GithubHelp home page GithubHelp logo

flowfuse / helm Goto Github PK

View Code? Open in Web Editor NEW
5.0 5.0 14.0 4.57 MB

A Helm chart to deploy FlowFuse on Kubernetes

License: Apache License 2.0

Shell 6.72% Dockerfile 16.56% Logos 4.31% JavaScript 45.84% Roff 4.98% Smarty 21.59%

helm's Introduction

FlowFuse helps Node-RED developers deliver applications in a more reliable, collaborative and secure manner. Node-RED’s intuitive, low-code development environment is great for connecting together hardware devices, APIs and online services. FlowFuse adds to Node-RED collaborative development, management of remote deployments, support for DevOps deliver pipelines, and the ability to host Node-RED applications on FlowFuse Cloud. FlowFuse is the devops platform for Node-RED application development and delivery.

Key Features

  • FlowFuse adds team collaboration to Node-RED, allowing multiple developers to work together on a single instance.
  • Many organizations deploy Node-RED instances to remote servers or edge devices. FlowFuse automates this process by creating snapshots on Node-RED instances that can be deployed to multiple remote targets.
  • FlowFuse simplifies the software development lifecycle of Node-RED applications. You can now set up DevOps delivery pipelines to support development, test and production environments for Node-RED application delivery.
  • FlowFuse is available from FlowFuse Cloud, a managed cloud service, or a self-hosted solution.
  • FlowFuse offers professional technical support for FlowFuse and Node-RED.

Links

helm's People

Contributors

andreikop avatar cstns avatar dependabot[bot] avatar elenaviter avatar flecoufle avatar hardillb avatar joepavitt avatar knolleary avatar marianraphael avatar pezmc avatar piwero avatar ppawlowski avatar robmarcer avatar sammachin avatar steve-mcl avatar yndira-e avatar zjvandeweg avatar

Stargazers

avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar

Forkers

murukesh flecoufle royki andreikop nimbit-software dfulgham wizehive plus-for-node-red elenaviter piwero fp-salerno mrgabba ppawlowski

helm's Issues

README needs updating

Current Behavior

info is out of date

Expected Behavior

should reflect recent packaging changes

Steps To Reproduce

NA

Environment

  • FlowForge version: 1.1+

Remove postgresql storageClass value

Description

The existing postgresql.global.storageClass affects chart installation on the basic Kubernetes cluster. For a basic installation, data persistence could be omitted.

Epic/Story

#223

Consider releasing helm chart separately from the application release

Description

At this moment we are releasing our helm chart together with the core application release.
The proposal is to separate this process and release a helm chart when a new fix or feature is added.
This will allow us to:

  • publish fixes without waiting for weekly patch release
  • introduce helm chart features independently from the core app

Of course, the whole process should be automated using GH Actions.

Tasks
Beta Give feedback

Wait for database before starting core app

Description

When using the helm chart to install the app with local database support, the application may restart a couple of times:

NAME                        READY   STATUS    RESTARTS      AGE
flowforge-d64cf667b-pqfnm   1/1     Running   2 (44s ago)   49s
flowforge-postgresql-0      1/1     Running   0             49s

The reason for such behavior is application container starts quicker than the database one.

{"level":"ERROR","time":"2023-11-21T13:41:48.471Z","msg":"Failed to start: SequelizeConnectionRefusedError: connect ECONNREFUSED 10.96.94.235:5432"}
ConnectionRefusedError [SequelizeConnectionRefusedError]: connect ECONNREFUSED 10.96.94.235:5432

It will be nice to start the main app only once the database is up and ready to handle requests.
A possible solution is to use an init container which will check database availability.

Allow Project namespace to be changed

Story

No response

Description

At the moment all FlowForge Projects are run in the flowforge namespace, this is hardcoded into the Service Account and into the k8s driver when contacting the NR-Launcher API.

This should be parameterised to allow K8s admins to have more control of the deployment.

FlowForge helm: option to provision default service account for editors. broker: derive the ingress definitions from values.yaml. cluster role-related: resources names should be release-dependent

Description

Multiple changes in FlowForge helm, all are optional.

Description

FlowForge helm features are needed:

  1. Editors: optional service account provisioning*.
  2. Broker: propagate ingress definitions to broker helm.
  3. Cluster role-related: to support more than 1 FlowForge instance to run in the cluster, let the names of the resources depend on release name

Include Sequelize Encryption option

Description

It would be nice to be able to connect to a Postgres db using encryption using the SSL parameter: https://sequelize.org/docs/v6/other-topics/dialect-specific-things/#postgresql

Currently the options are limited to:
db.host Hostname of the Postgres Database. Default: postgres.
db.database Database name on Postgres Server. Default: flowforge.
db.user Username used when connecting to Postgres Server.
db.password Password used when connecting to Postgres Server.

Helm install finished with failed status due to too low version of Postgres

Current Behavior

Helm install finished with failded status:

Error: release flowforge failed, and has been uninstalled due to atomic being set: context deadline exceeded

on Oracle Cloud ARM Free Tier machine

Looking in logs from Postgres pod, I see something like this:

exec /opt/bitnami/scripts/postgresql/entrypoint.sh: exec format error

If I correctly understood the issue: bitnami/charts#15140 , it is missing ARM support in the lower version of Postgres.

Expected Behavior

  1. Upgrade Postgres version or let me decide which version I want to use OR
  2. Automatically ( Dependabot ? ) update dependencies?
  3. Add information about the tested version of Postgres where Flowforge works correctly

Steps To Reproduce

  1. Installed Kubernetes ( microk8s ) on Oracle Cloud Free Tier ARM images.
  2. Based on: https://flowforge.com/docs/install/kubernetes/#configure-flowforge Execute commands:

helm repo add flowforge https://flowforge.github.io/helm
helm repo update
kubectl label node role=management
kubectl label node role=projects
for my nodes in microk8s

  1. Created like that values file:

forge:
entryPoint: forge.<censored, my domain>
domain: <censored, my domain>
https: false
localPostgresql: true
projectNamespace: flowforge
telemetry:
enabled: false
fileStore:
enabled: false

and executed:

helm upgrade --atomic --install --timeout 10m flowforge flowforge/flowforge -f valuesforge.yaml

  1. After a while execute:

kubectl get all
kubectl logs pod/

exec /opt/bitnami/scripts/postgresql/entrypoint.sh: exec format error

Environment

  • FlowForge version: version: v1.8.1
  • Node.js version: Unknown, helm version
  • npm version: Unknown, helm version
  • Platform/OS: Ubuntu 20.04
  • Browser: None

Remove a namespace references and rely on helm flags

Get rid of the namespace definition within the helm chart and give freedom to the OPS team to decide which namespace application should be created via --namespace helm parameter.

Tracking issue for:

Helm chart installation should be possible with default values on basic kubernetes cluster

Description

The goal of this epic is to gather all tasks needed to give a possibility to install FlowFuse service on the most common Kubernetes cluster configuration.

Tasks
Beta Give feedback
  1. Remove default nodeSelector value #224
    needs-triage task
    ppawlowski
  2. Remove postgresql storageClass value #225
    size:XS - 1 task
    ppawlowski
  3. Update postgresql chart version to 11.9.13 #219
    size:M - 3 task
    ppawlowski
  4. Ingress object should be created conditionally #226
    needs-triage task
    ppawlowski

Installation through helm chart fails if multiline ingress annotation is used

Current Behavior

Following ingress annotations configurations is causing a error during templating:

ingress:
  annotations:
    customAnnotation: customValue
    nginx.ingress.kubernetes.io/server-snippet: |
      location ~* "^/secretEndpoint" {
        return 403;
      }

Error:

Error: YAML parse error on flowforge/templates/broker.yaml: error converting YAML to JSON: yaml: line 10: could not find expected ':'

Use --debug flag to render out invalid YAML

Expected Behavior

Templating should not fail and multiline annotation should be applied ingress object:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: flowforge-broker
  labels:
    app: flowforge-broker
  annotations:
    customAnnotation: customValue
    nginx.ingress.kubernetes.io/server-snippet: |
      location ~* "^/secretEndpoint" {
        return 403;
      }

Steps To Reproduce

  1. Configure helm repo according to [documentation](helm repo add flowforge https://flowfuse.github.io/helm).
  2. Create customization.yml file with minimal content needed.
  3. Add following ingress configuration to customization.yml:
ingress:
  annotations:
    customAnnotation: customValue
    nginx.ingress.kubernetes.io/server-snippet: |
      location ~* "^/secretEndpoint" {
        return 403;
      }
  1. Perform installation using helm chart
helm upgrade --atomic --install --timeout 10m flowforge flowforge/flowforge -f customization.yml

Environment

No response

Sensitive data in ConfigMaps and Helm values.yaml

Current Behavior

It would appear that the only mechanism for providing sensitive information such as database passwords and access keys, is through Helm's values file, which end up being embedded within a ConfigMap that generates the flowforge.yml config file, where passwords end up being stored in plaintext.
This sensitive information ideally should be managed through kubernetes secrets.

This is especially problematic if you are applying a GitOps approach, through tools such as ArgoCD or Flux for deploying this Chart.

Expected Behavior

Ideally there should be a safe mechanism to provide references to secrets, such as database passwords.

A common pattern when dealing with Helm is that the templates themselves support not just providing the actual passwords in plaintext, but also support referencing an existing Kubernetes secret (created prior to the install of the chart) which is usually attached to the deployment as environment variables. But since here those values are used to generate a config file, things may be a bit more complicated, unless flowforge has support for getting sensitive values from elsewhere outside of flowforge.yml (such as environment variables for example).

Steps To Reproduce

No response

Environment

  • FlowForge version:
  • Node.js version:
  • npm version:
  • Platform/OS:
  • Browser:

Ingress object should be created conditionally

With default chart values, the creation of an ingress object fails with the error:

Error: INSTALLATION FAILED: 1 error occurred:
	* Ingress.extensions "flowforge-ingress" is invalid: spec.rules[0].host: Invalid value: "forge.": a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character (e.g. 'example.com', regex used for validation is '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*')

We should either provide some proper default values or create an ingress object only if forge.domain or forge.entryPoint have values.

Helm Chart is broken since 1.13.2

Current Behavior

Hi team, it looks like the helm chart is broken since 1.13.2 with sentry and postgres it wants to get the host of postgres and sentry got to be an object not a string

Error: template: flowforge/templates/deployment.yaml:61:76: executing "flowforge/templates/deployment.yaml" at <.Values.forge.telemetry.sentry>: wrong type for value; expected map[string]interface {}; got interface {}

Error: template: flowforge/templates/configmap.yaml:28:66: executing "flowforge/templates/configmap.yaml" at <.Values.forge.postgres>: wrong type for value; expected map[string]interface {}; got interface {}

discussed on Slack before

Expected Behavior

Helm Chart should install with minimum at Digital Ocean as described by FlowFuse Docs

Steps To Reproduce

set up a fresh Kube Cluster on Digital Ocean and use Helm as the FlowFuse Docs do

Environment

  • FlowFuse version: 1.13.2
  • Node.js version: 16.20
  • Platform/OS: Digital Ocean
  • Browser: Firefox, Chrome

Helm install, don't create: ExternalName if forge.localPostrgresql == false

Current Behavior

If forge.localPostrgresql == false, then helm create automatically create: ExternalName service.

Expected Behavior

Don't create any service for Postgres database, the current behavior is problematic, because as far as I know, we can't use Postgress database ran on the same cluster, because Kubernetes will not resolve DNS request and provide all of them to host system.
Instead of creating Externall name, use directly all data provided in values file in flowforge container similar like in: goauthentik => https://github.com/goauthentik/helm

Steps To Reproduce

Based on https://flowforge.com/docs/install/kubernetes/ , I tried to:
0. Using CloudNativePG Helm Chart ( https://github.com/cloudnative-pg/charts ) run kubernetes in different namespace
1.
2. Executed command:

helm repo add flowforge https://flowforge.github.io/helm
helm repo update

  1. Exexuted command:

kubectl label node role=management
kubectl label node role=projects
for my nodes in microk8s

  1. Created like that values file:
    forge:

entryPoint: forge.<censored, my domain>
domain: <censored, my domain>
https: false
localPostgresql: false
projectNamespace: flowforge
postgres:
host: postgresql-pvc-rw.psql
dbUsername: forge
dbName: flowforge
dbPassword:
port: 5432
telemetry:
enabled: false
fileStore:
enabled: false

postgresql-pvc-rw.psql << name of service from step 0 and name of namespace/

and executed:

helm upgrade --atomic --install flowforge flowforge/flowforge -f valuesforge.yaml

Environment

  • FlowForge version: v1.8.1
  • Node.js version: Unknown, helm version:
  • npm version: Unknown, helm version:
  • Platform/OS: Ubuntu 20.4
  • Browser: None.

helm chart needs improvements

Description

Some enhancements are required for the helm chart

  • the DB password (especially for localPostgresql=false) should not be provided in the values file (use something like existing secret) and clearly it should not be stored in a configmap
  • the db.host should be taken from .Values.forge.postgres.host if localPostgresql=false
  • the deployment should have configurable additional labels and the securityContext also needs to be taken from values
  • same would be required for the deployment that is created for an instance (pod label + securityContext) so it can be configured to work on OpenShift

Helm install finished with failed status when: forge.localPostrgresql == true

Current Behavior

Postgers containter have error:

Error: release flowforge failed, and has been uninstalled due to atomic being set: context deadline exceeded

Expected Behavior

Finished without any problem and run application without any problems.

Steps To Reproduce

Based on https://flowforge.com/docs/install/kubernetes/ , I tried to:

  1. Executed command:

helm repo add flowforge https://flowforge.github.io/helm
helm repo update

  1. Exexuted command:

kubectl label node role=management
kubectl label node role=projects
for my nodes in microk8s

  1. Created like that values file:

forge:
entryPoint: forge.<censored, my domain>
domain: <censored, my domain>
https: false
localPostgresql: true
projectNamespace: flowforge
telemetry:
enabled: false
fileStore:
enabled: false
and executed:

helm upgrade --atomic --install flowforge flowforge/flowforge -f valuesforge.yaml

Environment

  • FlowForge version: v1.8.1
  • Node.js version Unknown, helm version:
  • npm version: Unknown, helm version
  • Platform/OS: Ubuntu 20.04
  • Browser: None.

Publish the FlowForge Device Agent to Docker Hub

Story

No response

Description

Many customers use Docker on edge locations to deploy software, so too our device agent.

Spoke with a customer today that built their own images. I think we should provide these per release and make it easier to get started with Devices.

Remove default `nodeSelector` value

Description

At this moment FlowForge installation requires a node with label role=management to schedule flowforge pod correctly.
The goal of this task is to remove this requirement from default labels but give an operator flexibility to define custom labels if needed.

Epic/Story

#223

helm upgade "does not appear to be a gzipped archive" typo in index file

Current Behavior

apiVersion: v1
entries:
  flowforge:
  - apiVersion: v2
    appVersion: 1.2.0
    created: "2022-12-22T13:23:21.457462236Z"
    dependencies:
    - condition: forge.localPostgresql
      name: postgresql
      repository: https://charts.bitnami.com/bitnami
      version: 10.14.0
    description: FlowForge
    digest: afd686492fbb152b49de6ae5c27f680156bdf4d12ebb73b47bb945bd122b002c
    home: https://flowforge.com
    icon: https://flowforge.com/apple-touch-icon.png
    keywords:
    - flowforge
    - node-red
    maintainers:
    - name: FlowForge Inc
      url: https://flowforge.com
    name: flowforge
    type: application
    urls:
    - https://flowforge.gibhub.io/helm/flowforge-1.2.0.tgz

gibhub -> github

Expected Behavior

No response

Steps To Reproduce

helm upgrade --atomic --install flowforge flowforge/flowforge -f customization.yml
Error: file '/xxxxxx/.cache/helm/repository/flowforge-1.2.0.tgz' does not appear to be a gzipped archive; got 'text/html; charset=utf-8'

Environment

  • FlowForge version: 1.2.0
  • Node.js version: NR
  • npm version: NR
  • Platform/OS: x86_64
  • Browser: NR

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.