From 9bb0855939f58c685dab657bbcf40d59d3bc2ca5 Mon Sep 17 00:00:00 2001 From: Ultradesu Date: Wed, 4 Feb 2026 14:34:08 +0200 Subject: [PATCH] Added YaCy chart --- yacy/.helmignore | 30 ++ yacy/Chart.yaml | 24 ++ yacy/README.md | 466 +++++++++++++++++++++++++++++ yacy/templates/NOTES.txt | 76 +++++ yacy/templates/_helpers.tpl | 62 ++++ yacy/templates/configmap.yaml | 11 + yacy/templates/deployment.yaml | 122 ++++++++ yacy/templates/hpa.yaml | 32 ++ yacy/templates/ingress.yaml | 61 ++++ yacy/templates/networkpolicy.yaml | 26 ++ yacy/templates/pdb.yaml | 13 + yacy/templates/pvc.yaml | 25 ++ yacy/templates/secret.yaml | 13 + yacy/templates/service.yaml | 19 ++ yacy/templates/serviceaccount.yaml | 12 + yacy/templates/servicemonitor.yaml | 26 ++ yacy/values.yaml | 176 +++++++++++ 17 files changed, 1194 insertions(+) create mode 100644 yacy/.helmignore create mode 100644 yacy/Chart.yaml create mode 100644 yacy/README.md create mode 100644 yacy/templates/NOTES.txt create mode 100644 yacy/templates/_helpers.tpl create mode 100644 yacy/templates/configmap.yaml create mode 100644 yacy/templates/deployment.yaml create mode 100644 yacy/templates/hpa.yaml create mode 100644 yacy/templates/ingress.yaml create mode 100644 yacy/templates/networkpolicy.yaml create mode 100644 yacy/templates/pdb.yaml create mode 100644 yacy/templates/pvc.yaml create mode 100644 yacy/templates/secret.yaml create mode 100644 yacy/templates/service.yaml create mode 100644 yacy/templates/serviceaccount.yaml create mode 100644 yacy/templates/servicemonitor.yaml create mode 100644 yacy/values.yaml diff --git a/yacy/.helmignore b/yacy/.helmignore new file mode 100644 index 0000000..d122e93 --- /dev/null +++ b/yacy/.helmignore @@ -0,0 +1,30 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ +# Development/testing files +*.tgz +*.lock +# CI/CD files +.circleci/ +.github/ +.travis.yml \ No newline at end of file diff --git a/yacy/Chart.yaml b/yacy/Chart.yaml new file mode 100644 index 0000000..0b970a1 --- /dev/null +++ b/yacy/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: yacy +description: A Helm chart for YaCy - a distributed peer-to-peer search engine +type: application +version: 0.1.0 +appVersion: "1.930" +icon: https://yacy.net/images/yacy-logo.png +home: https://yacy.net/ +sources: + - https://github.com/yacy/yacy_search_server + - https://hub.docker.com/r/yacy/yacy_search_server +keywords: + - search + - search-engine + - distributed + - p2p + - web-crawler + - intranet-search + - indexing +maintainers: + - name: YaCy Community + url: https://community.searchlab.eu +annotations: + artifacthub.io/license: GPL-2.0-or-later \ No newline at end of file diff --git a/yacy/README.md b/yacy/README.md new file mode 100644 index 0000000..d85e8b3 --- /dev/null +++ b/yacy/README.md @@ -0,0 +1,466 @@ +# YaCy Helm Chart + +

+ YaCy Logo +

+ +This Helm chart deploys [YaCy](https://yacy.net/) - a distributed peer-to-peer search engine - on Kubernetes. + +## Introduction + +YaCy is a free, distributed search engine that can operate in two primary modes: +- **P2P Network Mode**: Connect to the global YaCy network to share search results +- **Standalone/Intranet Mode**: Run as an independent instance for private document indexing + +This Helm chart simplifies deployment and management of YaCy in a Kubernetes environment, with support for various configurations and deployment scenarios. + +## Prerequisites + +- Kubernetes 1.12+ +- Helm 3.0+ +- PV provisioner support in the underlying infrastructure (for persistence) + +## Installation + +### Prerequisites Check + +Before installing, ensure your Kubernetes cluster meets the requirements: + +```bash +# Check Kubernetes version (requires 1.12+) +kubectl version --short + +# Verify Helm is installed (requires 3.0+) +helm version + +# Check for default StorageClass (for persistence) +kubectl get storageclass +``` + +### Install from Local Chart + +```bash +# Navigate to the Helm chart directory +cd charts/yacy + +# Install with default values +helm install my-yacy . + +# OR install with custom values file +helm install my-yacy . -f my-values.yaml + +# OR override specific values +helm install my-yacy . \ + --set service.type=NodePort \ + --set yacy.adminPassword=mysecurepassword \ + --set persistence.size=20Gi +``` + +### Install from Repository (Future) + +Once this chart is published to a Helm repository, you'll be able to install it with: + +```bash +# Add the repository +helm repo add yacy https://yacy.github.io/helm-charts/ +helm repo update + +# Install the chart +helm install my-yacy yacy/yacy +``` + +### Verifying Installation + +```bash +# Check if the pod is running +kubectl get pods -l "app.kubernetes.io/instance=my-yacy" + +# See the deployed service +kubectl get svc -l "app.kubernetes.io/instance=my-yacy" + +# Read installation notes +helm status my-yacy +``` + +## Uninstalling the Chart + +To uninstall/delete the `my-yacy` deployment: + +```bash +helm uninstall my-yacy +``` + +## Parameters + +### Common parameters + +| Name | Description | Value | +|---------------------|----------------------------------------------------|--------| +| `replicaCount` | Number of YaCy replicas | `1` | +| `nameOverride` | String to partially override yacy.fullname template | `""` | +| `fullnameOverride` | String to fully override yacy.fullname template | `""` | + +### YaCy Image parameters + +| Name | Description | Value | +|-------------------------|------------------------------------------------|------------------------| +| `image.useLocal` | Use locally built image instead of repository | `true` | +| `image.localRepository` | Local image name when useLocal is true | `yacy_search_server` | +| `image.localTag` | Local image tag when useLocal is true | `local` | +| `image.repository` | YaCy image repository when useLocal is false | `yacy/yacy_search_server` | +| `image.tag` | YaCy image tag when useLocal is false | `1.930` | +| `image.pullPolicy` | YaCy image pull policy when useLocal is false | `IfNotPresent` | +| `imagePullSecrets` | Specify docker-registry secret names | `[]` | + +### Architecture-specific images + +| Name | Description | Value | +|---------------------|----------------------------------------------------|------------------------| +| `arch.amd64` | Tag for AMD64 architecture | `latest` | +| `arch.arm64` | Tag for ARM64 architecture | `aarch64-latest` | +| `arch.arm` | Tag for ARM architecture | `armv7-latest` | + +### YaCy configuration parameters + +| Name | Description | Value | +|---------------------------|----------------------------------------------|-----------| +| `env` | YaCy environment variables | `{}` | +| `yacy.adminPassword` | YaCy admin password | `"yacy"` | +| `yacy.settings.maxMemory` | Maximum memory allocation for YaCy | `"600m"` | +| `yacy.settings.joinP2PNetwork` | Whether to join the YaCy P2P network | `true` | + +### Persistence Parameters + +| Name | Description | Value | +|----------------------------|-------------------------------------------------|---------------| +| `persistence.enabled` | Enable persistence using PVC | `true` | +| `persistence.existingClaim`| Use an existing PVC to persist data | `""` | +| `persistence.storageClass` | Storage class of backing PVC | `""` | +| `persistence.accessMode` | PVC Access Mode | `ReadWriteOnce` | +| `persistence.size` | Size of data volume | `10Gi` | +| `persistence.annotations` | Additional annotations for the PVC | `{}` | + +### Exposure Parameters + +| Name | Description | Value | +|----------------------------|-------------------------------------------------|---------------| +| `service.type` | Kubernetes Service type | `ClusterIP` | +| `service.httpPort` | HTTP Service port | `8090` | +| `service.httpsPort` | HTTPS Service port | `8443` | +| `ingress.enabled` | Enable ingress controller resource | `false` | +| `ingress.className` | IngressClass that will be used | `""` | +| `ingress.hosts[0].host` | Default host for the ingress resource | `yacy.local` | +| `ingress.hosts[0].paths` | Paths for the default host | `[{"path":"/","pathType":"Prefix"}]` | +| `ingress.tls` | TLS configuration | `[]` | + +### Other Parameters + +| Name | Description | Value | +|----------------------------|-------------------------------------------------|---------------| +| `resources` | CPU/Memory resource requests/limits | `{}` | +| `nodeSelector` | Node labels for pod assignment | `{}` | +| `tolerations` | Tolerations for pod assignment | `[]` | +| `affinity` | Affinity for pod assignment | `{}` | + +## Building and Publishing Images + +YaCy can be deployed using either a locally built Docker image or an official image from Docker Hub. + +### Option 1: Using Official Images from Docker Hub + +The simplest approach is to use the official YaCy images: + +```yaml +# values.yaml +image: + useLocal: false + repository: yacy/yacy_search_server + tag: latest # or specific version like "1.930" + pullPolicy: IfNotPresent +``` + +### Option 2: Building Custom Images + +For custom builds or development, you can build your own images: + +#### Setting up a Local Docker Registry + +1. **Start a local Docker registry**: + + ```bash + docker run -d -p 5000:5000 --restart=always --name registry registry:2 + ``` + +2. **Build the YaCy Docker image**: + + ```bash + # The Dockerfiles are in the ./docker/ directory of the YaCy project + cd docker + + # Build for your platform (x86_64/amd64) + docker build -t localhost:5000/yacy/yacy_search_server:latest -f Dockerfile ../ + + # Push to local registry + docker push localhost:5000/yacy/yacy_search_server:latest + ``` + +3. **For multi-architecture support** (optional): + + ```bash + # ARM64 architecture + docker build -t localhost:5000/yacy/yacy_search_server:aarch64-latest -f Dockerfile.aarch64 ../ + docker push localhost:5000/yacy/yacy_search_server:aarch64-latest + + # ARMv7 architecture + docker build -t localhost:5000/yacy/yacy_search_server:armv7-latest -f Dockerfile.armv7 ../ + docker push localhost:5000/yacy/yacy_search_server:armv7-latest + ``` + +4. **Create a custom values file** (e.g., `local-registry-values.yaml`): + + ```yaml + image: + useLocal: false + repository: localhost:5000/yacy/yacy_search_server + tag: latest + pullPolicy: Always + ``` + +5. **Install with your custom values**: + + ```bash + helm install my-yacy ./charts/yacy -f local-registry-values.yaml + ``` + +6. **For external Kubernetes clusters**, add registry credentials: + + ```bash + # Create a Docker registry secret + kubectl create secret docker-registry regcred \ + --docker-server=localhost:5000 \ + --docker-username= \ + --docker-password= + + # Add to your values file + imagePullSecrets: + - name: regcred + ``` + +## Deployment Examples + +### Quick Start: Using a locally built image + +```bash +# 1. Build the local image (from YaCy source directory) +cd docker +docker build -t yacy_search_server:local -f Dockerfile ../ + +# 2. Install the chart +helm install my-yacy ./charts/yacy +``` + +### Common Configuration Examples + +#### Deployment Scenarios + +##### 1. Public YaCy Node (P2P Network) + +```yaml +# values.yaml +yacy: + settings: + joinP2PNetwork: true + maxMemory: "1500m" + adminPassword: "secure-password-here" + +persistence: + enabled: true + size: 20Gi +``` + +##### 2. Private Intranet Search Engine + +```yaml +# values.yaml +yacy: + settings: + joinP2PNetwork: false # Standalone mode + maxMemory: "2000m" + adminPassword: "secure-password-here" + + # Optional: Add intranet crawler configuration + configFile: | + network.unit.agent=CompanySearchEngine + network.unit.description=Internal Document Search + crawler.http.maxDepth=5 + +persistence: + enabled: true + size: 50Gi +``` + +#### Exposure Options + +##### 1. Basic ClusterIP (default) + +```yaml +service: + type: ClusterIP +``` + +##### 2. NodePort for simple external access + +```yaml +service: + type: NodePort +``` + +##### 3. Ingress with TLS + +```yaml +ingress: + enabled: true + className: nginx + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + hosts: + - host: search.example.com + paths: + - path: / + pathType: Prefix + tls: + - secretName: yacy-tls + hosts: + - search.example.com +``` + +#### Resource Allocation + +```yaml +# Recommended for production use +resources: + limits: + cpu: 2000m + memory: 2Gi + requests: + cpu: 1000m + memory: 1Gi + +# Set YaCy memory to ~75% of container limit +yacy: + settings: + maxMemory: "1500m" +``` + +#### Architecture-Specific Deployments + +##### ARM64/aarch64 Deployment + +```yaml +image: + useLocal: false + repository: yacy/yacy_search_server + tag: aarch64-latest +``` + +##### ARMv7 Deployment + +```yaml +image: + useLocal: false + repository: yacy/yacy_search_server + tag: armv7-latest +``` + +## Management + +### Backup and Restore + +YaCy's data is stored in `/opt/yacy_search_server/DATA` and persisted to a PVC when `persistence.enabled=true`. + +#### Backup YaCy Data + +```bash +# 1. Find the pod name +POD_NAME=$(kubectl get pods -l "app.kubernetes.io/instance=my-yacy" -o jsonpath="{.items[0].metadata.name}") + +# 2. Create a backup (two methods) +# Option A: Direct backup to local machine +kubectl exec $POD_NAME -- tar -cf - /opt/yacy_search_server/DATA | gzip > yacy-backup-$(date +%Y%m%d).tar.gz + +# Option B: Backup within pod first (if pod has sufficient storage) +kubectl exec $POD_NAME -- bash -c "cd /opt && tar -czf /tmp/yacy-backup.tar.gz yacy_search_server/DATA" +kubectl cp $POD_NAME:/tmp/yacy-backup.tar.gz ./yacy-backup-$(date +%Y%m%d).tar.gz +``` + +#### Restore YaCy Data + +```bash +# First, stop YaCy gracefully (important for index integrity) +POD_NAME=$(kubectl get pods -l "app.kubernetes.io/instance=my-yacy" -o jsonpath="{.items[0].metadata.name}") +kubectl exec $POD_NAME -- /opt/yacy_search_server/stopYACY.sh + +# Wait for YaCy to fully shut down +sleep 15 + +# Restore from backup +cat yacy-backup.tar.gz | kubectl exec -i $POD_NAME -- bash -c "cd /opt && rm -rf yacy_search_server/DATA/* && tar -xzf -" + +# Restart the pod +kubectl delete pod $POD_NAME +``` + +### Troubleshooting + +#### Verify Deployment Status + +```bash +# Check if pods are running +kubectl get pods -l "app.kubernetes.io/instance=my-yacy" + +# Verify services +kubectl get svc -l "app.kubernetes.io/instance=my-yacy" + +# Check persistent volume claims +kubectl get pvc -l "app.kubernetes.io/instance=my-yacy" +``` + +#### Check Logs + +```bash +# Follow logs from the YaCy pod +POD_NAME=$(kubectl get pods -l "app.kubernetes.io/instance=my-yacy" -o jsonpath="{.items[0].metadata.name}") +kubectl logs -f $POD_NAME + +# View YaCy application logs directly +kubectl exec $POD_NAME -- cat /opt/yacy_search_server/DATA/LOG/yacy00.log +``` + +#### Common Issues + +1. **YaCy pod crashes immediately**: Check memory settings - container's memory limit should be higher than `yacy.settings.maxMemory` + +2. **Can't access YaCy UI**: Verify the service is correctly exposed; try port-forwarding for quick access: + ```bash + kubectl port-forward svc/my-yacy 8090:8090 + ``` + +3. **Slow crawling/indexing**: Increase resource limits and YaCy's memory allocation + +4. **Persistence issues**: Check that the PVC is correctly bound and has sufficient space: + ```bash + kubectl get pvc + kubectl describe pvc my-yacy-data + ``` + +## Contributing + +Contributions to improve this chart are welcome! To contribute: + +1. Fork the repository +2. Create your feature branch (`git checkout -b feature/amazing-feature`) +3. Commit your changes (`git commit -m 'Add some amazing feature'`) +4. Push to the branch (`git push origin feature/amazing-feature`) +5. Open a Pull Request + +Please refer to the YaCy project's [contribution guidelines](https://github.com/yacy/yacy_search_server/blob/master/CONTRIBUTING.md) for more information. diff --git a/yacy/templates/NOTES.txt b/yacy/templates/NOTES.txt new file mode 100644 index 0000000..fd95987 --- /dev/null +++ b/yacy/templates/NOTES.txt @@ -0,0 +1,76 @@ +╔════════════════════════════════════════════════════════════════╗ +║ YaCy Search Server Deployed! ║ +╚════════════════════════════════════════════════════════════════╝ + +Thank you for installing {{ .Chart.Name }} v{{ .Chart.Version }}. + +YaCy is a decentralized search engine that can be used for both public P2P search +and private intranet search scenarios. + +GETTING STARTED +============================================================================== + +1. Access YaCy Interface: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "yacy.fullname" . }} + + # Then access: + http://:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + # It may take a few minutes for the LoadBalancer IP to be available + kubectl get --namespace {{ .Release.Namespace }} svc {{ include "yacy.fullname" . }} + + # Then access: + http://:{{ .Values.service.httpPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + # Port forward to access YaCy (for development/testing): + kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ include "yacy.fullname" . }} 8090:{{ .Values.service.httpPort }} + + # Then access: + http://127.0.0.1:8090 +{{- end }} + +2. Login using these credentials: + • Username: admin + • Password: {{ .Values.yacy.adminPassword | default "yacy" }} + IMPORTANT: Change the default password via ConfigAccounts_p.html + +3. Check deployment status: + kubectl get pods -n {{ .Release.Namespace }} -l "app.kubernetes.io/instance={{ .Release.Name }}" + +DATA PERSISTENCE +============================================================================== +{{- if .Values.persistence.enabled }} +• YaCy data is stored in a persistent volume: + - PVC: {{ if .Values.persistence.existingClaim }}{{ .Values.persistence.existingClaim }}{{- else }}{{ include "yacy.fullname" . }}-data{{- end }} + - Size: {{ .Values.persistence.size }} + - Mode: {{ .Values.persistence.accessMode }} +{{- else }} +• WARNING: Persistence is disabled! Data will be lost when pods are terminated. + To enable persistence, set persistence.enabled=true +{{- end }} + +IMPORTANT NOTES +============================================================================== +{{- if eq (.Values.replicaCount | int) 1 }} +• YaCy is running with a single replica. + For production environments, consider enabling: + - Multiple replicas with proper shared storage + - Ingress with TLS + - Resource limits appropriate for your workload +{{- else }} +• YaCy is running with {{ .Values.replicaCount }} replicas. +{{- end }} + +RESOURCES +============================================================================== +• Documentation: https://yacy.net/ +• Community: https://community.searchlab.eu/ +• Support: https://github.com/yacy/yacy_search_server/issues +• Helm Chart README: See charts/README.md \ No newline at end of file diff --git a/yacy/templates/_helpers.tpl b/yacy/templates/_helpers.tpl new file mode 100644 index 0000000..4ee63ad --- /dev/null +++ b/yacy/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "yacy.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "yacy.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "yacy.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "yacy.labels" -}} +helm.sh/chart: {{ include "yacy.chart" . }} +{{ include "yacy.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "yacy.selectorLabels" -}} +app.kubernetes.io/name: {{ include "yacy.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "yacy.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "yacy.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/yacy/templates/configmap.yaml b/yacy/templates/configmap.yaml new file mode 100644 index 0000000..befd4f9 --- /dev/null +++ b/yacy/templates/configmap.yaml @@ -0,0 +1,11 @@ +{{- if .Values.yacy.configFile }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "yacy.fullname" . }}-config + labels: + {{- include "yacy.labels" . | nindent 4 }} +data: + yacy.conf: |- + {{- .Values.yacy.configFile | nindent 4 }} +{{- end }} \ No newline at end of file diff --git a/yacy/templates/deployment.yaml b/yacy/templates/deployment.yaml new file mode 100644 index 0000000..6d31745 --- /dev/null +++ b/yacy/templates/deployment.yaml @@ -0,0 +1,122 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "yacy.fullname" . }} + labels: + {{- include "yacy.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + {{- include "yacy.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "yacy.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "yacy.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + {{- if .Values.image.useLocal }} + image: "{{ .Values.image.localRepository }}:{{ .Values.image.localTag }}" + imagePullPolicy: Never + {{- else }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- end }} + env: + - name: YACY_ADMINACCOUNT_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "yacy.fullname" . }} + key: admin-password + {{- range $key, $value := .Values.env }} + - name: {{ $key }} + value: {{ $value | quote }} + {{- end }} + {{- if .Values.yacy.settings.maxMemory }} + - name: YACY_JAVASTART_XMXMINIT + value: {{ .Values.yacy.settings.maxMemory | quote }} + {{- end }} + {{- if (not .Values.yacy.settings.joinP2PNetwork) }} + - name: YACY_NETWORK_UNIT_INTRANET + value: "true" + {{- end }} + ports: + - name: http + containerPort: 8090 + protocol: TCP + - name: https + containerPort: 8443 + protocol: TCP + startupProbe: + httpGet: + path: / + port: http + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 12 + livenessProbe: + httpGet: + path: /api/status_p.xml + port: http + initialDelaySeconds: 90 + periodSeconds: 20 + timeoutSeconds: 10 + failureThreshold: 6 + readinessProbe: + httpGet: + path: / + port: http + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + resources: + {{- toYaml .Values.resources | nindent 12 }} + volumeMounts: + - name: data + mountPath: /opt/yacy_search_server/DATA + {{- if .Values.yacy.configFile }} + - name: config + mountPath: /opt/yacy_search_server/defaults/yacy.conf + subPath: yacy.conf + {{- end }} + volumes: + - name: data + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ if .Values.persistence.existingClaim }}{{ .Values.persistence.existingClaim }}{{- else }}{{ include "yacy.fullname" . }}-data{{- end }} + {{- else }} + emptyDir: {} + {{- end }} + {{- if .Values.yacy.configFile }} + - name: config + configMap: + name: {{ include "yacy.fullname" . }}-config + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} \ No newline at end of file diff --git a/yacy/templates/hpa.yaml b/yacy/templates/hpa.yaml new file mode 100644 index 0000000..ff8538b --- /dev/null +++ b/yacy/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "yacy.fullname" . }} + labels: + {{- include "yacy.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "yacy.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/yacy/templates/ingress.yaml b/yacy/templates/ingress.yaml new file mode 100644 index 0000000..840df87 --- /dev/null +++ b/yacy/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "yacy.fullname" . -}} +{{- $svcPort := .Values.service.httpPort -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "yacy.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/yacy/templates/networkpolicy.yaml b/yacy/templates/networkpolicy.yaml new file mode 100644 index 0000000..5a57e05 --- /dev/null +++ b/yacy/templates/networkpolicy.yaml @@ -0,0 +1,26 @@ +{{- if .Values.networkPolicy.enabled }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ include "yacy.fullname" . }} + labels: + {{- include "yacy.labels" . | nindent 4 }} +spec: + podSelector: + matchLabels: + {{- include "yacy.selectorLabels" . | nindent 6 }} + policyTypes: + - Ingress + ingress: + - from: + {{- if .Values.networkPolicy.ingressFrom }} + {{- toYaml .Values.networkPolicy.ingressFrom | nindent 8 }} + {{- else }} + - podSelector: {} # Allow from all pods in the same namespace + {{- end }} + ports: + - protocol: TCP + port: 8090 + - protocol: TCP + port: 8443 +{{- end }} \ No newline at end of file diff --git a/yacy/templates/pdb.yaml b/yacy/templates/pdb.yaml new file mode 100644 index 0000000..1d4be3c --- /dev/null +++ b/yacy/templates/pdb.yaml @@ -0,0 +1,13 @@ +{{- if gt .Values.replicaCount 1.0 }} +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: {{ include "yacy.fullname" . }} + labels: + {{- include "yacy.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + {{- include "yacy.selectorLabels" . | nindent 6 }} + minAvailable: 1 +{{- end }} \ No newline at end of file diff --git a/yacy/templates/pvc.yaml b/yacy/templates/pvc.yaml new file mode 100644 index 0000000..3fe6f87 --- /dev/null +++ b/yacy/templates/pvc.yaml @@ -0,0 +1,25 @@ +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "yacy.fullname" . }}-data + labels: + {{- include "yacy.labels" . | nindent 4 }} + {{- with .Values.persistence.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + accessModes: + - {{ .Values.persistence.accessMode | quote }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} + {{- if .Values.persistence.storageClass }} + {{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" + {{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" + {{- end }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/yacy/templates/secret.yaml b/yacy/templates/secret.yaml new file mode 100644 index 0000000..1f9fedc --- /dev/null +++ b/yacy/templates/secret.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "yacy.fullname" . }} + labels: + {{- include "yacy.labels" . | nindent 4 }} +type: Opaque +data: + {{- if .Values.yacy.adminPassword }} + admin-password: {{ .Values.yacy.adminPassword | b64enc | quote }} + {{- else }} + admin-password: {{ "yacy" | b64enc | quote }} + {{- end }} \ No newline at end of file diff --git a/yacy/templates/service.yaml b/yacy/templates/service.yaml new file mode 100644 index 0000000..c35e72b --- /dev/null +++ b/yacy/templates/service.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "yacy.fullname" . }} + labels: + {{- include "yacy.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.httpPort }} + targetPort: http + protocol: TCP + name: http + - port: {{ .Values.service.httpsPort }} + targetPort: https + protocol: TCP + name: https + selector: + {{- include "yacy.selectorLabels" . | nindent 4 }} \ No newline at end of file diff --git a/yacy/templates/serviceaccount.yaml b/yacy/templates/serviceaccount.yaml new file mode 100644 index 0000000..b7bd832 --- /dev/null +++ b/yacy/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "yacy.serviceAccountName" . }} + labels: + {{- include "yacy.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/yacy/templates/servicemonitor.yaml b/yacy/templates/servicemonitor.yaml new file mode 100644 index 0000000..3bf907e --- /dev/null +++ b/yacy/templates/servicemonitor.yaml @@ -0,0 +1,26 @@ +{{- if .Values.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "yacy.fullname" . }} + {{- if .Values.metrics.serviceMonitor.namespace }} + namespace: {{ .Values.metrics.serviceMonitor.namespace }} + {{- end }} + labels: + {{- include "yacy.labels" . | nindent 4 }} + {{- with .Values.metrics.serviceMonitor.additionalLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + endpoints: + - port: http + path: {{ .Values.metrics.path }} + interval: {{ .Values.metrics.serviceMonitor.interval }} + scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + selector: + matchLabels: + {{- include "yacy.selectorLabels" . | nindent 6 }} +{{- end }} \ No newline at end of file diff --git a/yacy/values.yaml b/yacy/values.yaml new file mode 100644 index 0000000..53033f5 --- /dev/null +++ b/yacy/values.yaml @@ -0,0 +1,176 @@ +# Default values for YaCy Helm chart +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +# -- Number of YaCy pods to run +# Note: For production use, consider setting up shared storage +# if running multiple replicas +replicaCount: 1 + +# Image configuration +image: + # -- Set to true to use a locally built image + # Set to false to pull from a registry + useLocal: false + + # -- Local image settings (when useLocal: true) + # Build with: docker build -t yacy_search_server:local -f docker/Dockerfile . + localRepository: "yacy/yacy_search_server" + localTag: "latest" + + # -- Official repository settings (when useLocal: false) + repository: yacy/yacy_search_server + pullPolicy: Always + # -- Overrides the image tag whose default is the chart appVersion + tag: "latest" + +# -- Architecture-specific image tags +# Used for multi-architecture deployments with the official repository +arch: + amd64: latest + arm64: aarch64-latest + arm: armv7-latest + +# Optional: Configure image pull secrets if you have authentication for private registries +# For Docker Hub, create a secret with: kubectl create secret docker-registry regcred --docker-username= --docker-password= +imagePullSecrets: [] +# - name: regcred +nameOverride: "" +fullnameOverride: "" + +# YaCy environment variables +# All settings from yacy.init can be set as environment variables +# Replace dots with underscores, make uppercase, and prefix with YACY_ +env: {} + # YACY_NETWORK_UNIT_AGENT: "MyYaCyPeer" + # YACY_ADMINACCOUNT_USER: "admin" + # YACY_ADMINACCOUNT_PASSWORD: "yacy" # Default password, change this! + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podSecurityContext: + fsGroup: 1000 + +securityContext: + capabilities: + drop: + - ALL + readOnlyRootFilesystem: false + runAsNonRoot: true + runAsUser: 1000 + +service: + type: ClusterIP + httpPort: 8090 + httpsPort: 8443 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: yacy.local + paths: + - path: / + pathType: Prefix + tls: [] + # - secretName: yacy-tls + # hosts: + # - yacy.local + +resources: + limits: + cpu: 1000m + memory: 1Gi + requests: + cpu: 500m + memory: 512Mi + +# Persistence for YaCy DATA directory +persistence: + enabled: true + # If defined, use an existing PVC + existingClaim: "" + # storageClass: "" + accessMode: ReadWriteOnce + size: 10Gi + annotations: {} + +nodeSelector: {} + +tolerations: [] + +affinity: {} + +# Autoscaling configuration +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 5 + targetCPUUtilizationPercentage: 80 + targetMemoryUtilizationPercentage: 80 + +# Network Policy +networkPolicy: + # Enable network policy + enabled: false + # Custom ingress selectors + # ingressFrom: [] + +# Prometheus metrics configuration +metrics: + # Path for metrics endpoint + path: /metrics + serviceMonitor: + # If true, a ServiceMonitor CRD will be created for a prometheus operator + enabled: false + # Optional namespace for ServiceMonitor + namespace: "" + # Default scrape interval + interval: 1m + # Default scrape timeout + scrapeTimeout: 30s + # Additional labels for ServiceMonitor + additionalLabels: {} + +# -- YaCy specific configuration +yacy: + # -- Admin password for the YaCy web interface + # IMPORTANT: Change this from the default for security! + adminPassword: "yacy" + + # -- Optional: Custom YaCy configuration file content + # This will be mounted as a ConfigMap and override default settings + configFile: | + # YaCy configuration in key=value format + # Disable browser auto-opening (avoids xdg-open errors in container environment) + browserPopUpPage= + browserPopUpWarning=false + + # -- YaCy runtime settings + settings: + # -- URLs to crawl automatically on startup + # Example: ["https://example.com/", "https://yacy.net/"] + crawlURLs: [] + + # -- Maximum memory allocation for YaCy + # Recommendation: Use 60-80% of container memory limit + maxMemory: "600m" + + # -- Whether to join the YaCy P2P network + # Set to false for private/intranet installations + joinP2PNetwork: true + + # -- Additional YaCy settings can be added as environment + # variables using the 'env' section