metrics API. Other ports can be declared as needed. The metrics port is handled differently from other ports as a dedicated headless service is created for it. Note: port names must be unique and no more than 15 characters long. | -| service.sessionAffinity | string | `"None"` | The session affinity for the service. Valid values are: None, ClientIP. ClientIP enables sticky sessions based on the client's IP address. This is generally beneficial to Nessie deployments, but some testing may be required in order to make sure that the load is distributed evenly among the pods. Also, this setting affects only internal clients, not external ones. If Ingress is enabled, it is recommended to set sessionAffinity to None. | +| service.sessionAffinity | string | `"None"` | The session affinity for the service. Valid values are: None, ClientIP. ClientIP enables sticky sessions based on the client's IP address. This is generally beneficial to Polaris deployments, but some testing may be required in order to make sure that the load is distributed evenly among the pods. Also, this setting affects only internal clients, not external ones. If Ingress is enabled, it is recommended to set sessionAffinity to None. | | service.type | string | `"ClusterIP"` | The type of service to create. | | serviceAccount.annotations | object | `{}` | Annotations to add to the service account. | | serviceAccount.create | bool | `true` | Specifies whether a service account should be created. | | serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template. | -| tolerations | list | `[]` | A list of tolerations to apply to nessie pods. See https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/. | \ No newline at end of file +| tolerations | list | `[]` | A list of tolerations to apply to polaris pods. See https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/. | \ No newline at end of file diff --git a/helm/polaris/values.yaml b/helm/polaris/values.yaml index 8e308f401..ea0311774 100644 --- a/helm/polaris/values.yaml +++ b/helm/polaris/values.yaml @@ -34,10 +34,10 @@ serviceAccount: # -- Annotations to apply to polaris pods. podAnnotations: {} -# -- Additional Labels to apply to nessie pods. +# -- Additional Labels to apply to polaris pods. podLabels: {} -# -- Additional Labels to apply to nessie configmap. +# -- Additional Labels to apply to polaris configmap. configMapLabels: {} # -- Security context for the polaris pod. See https://kubernetes.io/docs/tasks/configure-pod-container/security-context/. @@ -70,7 +70,7 @@ service: polaris-metrics: 8182 # -- The session affinity for the service. Valid values are: None, ClientIP. # ClientIP enables sticky sessions based on the client's IP address. - # This is generally beneficial to Nessie deployments, but some testing may be + # This is generally beneficial to Polaris deployments, but some testing may be # required in order to make sure that the load is distributed evenly among the pods. # Also, this setting affects only internal clients, not external ones. # If Ingress is enabled, it is recommended to set sessionAffinity to None. @@ -79,10 +79,10 @@ service: annotations: {} # Polaris Ingress settings. -# These settings generate an Ingress resource that routes external traffic to the Nessie service +# These settings generate an Ingress resource that routes external traffic to the Polaris service # using the "polaris-service" port described above. # Consider enabling sticky sessions based on the remote client's IP address; -# this is generally beneficial to Nessie deployments, but some testing may be +# this is generally beneficial to Polaris deployments, but some testing may be # required in order to make sure that the load is distributed evenly among the pods. # Check your ingress controller's documentation. ingress: @@ -106,7 +106,7 @@ ingress: # - chart-example2.local # secretName: secret1 -# -- Configures the resources requests and limits for nessie pods. +# -- Configures the resources requests and limits for polaris pods. # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following @@ -133,18 +133,18 @@ autoscaling: # -- Optional; set to zero or empty to disable. targetMemoryUtilizationPercentage: -# -- Node labels which must match for the nessie pod to be scheduled on that node. See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. +# -- Node labels which must match for the polaris pod to be scheduled on that node. See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. nodeSelector: {} # kubernetes.io/os: linux -# -- A list of tolerations to apply to nessie pods. See https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/. +# -- A list of tolerations to apply to polaris pods. See https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/. tolerations: [] # - key: "node-role.kubernetes.io/control-plane" # operator: "Exists" # effect: "NoSchedule" -# -- Affinity and anti-affinity for nessie pods. See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. +# -- Affinity and anti-affinity for polaris pods. See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. affinity: {} # podAffinity: # preferredDuringSchedulingIgnoredDuringExecution: @@ -156,9 +156,9 @@ affinity: {} # - key: app.kubernetes.io/name # operator: In # values: -# - nessie +# - polaris -# -- Configures the liveness probe for nessie pods. +# -- Configures the liveness probe for polaris pods. livenessProbe: # -- Number of seconds after the container has started before liveness probes are initiated. Minimum value is 0. initialDelaySeconds: 5 @@ -173,7 +173,7 @@ livenessProbe: # -- Optional duration in seconds the pod needs to terminate gracefully upon probe failure. Minimum value is 1. terminationGracePeriodSeconds: 30 -# -- Configures the readiness probe for nessie pods. +# -- Configures the readiness probe for polaris pods. readinessProbe: # -- Number of seconds after the container has started before readiness probes are initiated. Minimum value is 0. initialDelaySeconds: 5 @@ -186,6 +186,7 @@ readinessProbe: # -- Number of seconds after which the probe times out. Minimum value is 1. timeoutSeconds: 10 +# -- Configures persistence.xml for servu persistenceConfig: |- Date: Mon, 12 Aug 2024 23:56:41 -0500 Subject: [PATCH 11/38] Add extra envs options --- helm/polaris/README.md | 5 +++-- helm/polaris/README.md.gotmpl | 2 +- helm/polaris/templates/deployment.yaml | 4 ++++ helm/polaris/values.yaml | 24 ++++++++++++++++++++++-- 4 files changed, 30 insertions(+), 5 deletions(-) diff --git a/helm/polaris/README.md b/helm/polaris/README.md index 731910ceb..0e068b04e 100644 --- a/helm/polaris/README.md +++ b/helm/polaris/README.md @@ -47,6 +47,7 @@ $ helm uninstall --namespace polaris polaris | autoscaling.targetCPUUtilizationPercentage | int | `80` | Optional; set to zero or empty to disable. | | autoscaling.targetMemoryUtilizationPercentage | string | `nil` | Optional; set to zero or empty to disable. | | configMapLabels | object | `{}` | Additional Labels to apply to polaris configmap. | +| extraEnv | list | `[]` | Advanced configuration via Environment Variables. Extra environment variables to add to the Nessie server container. You can pass here any valid EnvVar object: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#envvar-v1-core This can be useful to get configuration values from Kubernetes secrets or config maps. | | image.configDir | string | `"/app/config"` | The path to the directory where the polaris-server.yml file should be mounted. | | image.pullPolicy | string | `"IfNotPresent"` | The image pull policy. | | image.repository | string | `"localhost:5001/polaris"` | The image repository to pull from. | @@ -65,11 +66,11 @@ $ helm uninstall --namespace polaris polaris | livenessProbe.terminationGracePeriodSeconds | int | `30` | Optional duration in seconds the pod needs to terminate gracefully upon probe failure. Minimum value is 1. | | livenessProbe.timeoutSeconds | int | `10` | Number of seconds after which the probe times out. Minimum value is 1. | | nodeSelector | object | `{}` | Node labels which must match for the polaris pod to be scheduled on that node. See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. | -| persistenceConfig | string | `"\n\n \n org.eclipse.persistence.jpa.PersistenceProvider\n io.polaris.core.persistence.models.ModelEntity\n io.polaris.core.persistence.models.ModelEntityActive\n io.polaris.core.persistence.models.ModelEntityChangeTracking\n io.polaris.core.persistence.models.ModelEntityDropped\n io.polaris.core.persistence.models.ModelGrantRecord\n io.polaris.core.persistence.models.ModelPrincipalSecrets\n io.polaris.core.persistence.models.ModelSequenceId\n NONE\n \n \n \n \n \n \n \n \n \n \n"` | Configures persistence.xml for servu | +| persistenceConfig | string | `"\n\n \n org.eclipse.persistence.jpa.PersistenceProvider\n io.polaris.core.persistence.models.ModelEntity\n io.polaris.core.persistence.models.ModelEntityActive\n io.polaris.core.persistence.models.ModelEntityChangeTracking\n io.polaris.core.persistence.models.ModelEntityDropped\n io.polaris.core.persistence.models.ModelGrantRecord\n io.polaris.core.persistence.models.ModelPrincipalSecrets\n io.polaris.core.persistence.models.ModelSequenceId\n NONE\n \n \n \n \n \n \n \n \n \n \n"` | Configures for Polaris config (persistence.xml) | | podAnnotations | object | `{}` | Annotations to apply to polaris pods. | | podLabels | object | `{}` | Additional Labels to apply to polaris pods. | | podSecurityContext | object | `{}` | Security context for the polaris pod. See https://kubernetes.io/docs/tasks/configure-pod-container/security-context/. | -| polarisServerConfig | object | `{"authenticator":{"class":"io.polaris.service.auth.TestInlineBearerTokenPolarisAuthenticator"},"baseCatalogType":"polaris","callContextResolver":{"type":"default"},"cors":{"allowed-credentials":true,"allowed-headers":["*"],"allowed-methods":["PATCH","POST","DELETE","GET","PUT"],"allowed-origins":["http://localhost:8080"],"allowed-timing-origins":["http://localhost:8080"],"exposed-headers":["*"],"preflight-max-age":600},"defaultRealms":["default-realm"],"featureConfiguration":{"DISABLE_TOKEN_GENERATION_FOR_USER_PRINCIPALS":true,"ENFORCE_PRINCIPAL_CREDENTIAL_ROTATION_REQUIRED_CHECKING":false,"SUPPORTED_CATALOG_STORAGE_TYPES":["S3","GCS","AZURE","FILE"]},"logging":{"appenders":[{"logFormat":"%-5p [%d{ISO8601} - %-6r] [%t] [%X{aid}%X{sid}%X{tid}%X{wid}%X{oid}%X{srv}%X{job}%X{rid}] %c{30}: %m %kvp%n%ex","threshold":"ALL","type":"console"},{"archivedFileCount":14,"archivedLogFilenamePattern":"./logs/polaris-%d.log.gz","currentLogFilename":"./logs/polaris.log","layout":{"flattenKeyValues":false,"includeKeyValues":true,"type":"polaris"},"threshold":"ALL","type":"file"}],"level":"INFO","loggers":{"io.polaris":"DEBUG","org.apache.iceberg.rest":"DEBUG"}},"metaStoreManager":{"type":"in-memory"},"oauth2":{"type":"test"},"realmContextResolver":{"type":"default"},"server":{"adminConnectors":[{"port":8182,"type":"http"}],"applicationConnectors":[{"port":8181,"type":"http"}],"maxThreads":200,"minThreads":10,"requestLog":{"appenders":[{"type":"console"},{"archive":true,"archivedFileCount":14,"archivedLogFilenamePattern":"./logs/requests-%d.log.gz","currentLogFilename":"./logs/request.log","type":"file"}]}}}` | Configures Polaris service. | +| polarisServerConfig | object | `{"authenticator":{"class":"io.polaris.service.auth.TestInlineBearerTokenPolarisAuthenticator"},"baseCatalogType":"polaris","callContextResolver":{"type":"default"},"cors":{"allowed-credentials":true,"allowed-headers":["*"],"allowed-methods":["PATCH","POST","DELETE","GET","PUT"],"allowed-origins":["http://localhost:8080"],"allowed-timing-origins":["http://localhost:8080"],"exposed-headers":["*"],"preflight-max-age":600},"defaultRealms":["default-realm"],"featureConfiguration":{"DISABLE_TOKEN_GENERATION_FOR_USER_PRINCIPALS":true,"ENFORCE_PRINCIPAL_CREDENTIAL_ROTATION_REQUIRED_CHECKING":false,"SUPPORTED_CATALOG_STORAGE_TYPES":["S3","GCS","AZURE","FILE"]},"logging":{"appenders":[{"logFormat":"%-5p [%d{ISO8601} - %-6r] [%t] [%X{aid}%X{sid}%X{tid}%X{wid}%X{oid}%X{srv}%X{job}%X{rid}] %c{30}: %m %kvp%n%ex","threshold":"ALL","type":"console"},{"archivedFileCount":14,"archivedLogFilenamePattern":"./logs/polaris-%d.log.gz","currentLogFilename":"./logs/polaris.log","layout":{"flattenKeyValues":false,"includeKeyValues":true,"type":"polaris"},"threshold":"ALL","type":"file"}],"level":"INFO","loggers":{"io.polaris":"DEBUG","org.apache.iceberg.rest":"DEBUG"}},"metaStoreManager":{"type":"in-memory"},"oauth2":{"type":"test"},"realmContextResolver":{"type":"default"},"server":{"adminConnectors":[{"port":8182,"type":"http"}],"applicationConnectors":[{"port":8181,"type":"http"}],"maxThreads":200,"minThreads":10,"requestLog":{"appenders":[{"type":"console"},{"archive":true,"archivedFileCount":14,"archivedLogFilenamePattern":"./logs/requests-%d.log.gz","currentLogFilename":"./logs/request.log","type":"file"}]}}}` | Configures for Polaris config (polaris-server.yml) | | readinessProbe | object | `{"failureThreshold":3,"initialDelaySeconds":5,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":10}` | Configures the readiness probe for polaris pods. | | readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the probe to be considered failed after having succeeded. Minimum value is 1. | | readinessProbe.initialDelaySeconds | int | `5` | Number of seconds after the container has started before readiness probes are initiated. Minimum value is 0. | diff --git a/helm/polaris/README.md.gotmpl b/helm/polaris/README.md.gotmpl index f885ce060..ca54f91c5 100644 --- a/helm/polaris/README.md.gotmpl +++ b/helm/polaris/README.md.gotmpl @@ -6,7 +6,7 @@ helm-docs --chart-search-root=helm --> -# Nessie Helm chart +# Polaris Helm chart {{ template "chart.deprecationWarning" . }} diff --git a/helm/polaris/templates/deployment.yaml b/helm/polaris/templates/deployment.yaml index be3495f4e..bb75a7620 100644 --- a/helm/polaris/templates/deployment.yaml +++ b/helm/polaris/templates/deployment.yaml @@ -52,6 +52,10 @@ spec: imagePullPolicy: {{ tpl .Values.image.pullPolicy . }} command: ["java"] args: ["-jar", "/app/polaris-service-1.0.0-all.jar", "server", "{{ trimSuffix "/" .Values.image.configDir }}/polaris-server.yml"] + env: + {{- if .Values.extraEnv }} + {{- tpl (toYaml .Values.extraEnv) . | nindent 12 }} + {{- end }} volumeMounts: - name: config-volume mountPath: {{ trimSuffix "/" .Values.image.configDir }}/polaris-server.yml diff --git a/helm/polaris/values.yaml b/helm/polaris/values.yaml index ea0311774..dcb7bdeb2 100644 --- a/helm/polaris/values.yaml +++ b/helm/polaris/values.yaml @@ -186,7 +186,27 @@ readinessProbe: # -- Number of seconds after which the probe times out. Minimum value is 1. timeoutSeconds: 10 -# -- Configures persistence.xml for servu +# -- Advanced configuration via Environment Variables. +# Extra environment variables to add to the Nessie server container. +# You can pass here any valid EnvVar object: +# https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#envvar-v1-core +# This can be useful to get configuration values from Kubernetes secrets or config maps. +extraEnv: + [] +# - name: AWS_STORAGE_BUCKET +# value: s3://xxxxx/ +# - name: AWS_ACCESS_KEY_ID +# valueFrom: +# secretKeyRef: +# name: aws-secret +# key: access_key_id +# - name: AWS_SECRET_ACCESS_KEY +# valueFrom: +# secretKeyRef: +# name: aws-secret +# key: secret_access_key + +# -- Configures for Polaris config (persistence.xml) persistenceConfig: |- -# -- Configures Polaris service. +# -- Configures for Polaris config (polaris-server.yml) polarisServerConfig: server: # Maximum number of threads. From cf470949efcbc39b9a5c1df0d087299c7eeb066d Mon Sep 17 00:00:00 2001 From: Yong Zheng Date: Mon, 12 Aug 2024 23:58:30 -0500 Subject: [PATCH 12/38] Minor text changes --- helm/polaris/README.md | 2 +- helm/polaris/values.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/helm/polaris/README.md b/helm/polaris/README.md index 0e068b04e..74bdb00e5 100644 --- a/helm/polaris/README.md +++ b/helm/polaris/README.md @@ -47,7 +47,7 @@ $ helm uninstall --namespace polaris polaris | autoscaling.targetCPUUtilizationPercentage | int | `80` | Optional; set to zero or empty to disable. | | autoscaling.targetMemoryUtilizationPercentage | string | `nil` | Optional; set to zero or empty to disable. | | configMapLabels | object | `{}` | Additional Labels to apply to polaris configmap. | -| extraEnv | list | `[]` | Advanced configuration via Environment Variables. Extra environment variables to add to the Nessie server container. You can pass here any valid EnvVar object: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#envvar-v1-core This can be useful to get configuration values from Kubernetes secrets or config maps. | +| extraEnv | list | `[]` | Advanced configuration via Environment Variables. Extra environment variables to add to the Polaris server container. You can pass here any valid EnvVar object: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#envvar-v1-core This can be useful to get configuration values from Kubernetes secrets or config maps. | | image.configDir | string | `"/app/config"` | The path to the directory where the polaris-server.yml file should be mounted. | | image.pullPolicy | string | `"IfNotPresent"` | The image pull policy. | | image.repository | string | `"localhost:5001/polaris"` | The image repository to pull from. | diff --git a/helm/polaris/values.yaml b/helm/polaris/values.yaml index dcb7bdeb2..13381f3db 100644 --- a/helm/polaris/values.yaml +++ b/helm/polaris/values.yaml @@ -187,7 +187,7 @@ readinessProbe: timeoutSeconds: 10 # -- Advanced configuration via Environment Variables. -# Extra environment variables to add to the Nessie server container. +# Extra environment variables to add to the Polaris server container. # You can pass here any valid EnvVar object: # https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#envvar-v1-core # This can be useful to get configuration values from Kubernetes secrets or config maps. From 4598e61de892783eaab14f6d94294727e5f1f2d3 Mon Sep 17 00:00:00 2001 From: Yong Zheng Date: Tue, 13 Aug 2024 00:30:18 -0500 Subject: [PATCH 13/38] Load persistence.xml from external secret --- helm/polaris/README.md | 4 +-- helm/polaris/templates/configmap.yaml | 6 +---- helm/polaris/templates/deployment.yaml | 15 +++++++----- helm/polaris/templates/job.yaml | 15 +++++++----- helm/polaris/values.yaml | 34 +++----------------------- 5 files changed, 25 insertions(+), 49 deletions(-) diff --git a/helm/polaris/README.md b/helm/polaris/README.md index 74bdb00e5..65f31cc4e 100644 --- a/helm/polaris/README.md +++ b/helm/polaris/README.md @@ -66,11 +66,11 @@ $ helm uninstall --namespace polaris polaris | livenessProbe.terminationGracePeriodSeconds | int | `30` | Optional duration in seconds the pod needs to terminate gracefully upon probe failure. Minimum value is 1. | | livenessProbe.timeoutSeconds | int | `10` | Number of seconds after which the probe times out. Minimum value is 1. | | nodeSelector | object | `{}` | Node labels which must match for the polaris pod to be scheduled on that node. See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. | -| persistenceConfig | string | `"\n\n \n org.eclipse.persistence.jpa.PersistenceProvider\n io.polaris.core.persistence.models.ModelEntity\n io.polaris.core.persistence.models.ModelEntityActive\n io.polaris.core.persistence.models.ModelEntityChangeTracking\n io.polaris.core.persistence.models.ModelEntityDropped\n io.polaris.core.persistence.models.ModelGrantRecord\n io.polaris.core.persistence.models.ModelPrincipalSecrets\n io.polaris.core.persistence.models.ModelSequenceId\n NONE\n \n \n \n \n \n \n \n \n \n \n"` | Configures for Polaris config (persistence.xml) | +| persistenceConfigSecret | string | `"polaris-secret"` | Configures for persistence.xml (ensure the key name is 'persistence.xml') | | podAnnotations | object | `{}` | Annotations to apply to polaris pods. | | podLabels | object | `{}` | Additional Labels to apply to polaris pods. | | podSecurityContext | object | `{}` | Security context for the polaris pod. See https://kubernetes.io/docs/tasks/configure-pod-container/security-context/. | -| polarisServerConfig | object | `{"authenticator":{"class":"io.polaris.service.auth.TestInlineBearerTokenPolarisAuthenticator"},"baseCatalogType":"polaris","callContextResolver":{"type":"default"},"cors":{"allowed-credentials":true,"allowed-headers":["*"],"allowed-methods":["PATCH","POST","DELETE","GET","PUT"],"allowed-origins":["http://localhost:8080"],"allowed-timing-origins":["http://localhost:8080"],"exposed-headers":["*"],"preflight-max-age":600},"defaultRealms":["default-realm"],"featureConfiguration":{"DISABLE_TOKEN_GENERATION_FOR_USER_PRINCIPALS":true,"ENFORCE_PRINCIPAL_CREDENTIAL_ROTATION_REQUIRED_CHECKING":false,"SUPPORTED_CATALOG_STORAGE_TYPES":["S3","GCS","AZURE","FILE"]},"logging":{"appenders":[{"logFormat":"%-5p [%d{ISO8601} - %-6r] [%t] [%X{aid}%X{sid}%X{tid}%X{wid}%X{oid}%X{srv}%X{job}%X{rid}] %c{30}: %m %kvp%n%ex","threshold":"ALL","type":"console"},{"archivedFileCount":14,"archivedLogFilenamePattern":"./logs/polaris-%d.log.gz","currentLogFilename":"./logs/polaris.log","layout":{"flattenKeyValues":false,"includeKeyValues":true,"type":"polaris"},"threshold":"ALL","type":"file"}],"level":"INFO","loggers":{"io.polaris":"DEBUG","org.apache.iceberg.rest":"DEBUG"}},"metaStoreManager":{"type":"in-memory"},"oauth2":{"type":"test"},"realmContextResolver":{"type":"default"},"server":{"adminConnectors":[{"port":8182,"type":"http"}],"applicationConnectors":[{"port":8181,"type":"http"}],"maxThreads":200,"minThreads":10,"requestLog":{"appenders":[{"type":"console"},{"archive":true,"archivedFileCount":14,"archivedLogFilenamePattern":"./logs/requests-%d.log.gz","currentLogFilename":"./logs/request.log","type":"file"}]}}}` | Configures for Polaris config (polaris-server.yml) | +| polarisServerConfig | object | `{"authenticator":{"class":"io.polaris.service.auth.TestInlineBearerTokenPolarisAuthenticator"},"baseCatalogType":"polaris","callContextResolver":{"type":"default"},"cors":{"allowed-credentials":true,"allowed-headers":["*"],"allowed-methods":["PATCH","POST","DELETE","GET","PUT"],"allowed-origins":["http://localhost:8080"],"allowed-timing-origins":["http://localhost:8080"],"exposed-headers":["*"],"preflight-max-age":600},"defaultRealms":["default-realm"],"featureConfiguration":{"DISABLE_TOKEN_GENERATION_FOR_USER_PRINCIPALS":true,"ENFORCE_PRINCIPAL_CREDENTIAL_ROTATION_REQUIRED_CHECKING":false,"SUPPORTED_CATALOG_STORAGE_TYPES":["S3","GCS","AZURE","FILE"]},"logging":{"appenders":[{"logFormat":"%-5p [%d{ISO8601} - %-6r] [%t] [%X{aid}%X{sid}%X{tid}%X{wid}%X{oid}%X{srv}%X{job}%X{rid}] %c{30}: %m %kvp%n%ex","threshold":"ALL","type":"console"},{"archivedFileCount":14,"archivedLogFilenamePattern":"./logs/polaris-%d.log.gz","currentLogFilename":"./logs/polaris.log","layout":{"flattenKeyValues":false,"includeKeyValues":true,"type":"polaris"},"threshold":"ALL","type":"file"}],"level":"INFO","loggers":{"io.polaris":"DEBUG","org.apache.iceberg.rest":"DEBUG"}},"metaStoreManager":{"type":"in-memory"},"oauth2":{"type":"test"},"realmContextResolver":{"type":"default"},"server":{"adminConnectors":[{"port":8182,"type":"http"}],"applicationConnectors":[{"port":8181,"type":"http"}],"maxThreads":200,"minThreads":10,"requestLog":{"appenders":[{"type":"console"},{"archive":true,"archivedFileCount":14,"archivedLogFilenamePattern":"./logs/requests-%d.log.gz","currentLogFilename":"./logs/request.log","type":"file"}]}}}` | Configures for polaris-server.yml | | readinessProbe | object | `{"failureThreshold":3,"initialDelaySeconds":5,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":10}` | Configures the readiness probe for polaris pods. | | readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the probe to be considered failed after having succeeded. Minimum value is 1. | | readinessProbe.initialDelaySeconds | int | `5` | Number of seconds after the container has started before readiness probes are initiated. Minimum value is 0. | diff --git a/helm/polaris/templates/configmap.yaml b/helm/polaris/templates/configmap.yaml index 854edbc4b..a0d06c223 100644 --- a/helm/polaris/templates/configmap.yaml +++ b/helm/polaris/templates/configmap.yaml @@ -9,8 +9,4 @@ metadata: {{- end }} data: polaris-server.yml: |- -{{ toYaml .Values.polarisServerConfig | indent 4 }} -{{- if .Values.persistenceConfig }} - persistence.xml: |- -{{ .Values.persistenceConfig | indent 4 }} -{{- end }} \ No newline at end of file +{{ toYaml .Values.polarisServerConfig | indent 4 }} \ No newline at end of file diff --git a/helm/polaris/templates/deployment.yaml b/helm/polaris/templates/deployment.yaml index bb75a7620..5704b4c64 100644 --- a/helm/polaris/templates/deployment.yaml +++ b/helm/polaris/templates/deployment.yaml @@ -26,16 +26,16 @@ spec: {{- tpl (toYaml .Values.podLabels) . | nindent 8 }} {{- end }} spec: - {{- if .Values.persistenceConfig }} + {{- if .Values.persistenceConfigSecret }} initContainers: - name: init-config image: registry.access.redhat.com/ubi9/openjdk-21:1.20-2.1721752936 - command: ['sh', '-c', 'cd /config/ && jar -cf /tmp/conf.jar persistence.xml'] + command: ['sh', '-c', 'cd /secret && jar -cf /tmp/conf.jar persistence.xml'] volumeMounts: - - name: config-volume - mountPath: /config - name: tmp-volume mountPath: /tmp + - name: secret-volume + mountPath: /secret {{- end }} {{- if .Values.imagePullSecrets }} imagePullSecrets: @@ -60,7 +60,7 @@ spec: - name: config-volume mountPath: {{ trimSuffix "/" .Values.image.configDir }}/polaris-server.yml subPath: polaris-server.yml - {{- if .Values.persistenceConfig }} + {{- if .Values.persistenceConfigSecret }} - name: tmp-volume mountPath: /tmp {{- end }} @@ -97,9 +97,12 @@ spec: - name: config-volume configMap: name: {{ include "polaris.fullname" . }} - {{- if .Values.persistenceConfig }} + {{- if .Values.persistenceConfigSecret }} - name: tmp-volume emptyDir: {} + - name: secret-volume + secret: + secretName: {{ .Values.persistenceConfigSecret }} {{- end }} {{- if .Values.nodeSelector }} nodeSelector: diff --git a/helm/polaris/templates/job.yaml b/helm/polaris/templates/job.yaml index 6dde5f395..7f8e1fca7 100644 --- a/helm/polaris/templates/job.yaml +++ b/helm/polaris/templates/job.yaml @@ -24,16 +24,16 @@ spec: {{- tpl (toYaml .Values.podLabels) . | nindent 8 }} {{- end }} spec: - {{- if .Values.persistenceConfig }} + {{- if .Values.persistenceConfigSecret }} initContainers: - name: init-config image: registry.access.redhat.com/ubi9/openjdk-21:1.20-2.1721752936 - command: ['sh', '-c', 'cd /config/ && jar -cf /tmp/conf.jar persistence.xml'] + command: ['sh', '-c', 'cd /secret && jar -cf /tmp/conf.jar persistence.xml'] volumeMounts: - - name: config-volume - mountPath: /config - name: tmp-volume mountPath: /tmp + - name: secret-volume + mountPath: /secret {{- end }} {{- if .Values.imagePullSecrets }} imagePullSecrets: @@ -54,7 +54,7 @@ spec: - name: config-volume mountPath: {{ trimSuffix "/" .Values.image.configDir }}/polaris-server.yml subPath: polaris-server.yml - {{- if .Values.persistenceConfig }} + {{- if .Values.persistenceConfigSecret }} - name: tmp-volume mountPath: /tmp {{- end }} @@ -65,9 +65,12 @@ spec: - name: config-volume configMap: name: {{ include "polaris.fullname" . }} - {{- if .Values.persistenceConfig }} + {{- if .Values.persistenceConfigSecret }} - name: tmp-volume emptyDir: {} + - name: secret-volume + secret: + secretName: {{ .Values.persistenceConfigSecret }} {{- end }} {{- if .Values.nodeSelector }} nodeSelector: diff --git a/helm/polaris/values.yaml b/helm/polaris/values.yaml index 13381f3db..4a94bed0d 100644 --- a/helm/polaris/values.yaml +++ b/helm/polaris/values.yaml @@ -206,36 +206,10 @@ extraEnv: # name: aws-secret # key: secret_access_key -# -- Configures for Polaris config (persistence.xml) -persistenceConfig: |- - - - - org.eclipse.persistence.jpa.PersistenceProvider - io.polaris.core.persistence.models.ModelEntity - io.polaris.core.persistence.models.ModelEntityActive - io.polaris.core.persistence.models.ModelEntityChangeTracking - io.polaris.core.persistence.models.ModelEntityDropped - io.polaris.core.persistence.models.ModelGrantRecord - io.polaris.core.persistence.models.ModelPrincipalSecrets - io.polaris.core.persistence.models.ModelSequenceId - NONE - - - - - - - - - - - - -# -- Configures for Polaris config (polaris-server.yml) +# -- Configures for persistence.xml (ensure the key name is 'persistence.xml') +persistenceConfigSecret: polaris-secret + +# -- Configures for polaris-server.yml polarisServerConfig: server: # Maximum number of threads. From 170f6fd1fd83c5996b98d5066e5c3473407955eb Mon Sep 17 00:00:00 2001 From: Yong Zheng Date: Wed, 14 Aug 2024 19:57:26 -0500 Subject: [PATCH 14/38] Remove duplicate copyright header --- .../templates/tests/test-connection.yaml | 17 ----------------- 1 file changed, 17 deletions(-) diff --git a/helm/polaris/templates/tests/test-connection.yaml b/helm/polaris/templates/tests/test-connection.yaml index ccc50f52f..a90e55cb3 100644 --- a/helm/polaris/templates/tests/test-connection.yaml +++ b/helm/polaris/templates/tests/test-connection.yaml @@ -1,20 +1,3 @@ -{{/* - Copyright (c) 2024 Snowflake Computing Inc. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/}} - - apiVersion: v1 kind: Pod metadata: From 08c666fa60e799653dd775b9cdf55b1ab5328a39 Mon Sep 17 00:00:00 2001 From: Yong Zheng Date: Wed, 14 Aug 2024 20:08:44 -0500 Subject: [PATCH 15/38] Add option to overwrite init image from values.yaml --- helm/polaris/README.md | 3 +++ helm/polaris/templates/deployment.yaml | 3 ++- helm/polaris/templates/job.yaml | 3 ++- helm/polaris/values.yaml | 8 ++++++++ 4 files changed, 15 insertions(+), 2 deletions(-) diff --git a/helm/polaris/README.md b/helm/polaris/README.md index 65f31cc4e..defcd2f7a 100644 --- a/helm/polaris/README.md +++ b/helm/polaris/README.md @@ -58,6 +58,9 @@ $ helm uninstall --namespace polaris polaris | ingress.enabled | bool | `false` | Specifies whether an ingress should be created. | | ingress.hosts | list | `[{"host":"chart-example.local","paths":[]}]` | A list of host paths used to configure the ingress. | | ingress.tls | list | `[]` | A list of TLS certificates; each entry has a list of hosts in the certificate, along with the secret name used to terminate TLS traffic on port 443. | +| initImage.pullPolicy | string | `"IfNotPresent"` | The image pull policy. | +| initImage.repository | string | `"registry.access.redhat.com/ubi9/openjdk-21"` | The image repository to pull from (must have jar binary included). | +| initImage.tag | string | `"latest"` | Overrides the image tag. | | livenessProbe | object | `{"failureThreshold":3,"initialDelaySeconds":5,"periodSeconds":10,"successThreshold":1,"terminationGracePeriodSeconds":30,"timeoutSeconds":10}` | Configures the liveness probe for polaris pods. | | livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the probe to be considered failed after having succeeded. Minimum value is 1. | | livenessProbe.initialDelaySeconds | int | `5` | Number of seconds after the container has started before liveness probes are initiated. Minimum value is 0. | diff --git a/helm/polaris/templates/deployment.yaml b/helm/polaris/templates/deployment.yaml index 5704b4c64..c2579f76b 100644 --- a/helm/polaris/templates/deployment.yaml +++ b/helm/polaris/templates/deployment.yaml @@ -29,7 +29,8 @@ spec: {{- if .Values.persistenceConfigSecret }} initContainers: - name: init-config - image: registry.access.redhat.com/ubi9/openjdk-21:1.20-2.1721752936 + image: "{{ tpl .Values.initImage.repository . }}:{{ tpl .Values.initImage.tag . }}" + imagePullPolicy: {{ tpl .Values.initImage.pullPolicy . }} command: ['sh', '-c', 'cd /secret && jar -cf /tmp/conf.jar persistence.xml'] volumeMounts: - name: tmp-volume diff --git a/helm/polaris/templates/job.yaml b/helm/polaris/templates/job.yaml index 7f8e1fca7..754c2f746 100644 --- a/helm/polaris/templates/job.yaml +++ b/helm/polaris/templates/job.yaml @@ -27,7 +27,8 @@ spec: {{- if .Values.persistenceConfigSecret }} initContainers: - name: init-config - image: registry.access.redhat.com/ubi9/openjdk-21:1.20-2.1721752936 + image: "{{ tpl .Values.initImage.repository . }}:{{ tpl .Values.initImage.tag . }}" + imagePullPolicy: {{ tpl .Values.initImage.pullPolicy . }} command: ['sh', '-c', 'cd /secret && jar -cf /tmp/conf.jar persistence.xml'] volumeMounts: - name: tmp-volume diff --git a/helm/polaris/values.yaml b/helm/polaris/values.yaml index 4a94bed0d..5789b6430 100644 --- a/helm/polaris/values.yaml +++ b/helm/polaris/values.yaml @@ -2,6 +2,14 @@ # Beware that replicas are stateless; don't set this number > 1 when using in-memory meta store manager. replicaCount: 1 +initImage: + # -- The image repository to pull from (must have jar binary included). + repository: registry.access.redhat.com/ubi9/openjdk-21 + # -- The image pull policy. + pullPolicy: IfNotPresent + # -- Overrides the image tag. + tag: "latest" + image: # -- The image repository to pull from. repository: localhost:5001/polaris From 1ee8f2f8ff1f28dda188c7bf423cdfd0829e46f2 Mon Sep 17 00:00:00 2001 From: Yong Zheng Date: Wed, 14 Aug 2024 20:13:30 -0500 Subject: [PATCH 16/38] Update LICENSE file --- helm/polaris/LICENSE | 210 ++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 200 insertions(+), 10 deletions(-) diff --git a/helm/polaris/LICENSE b/helm/polaris/LICENSE index c55c644a4..8142efd3d 100644 --- a/helm/polaris/LICENSE +++ b/helm/polaris/LICENSE @@ -1,13 +1,203 @@ - Copyright (c) 2024 Snowflake Computing Inc. + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - http://www.apache.org/licenses/LICENSE-2.0 + 1. Definitions. - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. \ No newline at end of file + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + + Apache Iceberg \ No newline at end of file From 419a6b124d1b7889e2d843d58e47813d0790c29b Mon Sep 17 00:00:00 2001 From: Yong Zheng Date: Wed, 14 Aug 2024 23:38:12 -0500 Subject: [PATCH 17/38] Update poliaris-server.yaml to remove obsolete config as part of PR 143 --- helm/polaris/README.md | 2 +- helm/polaris/values.yaml | 5 +---- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/helm/polaris/README.md b/helm/polaris/README.md index defcd2f7a..6c4e13935 100644 --- a/helm/polaris/README.md +++ b/helm/polaris/README.md @@ -73,7 +73,7 @@ $ helm uninstall --namespace polaris polaris | podAnnotations | object | `{}` | Annotations to apply to polaris pods. | | podLabels | object | `{}` | Additional Labels to apply to polaris pods. | | podSecurityContext | object | `{}` | Security context for the polaris pod. See https://kubernetes.io/docs/tasks/configure-pod-container/security-context/. | -| polarisServerConfig | object | `{"authenticator":{"class":"io.polaris.service.auth.TestInlineBearerTokenPolarisAuthenticator"},"baseCatalogType":"polaris","callContextResolver":{"type":"default"},"cors":{"allowed-credentials":true,"allowed-headers":["*"],"allowed-methods":["PATCH","POST","DELETE","GET","PUT"],"allowed-origins":["http://localhost:8080"],"allowed-timing-origins":["http://localhost:8080"],"exposed-headers":["*"],"preflight-max-age":600},"defaultRealms":["default-realm"],"featureConfiguration":{"DISABLE_TOKEN_GENERATION_FOR_USER_PRINCIPALS":true,"ENFORCE_PRINCIPAL_CREDENTIAL_ROTATION_REQUIRED_CHECKING":false,"SUPPORTED_CATALOG_STORAGE_TYPES":["S3","GCS","AZURE","FILE"]},"logging":{"appenders":[{"logFormat":"%-5p [%d{ISO8601} - %-6r] [%t] [%X{aid}%X{sid}%X{tid}%X{wid}%X{oid}%X{srv}%X{job}%X{rid}] %c{30}: %m %kvp%n%ex","threshold":"ALL","type":"console"},{"archivedFileCount":14,"archivedLogFilenamePattern":"./logs/polaris-%d.log.gz","currentLogFilename":"./logs/polaris.log","layout":{"flattenKeyValues":false,"includeKeyValues":true,"type":"polaris"},"threshold":"ALL","type":"file"}],"level":"INFO","loggers":{"io.polaris":"DEBUG","org.apache.iceberg.rest":"DEBUG"}},"metaStoreManager":{"type":"in-memory"},"oauth2":{"type":"test"},"realmContextResolver":{"type":"default"},"server":{"adminConnectors":[{"port":8182,"type":"http"}],"applicationConnectors":[{"port":8181,"type":"http"}],"maxThreads":200,"minThreads":10,"requestLog":{"appenders":[{"type":"console"},{"archive":true,"archivedFileCount":14,"archivedLogFilenamePattern":"./logs/requests-%d.log.gz","currentLogFilename":"./logs/request.log","type":"file"}]}}}` | Configures for polaris-server.yml | +| polarisServerConfig | object | `{"authenticator":{"class":"io.polaris.service.auth.TestInlineBearerTokenPolarisAuthenticator"},"callContextResolver":{"type":"default"},"cors":{"allowed-credentials":true,"allowed-headers":["*"],"allowed-methods":["PATCH","POST","DELETE","GET","PUT"],"allowed-origins":["http://localhost:8080"],"allowed-timing-origins":["http://localhost:8080"],"exposed-headers":["*"],"preflight-max-age":600},"defaultRealms":["default-realm"],"featureConfiguration":{"DISABLE_TOKEN_GENERATION_FOR_USER_PRINCIPALS":true,"ENFORCE_PRINCIPAL_CREDENTIAL_ROTATION_REQUIRED_CHECKING":false,"SUPPORTED_CATALOG_STORAGE_TYPES":["S3","GCS","AZURE","FILE"]},"logging":{"appenders":[{"logFormat":"%-5p [%d{ISO8601} - %-6r] [%t] [%X{aid}%X{sid}%X{tid}%X{wid}%X{oid}%X{srv}%X{job}%X{rid}] %c{30}: %m %kvp%n%ex","threshold":"ALL","type":"console"},{"archivedFileCount":14,"archivedLogFilenamePattern":"./logs/polaris-%d.log.gz","currentLogFilename":"./logs/polaris.log","layout":{"flattenKeyValues":false,"includeKeyValues":true,"type":"polaris"},"threshold":"ALL","type":"file"}],"level":"INFO","loggers":{"io.polaris":"DEBUG","org.apache.iceberg.rest":"DEBUG"}},"metaStoreManager":{"type":"in-memory"},"oauth2":{"type":"test"},"realmContextResolver":{"type":"default"},"server":{"adminConnectors":[{"port":8182,"type":"http"}],"applicationConnectors":[{"port":8181,"type":"http"}],"maxThreads":200,"minThreads":10,"requestLog":{"appenders":[{"type":"console"},{"archive":true,"archivedFileCount":14,"archivedLogFilenamePattern":"./logs/requests-%d.log.gz","currentLogFilename":"./logs/request.log","type":"file"}]}}}` | Configures for polaris-server.yml | | readinessProbe | object | `{"failureThreshold":3,"initialDelaySeconds":5,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":10}` | Configures the readiness probe for polaris pods. | | readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the probe to be considered failed after having succeeded. Minimum value is 1. | | readinessProbe.initialDelaySeconds | int | `5` | Number of seconds after the container has started before readiness probes are initiated. Minimum value is 0. | diff --git a/helm/polaris/values.yaml b/helm/polaris/values.yaml index 5789b6430..dfcbf9e84 100644 --- a/helm/polaris/values.yaml +++ b/helm/polaris/values.yaml @@ -268,9 +268,6 @@ polarisServerConfig: # Enable archiving if the request log entries go to the their own file archive: true - # Either 'jdbc' or 'polaris'; specifies the underlying delegate catalog - baseCatalogType: "polaris" - featureConfiguration: ENFORCE_PRINCIPAL_CREDENTIAL_ROTATION_REQUIRED_CHECKING: false DISABLE_TOKEN_GENERATION_FOR_USER_PRINCIPALS: true @@ -371,4 +368,4 @@ polarisServerConfig: # snowflake.log will be truncated, and new statements written to it. archivedLogFilenamePattern: ./logs/polaris-%d.log.gz # The maximum number of log files to archive. - archivedFileCount: 14 + archivedFileCount: 14 \ No newline at end of file From f43ff5abef57dd23c4f8d0099251a32f24c1bc26 Mon Sep 17 00:00:00 2001 From: Yong Zheng Date: Thu, 15 Aug 2024 10:01:22 -0500 Subject: [PATCH 18/38] Replace LICENSE file with symbolic link --- helm/polaris/LICENSE | 204 +------------------------------------------ 1 file changed, 1 insertion(+), 203 deletions(-) mode change 100644 => 120000 helm/polaris/LICENSE diff --git a/helm/polaris/LICENSE b/helm/polaris/LICENSE deleted file mode 100644 index 8142efd3d..000000000 --- a/helm/polaris/LICENSE +++ /dev/null @@ -1,203 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - - Apache Iceberg \ No newline at end of file diff --git a/helm/polaris/LICENSE b/helm/polaris/LICENSE new file mode 120000 index 000000000..30cff7403 --- /dev/null +++ b/helm/polaris/LICENSE @@ -0,0 +1 @@ +../../LICENSE \ No newline at end of file From 77856d95e59109a5fb1e548178f1989bebb09b01 Mon Sep 17 00:00:00 2001 From: Yong Zheng Date: Thu, 15 Aug 2024 10:04:17 -0500 Subject: [PATCH 19/38] Minor text changes --- helm/polaris/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/helm/polaris/values.yaml b/helm/polaris/values.yaml index dfcbf9e84..ef7418ddb 100644 --- a/helm/polaris/values.yaml +++ b/helm/polaris/values.yaml @@ -7,7 +7,7 @@ initImage: repository: registry.access.redhat.com/ubi9/openjdk-21 # -- The image pull policy. pullPolicy: IfNotPresent - # -- Overrides the image tag. + # -- The image tag. tag: "latest" image: @@ -15,7 +15,7 @@ image: repository: localhost:5001/polaris # -- The image pull policy. pullPolicy: IfNotPresent - # -- Overrides the image tag. + # -- The image tag. tag: "latest" # -- The path to the directory where the polaris-server.yml file should be mounted. configDir: /app/config From 79799c09cb01fcb0d323a8162f936cdd5c5bfe20 Mon Sep 17 00:00:00 2001 From: Yong Zheng Date: Thu, 15 Aug 2024 10:06:38 -0500 Subject: [PATCH 20/38] Remove configDir and use /app/config as hard-coded path --- helm/polaris/README.md | 5 ++--- helm/polaris/templates/deployment.yaml | 4 ++-- helm/polaris/templates/job.yaml | 4 ++-- helm/polaris/values.yaml | 3 +-- 4 files changed, 7 insertions(+), 9 deletions(-) diff --git a/helm/polaris/README.md b/helm/polaris/README.md index 6c4e13935..0273c1b89 100644 --- a/helm/polaris/README.md +++ b/helm/polaris/README.md @@ -48,10 +48,9 @@ $ helm uninstall --namespace polaris polaris | autoscaling.targetMemoryUtilizationPercentage | string | `nil` | Optional; set to zero or empty to disable. | | configMapLabels | object | `{}` | Additional Labels to apply to polaris configmap. | | extraEnv | list | `[]` | Advanced configuration via Environment Variables. Extra environment variables to add to the Polaris server container. You can pass here any valid EnvVar object: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#envvar-v1-core This can be useful to get configuration values from Kubernetes secrets or config maps. | -| image.configDir | string | `"/app/config"` | The path to the directory where the polaris-server.yml file should be mounted. | | image.pullPolicy | string | `"IfNotPresent"` | The image pull policy. | | image.repository | string | `"localhost:5001/polaris"` | The image repository to pull from. | -| image.tag | string | `"latest"` | Overrides the image tag. | +| image.tag | string | `"latest"` | The image tag. | | imagePullSecrets | list | `[]` | References to secrets in the same namespace to use for pulling any of the images used by this chart. Each entry is a LocalObjectReference to an existing secret in the namespace. The secret must contain a .dockerconfigjson key with a base64-encoded Docker configuration file. See https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ for more information. | | ingress.annotations | object | `{}` | Annotations to add to the ingress. | | ingress.className | string | `""` | Specifies the ingressClassName; leave empty if you don't want to customize it | @@ -60,7 +59,7 @@ $ helm uninstall --namespace polaris polaris | ingress.tls | list | `[]` | A list of TLS certificates; each entry has a list of hosts in the certificate, along with the secret name used to terminate TLS traffic on port 443. | | initImage.pullPolicy | string | `"IfNotPresent"` | The image pull policy. | | initImage.repository | string | `"registry.access.redhat.com/ubi9/openjdk-21"` | The image repository to pull from (must have jar binary included). | -| initImage.tag | string | `"latest"` | Overrides the image tag. | +| initImage.tag | string | `"latest"` | The image tag. | | livenessProbe | object | `{"failureThreshold":3,"initialDelaySeconds":5,"periodSeconds":10,"successThreshold":1,"terminationGracePeriodSeconds":30,"timeoutSeconds":10}` | Configures the liveness probe for polaris pods. | | livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the probe to be considered failed after having succeeded. Minimum value is 1. | | livenessProbe.initialDelaySeconds | int | `5` | Number of seconds after the container has started before liveness probes are initiated. Minimum value is 0. | diff --git a/helm/polaris/templates/deployment.yaml b/helm/polaris/templates/deployment.yaml index c2579f76b..cea02e51f 100644 --- a/helm/polaris/templates/deployment.yaml +++ b/helm/polaris/templates/deployment.yaml @@ -52,14 +52,14 @@ spec: image: "{{ tpl .Values.image.repository . }}:{{ tpl .Values.image.tag . | default .Chart.Version }}" imagePullPolicy: {{ tpl .Values.image.pullPolicy . }} command: ["java"] - args: ["-jar", "/app/polaris-service-1.0.0-all.jar", "server", "{{ trimSuffix "/" .Values.image.configDir }}/polaris-server.yml"] + args: ["-jar", "/app/polaris-service-1.0.0-all.jar", "server", "/app/config/polaris-server.yml"] env: {{- if .Values.extraEnv }} {{- tpl (toYaml .Values.extraEnv) . | nindent 12 }} {{- end }} volumeMounts: - name: config-volume - mountPath: {{ trimSuffix "/" .Values.image.configDir }}/polaris-server.yml + mountPath: /app/config/polaris-server.yml subPath: polaris-server.yml {{- if .Values.persistenceConfigSecret }} - name: tmp-volume diff --git a/helm/polaris/templates/job.yaml b/helm/polaris/templates/job.yaml index 754c2f746..624a57954 100644 --- a/helm/polaris/templates/job.yaml +++ b/helm/polaris/templates/job.yaml @@ -50,10 +50,10 @@ spec: image: "{{ tpl .Values.image.repository . }}:{{ tpl .Values.image.tag . | default .Chart.Version }}" imagePullPolicy: {{ tpl .Values.image.pullPolicy . }} command: ["java"] - args: ["-jar", "/app/polaris-service-1.0.0-all.jar", "bootstrap", "{{ trimSuffix "/" .Values.image.configDir }}/polaris-server.yml"] + args: ["-jar", "/app/polaris-service-1.0.0-all.jar", "bootstrap", "/app/config/polaris-server.yml"] volumeMounts: - name: config-volume - mountPath: {{ trimSuffix "/" .Values.image.configDir }}/polaris-server.yml + mountPath: /app/config/polaris-server.yml subPath: polaris-server.yml {{- if .Values.persistenceConfigSecret }} - name: tmp-volume diff --git a/helm/polaris/values.yaml b/helm/polaris/values.yaml index ef7418ddb..efe1314ff 100644 --- a/helm/polaris/values.yaml +++ b/helm/polaris/values.yaml @@ -17,8 +17,7 @@ image: pullPolicy: IfNotPresent # -- The image tag. tag: "latest" - # -- The path to the directory where the polaris-server.yml file should be mounted. - configDir: /app/config + # -- References to secrets in the same namespace to use for pulling any of the images used by this # chart. Each entry is a LocalObjectReference to an existing secret in the namespace. The secret From 1e49ebd71fc487ac6a980793801013029721a105 Mon Sep 17 00:00:00 2001 From: Yong Zheng Date: Thu, 15 Aug 2024 14:43:57 -0500 Subject: [PATCH 21/38] Trigger Build From 1b34efb8ba3a090ee03c45f38db772c6a113d70c Mon Sep 17 00:00:00 2001 From: Yong Zheng Date: Thu, 15 Aug 2024 18:36:48 -0500 Subject: [PATCH 22/38] Add instruction on how to create secret for persistenceConfigSecret --- helm/polaris/README.md | 17 ++++++++++++----- helm/polaris/README.md.gotmpl | 7 +++++++ helm/polaris/templates/deployment.yaml | 4 ++-- helm/polaris/templates/job.yaml | 4 ++-- helm/polaris/values.yaml | 17 ++++++++--------- 5 files changed, 31 insertions(+), 18 deletions(-) diff --git a/helm/polaris/README.md b/helm/polaris/README.md index 0273c1b89..e59c5c336 100644 --- a/helm/polaris/README.md +++ b/helm/polaris/README.md @@ -22,6 +22,13 @@ A Helm chart for Polaris. ## Installation +### Optional + +When using custom `persistence.xml`, you will need to create a K8S secret for `.persistenceConfigSecret`. Here is a sample instruction: +```bash +kubectl create secret generic polaris-secret -n polaris-helm --from-file=persistence.xml +``` + ### From local directory (for development purposes) From Polaris repo root: @@ -57,9 +64,6 @@ $ helm uninstall --namespace polaris polaris | ingress.enabled | bool | `false` | Specifies whether an ingress should be created. | | ingress.hosts | list | `[{"host":"chart-example.local","paths":[]}]` | A list of host paths used to configure the ingress. | | ingress.tls | list | `[]` | A list of TLS certificates; each entry has a list of hosts in the certificate, along with the secret name used to terminate TLS traffic on port 443. | -| initImage.pullPolicy | string | `"IfNotPresent"` | The image pull policy. | -| initImage.repository | string | `"registry.access.redhat.com/ubi9/openjdk-21"` | The image repository to pull from (must have jar binary included). | -| initImage.tag | string | `"latest"` | The image tag. | | livenessProbe | object | `{"failureThreshold":3,"initialDelaySeconds":5,"periodSeconds":10,"successThreshold":1,"terminationGracePeriodSeconds":30,"timeoutSeconds":10}` | Configures the liveness probe for polaris pods. | | livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the probe to be considered failed after having succeeded. Minimum value is 1. | | livenessProbe.initialDelaySeconds | int | `5` | Number of seconds after the container has started before liveness probes are initiated. Minimum value is 0. | @@ -68,7 +72,7 @@ $ helm uninstall --namespace polaris polaris | livenessProbe.terminationGracePeriodSeconds | int | `30` | Optional duration in seconds the pod needs to terminate gracefully upon probe failure. Minimum value is 1. | | livenessProbe.timeoutSeconds | int | `10` | Number of seconds after which the probe times out. Minimum value is 1. | | nodeSelector | object | `{}` | Node labels which must match for the polaris pod to be scheduled on that node. See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. | -| persistenceConfigSecret | string | `"polaris-secret"` | Configures for persistence.xml (ensure the key name is 'persistence.xml') | +| persistenceConfigSecret | string | `nil` | The secret name to pull persistence.xml from (ensure the key name is 'persistence.xml') | | podAnnotations | object | `{}` | Annotations to apply to polaris pods. | | podLabels | object | `{}` | Additional Labels to apply to polaris pods. | | podSecurityContext | object | `{}` | Security context for the polaris pod. See https://kubernetes.io/docs/tasks/configure-pod-container/security-context/. | @@ -89,4 +93,7 @@ $ helm uninstall --namespace polaris polaris | serviceAccount.annotations | object | `{}` | Annotations to add to the service account. | | serviceAccount.create | bool | `true` | Specifies whether a service account should be created. | | serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template. | -| tolerations | list | `[]` | A list of tolerations to apply to polaris pods. See https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/. | \ No newline at end of file +| tolerations | list | `[]` | A list of tolerations to apply to polaris pods. See https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/. | +| toolsImage.pullPolicy | string | `"IfNotPresent"` | The image pull policy. | +| toolsImage.repository | string | `"registry.access.redhat.com/ubi9/openjdk-21"` | The image repository to pull from (must have jar binary included). | +| toolsImage.tag | string | `"latest"` | The image tag. | \ No newline at end of file diff --git a/helm/polaris/README.md.gotmpl b/helm/polaris/README.md.gotmpl index ca54f91c5..200447107 100644 --- a/helm/polaris/README.md.gotmpl +++ b/helm/polaris/README.md.gotmpl @@ -28,6 +28,13 @@ ## Installation +### Optional + +When using custom `persistence.xml`, you will need to create a K8S secret for `.persistenceConfigSecret`. Here is a sample instruction: +```bash +kubectl create secret generic polaris-secret -n polaris-helm --from-file=persistence.xml +``` + ### From local directory (for development purposes) From Polaris repo root: diff --git a/helm/polaris/templates/deployment.yaml b/helm/polaris/templates/deployment.yaml index cea02e51f..abefff9d4 100644 --- a/helm/polaris/templates/deployment.yaml +++ b/helm/polaris/templates/deployment.yaml @@ -29,8 +29,8 @@ spec: {{- if .Values.persistenceConfigSecret }} initContainers: - name: init-config - image: "{{ tpl .Values.initImage.repository . }}:{{ tpl .Values.initImage.tag . }}" - imagePullPolicy: {{ tpl .Values.initImage.pullPolicy . }} + image: "{{ tpl .Values.toolsImage.repository . }}:{{ tpl .Values.toolsImage.tag . }}" + imagePullPolicy: {{ tpl .Values.toolsImage.pullPolicy . }} command: ['sh', '-c', 'cd /secret && jar -cf /tmp/conf.jar persistence.xml'] volumeMounts: - name: tmp-volume diff --git a/helm/polaris/templates/job.yaml b/helm/polaris/templates/job.yaml index 624a57954..c8a9de17d 100644 --- a/helm/polaris/templates/job.yaml +++ b/helm/polaris/templates/job.yaml @@ -27,8 +27,8 @@ spec: {{- if .Values.persistenceConfigSecret }} initContainers: - name: init-config - image: "{{ tpl .Values.initImage.repository . }}:{{ tpl .Values.initImage.tag . }}" - imagePullPolicy: {{ tpl .Values.initImage.pullPolicy . }} + image: "{{ tpl .Values.toolsImage.repository . }}:{{ tpl .Values.toolsImage.tag . }}" + imagePullPolicy: {{ tpl .Values.toolsImage.pullPolicy . }} command: ['sh', '-c', 'cd /secret && jar -cf /tmp/conf.jar persistence.xml'] volumeMounts: - name: tmp-volume diff --git a/helm/polaris/values.yaml b/helm/polaris/values.yaml index efe1314ff..7598fcba2 100644 --- a/helm/polaris/values.yaml +++ b/helm/polaris/values.yaml @@ -2,23 +2,22 @@ # Beware that replicas are stateless; don't set this number > 1 when using in-memory meta store manager. replicaCount: 1 -initImage: - # -- The image repository to pull from (must have jar binary included). - repository: registry.access.redhat.com/ubi9/openjdk-21 +image: + # -- The image repository to pull from. + repository: localhost:5001/polaris # -- The image pull policy. pullPolicy: IfNotPresent # -- The image tag. tag: "latest" -image: - # -- The image repository to pull from. - repository: localhost:5001/polaris +toolsImage: + # -- The image repository to pull from (must have jar binary included). + repository: registry.access.redhat.com/ubi9/openjdk-21 # -- The image pull policy. pullPolicy: IfNotPresent # -- The image tag. tag: "latest" - # -- References to secrets in the same namespace to use for pulling any of the images used by this # chart. Each entry is a LocalObjectReference to an existing secret in the namespace. The secret # must contain a .dockerconfigjson key with a base64-encoded Docker configuration file. See @@ -213,8 +212,8 @@ extraEnv: # name: aws-secret # key: secret_access_key -# -- Configures for persistence.xml (ensure the key name is 'persistence.xml') -persistenceConfigSecret: polaris-secret +# -- The secret name to pull persistence.xml from (ensure the key name is 'persistence.xml') +persistenceConfigSecret: ~ # -- Configures for polaris-server.yml polarisServerConfig: From b725f17bd5fa6567680d8dc38025e8909cf71b3e Mon Sep 17 00:00:00 2001 From: Yong Zheng Date: Thu, 15 Aug 2024 18:42:01 -0500 Subject: [PATCH 23/38] Minor text changes --- helm/polaris/README.md | 2 +- helm/polaris/README.md.gotmpl | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/helm/polaris/README.md b/helm/polaris/README.md index e59c5c336..9d5839213 100644 --- a/helm/polaris/README.md +++ b/helm/polaris/README.md @@ -24,7 +24,7 @@ A Helm chart for Polaris. ### Optional -When using custom `persistence.xml`, you will need to create a K8S secret for `.persistenceConfigSecret`. Here is a sample instruction: +When using custom `persistence.xml`, you will need to create a K8S Secret for `.persistenceConfigSecret`. Here is a sample instruction: ```bash kubectl create secret generic polaris-secret -n polaris-helm --from-file=persistence.xml ``` diff --git a/helm/polaris/README.md.gotmpl b/helm/polaris/README.md.gotmpl index 200447107..c042b0433 100644 --- a/helm/polaris/README.md.gotmpl +++ b/helm/polaris/README.md.gotmpl @@ -30,7 +30,7 @@ ### Optional -When using custom `persistence.xml`, you will need to create a K8S secret for `.persistenceConfigSecret`. Here is a sample instruction: +When using custom `persistence.xml`, you will need to create a K8S Secret for `.persistenceConfigSecret`. Here is a sample instruction: ```bash kubectl create secret generic polaris-secret -n polaris-helm --from-file=persistence.xml ``` From 7af20bd44afc17b7803088825041a72431e7f047 Mon Sep 17 00:00:00 2001 From: Yong Zheng Date: Thu, 15 Aug 2024 18:49:50 -0500 Subject: [PATCH 24/38] Trigger Build From 96f2ab23489c4cb62d83752b129de3b241af7de5 Mon Sep 17 00:00:00 2001 From: Yong Zheng Date: Thu, 15 Aug 2024 18:50:35 -0500 Subject: [PATCH 25/38] Mionr change on command for generating config jar --- helm/polaris/templates/deployment.yaml | 3 ++- helm/polaris/templates/job.yaml | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/helm/polaris/templates/deployment.yaml b/helm/polaris/templates/deployment.yaml index abefff9d4..5b1a49c77 100644 --- a/helm/polaris/templates/deployment.yaml +++ b/helm/polaris/templates/deployment.yaml @@ -31,7 +31,8 @@ spec: - name: init-config image: "{{ tpl .Values.toolsImage.repository . }}:{{ tpl .Values.toolsImage.tag . }}" imagePullPolicy: {{ tpl .Values.toolsImage.pullPolicy . }} - command: ['sh', '-c', 'cd /secret && jar -cf /tmp/conf.jar persistence.xml'] + command: ["jar"] + args: ["-cf", "/tmp/conf.jar", "-C", "/secret", "persistence.xml"] volumeMounts: - name: tmp-volume mountPath: /tmp diff --git a/helm/polaris/templates/job.yaml b/helm/polaris/templates/job.yaml index c8a9de17d..dbb955c2b 100644 --- a/helm/polaris/templates/job.yaml +++ b/helm/polaris/templates/job.yaml @@ -29,7 +29,8 @@ spec: - name: init-config image: "{{ tpl .Values.toolsImage.repository . }}:{{ tpl .Values.toolsImage.tag . }}" imagePullPolicy: {{ tpl .Values.toolsImage.pullPolicy . }} - command: ['sh', '-c', 'cd /secret && jar -cf /tmp/conf.jar persistence.xml'] + command: ["jar"] + args: ["-cf", "/tmp/conf.jar", "-C", "/secret", "persistence.xml"] volumeMounts: - name: tmp-volume mountPath: /tmp From 6da670fad78166793e7edb75199e133789e0eeae Mon Sep 17 00:00:00 2001 From: Yong Zheng Date: Thu, 15 Aug 2024 23:42:44 -0500 Subject: [PATCH 26/38] Mionr text change --- helm/polaris/README.md | 2 +- helm/polaris/README.md.gotmpl | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/helm/polaris/README.md b/helm/polaris/README.md index 9d5839213..5a8384d36 100644 --- a/helm/polaris/README.md +++ b/helm/polaris/README.md @@ -26,7 +26,7 @@ A Helm chart for Polaris. When using custom `persistence.xml`, you will need to create a K8S Secret for `.persistenceConfigSecret`. Here is a sample instruction: ```bash -kubectl create secret generic polaris-secret -n polaris-helm --from-file=persistence.xml +kubectl create secret generic polaris-secret -n polaris --from-file=persistence.xml ``` ### From local directory (for development purposes) diff --git a/helm/polaris/README.md.gotmpl b/helm/polaris/README.md.gotmpl index c042b0433..f629c5c8d 100644 --- a/helm/polaris/README.md.gotmpl +++ b/helm/polaris/README.md.gotmpl @@ -32,7 +32,7 @@ When using custom `persistence.xml`, you will need to create a K8S Secret for `.persistenceConfigSecret`. Here is a sample instruction: ```bash -kubectl create secret generic polaris-secret -n polaris-helm --from-file=persistence.xml +kubectl create secret generic polaris-secret -n polaris --from-file=persistence.xml ``` ### From local directory (for development purposes) From 5d713b8cc9fc0131e7cfcdb45ee61d8707491db1 Mon Sep 17 00:00:00 2001 From: Yong Zheng Date: Sat, 17 Aug 2024 13:18:09 -0500 Subject: [PATCH 27/38] Change conf-file path to /eclipselink-config --- helm/polaris/templates/deployment.yaml | 18 +++++++++--------- helm/polaris/templates/job.yaml | 16 ++++++++-------- helm/polaris/values.yaml | 1 + 3 files changed, 18 insertions(+), 17 deletions(-) diff --git a/helm/polaris/templates/deployment.yaml b/helm/polaris/templates/deployment.yaml index 5b1a49c77..f748d5bda 100644 --- a/helm/polaris/templates/deployment.yaml +++ b/helm/polaris/templates/deployment.yaml @@ -26,16 +26,16 @@ spec: {{- tpl (toYaml .Values.podLabels) . | nindent 8 }} {{- end }} spec: - {{- if .Values.persistenceConfigSecret }} + {{- if and .Values.persistenceConfigSecret (index .Values.polarisServerConfig.metaStoreManager "conf-file") }} initContainers: - name: init-config image: "{{ tpl .Values.toolsImage.repository . }}:{{ tpl .Values.toolsImage.tag . }}" imagePullPolicy: {{ tpl .Values.toolsImage.pullPolicy . }} command: ["jar"] - args: ["-cf", "/tmp/conf.jar", "-C", "/secret", "persistence.xml"] + args: ["-cf", "/eclipselink-config/conf.jar", "-C", "/secret", "persistence.xml"] volumeMounts: - - name: tmp-volume - mountPath: /tmp + - name: eclipselink-config-volume + mountPath: /eclipselink-config - name: secret-volume mountPath: /secret {{- end }} @@ -62,9 +62,9 @@ spec: - name: config-volume mountPath: /app/config/polaris-server.yml subPath: polaris-server.yml - {{- if .Values.persistenceConfigSecret }} - - name: tmp-volume - mountPath: /tmp + {{- if and .Values.persistenceConfigSecret (index .Values.polarisServerConfig.metaStoreManager "conf-file") }} + - name: eclipselink-config-volume + mountPath: /eclipselink-config {{- end }} ports: {{- range $portName, $portNumber := .Values.service.ports }} @@ -99,8 +99,8 @@ spec: - name: config-volume configMap: name: {{ include "polaris.fullname" . }} - {{- if .Values.persistenceConfigSecret }} - - name: tmp-volume + {{- if and .Values.persistenceConfigSecret (index .Values.polarisServerConfig.metaStoreManager "conf-file") }} + - name: eclipselink-config-volume emptyDir: {} - name: secret-volume secret: diff --git a/helm/polaris/templates/job.yaml b/helm/polaris/templates/job.yaml index dbb955c2b..355c5c5aa 100644 --- a/helm/polaris/templates/job.yaml +++ b/helm/polaris/templates/job.yaml @@ -24,16 +24,16 @@ spec: {{- tpl (toYaml .Values.podLabels) . | nindent 8 }} {{- end }} spec: - {{- if .Values.persistenceConfigSecret }} + {{- if and .Values.persistenceConfigSecret (index .Values.polarisServerConfig.metaStoreManager "conf-file") }} initContainers: - name: init-config image: "{{ tpl .Values.toolsImage.repository . }}:{{ tpl .Values.toolsImage.tag . }}" imagePullPolicy: {{ tpl .Values.toolsImage.pullPolicy . }} command: ["jar"] - args: ["-cf", "/tmp/conf.jar", "-C", "/secret", "persistence.xml"] + args: ["-cf", "/eclipselink-config/conf.jar", "-C", "/secret", "persistence.xml"] volumeMounts: - - name: tmp-volume - mountPath: /tmp + - name: eclipselink-config-volume + mountPath: /eclipselink-config - name: secret-volume mountPath: /secret {{- end }} @@ -57,8 +57,8 @@ spec: mountPath: /app/config/polaris-server.yml subPath: polaris-server.yml {{- if .Values.persistenceConfigSecret }} - - name: tmp-volume - mountPath: /tmp + - name: eclipselink-config-volume + mountPath: /eclipselink-config {{- end }} resources: {{- tpl (toYaml .Values.resources) . | nindent 12 }} @@ -67,8 +67,8 @@ spec: - name: config-volume configMap: name: {{ include "polaris.fullname" . }} - {{- if .Values.persistenceConfigSecret }} - - name: tmp-volume + {{- if and .Values.persistenceConfigSecret (index .Values.polarisServerConfig.metaStoreManager "conf-file") }} + - name: eclipselink-config-volume emptyDir: {} - name: secret-volume secret: diff --git a/helm/polaris/values.yaml b/helm/polaris/values.yaml index 7598fcba2..fa2504f0d 100644 --- a/helm/polaris/values.yaml +++ b/helm/polaris/values.yaml @@ -292,6 +292,7 @@ polarisServerConfig: type: in-memory # type: eclipse-link # uncomment to use eclipse-link as metastore # persistence-unit: polaris + # conf-file: /eclipselink-config/conf.jar!/persistence.xml # Don't change this value when using custom persistence.xml via '.persistenceConfigSecret' # TODO - avoid duplicating token broker config From 23d6e045fab21b6b43cd289caadb4c93d35507d2 Mon Sep 17 00:00:00 2001 From: Yong Zheng Date: Sun, 18 Aug 2024 00:55:36 -0500 Subject: [PATCH 28/38] Add support to skip bootstrap job --- helm/polaris/README.md | 1 + helm/polaris/templates/job.yaml | 2 +- helm/polaris/values.yaml | 3 +++ 3 files changed, 5 insertions(+), 1 deletion(-) diff --git a/helm/polaris/README.md b/helm/polaris/README.md index 5a8384d36..252b878df 100644 --- a/helm/polaris/README.md +++ b/helm/polaris/README.md @@ -53,6 +53,7 @@ $ helm uninstall --namespace polaris polaris | autoscaling.minReplicas | int | `1` | The minimum number of replicas to maintain. | | autoscaling.targetCPUUtilizationPercentage | int | `80` | Optional; set to zero or empty to disable. | | autoscaling.targetMemoryUtilizationPercentage | string | `nil` | Optional; set to zero or empty to disable. | +| bootstrapMetastoreManager | bool | `false` | Configures whether to enable the bootstrap metastore manager job | | configMapLabels | object | `{}` | Additional Labels to apply to polaris configmap. | | extraEnv | list | `[]` | Advanced configuration via Environment Variables. Extra environment variables to add to the Polaris server container. You can pass here any valid EnvVar object: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#envvar-v1-core This can be useful to get configuration values from Kubernetes secrets or config maps. | | image.pullPolicy | string | `"IfNotPresent"` | The image pull policy. | diff --git a/helm/polaris/templates/job.yaml b/helm/polaris/templates/job.yaml index 355c5c5aa..4db002445 100644 --- a/helm/polaris/templates/job.yaml +++ b/helm/polaris/templates/job.yaml @@ -1,4 +1,4 @@ -{{- if eq .Values.polarisServerConfig.metaStoreManager.type "eclipse-link" }} +{{- if and (.Values.bootstrapMetastoreManager) (eq .Values.polarisServerConfig.metaStoreManager.type "eclipse-link") }} apiVersion: batch/v1 kind: Job metadata: diff --git a/helm/polaris/values.yaml b/helm/polaris/values.yaml index fa2504f0d..c17760f5a 100644 --- a/helm/polaris/values.yaml +++ b/helm/polaris/values.yaml @@ -212,6 +212,9 @@ extraEnv: # name: aws-secret # key: secret_access_key +# -- Configures whether to enable the bootstrap metastore manager job +bootstrapMetastoreManager: false + # -- The secret name to pull persistence.xml from (ensure the key name is 'persistence.xml') persistenceConfigSecret: ~ From f8da0d1e14e9ec84d485b17408fb2dfb2fe3aedc Mon Sep 17 00:00:00 2001 From: Yong Zheng Date: Mon, 19 Aug 2024 13:01:06 -0500 Subject: [PATCH 29/38] Remove unnecessary check on k8s job --- helm/polaris/templates/job.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm/polaris/templates/job.yaml b/helm/polaris/templates/job.yaml index 4db002445..53ecc4727 100644 --- a/helm/polaris/templates/job.yaml +++ b/helm/polaris/templates/job.yaml @@ -1,4 +1,4 @@ -{{- if and (.Values.bootstrapMetastoreManager) (eq .Values.polarisServerConfig.metaStoreManager.type "eclipse-link") }} +{{- if .Values.bootstrapMetastoreManager }} apiVersion: batch/v1 kind: Job metadata: From f9e69c3c5b4640889794e6514b4828e3d629e528 Mon Sep 17 00:00:00 2001 From: Yong Zheng Date: Tue, 20 Aug 2024 22:07:05 -0500 Subject: [PATCH 30/38] Update entrypoint/cmd --- helm/polaris/templates/deployment.yaml | 4 ++-- helm/polaris/templates/job.yaml | 5 ++--- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/helm/polaris/templates/deployment.yaml b/helm/polaris/templates/deployment.yaml index f748d5bda..89ebe15b3 100644 --- a/helm/polaris/templates/deployment.yaml +++ b/helm/polaris/templates/deployment.yaml @@ -52,8 +52,8 @@ spec: {{- tpl (toYaml .Values.securityContext) . | nindent 12 }} image: "{{ tpl .Values.image.repository . }}:{{ tpl .Values.image.tag . | default .Chart.Version }}" imagePullPolicy: {{ tpl .Values.image.pullPolicy . }} - command: ["java"] - args: ["-jar", "/app/polaris-service-1.0.0-all.jar", "server", "/app/config/polaris-server.yml"] + command: ["/app/bin/polaris-service"] + args: ["server", "/app/config/polaris-server.yml"] env: {{- if .Values.extraEnv }} {{- tpl (toYaml .Values.extraEnv) . | nindent 12 }} diff --git a/helm/polaris/templates/job.yaml b/helm/polaris/templates/job.yaml index 53ecc4727..b71d30bca 100644 --- a/helm/polaris/templates/job.yaml +++ b/helm/polaris/templates/job.yaml @@ -10,7 +10,6 @@ metadata: {{- end }} annotations: "helm.sh/hook": post-install - "helm.sh/hook-delete-policy": hook-succeeded spec: template: metadata: @@ -50,8 +49,8 @@ spec: {{- tpl (toYaml .Values.securityContext) . | nindent 12 }} image: "{{ tpl .Values.image.repository . }}:{{ tpl .Values.image.tag . | default .Chart.Version }}" imagePullPolicy: {{ tpl .Values.image.pullPolicy . }} - command: ["java"] - args: ["-jar", "/app/polaris-service-1.0.0-all.jar", "bootstrap", "/app/config/polaris-server.yml"] + command: ["/app/bin/polaris-service"] + args: ["bootstrap", "/app/config/polaris-server.yml"] volumeMounts: - name: config-volume mountPath: /app/config/polaris-server.yml From d8af4106e038992b979b561cc6e16d775495e1e2 Mon Sep 17 00:00:00 2001 From: Yong Zheng Date: Wed, 21 Aug 2024 15:33:19 -0500 Subject: [PATCH 31/38] Minor text change --- helm/polaris/README.md | 2 +- helm/polaris/values.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/helm/polaris/README.md b/helm/polaris/README.md index 252b878df..7a8b38187 100644 --- a/helm/polaris/README.md +++ b/helm/polaris/README.md @@ -48,7 +48,7 @@ $ helm uninstall --namespace polaris polaris | Key | Type | Default | Description | |-----|------|---------|-------------| | affinity | object | `{}` | Affinity and anti-affinity for polaris pods. See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. | -| autoscaling.enabled | bool | `false` | Specifies whether automatic horizontal scaling should be enabled. Do not enable this when using ROCKSDB version store type. | +| autoscaling.enabled | bool | `false` | Specifies whether automatic horizontal scaling should be enabled. Do not enable this when using in-memory version store type. | | autoscaling.maxReplicas | int | `3` | The maximum number of replicas to maintain. | | autoscaling.minReplicas | int | `1` | The minimum number of replicas to maintain. | | autoscaling.targetCPUUtilizationPercentage | int | `80` | Optional; set to zero or empty to disable. | diff --git a/helm/polaris/values.yaml b/helm/polaris/values.yaml index c17760f5a..60ed7255d 100644 --- a/helm/polaris/values.yaml +++ b/helm/polaris/values.yaml @@ -128,7 +128,7 @@ resources: autoscaling: # -- Specifies whether automatic horizontal scaling should be enabled. - # Do not enable this when using ROCKSDB version store type. + # Do not enable this when using in-memory version store type. enabled: false # -- The minimum number of replicas to maintain. minReplicas: 1 From 0f0b558501cbfa1cad6145018ca1461ef0fc9091 Mon Sep 17 00:00:00 2001 From: Yong Zheng Date: Wed, 21 Aug 2024 23:44:31 -0500 Subject: [PATCH 32/38] Minor text change --- helm/polaris/README.md | 2 +- helm/polaris/values.yaml | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/helm/polaris/README.md b/helm/polaris/README.md index 7a8b38187..4cd423332 100644 --- a/helm/polaris/README.md +++ b/helm/polaris/README.md @@ -88,7 +88,7 @@ $ helm uninstall --namespace polaris polaris | resources | object | `{}` | Configures the resources requests and limits for polaris pods. We usually recommend not to specify default resources and to leave this as a conscious choice for the user. This also increases chances charts run on environments with little resources, such as Minikube. If you do want to specify resources, uncomment the following lines, adjust them as necessary, and remove the curly braces after 'resources:'. | | securityContext | object | `{}` | Security context for the polaris container. See https://kubernetes.io/docs/tasks/configure-pod-container/security-context/. | | service.annotations | object | `{}` | Annotations to add to the service. | -| service.ports | object | `{"polaris-metrics":8182,"polaris-service":8181}` | The ports the service will listen on. Two ports are required: one for the Polaris service and one for the metrics API. Other ports can be declared as needed. The metrics port is handled differently from other ports as a dedicated headless service is created for it. Note: port names must be unique and no more than 15 characters long. | +| service.ports | object | `{"polaris-metrics":8182,"polaris-service":8181}` | The ports the service will listen on. Two ports are required: one for the Polaris service and one for the metrics API. Note: port names must be unique and no more than 15 characters long. | | service.sessionAffinity | string | `"None"` | The session affinity for the service. Valid values are: None, ClientIP. ClientIP enables sticky sessions based on the client's IP address. This is generally beneficial to Polaris deployments, but some testing may be required in order to make sure that the load is distributed evenly among the pods. Also, this setting affects only internal clients, not external ones. If Ingress is enabled, it is recommended to set sessionAffinity to None. | | service.type | string | `"ClusterIP"` | The type of service to create. | | serviceAccount.annotations | object | `{}` | Annotations to add to the service account. | diff --git a/helm/polaris/values.yaml b/helm/polaris/values.yaml index 60ed7255d..56678a66a 100644 --- a/helm/polaris/values.yaml +++ b/helm/polaris/values.yaml @@ -66,8 +66,7 @@ service: # -- The type of service to create. type: ClusterIP # -- The ports the service will listen on. Two ports are required: one for the Polaris service and - # one for the metrics API. Other ports can be declared as needed. The metrics port is - # handled differently from other ports as a dedicated headless service is created for it. + # one for the metrics API. # Note: port names must be unique and no more than 15 characters long. ports: # polaris-server: The port the Polaris server listens on for API requests. From 537f6342f576a0fa8f45765394d03d780356be81 Mon Sep 17 00:00:00 2001 From: Yong Zheng Date: Sun, 25 Aug 2024 11:43:04 -0500 Subject: [PATCH 33/38] Update license header --- helm/polaris/.helmignore | 25 ++++++++++++++----------- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/helm/polaris/.helmignore b/helm/polaris/.helmignore index 1a9e6a15b..809fca806 100644 --- a/helm/polaris/.helmignore +++ b/helm/polaris/.helmignore @@ -1,17 +1,20 @@ # -# Copyright (c) 2024 Snowflake Computing Inc. +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at # -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 # -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. # # Patterns to ignore when building packages. From e98e37957ac0bbe5c6e388da9e1aa19856c0cd68 Mon Sep 17 00:00:00 2001 From: Yong Zheng Date: Mon, 26 Aug 2024 19:53:09 -0500 Subject: [PATCH 34/38] Add license header --- helm/polaris/Chart.yaml | 19 +++++++++++++++++++ helm/polaris/README.md | 19 +++++++++++++++++++ helm/polaris/README.md.gotmpl | 19 +++++++++++++++++++ helm/polaris/templates/_helpers.tpl | 19 +++++++++++++++++++ helm/polaris/templates/configmap.yaml | 19 +++++++++++++++++++ helm/polaris/templates/deployment.yaml | 19 +++++++++++++++++++ helm/polaris/templates/hpa.yaml | 19 +++++++++++++++++++ helm/polaris/templates/ingress.yaml | 19 +++++++++++++++++++ helm/polaris/templates/job.yaml | 19 +++++++++++++++++++ helm/polaris/templates/service.yaml | 19 +++++++++++++++++++ helm/polaris/templates/serviceaccount.yaml | 19 +++++++++++++++++++ .../templates/tests/test-connection.yaml | 19 +++++++++++++++++++ helm/polaris/values.yaml | 19 +++++++++++++++++++ 13 files changed, 247 insertions(+) diff --git a/helm/polaris/Chart.yaml b/helm/polaris/Chart.yaml index be93215c7..50c69a145 100644 --- a/helm/polaris/Chart.yaml +++ b/helm/polaris/Chart.yaml @@ -1,3 +1,22 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# + apiVersion: v2 name: polaris description: A Helm chart for Polaris diff --git a/helm/polaris/README.md b/helm/polaris/README.md index 4cd423332..676e6d70c 100644 --- a/helm/polaris/README.md +++ b/helm/polaris/README.md @@ -1,3 +1,22 @@ + + +