Changes for page XWiki (Helm)

Last modified by Itzhak Daniel on 2024/04/29 16:35

From version 14.1
edited by Itzhak Daniel
on 2024/04/29 00:25
Change comment: Uploaded new attachment "values.yaml", version 1.1
To version 21.1
edited by Itzhak Daniel
on 2024/04/29 01:50
Change comment: Uploaded new attachment "values.yaml", version 1.2

Summary

Details

Page properties
Content
... ... @@ -12,7 +12,7 @@
12 12  
13 13  == Background ==
14 14  
15 -[[Behemoth LTD>>https://www.behemoth.co.il/]] was in a search for a 'knowledge base' software, a central place to collect and collaborate on documents which hold information, instructions, guide, etc. The requirement was simple, it required to be able to run on Kubernetes without too much customization, building, testing and other complex CI/CD prerequisite.
15 +[[Behemoth LTD>>https://www.behemoth.co.il/]] was in a search for a 'knowledge base' software, a central place to collect and collaborate on documents which hold information, instructions, guides, etc. The requirement was simple, can run on Kubernetes without too much customization, building, testing and other complex CI/CD prerequisite.
16 16  
17 17  Things may change in the future, as Kubernetes becomes the de-facto way to run Apps, so do some homework before continuing, [[Awesome Selfhosted>>https://github.com/awesome-selfhosted/awesome-selfhosted#wikis]].
18 18  
... ... @@ -41,7 +41,7 @@
41 41  
42 42  At the beginning we tried to avoid making any custom changes to the images in question (XWiki and Bitnami's MySQL). But XWiki running as root, didn't fly. So we had to create a custom image with minor changes to enable it to run as a unprivileged uid/gid: 30001.
43 43  
44 -=== Building and Publish ===
44 +=== Build and Publish ===
45 45  
46 46  You will need to perform the following actions:
47 47  
... ... @@ -49,7 +49,7 @@
49 49  git clone --depth 1 --branch master https://github.com/xwiki/xwiki-docker.git
50 50  {{/code}}
51 51  
52 -Once you have the repo locally, modify the //Dockerfile// as shown below:
52 +Once you have the repo locally, modify the [[//Dockerfile//>>attach:Dockerfile]] as shown below:
53 53  
54 54  {{code language="git" title="# Diff"}}
55 55  @@ -89,6 +89,11 @@ COPY xwiki/docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
... ... @@ -71,15 +71,15 @@
71 71  
72 72  {{code language="sh" layout="LINENUMBERS" title="# Docker"}}
73 73  cd ./16/mysql-tomcat/
74 -docker build -t behemothil/xwiki-mysql-tomcat-nonroot:16.2.0-2 .
74 +docker build -t behemothil/xwiki-mysql-tomcat-nonroot:16.2.0-3 .
75 75  docker login
76 -docker push behemothil/xwiki-mysql-tomcat-nonroot:16.2.0-2
76 +docker push behemothil/xwiki-mysql-tomcat-nonroot:16.2.0-3
77 77  {{/code}}
78 78  
79 79  {{code language="sh" layout="LINENUMBERS" title="# Podman"}}
80 80  cd ./16/mysql-tomcat/
81 -buildah build -f Dockerfile -t behemothil/xwiki-mysql-tomcat-nonroot:16.2.0-2
82 -docker push --creds=[Username:[Password]] behemothil/xwiki-mysql-tomcat-nonroot:16.2.0-2
81 +buildah build -f Dockerfile -t behemothil/xwiki-mysql-tomcat-nonroot:16.2.0-3
82 +podman push --creds=[Username:[Password]] behemothil/xwiki-mysql-tomcat-nonroot:16.2.0-3
83 83  {{/code}}
84 84  
85 85  === Deploy ===
... ... @@ -86,7 +86,7 @@
86 86  
87 87  We're going to deploy XWiki as a [[statefulset>>https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/]] using [[Helm>>https://helm.sh/]], the Database (MySQL) and the App, each will have a volume to store their information. As I mentioned, in our case, we need to perform several additional steps.
88 88  
89 -After the path/loop devices were created, create the PVs (only if your cluster doesn't know how to provision storage for itself):
89 +After the path/loop devices were created, create the [[PVs>>attach:pv_storage.yaml]] (only if your cluster doesn't know how to provision storage for itself):
90 90  
91 91  {{code language="sh" layout="LINENUMBERS" title="# kubectl stdin"}}
92 92  kubectl create -f - <<EOF
... ... @@ -166,7 +166,7 @@
166 166  
167 167  You can download our example from the attachment area.
168 168  
169 -Once you have your custom //values.yaml// file, deploy the app with Helm:
169 +Once you have your custom [[//values.yaml//>>attach:values.yaml]] file, deploy the app with Helm:
170 170  
171 171  {{code language="sh" layout="LINENUMBERS" title="# Helm install"}}
172 172  helm install --namespace behemoth-wiki --create-namespace \
... ... @@ -174,7 +174,40 @@
174 174   behemoth-xwiki xwiki-helm/xwiki
175 175  {{/code}}
176 176  
177 -
177 +=== Upgrade ===
178 +
179 +To upgrade XWiki, you should read the content in [[XWiki official Helm pages regarding upgrades>>https://extensions.xwiki.org/xwiki/bin/view/Extension/XWikiHelm/#HUpgrading]].
180 +
181 +Theoretically, if there aren't any breaking changes or prerequisites, you can run:
182 +
183 +{{code language="sh" layout="LINENUMBERS" title="# Helm upgrade"}}
184 +helm upgrade --namespace behemoth-wiki \
185 + --values values.yaml \
186 + behemoth-xwiki xwiki-helm/xwiki
187 +
188 +{{/code}}
189 +
190 +=== Uninstall ===
191 +
192 +To fully remove XWiki, use the following commands:
193 +
194 +{{code language="sh" layout="LINENUMBERS" title="# Uninstalling"}}
195 +helm uninstall --namespace behemoth-wiki behemoth-xwiki
196 +kubectl -n behemoth-wiki delete pvc/data-behemoth-xwiki-mysql-0
197 +kubectl -n behemoth-wiki delete pvc/xwiki-data-behemoth-xwiki-0
198 +kubectl delete -f pv_storage.yaml
199 +kubectl delete namespace behemoth-wiki
200 +{{/code}}
201 +
202 +This will uninstall the chart, delete the PVCs, delete the PVs and lastly, delete the namespace.
203 +
204 +== Links ==
205 +
206 +1. [[XWiki - Extensions - Helm>>https://extensions.xwiki.org/xwiki/bin/view/Extension/XWikiHelm/]]
207 +1. [[Github - XWiki Contrib - Helm Charts>>https://github.com/xwiki-contrib/xwiki-helm]]
208 +1. [[Github - XWiki - Docker>>https://github.com/xwiki/xwiki-docker/]]
209 +1. [[Docker Hub - XWiki - Official>>https://hub.docker.com/_/xwiki]]
210 +1. [[Docker Hub - Behemoth LTD - Custom XWiki Non-root Image>>https://hub.docker.com/r/behemothil/xwiki-mysql-tomcat-nonroot]]
178 178  )))
179 179  
180 180  (% class="col-xs-12 col-sm-4" %)
Dockerfile
Size
... ... @@ -1,1 +1,1 @@
1 -6730
1 +6722
Content
... ... @@ -91,7 +91,7 @@
91 91  
92 92  # Added by Behemoth LTD - Apr 28th, 2024
93 93  # Fixing permissions error when using non-root user/group (30001:30001) to start the app
94 -RUN chown -R 30001:30001 /usr/local/tomcat/webapps
94 +RUN chown -R 30001:30001 /usr/local/tomcat
95 95  USER 30001:30001
96 96  
97 97  # At this point the image is done and what remains below are the runtime configuration used by the user to configure
values.yaml
Size
... ... @@ -1,1 +1,1 @@
1 -4.1 KB
1 +5.5 KB
Content
... ... @@ -1,3 +1,6 @@
1 +# Default values for node.
2 +# This is a YAML-formatted file.
3 +# Declare variables to be passed into your templates.
1 1  cluster:
2 2   enabled: false
3 3  
... ... @@ -4,8 +4,11 @@
4 4  image:
5 5   name: xwiki
6 6   pullPolicy: IfNotPresent
10 +## Image Tag useful when externalDB is been used
11 +## https://hub.docker.com/_/xwiki
7 7   name: "behemothil/xwiki-mysql-tomcat-nonroot"
8 - tag: "16.2.0-1"
13 + tag: "16.2.0-2"
14 +# tag: '16.2.0-mysql-tomcat'
9 9  service:
10 10   portName: node
11 11   name: http
... ... @@ -12,7 +12,11 @@
12 12   type: ClusterIP
13 13   externalPort: 80
14 14   internalPort: 8080
21 + # Set an array of externalIPs for the service
15 15   externalIPs: []
23 + # - 10.20.30.40
24 + # - 10.20.30.41
25 + # Reference: https://kubernetes.io/docs/reference/networking/virtual-ips/#session-affinity
16 16   sessionAffinity: ClientIP
17 17  resources:
18 18   limits:
... ... @@ -26,6 +26,7 @@
26 26   - -Xms1024m
27 27   - -Xmx6000m
28 28  
39 +# Enable to choose witch kind of workload will be used: (true) StatefulSet or (false) for Deployment
29 29  workloadStateful: true
30 30  
31 31  securityContext:
... ... @@ -54,20 +54,36 @@
54 54   type: "RuntimeDefault"
55 55   enabled: true
56 56  
68 +##
69 +## MySql chart configuration
70 +##
71 +## https://github.com/bitnami/charts/tree/main/bitnami/mysql
72 +##
57 57  mysql:
74 + ## Whether to deploy a mysql server. Set false for a different database.
58 58   enabled: true
59 59   image:
60 60   tag: "8.0-debian-12"
61 61   pullPolicy: "IfNotPresent"
62 62   auth:
63 - rootPassword: "ROOT_PASSWORD_CHANGEME !!!"
64 - username: "USERNAME_CHANGEME !!!"
65 - password: "USER_PASSWORD_CHANGEME !!!"
66 - database: "DB_NAME_CHANGEME !!!"
80 + rootPassword: "Wxv11dZmzw4YIozxj1"
81 + username: "xwiki"
82 + password: "3N5NBYnb5VQfDA2gde"
83 + database: "xwiki"
67 67   initdbScripts:
68 68   00-init.sql: |
69 69   grant all privileges on *.* to xwiki@'%'
70 70   primary:
88 + # initContainers:
89 + # - name: "fix-non-root-permissions"
90 + # image: "busybox"
91 + # imagePullPolicy: "IfNotPresent"
92 + # command: [ "chown", "-R", "30001:30001", "/opt/bitnami" ]
93 + # volumeMounts:
94 + # - name: conf
95 + # mountPath: /opt/bitnami
96 + # Changed to use UTF8mb4, check future versions if this was already changed.
97 + # TODO: review explicit_defaults_for_timestamp
71 71   configuration: |-
72 72   [mysqld]
73 73   default_authentication_plugin=mysql_native_password
... ... @@ -118,12 +118,25 @@
118 118   seccompProfile:
119 119   type: "RuntimeDefault"
120 120  
148 +mariadb:
149 + enabled: false
150 +
151 +postgresql:
152 + enabled: false
153 +
154 +solr:
155 + enabled: false
156 +
157 +# To use ingress for routing set ingress.enabled value to true and istio.enabled value to false
121 121  ingress:
122 122   enabled: true
123 123   className: nginx
124 124   annotations:
125 125   kubernetes.io/ingress.class: nginx
163 +# nginx.ingress.kubernetes.io/whitelist-source-range: "152.67.64.124/32, 178.255.149.139/32"
126 126   cert-manager.io/cluster-issuer: letsencrypt-prod
165 + # kubernetes.io/tls-acme: "true"
166 + # ingress.kubernetes.io/rewrite-target: /
127 127   hosts:
128 128   - host: wiki.behemoth.co.il
129 129   paths:
... ... @@ -134,6 +134,9 @@
134 134   hosts:
135 135   - wiki.behemoth.co.il
136 136  
177 +istio:
178 + enabled: false
179 +
137 137  persistence:
138 138   enabled: true
139 139   storageClass: "behemoth-xwiki-www"
... ... @@ -141,6 +141,19 @@
141 141   - ReadWriteOnce
142 142   size: "5Gi"
143 143  
187 +podDisruptionBudget:
188 + enabled: false
189 +
190 +glowroot:
191 + enabled: false
192 +
193 +logback:
194 + enabled: false
195 +
196 +autoscaling:
197 + enabled: false
198 +
199 +# Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/
144 144  probes:
145 145   startup:
146 146   enabled: true
... ... @@ -160,6 +160,7 @@
160 160   initialDelaySeconds: 30
161 161   timeoutSeconds: 3
162 162   periodSeconds: 30
219 + # 5 minutes
163 163   failureThreshold: 10
164 164   successThreshold: 1
165 165   readiness:
... ... @@ -170,9 +170,13 @@
170 170   initialDelaySeconds: 30
171 171   timeoutSeconds: 3
172 172   periodSeconds: 30
230 + # 5 minutes
173 173   failureThreshold: 10
174 174   successThreshold: 1
175 175  
234 +infinispan:
235 + enabled: false
236 +
176 176  prometheus:
177 177   javaagent:
178 178   # https://github.com/prometheus/jmx_exporter
... ... @@ -179,23 +179,3 @@
179 179   # Enable to download and use this agent
180 180   enabled: true
181 181  
182 -podDisruptionBudget:
183 - enabled: false
184 -
185 -solr:
186 - enabled: false
187 -istio:
188 - enabled: false
189 -
190 -glowroot:
191 - enabled: false
192 -
193 -logback:
194 - enabled: false
195 -
196 -autoscaling:
197 - enabled: false
198 -
199 -infinispan:
200 - enabled: false
201 -