233 clearml default externalservices values (#234)

* Added: default externalServices values

* Changed: bump up version

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,82 @@
+name: Bug Report
+description: Create a report to help us improve
+title: "[name of the chart e.g. clearml-agent] Issue Title"
+labels: [bug]
+assignees:
+  - valeriano-manassero
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for taking the time to fill out this bug report! Please be cautious with the sensitive information/logs while filing the issue.
+  - type: textarea
+    id: desc
+    attributes:
+      label: Describe the bug a clear and concise description of what the bug is.
+    validations:
+      required: true
+  - type: input
+    id: helm-version
+    attributes:
+      label: What's your helm version?
+      description: Enter the output of `$ helm version`
+      placeholder: Copy paste the entire output of the above 
+    validations:
+      required: true
+  - type: input
+    id: kubectl-version
+    attributes:
+      label: What's your kubectl version?
+      description: Enter the output of `$ kubectl version`
+    validations:
+      required: true
+  - type: input
+    id: chart-version
+    attributes:
+      label: What's the chart version?
+      description: Enter the version of the chart that you encountered this bug.
+    validations:
+      required: true
+  - type: textarea
+    id: what-happened
+    attributes:
+      label: What happened?
+      description: Enter exactly what happened.
+    validations:
+      required: false
+  - type: textarea
+    id: what-expected
+    attributes:
+      label: What you expected to happen?
+      description: Enter what you expected to happen.
+    validations:
+      required: false
+  - type: textarea
+    id: how-to-reproduce
+    attributes:
+      label: How to reproduce it?
+      description: As minimally and precisely as possible.
+    validations:
+      required: false
+  - type: textarea
+    id: changed-values
+    attributes:
+      label: Enter the changed values of values.yaml?
+      description: Please enter only values which differ from the defaults. Enter `NONE` if nothing's changed.
+      placeholder: 'key: value'
+    validations:
+      required: false
+  - type: textarea
+    id: helm-command
+    attributes:
+      label: Enter the command that you execute and failing/misfunctioning.
+      description: Enter the command as-is as how you executed.
+      placeholder: helm install my-release prometheus-community/name-of-chart --version version --values values.yaml
+    validations:
+      required: true
+  - type: textarea
+    id: anything-else
+    attributes:
+      label: Anything else we need to know?
+    validations:
+      required: false

.github/ISSUE_TEMPLATE/feature_request.yml

@@ -0,0 +1,40 @@
+name: Feature request
+description: Suggest an idea for this project
+title: "[name of the chart e.g. clearml-agent] Issue Title"
+labels: [enhancement]
+assignees:
+  - valeriano-manassero
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for taking the time to fill out this bug report!
+  - type: textarea
+    id: desc
+    attributes:
+      label: Is your feature request related to a problem ?
+      description: Give a clear and concise description of what the problem is.
+      placeholder:  ex. I'd like to have [...]
+    validations:
+      required: true
+  - type: textarea
+    id: prop-solution
+    attributes:
+      label: Describe the solution you'd like.
+      description: A clear and concise description of what you want to happen.
+    validations:
+      required: true
+  - type: textarea
+    id: alternatives
+    attributes:
+      label: Describe alternatives you've considered.
+      description: A clear and concise description of any alternative solutions or features you've considered. If nothing, please enter `NONE`
+    validations:
+      required: true
+  - type: textarea
+    id: additional-ctxt
+    attributes:
+      label: Additional context.
+      description: Add any other context or screenshots about the feature request here.
+    validations:
+      required: false

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,18 @@
+**What this PR does / why we need it**:
+
+
+**Checklist**
+- [ ] Reviewed the [`CONTRIBUTING.md`](https://github.com/allegroai/clearml-helm-charts/blob/main/CONTRIBUTING.md#pull-requests) guide (**required**)
+- [ ] Verify the work you plan to merge addresses an existing [issue](https://github.com/allegroai/clearml-helm-charts/issues) (If not, open a new one) (**required**)
+- [ ] Check your branch with `helm lint` (**required**)
+- [ ] Update `version` in `Chart.yaml` according [semver](https://semver.org/) rules (**required**)
+- [ ] Substitute `annotations` section in `Chart.yaml` annotating implementations (useful for Artifecthub changelog) (**required**)
+- [ ] Update chart README using [helm-docs](https://github.com/norwoodj/helm-docs) (**required**)
+
+
+**Which issue(s) this PR fixes**:
+
+Fixes #<issue number>
+
+**Special notes for your reviewer**:
+

.github/helm-docs.sh

@@ -1,6 +1,11 @@
-#!/bin/bash
+#!/bin/bash -xe
 
 CHART_DIRS="$(git diff --find-renames --name-only "$(git rev-parse --abbrev-ref HEAD)" remotes/origin/main -- 'charts' | grep '[cC]hart.yaml' | sed -e 's#/[Cc]hart.yaml##g')"
+if [[ -z "$CHART_DIRS" ]]; then
+    echo "No Chart.yaml changes detected, aborting helm-docs"
+    exit 1
+fi
+
 HELM_DOCS_VERSION="1.11.0"
 
 curl --silent --show-error --fail --location --output /tmp/helm-docs.tar.gz https://github.com/norwoodj/helm-docs/releases/download/v"${HELM_DOCS_VERSION}"/helm-docs_"${HELM_DOCS_VERSION}"_Linux_x86_64.tar.gz

.github/workflows/ci.yaml

@@ -11,7 +11,9 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v1
+        uses: actions/checkout@v3.5.0
+        with:
+          fetch-depth: 0
       - name: Run helm-docs
         run: .github/helm-docs.sh
   install-chart:
@@ -22,26 +24,42 @@ jobs:
     strategy:
       matrix:
         k8s:
-          - v1.24.7
-          - v1.25.3
-          - v1.26.0
+          - v1.24.12
+          - v1.25.8
+          - v1.26.3
+          - v1.27.0
     steps:
       - name: Checkout
-        uses: actions/checkout@v1
+        uses: actions/checkout@v3.5.0
+        with:
+          fetch-depth: 0
       - name: Create kind ${{ matrix.k8s }} cluster
         uses: helm/kind-action@v1.5.0
         with:
           node_image: kindest/node:${{ matrix.k8s }}
       - name: Set up chart-testing
-        uses: helm/chart-testing-action@v2.3.1
+        uses: helm/chart-testing-action@v2.4.0
+      - name: Add bitnami repo
+        run: helm repo add bitnami https://charts.bitnami.com/bitnami
+      - name: Add elastic repo
+        run: helm repo add elastic https://helm.elastic.co
+      - name: Add prometheus repo
+        run: helm repo add prometheus https://prometheus-community.github.io/helm-charts
+      - name: Add grafana repo
+        run: helm repo add grafana https://grafana.github.io/helm-charts
       - name: Run chart-testing (list-changed)
         id: list-changed
         run: |
-          changed=$(ct list-changed --chart-dirs=charts --target-branch=main)
+          changed=$(ct list-changed --chart-dirs charts --target-branch main)
           if [[ -n "$changed" ]]; then
-            echo "::set-output name=changed::true"
-            echo "::set-output name=changed_charts::\"${changed//$'\n'/,}\""
+            echo "changed=true" >> "$GITHUB_OUTPUT"
+            echo "changed_charts=\"${changed//$'\n'/,}\"" >> "$GITHUB_OUTPUT"
           fi
-      - name: Run chart-testing (lint and install)
-        run: ct lint-and-install --chart-dirs=charts --target-branch=main --helm-extra-args="--timeout=15m" --charts=${{steps.list-changed.outputs.changed_charts}} --debug=true
+      - name: Inject secrets
+        run: |
+          find ./charts/*/ci/*.yaml -type f -exec sed -i "s/AGENTK8SGLUEKEY/${{ secrets.AGENTK8SGLUEKEY }}/g" {} \;
+          find ./charts/*/ci/*.yaml -type f -exec sed -i "s/AGENTK8SGLUESECRET/${{ secrets.AGENTK8SGLUESECRET }}/g" {} \;
+        if: steps.list-changed.outputs.changed == 'true'
+      - name: Run chart-testing (lint and install)
+        run: ct lint-and-install --chart-dirs charts --target-branch main --helm-extra-args "--timeout=15m" --charts=${{steps.list-changed.outputs.changed_charts}} --debug true
         if: steps.list-changed.outputs.changed == 'true'

.github/workflows/inactive-issues.yaml

@@ -0,0 +1,22 @@
+name: Close inactive issues
+on:
+  schedule:
+    - cron: "30 1 * * *"
+
+jobs:
+  close-issues:
+    runs-on: ubuntu-latest
+    permissions:
+      issues: write
+      pull-requests: write
+    steps:
+      - uses: actions/stale@v8.0.0
+        with:
+          days-before-issue-stale: 28
+          days-before-issue-close: 14
+          stale-issue-label: "stale"
+          stale-issue-message: "This issue is stale because it has been open for 4 weeks with no activity."
+          close-issue-message: "This issue was closed because it has been inactive for 2 weeks since being marked as stale."
+          days-before-pr-stale: -1
+          days-before-pr-close: -1
+          repo-token: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/release.yaml

@@ -17,6 +17,10 @@ jobs:
         run: helm repo add bitnami https://charts.bitnami.com/bitnami
       - name: Add elastic repo
         run: helm repo add elastic https://helm.elastic.co
+      - name: Add prometheus repo
+        run: helm repo add prometheus https://prometheus-community.github.io/helm-charts
+      - name: Add grafana repo
+        run: helm repo add grafana https://grafana.github.io/helm-charts
       - name: Configure Git
         run: |
           git config user.name "$GITHUB_ACTOR"

CONTRIBUTING.md

@@ -4,7 +4,7 @@
 
 Contribution comes in many forms:
 * Reporting [issues](https://github.com/allegroai/clearml-helm-charts/issues) you've come upon
-* Participating in issue discussions in the [issue tracker](https://github.com/allegroai/clearml-helm-charts/issues) and the [ClearML community slack space](https://join.slack.com/t/allegroai-trains/shared_invite/enQtOTQyMTI1MzQxMzE4LTY5NTUxOTY1NmQ1MzQ5MjRhMGRhZmM4ODE5NTNjMTg2NTBlZGQzZGVkMWU3ZDg1MGE1MjQxNDEzMWU2NmVjZmY)
+* Participating in issue discussions in the [issue tracker](https://github.com/allegroai/clearml-helm-charts/issues) and the [ClearML community slack space](https://joinslack.clear.ml)
 * Suggesting new features or enhancements
 * Implementing new features or fixing outstanding issues
 
@@ -51,10 +51,13 @@ Enhancement suggestions are tracked as GitHub issues. After you determine which
 Before you submit a new PR:
 
 * Verify the work you plan to merge addresses an existing [issue](https://github.com/allegroai/clearml-helm-charts/issues) (If not, open a new one)
-* Check related discussions in the [ClearML slack community](https://join.slack.com/t/allegroai-trains/shared_invite/enQtOTQyMTI1MzQxMzE4LTY5NTUxOTY1NmQ1MzQ5MjRhMGRhZmM4ODE5NTNjMTg2NTBlZGQzZGVkMWU3ZDg1MGE1MjQxNDEzMWU2NmVjZmY) (Or start your own discussion on the `#clearml-dev` channel)
-* Make sure your code conforms to the ClearML coding standards by running:  
-  `flake8 --max-line-length=120 --statistics --show-source --extend-ignore=E501 ./clearml*`
+* Check related discussions in the [ClearML slack community](https://joinslack.clear.ml) (or start your own discussion on the `#clearml-dev` channel)
+* Check your branch with `helm lint`
+* Update `version` in `Chart.yaml` according [semver](https://semver.org/) rules
+* Substitute `annotations` section in `Chart.yaml` annotating implementations (useful for Artifecthub changelog)
+* Update chart README using [helm-docs](https://github.com/norwoodj/helm-docs)
 
 In your PR include:
+
 * A reference to the issue it addresses
 * A brief description of the approach you've taken for implementing

INSTALL.md

@@ -0,0 +1,47 @@
+# ClearML Helm Charts Installation guide
+
+## Requirements
+
+* Set up a Kubernetes Cluster - for setting up Kubernetes on various platforms refer to the Kubernetes [getting started guide](http://kubernetes.io/docs/getting-started-guides/).
+  * Set up a single-node LOCAL Kubernetes on laptop/desktop - for setting up Kubernetes on your laptop/desktop, we suggest [kind](https://kind.sigs.k8s.io).
+  * For **Kubernetes Tanzu users** - see [prerequisites](https://github.com/allegroai/clearml-helm-charts/tree/main/platform-specific-configs/tanzu) 
+  for setting up ClearML on a Tanzu cluster 
+  * For **Kubernetes Openshift users** - see [prerequisites](https://github.com/allegroai/clearml-helm-charts/tree/main/platform-specific-configs/openshift) 
+  for setting up ClearML on an Openshift cluster, 
+
+* Install Helm - Helm is a tool for managing Kubernetes charts. Charts are packages of pre-configured Kubernetes 
+resources. To install Helm, refer to the [Helm install guide](https://github.com/helm/helm#install) and ensure that the `helm` binary is in the `PATH` of your shell.
+
+## Helm Charts Installation
+
+### Helm Repo
+
+```bash
+$ helm repo add allegroai https://allegroai.github.io/clearml-helm-charts
+$ helm repo update
+```
+### ClearML Server Ecosystem
+
+```bash
+$ helm install clearml allegroai/clearml
+```
+
+### ClearML Agent
+
+A ClearML Agent is always related to a ClearML server ecosystem (by default using the `app.clear.ml` hosted server, but 
+can be on the same or different Kubernetes cluster or a single server installation).
+
+In the ClearML UI, go to **Settings > Workspace** and click **Create New Credentials**. The dialog that pops up displays 
+the new credentials.
+
+In the Helm chart `install` command below:
+
+* Set `ACCESSKEY` to the new credentials' `access_key` value 
+* Set `SECRETKEY` to the new credentials' `secret_key` value
+* Set `APISERVERURL` to the new credentials' `api_server` value
+* Set `FILESSERVERURL` to the new credentials' `files_server` value
+* Set `WEBSERVERURL` to the new credentials' `web_server` value
+
+```bash
+$ helm install clearml-agent allegroai/clearml-agent --set clearml.agentk8sglueKey=ACCESSKEY --set clearml.agentk8sglueSecret=SECRETKEY --set agentk8sglue.apiServerUrlReference=APISERVERURL --set agentk8sglue.fileServerUrlReference=FILESERVERURL --set agentk8sglue.webServerUrlReference=WEBSERVERURL
+```

README.md

@@ -1,4 +1,4 @@
-# ClearML Helm Charts Library for Kubernetes
+# ClearML Helm Charts for Kubernetes
 
 ##  Auto-Magical Experiment Manager & Version Control for AI
 
@@ -23,57 +23,40 @@ Use this repository to deploy **clearml-server** on Kubernetes clusters.
 
 ## Provided in this repository
 
-### [All around Helm Chart](https://github.com/allegroai/clearml-helm-charts/tree/main/charts/clearml)
+### [ClearML server chart](https://github.com/allegroai/clearml-helm-charts/tree/main/charts/clearml)
+
+### [ClearML agent chart](https://github.com/allegroai/clearml-helm-charts/tree/main/charts/clearml-agent)
+
+### [ClearML serving chart](https://github.com/allegroai/clearml-helm-charts/tree/main/charts/clearml-serving)
 
 ## Who We Are
 
-ClearML is supported by the team behind *allegro.ai*,
-where we build deep learning pipelines and infrastructure for enterprise companies.
+ClearML is supported by you :heart: and the [clear.ml](https://clear.ml) team, which helps enterprise companies build 
+scalable MLOps.
 
 We built ClearML to track and control the glorious but messy process of training production-grade deep learning models.
 We are committed to vigorously supporting and expanding the capabilities of ClearML.
 
-We promise to always be backwardly compatible, making sure all your logs, data and pipelines 
+We promise to always be backwards compatible, making sure all your logs, data, and pipelines 
 will always upgrade with you.
 
 ## License
 
 Apache License, Version 2.0, (see the [LICENSE](https://www.apache.org/licenses/LICENSE-2.0) for more information)
 
-## Requirements
+## Installation Guide
 
-### Setup a Kubernetes Cluster
-
-For setting up Kubernetes on various platforms refer to the Kubernetes [getting started guide](http://kubernetes.io/docs/getting-started-guides/).
-
-### Setup a single node LOCAL Kubernetes on laptop/desktop
-
-For setting up Kubernetes on your laptop/desktop we suggest [kind](https://kind.sigs.k8s.io).
-
-### Install Helm
-
-Helm is a tool for managing Kubernetes charts. Charts are packages of pre-configured Kubernetes resources.
-
-To install Helm, refer to the [Helm install guide](https://github.com/helm/helm#install) and ensure that the `helm` binary is in the `PATH` of your shell.
-
-## Usage
-
-```bash
-$ helm repo add allegroai https://allegroai.github.io/clearml-helm-charts
-$ helm repo update
-$ helm search repo allegroai
-$ helm install <release-name> allegroai/<chart>
-```
+For installation instructions, follow related [Installation Guide](INSTALL.md).
 
 ## Documentation, Community & Support
 
-More information in the [official documentation](https://allegro.ai/clearml/docs) and [on YouTube](https://www.youtube.com/c/ClearML).
+See more information in the [official documentation](https://clear.ml/docs/latest/docs) and [on YouTube](https://www.youtube.com/c/ClearML).
 
-If you have any questions: post on our [Slack Channel](https://join.slack.com/t/clearml/shared_invite/zt-c0t13pty-aVUZZW1TSSSg2vyIGVPBhg), or tag your questions on [stackoverflow](https://stackoverflow.com/questions/tagged/clearml) with '**[clearml](https://stackoverflow.com/questions/tagged/clearml)**' tag (*previously [trains](https://stackoverflow.com/questions/tagged/trains) tag*).
+If you have any questions, post on our [Slack Channel](https://joinslack.clear.ml), or tag your questions on [stackoverflow](https://stackoverflow.com/questions/tagged/clearml) with '**[clearml](https://stackoverflow.com/questions/tagged/clearml)**' tag (*previously [trains](https://stackoverflow.com/questions/tagged/trains) tag*).
 
 For feature requests or bug reports, please use [GitHub issues](https://github.com/allegroai/clearml-helm-charts/issues).
 
-Additionally, you can always find us at *clearml@allegro.ai*
+Additionally, you can always find us at *support@clear.ml*
 
 ## Contributing
 

charts/clearml-agent/Chart.yaml

@@ -2,9 +2,9 @@ apiVersion: v2
 name: clearml-agent
 description: MLOps platform Task running agent
 type: application
-version: "3.2.0"
+version: "5.1.0"
 appVersion: "1.24"
-kubeVersion: ">= 1.21.0-0 < 1.27.0-0"
+kubeVersion: ">= 1.21.0-0 < 1.28.0-0"
 home: https://clear.ml
 icon: https://raw.githubusercontent.com/allegroai/clearml/master/docs/clearml-logo.svg
 sources:
@@ -21,6 +21,4 @@ keywords:
 annotations:
   artifacthub.io/changes: |
     - kind: added
-      description: securityContext parameter for agent pod
-    - kind: added
-      description: support for kubernetes 1.26
+      description: resource parameters for agentk8sglue

charts/clearml-agent/README.md

@@ -1,6 +1,6 @@
 # ClearML Kubernetes Agent
 
-![Version: 3.2.0](https://img.shields.io/badge/Version-3.2.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.24](https://img.shields.io/badge/AppVersion-1.24-informational?style=flat-square)
+![Version: 5.1.0](https://img.shields.io/badge/Version-5.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.24](https://img.shields.io/badge/AppVersion-1.24-informational?style=flat-square)
 
 MLOps platform Task running agent
 
@@ -17,6 +17,29 @@ MLOps platform Task running agent
 The **clearml-agent** is the Kubernetes agent for for [ClearML](https://github.com/allegroai/clearml).
 It allows you to schedule distributed experiments on a Kubernetes cluster.
 
+# Upgrading Chart
+
+## Upgrades/ Values upgrades
+
+Updating to latest version of this chart can be done in two steps:
+
+```
+helm repo update
+helm upgrade clearml-agent allegroai/clearml-agent
+```
+
+Changing values on existing installation can be done with:
+
+```
+helm upgrade clearml-agent allegroai/clearml-agent --version <CURRENT CHART VERSION> -f custom_values.yaml
+```
+
+### Major upgrade from 3.* to 4.*
+
+Before issuing helm upgrade:
+
+* if using securityContexts check for new value form in values.yaml (podSecurityContext and containerSecurityContext)
+
 ## Source Code
 
 * <https://github.com/allegroai/clearml-helm-charts>
@@ -24,43 +47,52 @@ It allows you to schedule distributed experiments on a Kubernetes cluster.
 
 ## Requirements
 
-Kubernetes: `>= 1.21.0-0 < 1.27.0-0`
+Kubernetes: `>= 1.21.0-0 < 1.28.0-0`
 
 ## Values
 
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
-| agentk8sglue | object | `{"annotations":{},"apiServerUrlReference":"https://api.clear.ml","basePodTemplate":{"annotations":{},"env":[],"fileMounts":[],"hostAliases":{},"initContainers":[],"labels":{},"nodeSelector":{},"resources":{},"schedulerName":"","securityContext":{},"tolerations":[],"volumeMounts":[],"volumes":[]},"clearmlcheckCertificate":true,"containerCustomBashScript":"","customBashScript":"","debugMode":false,"defaultContainerImage":"ubuntu:18.04","extraEnvs":[],"fileMounts":[],"fileServerUrlReference":"https://files.clear.ml","image":{"repository":"allegroai/clearml-agent-k8s-base","tag":"1.24-21"},"labels":{},"nodeSelector":{},"queue":"default","replicaCount":1,"securityContext":{},"serviceExistingAccountName":"","volumeMounts":[],"volumes":[],"webServerUrlReference":"https://app.clear.ml"}` | This agent will spawn queued experiments in new pods, a good use case is to combine this with GPU autoscaling nodes. https://github.com/allegroai/clearml-agent/tree/master/docker/k8s-glue |
+| agentk8sglue | object | `{"additionalClusterRoleBindings":[],"additionalRoleBindings":[],"affinity":{},"annotations":{},"apiServerUrlReference":"https://api.clear.ml","basePodTemplate":{"affinity":{},"annotations":{},"containerSecurityContext":{},"env":[],"fileMounts":[],"hostAliases":[],"initContainers":[],"labels":{},"nodeSelector":{},"podSecurityContext":{},"priorityClassName":"","resources":{},"schedulerName":"","tolerations":[],"volumeMounts":[],"volumes":[]},"clearmlcheckCertificate":true,"containerSecurityContext":{},"defaultContainerImage":"ubuntu:18.04","extraEnvs":[],"fileMounts":[],"fileServerUrlReference":"https://files.clear.ml","image":{"registry":"","repository":"allegroai/clearml-agent-k8s-base","tag":"1.24-21"},"initContainers":{"resources":{}},"labels":{},"nodeSelector":{},"podSecurityContext":{},"queue":"default","replicaCount":1,"resources":{},"serviceExistingAccountName":"","tolerations":[],"volumeMounts":[],"volumes":[],"webServerUrlReference":"https://app.clear.ml"}` | This agent will spawn queued experiments in new pods, a good use case is to combine this with GPU autoscaling nodes. https://github.com/allegroai/clearml-agent/tree/master/docker/k8s-glue |
+| agentk8sglue.additionalClusterRoleBindings | list | `[]` | additional existing ClusterRoleBindings |
+| agentk8sglue.additionalRoleBindings | list | `[]` | additional existing RoleBindings |
+| agentk8sglue.affinity | object | `{}` | affinity setup for Agent pod (example in values.yaml comments) |
 | agentk8sglue.annotations | object | `{}` | annotations setup for Agent pod (example in values.yaml comments) |
 | agentk8sglue.apiServerUrlReference | string | `"https://api.clear.ml"` | Reference to Api server url |
-| agentk8sglue.basePodTemplate | object | `{"annotations":{},"env":[],"fileMounts":[],"hostAliases":{},"initContainers":[],"labels":{},"nodeSelector":{},"resources":{},"schedulerName":"","securityContext":{},"tolerations":[],"volumeMounts":[],"volumes":[]}` | base template for pods spawned to consume ClearML Task |
+| agentk8sglue.basePodTemplate | object | `{"affinity":{},"annotations":{},"containerSecurityContext":{},"env":[],"fileMounts":[],"hostAliases":[],"initContainers":[],"labels":{},"nodeSelector":{},"podSecurityContext":{},"priorityClassName":"","resources":{},"schedulerName":"","tolerations":[],"volumeMounts":[],"volumes":[]}` | base template for pods spawned to consume ClearML Task |
+| agentk8sglue.basePodTemplate.affinity | object | `{}` | affinity setup for pods spawned to consume ClearML Task |
 | agentk8sglue.basePodTemplate.annotations | object | `{}` | annotations setup for pods spawned to consume ClearML Task (example in values.yaml comments) |
+| agentk8sglue.basePodTemplate.containerSecurityContext | object | `{}` | securityContext setup for containers spawned to consume ClearML Task (example in values.yaml comments) |
 | agentk8sglue.basePodTemplate.env | list | `[]` | environment variables for pods spawned to consume ClearML Task (example in values.yaml comments) |
 | agentk8sglue.basePodTemplate.fileMounts | list | `[]` | file definition for pods spawned to consume ClearML Task (example in values.yaml comments) |
-| agentk8sglue.basePodTemplate.hostAliases | object | `{}` | hostAliases setup for pods spawned to consume ClearML Task (example in values.yaml comments) |
+| agentk8sglue.basePodTemplate.hostAliases | list | `[]` | hostAliases setup for pods spawned to consume ClearML Task (example in values.yaml comments) |
 | agentk8sglue.basePodTemplate.initContainers | list | `[]` | initContainers definition for pods spawned to consume ClearML Task (example in values.yaml comments) |
 | agentk8sglue.basePodTemplate.labels | object | `{}` | labels setup for pods spawned to consume ClearML Task (example in values.yaml comments) |
 | agentk8sglue.basePodTemplate.nodeSelector | object | `{}` | nodeSelector setup for pods spawned to consume ClearML Task (example in values.yaml comments) |
+| agentk8sglue.basePodTemplate.podSecurityContext | object | `{}` | securityContext setup for pods spawned to consume ClearML Task (example in values.yaml comments) |
+| agentk8sglue.basePodTemplate.priorityClassName | string | `""` | priorityClassName setup for pods spawned to consume ClearML Task |
 | agentk8sglue.basePodTemplate.resources | object | `{}` | resources declaration for pods spawned to consume ClearML Task (example in values.yaml comments) |
 | agentk8sglue.basePodTemplate.schedulerName | string | `""` | schedulerName setup for pods spawned to consume ClearML Task |
-| agentk8sglue.basePodTemplate.securityContext | object | `{}` | securityContext setup for pods spawned to consume ClearML Task (example in values.yaml comments) |
 | agentk8sglue.basePodTemplate.tolerations | list | `[]` | tolerations setup for pods spawned to consume ClearML Task (example in values.yaml comments) |
 | agentk8sglue.basePodTemplate.volumeMounts | list | `[]` | volume mounts definition for pods spawned to consume ClearML Task (example in values.yaml comments) |
 | agentk8sglue.basePodTemplate.volumes | list | `[]` | volumes definition for pods spawned to consume ClearML Task (example in values.yaml comments) |
 | agentk8sglue.clearmlcheckCertificate | bool | `true` | Check certificates validity for evefry UrlReference below. |
-| agentk8sglue.containerCustomBashScript | string | `""` | Custom Bash script for the Task Pods ran by Glue Agent |
-| agentk8sglue.debugMode | bool | `false` | Enable Debugging logs for Agent pod |
+| agentk8sglue.containerSecurityContext | object | `{}` | container securityContext setup for Agent pod (example in values.yaml comments) |
 | agentk8sglue.defaultContainerImage | string | `"ubuntu:18.04"` | default container image for ClearML Task pod |
 | agentk8sglue.extraEnvs | list | `[]` | Extra Environment variables for Glue Agent |
 | agentk8sglue.fileMounts | list | `[]` | file definition for Glue Agent (example in values.yaml comments) |
 | agentk8sglue.fileServerUrlReference | string | `"https://files.clear.ml"` | Reference to File server url |
-| agentk8sglue.image | object | `{"repository":"allegroai/clearml-agent-k8s-base","tag":"1.24-21"}` | Glue Agent image configuration |
+| agentk8sglue.image | object | `{"registry":"","repository":"allegroai/clearml-agent-k8s-base","tag":"1.24-21"}` | Glue Agent image configuration |
+| agentk8sglue.initContainers | object | `{"resources":{}}` | Glue Agent pod initContainers configs |
+| agentk8sglue.initContainers.resources | object | `{}` | Glue Agent initcontainers pod resources |
 | agentk8sglue.labels | object | `{}` | labels setup for Agent pod (example in values.yaml comments) |
 | agentk8sglue.nodeSelector | object | `{}` | nodeSelector setup for Agent pod (example in values.yaml comments) |
+| agentk8sglue.podSecurityContext | object | `{}` | container securityContext setup for Agent pod (example in values.yaml comments) |
 | agentk8sglue.queue | string | `"default"` | ClearML queue this agent will consume |
 | agentk8sglue.replicaCount | int | `1` | Glue Agent number of pods |
-| agentk8sglue.securityContext | object | `{}` | Web Server pod security context |
+| agentk8sglue.resources | object | `{}` | Glue Agent pod resources |
 | agentk8sglue.serviceExistingAccountName | string | `""` | if set, don't create a serviceAccountName but use defined existing one |
+| agentk8sglue.tolerations | list | `[]` | tolerations setup for Agent pod (example in values.yaml comments) |
 | agentk8sglue.volumeMounts | list | `[]` | volume mounts definition for Glue Agent (example in values.yaml comments) |
 | agentk8sglue.volumes | list | `[]` | volumes definition for Glue Agent (example in values.yaml comments) |
 | agentk8sglue.webServerUrlReference | string | `"https://app.clear.ml"` | Reference to Web server url |
@@ -70,18 +102,8 @@ Kubernetes: `>= 1.21.0-0 < 1.27.0-0`
 | clearml.clearmlConfig | string | `"sdk {\n}"` | ClearML configuration file |
 | clearml.existingAgentk8sglueSecret | string | `""` | If this is set, chart will not generate a secret but will use what is defined here |
 | clearml.existingClearmlConfigSecret | string | `""` | If this is set, chart will not generate a secret but will use what is defined here |
-| enterpriseFeatures | object | `{"agentImageTagOverride":"1.24-57","applyVaultEnvVars":true,"enabled":false,"maxPods":10,"monitoredResources":{"maxResources":0,"maxResourcesFieldName":"resources|limits|nvidia.com/gpu","minResourcesFieldName":"resources|limits|nvidia.com/gpu"},"queues":null,"serviceAccountClusterAccess":false,"useOwnerToken":true}` | Enterprise features (work only with an Enterprise license) |
-| enterpriseFeatures.agentImageTagOverride | string | `"1.24-57"` | Image tag override for enterprise version |
-| enterpriseFeatures.applyVaultEnvVars | bool | `true` | push env vars from Clear.ML Vault to task pods |
-| enterpriseFeatures.enabled | bool | `false` | Enable/Disable Enterprise features |
-| enterpriseFeatures.maxPods | int | `10` | maximum concurrent consume ClearML Task pod |
-| enterpriseFeatures.monitoredResources | object | `{"maxResources":0,"maxResourcesFieldName":"resources|limits|nvidia.com/gpu","minResourcesFieldName":"resources|limits|nvidia.com/gpu"}` | GPU resource general counters |
-| enterpriseFeatures.monitoredResources.maxResources | int | `0` | Maximum resources counter |
-| enterpriseFeatures.monitoredResources.maxResourcesFieldName | string | `"resources|limits|nvidia.com/gpu"` | Field name used by Agent to count maximum resources |
-| enterpriseFeatures.monitoredResources.minResourcesFieldName | string | `"resources|limits|nvidia.com/gpu"` | Field name used by Agent to count minimum resources |
-| enterpriseFeatures.queues | string | `nil` | ClearML queues and related template OVERRIDES used this agent will consume |
-| enterpriseFeatures.serviceAccountClusterAccess | bool | `false` | service account access every namespace flag |
-| enterpriseFeatures.useOwnerToken | bool | `true` | Agent must use owner Token |
+| global | object | `{"imageRegistry":"docker.io"}` | Global parameters section |
+| global.imageRegistry | string | `"docker.io"` | Images registry |
 | imageCredentials | object | `{"email":"someone@host.com","enabled":false,"existingSecret":"","password":"pwd","registry":"docker.io","username":"someone"}` | Private image registry configuration |
 | imageCredentials.email | string | `"someone@host.com"` | Email |
 | imageCredentials.enabled | bool | `false` | Use private authentication mode |
@@ -89,36 +111,10 @@ Kubernetes: `>= 1.21.0-0 < 1.27.0-0`
 | imageCredentials.password | string | `"pwd"` | Registry password |
 | imageCredentials.registry | string | `"docker.io"` | Registry name |
 | imageCredentials.username | string | `"someone"` | Registry username |
-| sessions | object | `{"dynamicSvcs":false,"externalIP":"0.0.0.0","maxServices":20,"portModeEnabled":false,"setInteractiveQueuesTag":true,"startingPort":30000,"svcAnnotations":{},"svcType":"NodePort"}` | Sessions internal service configuration |
-| sessions.dynamicSvcs | bool | `false` | Enable/Disable dynamic svc for sessions pods |
+| sessions | object | `{"externalIP":"0.0.0.0","maxServices":20,"portModeEnabled":false,"startingPort":30000,"svcAnnotations":{},"svcType":"NodePort"}` | Sessions internal service configuration |
 | sessions.externalIP | string | `"0.0.0.0"` | External IP sessions clients can connect to |
 | sessions.maxServices | int | `20` | maximum number of NodePorts exposed |
 | sessions.portModeEnabled | bool | `false` | Enable/Disable sessions portmode WARNING: only one Agent deployment can have this set to true |
-| sessions.setInteractiveQueuesTag | bool | `true` | set interactive queue tags |
 | sessions.startingPort | int | `30000` | starting range of exposed NodePorts |
 | sessions.svcAnnotations | object | `{}` | specific annotations for session services |
 | sessions.svcType | string | `"NodePort"` | service type ("NodePort" or "ClusterIP" or "LoadBalancer") |
-
-# Upgrading Chart
-
-### From v1.x to v2.x
-
-Chart 1.x was under the assumption that all mounted volumes would be PVC's. Version > 2.x allows for more flexibility and will inject the yaml from podTemplate.volumes and podtemplate.volumeMounts directly.
-
-v1.x
-```
-    volumes:
-     - name: "yourvolume"
-       path: "/yourpath"
-```
-
-v2.x
-```
-    volumes:
-     - name: "yourvolume"
-       persistentVolumeClaim:
-         claimName: "yourvolume"
-    volumeMounts:
-     - name: "yourvolume"
-       mountPath: "/yourpath"
-```

charts/clearml-agent/README.md.gotmpl

@@ -14,32 +14,31 @@
 The **clearml-agent** is the Kubernetes agent for for [ClearML](https://github.com/allegroai/clearml).
 It allows you to schedule distributed experiments on a Kubernetes cluster.
 
+# Upgrading Chart
+
+## Upgrades/ Values upgrades
+
+Updating to latest version of this chart can be done in two steps:
+
+```
+helm repo update
+helm upgrade clearml-agent allegroai/clearml-agent
+```
+
+Changing values on existing installation can be done with:
+
+```
+helm upgrade clearml-agent allegroai/clearml-agent --version <CURRENT CHART VERSION> -f custom_values.yaml
+```
+
+### Major upgrade from 3.* to 4.*
+
+Before issuing helm upgrade:
+
+* if using securityContexts check for new value form in values.yaml (podSecurityContext and containerSecurityContext)
+
 {{ template "chart.sourcesSection" . }}
 
 {{ template "chart.requirementsSection" . }}
 
 {{ template "chart.valuesSection" . }}
-
-# Upgrading Chart
-
-### From v1.x to v2.x 
-
-Chart 1.x was under the assumption that all mounted volumes would be PVC's. Version > 2.x allows for more flexibility and will inject the yaml from podTemplate.volumes and podtemplate.volumeMounts directly.
-
-v1.x
-```
-    volumes:
-     - name: "yourvolume"
-       path: "/yourpath"
-```
-
-v2.x
-```
-    volumes:
-     - name: "yourvolume"
-       persistentVolumeClaim:
-         claimName: "yourvolume"
-    volumeMounts:
-     - name: "yourvolume"
-       mountPath: "/yourpath"
-```

charts/clearml-agent/templates/_helpers.tpl

@@ -1,23 +1,56 @@
 {{/*
 Expand the name of the chart.
 */}}
-{{- define "clearml.name" -}}
-{{- .Release.Name | trunc 59 | trimSuffix "-" }}
+{{- define "clearmlAgent.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "clearmlAgent.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
 {{- end }}
 
 {{/*
 Create chart name and version as used by the chart label.
 */}}
-{{- define "clearml.chart" -}}
+{{- define "clearmlAgent.chart" -}}
 {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 59 | trimSuffix "-" }}
 {{- end }}
 
 {{/*
 Common labels
 */}}
-{{- define "clearml.labels" -}}
-helm.sh/chart: {{ include "clearml.chart" . }}
-{{ include "clearml.selectorLabels" . }}
+{{- define "clearmlAgent.labels" -}}
+helm.sh/chart: {{ include "clearmlAgent.chart" . }}
+{{ include "clearmlAgent.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- if $.Values.agentk8sglue.labels }}
+{{ toYaml $.Values.agentk8sglue.labels }}
+{{- end }}
+{{- end }}
+
+{{/*
+Common labels (agentk8sglue)
+*/}}
+{{- define "agentk8sglue.labels" -}}
+helm.sh/chart: {{ include "clearmlAgent.chart" . }}
+{{ include "agentk8sglue.selectorLabels" . }}
 {{- if .Chart.AppVersion }}
 app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
 {{- end }}
@@ -30,7 +63,7 @@ app.kubernetes.io/managed-by: {{ .Release.Service }}
 {{/*
 Common annotations
 */}}
-{{- define "clearml.annotations" -}}
+{{- define "clearmlAgent.annotations" -}}
 {{- if $.Values.agentk8sglue.annotations }}
 {{ toYaml $.Values.agentk8sglue.annotations }}
 {{- end }}
@@ -39,8 +72,8 @@ Common annotations
 {{/*
 Selector labels
 */}}
-{{- define "clearml.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "clearml.name" . }}
+{{- define "clearmlAgent.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "clearmlAgent.fullname" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end }}
 
@@ -48,18 +81,34 @@ app.kubernetes.io/instance: {{ .Release.Name }}
 Selector labels (agentk8sglue)
 */}}
 {{- define "agentk8sglue.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "clearml.name" . }}
-app.kubernetes.io/instance: {{ include "clearml.name" . }}
+app.kubernetes.io/name: {{ include "clearmlAgent.fullname" . }}
+app.kubernetes.io/instance: {{ include "clearmlAgent.fullname" . }}
+{{- end }}
+
+{{/*
+Registry name
+*/}}
+{{- define "registryNamePrefix" -}}
+  {{- $registryName := "" -}}
+  {{- if .globalValues }}
+    {{- if .globalValues.imageRegistry }}
+      {{- $registryName = printf "%s/" .globalValues.imageRegistry -}}
+    {{- end -}}
+  {{- end -}}
+  {{- if .imageRegistryValue }}
+    {{- $registryName = printf "%s/" .imageRegistryValue -}}
+  {{- end -}}
+{{- printf "%s" $registryName }}
 {{- end }}
 
 {{/*
 Create the name of the service account to use
 */}}
-{{- define "clearml.serviceAccountName" -}}
+{{- define "clearmlAgent.serviceAccountName" -}}
 {{- if .Values.agentk8sglue.serviceExistingAccountName }}
 {{- .Values.agentk8sglue.serviceExistingAccountName }}
 {{- else }}
-{{- include "clearml.name" . }}-sa
+{{- include "clearmlAgent.fullname" . }}-sa
 {{- end }}
 {{- end }}
 
@@ -71,15 +120,3 @@ Create secret to access docker registry
 {{- printf "{\"auths\":{\"%s\":{\"username\":\"%s\",\"password\":\"%s\",\"email\":\"%s\",\"auth\":\"%s\"}}}" .registry .username .password .email (printf "%s:%s" .username .password | b64enc) | b64enc }}
 {{- end }}
 {{- end }}
-
-
-{{/*
-Create a string composed by queue names
-*/}}
-{{- define "agentk8sglue.queues" -}}
-{{- $list := list }}
-{{- range $key, $value := .Values.enterpriseFeatures.queues }}
-{{- $list = append $list (printf "%s" $key) }}
-{{- end }}
-{{- join " " $list }}
-{{- end }}

charts/clearml-agent/templates/agentk8sglue-configmap.yaml

@@ -1,188 +1,8 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
-  name: {{ include "clearml.name" . }}-pt
+  name: {{ include "clearmlAgent.fullname" . }}-pt
 data:
-{{- if .Values.enterpriseFeatures.enabled }}
-  template.yaml: |
-    {{- range $key, $value := $.Values.enterpriseFeatures.queues }}
-    {{ $key }}:
-      apiVersion: v1
-      metadata:
-        namespace: {{ $.Release.Namespace }}
-        {{- if $value.templateOverrides.labels }}
-        labels:
-        {{- toYaml $value.templateOverrides.labels | nindent 10 }}
-        {{- else if $.Values.agentk8sglue.basePodTemplate.labels }}
-        labels:
-        {{- toYaml $.Values.agentk8sglue.basePodTemplate.labels | nindent 10 }}
-        {{- end}}
-        {{- if $value.templateOverrides.annotations }}
-        annotations:
-        {{- toYaml $value.templateOverrides.annotations | nindent 10 }}
-        {{- else if $.Values.agentk8sglue.basePodTemplate.annotations }}
-        annotations:
-        {{- toYaml $.Values.agentk8sglue.basePodTemplate.annotations | nindent 10 }}
-        {{- end}}
-      spec:
-        {{- if $.Values.imageCredentials.enabled }}
-        imagePullSecrets:
-        {{- if $.Values.imageCredentials.existingSecret }}
-          - name: $.Values.imageCredentials.existingSecret
-        {{- else }}
-          - name: {{ include "clearml.name" $ }}-ark
-        {{- end }}
-        {{- end }}
-        {{- if $value.templateOverrides.schedulerName }}
-        schedulerName: {{ $value.templateOverrides.schedulerName }}
-        {{- else if $.Values.agentk8sglue.basePodTemplate.schedulerName }}
-        schedulerName: {{ $.Values.agentk8sglue.basePodTemplate.schedulerName }}
-        {{- end}}
-        restartPolicy: Never
-        {{- if $value.templateOverrides.securityContext }}
-        securityContext:
-        {{- toYaml $value.templateOverrides.securityContext | nindent 10 }}
-        {{- else if $.Values.agentk8sglue.basePodTemplate.securityContext }}
-        securityContext:
-        {{- toYaml $.Values.agentk8sglue.basePodTemplate.securityContext | nindent 10 }}
-        {{- end}}
-        {{- if $value.templateOverrides.hostAliases }}
-          {{- with $value.templateOverrides.hostAliases }}
-        hostAliases:
-            {{- toYaml . | nindent 10 }}
-          {{- end }}
-        {{- else if $.Values.agentk8sglue.basePodTemplate.hostAliases }}
-          {{- with $.Values.agentk8sglue.basePodTemplate.hostAliases }}
-        hostAliases:
-            {{- toYaml . | nindent 10 }}
-          {{- end }}
-        {{- end }}
-        volumes:
-        {{- if $value.templateOverrides.volumes }}
-        {{- toYaml $value.templateOverrides.volumes | nindent 10 }}
-        {{- else if $.Values.agentk8sglue.basePodTemplate.volumes }}
-        {{- toYaml $.Values.agentk8sglue.basePodTemplate.volumes | nindent 10 }}
-        {{- end }}
-        {{- if $value.templateOverrides.fileMounts }}
-          - name: filemounts
-            secret:
-              secretName: {{ include "clearml.name" $ }}-{{ $key }}-fm
-        {{- else if $.Values.agentk8sglue.basePodTemplate.fileMounts }}
-          - name: filemounts
-            secret:
-              secretName: {{ include "clearml.name" $ }}-fm
-        {{- end }}
-        {{- if not $.Values.enterpriseFeatures.serviceAccountClusterAccess }}
-        serviceAccountName: {{ include "clearml.serviceAccountName" $ }}
-        {{- end }}
-        {{- if $value.templateOverrides.initContainers }}
-        initContainers:
-        {{- toYaml $value.templateOverrides.initContainers | nindent 10 }}
-        {{- else if $.Values.agentk8sglue.basePodTemplate.initContainers }}
-        initContainers:
-        {{- toYaml $.Values.agentk8sglue.basePodTemplate.initContainers | nindent 10 }}
-        {{- end }}
-        containers:
-        - resources:
-          {{- if $value.templateOverrides.resources }}
-          {{- toYaml $value.templateOverrides.resources | nindent 12 }}
-          {{- else if $.Values.agentk8sglue.basePodTemplate.resources }}
-          {{- toYaml $.Values.agentk8sglue.basePodTemplate.resources | nindent 12 }}
-          {{- end}}
-          ports:
-            - containerPort: 10022
-          volumeMounts:
-          {{- if $value.templateOverrides.volumeMounts }}
-          {{- toYaml $value.templateOverrides.volumeMounts | nindent 12 }}
-          {{- else if $.Values.agentk8sglue.basePodTemplate.volumeMounts }}
-          {{- toYaml $.Values.agentk8sglue.basePodTemplate.volumeMounts | nindent 12 }}
-          {{- end }}
-          {{- if $value.templateOverrides.fileMounts }}
-          {{- range $value.templateOverrides.fileMounts }}
-            - name: filemounts
-              mountPath: "{{ .folderPath }}/{{ .name }}"
-              subPath: "{{ .name }}"
-              readOnly: true
-          {{- end }}
-          {{- else if $.Values.agentk8sglue.basePodTemplate.fileMounts }}
-          {{- range $.Values.agentk8sglue.basePodTemplate.fileMounts }}
-            - name: filemounts
-              mountPath: "{{ .folderPath }}/{{ .name }}"
-              subPath: "{{ .name }}"
-              readOnly: true
-          {{- end }}
-          {{- end }}
-          env:
-            - name: CLEARML_API_HOST
-              value: {{ $.Values.agentk8sglue.apiServerUrlReference }}
-            - name: CLEARML_WEB_HOST
-              value: {{ $.Values.agentk8sglue.webServerUrlReference }}
-            - name: CLEARML_FILES_HOST
-              value: {{ $.Values.agentk8sglue.fileServerUrlReference }}
-            {{- if not $.Values.enterpriseFeatures.useOwnerToken }}
-            - name: CLEARML_API_ACCESS_KEY
-              valueFrom:
-                secretKeyRef:
-                  {{- if $.Values.clearml.existingAgentk8sglueSecret }}
-                  name: {{ $.Values.clearml.existingAgentk8sglueSecret }}
-                  {{- else }}
-                  name: {{ include "clearml.name" $ }}-ac
-                  {{- end }}
-                  key: agentk8sglue_key
-            - name: CLEARML_API_SECRET_KEY
-              valueFrom:
-                secretKeyRef:
-                  {{- if $.Values.clearml.existingAgentk8sglueSecret }}
-                  name: {{ $.Values.clearml.existingAgentk8sglueSecret }}
-                  {{- else }}
-                  name: {{ include "clearml.name" $ }}-ac
-                  {{- end }}
-                  key: agentk8sglue_secret
-            {{- end }}
-            - name: PYTHONUNBUFFERED
-              value: "x"
-            {{- if not $.Values.agentk8sglue.clearmlcheckCertificate }}
-            - name: CLEARML_API_HOST_VERIFY_CERT
-              value: "false"
-          {{- end }}
-          {{- if $value.templateOverrides.env }}
-          {{- toYaml $value.templateOverrides.env | nindent 12 }}
-          {{- else if $.Values.agentk8sglue.basePodTemplate.env }}
-          {{- toYaml $.Values.agentk8sglue.basePodTemplate.env | nindent 12 }}
-          {{- end }}
-        {{- if $value.templateOverrides.nodeSelector }}
-          {{- with $value.templateOverrides.nodeSelector }}
-        nodeSelector:
-            {{- toYaml . | nindent 12 }}
-          {{- end }}
-        {{- else if $.Values.agentk8sglue.basePodTemplate.nodeSelector }}
-          {{- with $.Values.agentk8sglue.basePodTemplate.nodeSelector }}
-        nodeSelector:
-            {{- toYaml . | nindent 10 }}
-          {{- end }}
-        {{- end }}
-        {{- if $value.templateOverrides.tolerations }}
-          {{- with $value.templateOverrides.tolerations }}
-        tolerations:
-            {{- toYaml . | nindent 10 }}
-          {{- end }}
-        {{- else if $.Values.agentk8sglue.basePodTemplate.tolerations }}
-          {{- with $.Values.agentk8sglue.basePodTemplate.tolerations }}
-        tolerations:
-            {{- toYaml . | nindent 10 }}
-          {{- end }}
-        {{- end }}
-    {{- end }}
-  secrets.yaml: |
-    {{- range $key, $value := $.Values.enterpriseFeatures.queues }}
-    {{ $key }}:
-      {{- if $value.templateOverrides.fileMounts }}
-        - {{ include "clearml.name" $ }}-{{ $key }}-fm
-      {{- else if $.Values.agentk8sglue.basePodTemplate.fileMounts }}
-        - {{ include "clearml.name" $ }}-fm
-      {{- end }}
-    {{- end }}
-{{- else }}
   template.yaml: |
     apiVersion: v1
     metadata:
@@ -195,19 +15,26 @@ data:
       {{- if .Values.imageCredentials.enabled }}
       imagePullSecrets:
       {{- if .Values.imageCredentials.existingSecret }}
-      - name: {{.Values.imageCredentials.existingSecret}}
+      - name: {{ .Values.imageCredentials.existingSecret }}
       {{- else }}
-      - name: name: {{ include "clearml.name" $ }}-ark
+      - name: {{ include "clearmlAgent.fullname" $ }}-ark
       {{- end }}
       {{- end }}
       {{- with .Values.agentk8sglue.basePodTemplate.volumes }}
       volumes:
       {{- toYaml . | nindent 8 }}
       {{- end }}
-      serviceAccountName: {{ include "clearml.serviceAccountName" $ }}
+      serviceAccountName: {{ include "clearmlAgent.serviceAccountName" $ }}
+      securityContext:
+        {{ toYaml .Values.agentk8sglue.basePodTemplate.podSecurityContext | nindent 8 }}
+      priorityClassName: {{ .Values.agentk8sglue.basePodTemplate.priorityClassName }}
+      initContainers:
+        {{- toYaml .Values.agentk8sglue.basePodTemplate.initContainers | nindent 8 }}
       containers:
       - resources:
           {{- toYaml .Values.agentk8sglue.basePodTemplate.resources | nindent 10 }}
+        securityContext:
+          {{ toYaml .Values.agentk8sglue.basePodTemplate.containerSecurityContext | nindent 10 }}
         ports:
         - containerPort: 10022
         {{- with .Values.agentk8sglue.basePodTemplate.volumeMounts }}
@@ -227,7 +54,7 @@ data:
               {{- if .Values.clearml.existingAgentk8sglueSecret }}
               name: {{ .Values.clearml.existingAgentk8sglueSecret }}
               {{- else }}
-              name: {{ include "clearml.name" . }}-ac
+              name: {{ include "clearmlAgent.fullname" . }}-ac
               {{- end }}
               key: agentk8sglue_key
         - name: CLEARML_API_SECRET_KEY
@@ -236,7 +63,7 @@ data:
               {{- if .Values.clearml.existingAgentk8sglueSecret }}
               name: {{ .Values.clearml.existingAgentk8sglueSecret }}
               {{- else }}
-              name: {{ include "clearml.name" . }}-ac
+              name: {{ include "clearmlAgent.fullname" . }}-ac
               {{- end }}
               key: agentk8sglue_secret
         {{- if .Values.agentk8sglue.basePodTemplate.env }}
@@ -250,7 +77,10 @@ data:
       tolerations:
           {{- toYaml . | nindent 8 }}
         {{- end }}
-{{- end }}
+        {{- with .Values.agentk8sglue.basePodTemplate.affinity }}
+      affinity:
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
 {{- if .Values.sessions.portModeEnabled }}
 {{- range untilStep 1 ( ( add .Values.sessions.maxServices 1 ) | int ) 1 }}
   services-{{ . }}.yaml: |
@@ -259,7 +89,7 @@ data:
     metadata:
       name: clearml-session-{{ . }}
       labels:
-        {{- include "clearml.labels" $ | nindent 8 }}
+        {{- include "clearmlAgent.labels" $ | nindent 8 }}
       {{- with $.Values.sessions.svcAnnotations }}
       annotations:
         {{- toYaml . | nindent 8 }}

charts/clearml-agent/templates/agentk8sglue-deployment.yaml

@@ -1,11 +1,11 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: {{ include "clearml.name" . }}
+  name: {{ include "clearmlAgent.fullname" . }}
   labels:
-    {{- include "clearml.labels" . | nindent 4 }}
+    {{- include "agentk8sglue.labels" . | nindent 4 }}
   annotations:
-    {{- include "clearml.annotations" . | nindent 4 }}
+    {{- include "clearmlAgent.annotations" . | nindent 4 }}
 spec:
   replicas: {{ .Values.agentk8sglue.replicaCount }}
   selector:
@@ -14,186 +14,157 @@ spec:
   template:
     metadata:
       annotations:
-        checksum/config: {{ printf "%s%s" .Values.clearml .Values.agentk8sglue | sha256sum }}
-        {{- include "clearml.annotations" . | nindent 8 }}
+        checksum/config: {{ printf "%s" .Values | sha256sum }}
+        {{- include "clearmlAgent.annotations" . | nindent 8 }}
       labels:
-        {{- include "clearml.labels" . | nindent 8 }}
+        {{- include "agentk8sglue.labels" . | nindent 8 }}
     spec:
       {{- if .Values.imageCredentials.enabled }}
       imagePullSecrets:
       {{- if .Values.imageCredentials.existingSecret }}
-      - name: .Values.imageCredentials.existingSecret
+      - name: {{ .Values.imageCredentials.existingSecret }}
       {{- else }}
-      - name: {{ include "clearml.name" . }}-ark
+      - name: {{ include "clearmlAgent.fullname" . }}-ark
       {{- end }}
       {{- end }}
-      serviceAccountName: {{ include "clearml.serviceAccountName" . }}
-      securityContext: {{ toYaml .Values.agentk8sglue.securityContext | nindent 8 }}
+      serviceAccountName: {{ include "clearmlAgent.serviceAccountName" . }}
+      securityContext:
+        {{ toYaml .Values.agentk8sglue.podSecurityContext | nindent 8 }}
       initContainers:
-      - name: init-k8s-glue
-        {{- if .Values.enterpriseFeatures.enabled }}
-        image: "{{ .Values.agentk8sglue.image.repository }}:{{ .Values.enterpriseFeatures.agentImageTagOverride }}"
-        {{- else }}
-        image: "{{ .Values.agentk8sglue.image.repository }}:{{ .Values.agentk8sglue.image.tag }}"
-        {{- end }}
-        command:
-          - /bin/sh
-          - -c
-          - >
-            set -x;
-            while [ $(curl {{ if not .Values.agentk8sglue.clearmlcheckCertificate }}--insecure{{ end }} -sw '%{http_code}' "{{.Values.agentk8sglue.apiServerUrlReference}}/debug.ping" -o /dev/null) -ne 200 ] ; do
-              echo "waiting for apiserver" ;
-              sleep 5 ;
-            done;
-            while [[ $(curl {{ if not .Values.agentk8sglue.clearmlcheckCertificate }}--insecure{{ end }} -sw '%{http_code}' "{{.Values.agentk8sglue.fileServerUrlReference}}/" -o /dev/null) =~ 403|405 ]] ; do
-              echo "waiting for fileserver" ;
-              sleep 5 ;
-            done;
-            while [ $(curl {{ if not .Values.agentk8sglue.clearmlcheckCertificate }}--insecure{{ end }} -sw '%{http_code}' "{{.Values.agentk8sglue.webServerUrlReference}}/" -o /dev/null) -ne 200 ] ; do
-              echo "waiting for webserver" ;
-              sleep 5 ;
-            done
+        - name: init-k8s-glue
+          image: "{{ include "registryNamePrefix" (dict "globalValues" .Values.global "imageRegistryValue" .Values.agentk8sglue.image.registry) }}{{ .Values.agentk8sglue.image.repository }}:{{ .Values.agentk8sglue.image.tag }}"
+          command:
+            - /bin/sh
+            - -c
+            - >
+              set -x;
+              while [ $(curl {{ if not .Values.agentk8sglue.clearmlcheckCertificate }}--insecure{{ end }} -sw '%{http_code}' "{{.Values.agentk8sglue.apiServerUrlReference}}/debug.ping" -o /dev/null) -ne 200 ] ; do
+                echo "waiting for apiserver" ;
+                sleep 5 ;
+              done;
+              while [[ $(curl {{ if not .Values.agentk8sglue.clearmlcheckCertificate }}--insecure{{ end }} -sw '%{http_code}' "{{.Values.agentk8sglue.fileServerUrlReference}}/" -o /dev/null) =~ 403|405 ]] ; do
+                echo "waiting for fileserver" ;
+                sleep 5 ;
+              done;
+              while [ $(curl {{ if not .Values.agentk8sglue.clearmlcheckCertificate }}--insecure{{ end }} -sw '%{http_code}' "{{.Values.agentk8sglue.webServerUrlReference}}/" -o /dev/null) -ne 200 ] ; do
+                echo "waiting for webserver" ;
+                sleep 5 ;
+              done
+          securityContext:
+            {{ toYaml .Values.agentk8sglue.containerSecurityContext | nindent 12 }}
+          resources:
+            {{- toYaml .Values.agentk8sglue.initContainers.resources | nindent 12 }}
       containers:
-      - name: k8s-glue
-        {{- if .Values.enterpriseFeatures.enabled }}
-        image: "{{ .Values.agentk8sglue.image.repository }}:{{ .Values.enterpriseFeatures.agentImageTagOverride }}"
-        {{- else }}
-        image: "{{ .Values.agentk8sglue.image.repository }}:{{ .Values.agentk8sglue.image.tag }}"
-        {{- end }}
-        imagePullPolicy: IfNotPresent
-        command:
-          - /bin/bash
-          - -c
-          - >
-            export PATH=$PATH:$HOME/bin;
-            source /root/.bashrc && /root/entrypoint.sh
-        volumeMounts:
-          - name: {{ include "clearml.name" . }}-pt
-            mountPath: /root/template
-          {{ if .Values.clearml.clearmlConfig }}
-          - name: k8sagent-clearml-conf-volume
-            mountPath: /root/clearml.conf
-            subPath: clearml.conf
-            readOnly: true
-          {{- end }}
-          {{- if .Values.agentk8sglue.volumeMounts }}
-          {{- toYaml .Values.agentk8sglue.volumeMounts | nindent 10 }}
-          {{- end }}
-          {{- range .Values.agentk8sglue.fileMounts }}
-          - name: filemounts
-            mountPath: "{{ .folderPath }}/{{ .name }}"
-            subPath: "{{ .name }}"
-            readOnly: true
-          {{- end }}
-        env:
-          - name: CLEARML_API_HOST
-            value: "{{.Values.agentk8sglue.apiServerUrlReference}}"
-          - name: CLEARML_WEB_HOST
-            value: "{{.Values.agentk8sglue.webServerUrlReference}}"
-          - name: CLEARML_FILES_HOST
-            value: "{{.Values.agentk8sglue.fileServerUrlReference}}"
-          {{- if not .Values.agentk8sglue.clearmlcheckCertificate }}
-          - name: CLEARML_API_HOST_VERIFY_CERT
-            value: "false"
-          {{- end }}
-          {{- if .Values.sessions.portModeEnabled }}
-          - name: K8S_GLUE_EXTRA_ARGS
-            value: "--namespace {{ .Release.Namespace }} --template-yaml /root/template/template.yaml \
-                    --ports-mode --num-of-services {{ .Values.sessions.maxServices }} \
-                    --base-port {{ .Values.sessions.startingPort }} \
-                    --gateway-address {{ .Values.sessions.externalIP }}{{ if .Values.enterpriseFeatures.enabled }}{{ if .Values.enterpriseFeatures.useOwnerToken }} --use-owner-token{{ end }}{{ end }}"
-          {{- if .Values.sessions.dynamicSvcs }}
-          - name: CLEARML_K8S_GLUE_POD_POST_APPLY_CMD
-            value: "kubectl -n {namespace} apply -f ~/template/services-{pod_number}.yaml ; kubectl -n {namespace} label svc clearml-session-{pod_number} service-for={pod_name}"
-          - name: CLEARML_K8S_GLUE_POD_POST_DELETE_CMD
-            value: "kubectl -n {namespace} delete svc -l service-for={pod_name}"
-          {{- end }}
-          {{- else}}
-          - name: K8S_GLUE_EXTRA_ARGS
-            value: "--namespace {{ .Release.Namespace }} --template-yaml /root/template/template.yaml \
-                    --max-pods {{.Values.enterpriseFeatures.maxPods}}{{ if .Values.enterpriseFeatures.enabled }}{{ if .Values.enterpriseFeatures.useOwnerToken }} --use-owner-token{{ end }}{{ end }}"
-          {{- end }}
-          - name: CLEARML_K8S_GLUE_LIMIT_POD_LABEL
-            value: "ai.allegro.agent.serial=pod-{pod_number}"
-          - name: CLEARML_K8S_SECRETS_LIST_FILE
-            value: /root/template/secrets.yaml
-          - name: K8S_DEFAULT_NAMESPACE
-            value: "{{ .Release.Namespace }}"
-          - name: CLEARML_API_ACCESS_KEY
-            valueFrom:
-              secretKeyRef:
-                name: {{ include "clearml.name" . }}-ac
-                key: agentk8sglue_key
-          - name: CLEARML_API_SECRET_KEY
-            valueFrom:
-              secretKeyRef:
-                name: {{ include "clearml.name" . }}-ac
-                key: agentk8sglue_secret
-          - name: CLEARML_WORKER_ID
-            value: {{ include "clearml.name" . }}
-          - name: CLEARML_AGENT_UPDATE_REPO
-            value: ""
-          - name: FORCE_CLEARML_AGENT_REPO
-            value: "" 
-          - name: CLEARML_DOCKER_IMAGE
-            value: "{{.Values.agentk8sglue.defaultContainerImage}}"
-          {{ if .Values.agentk8sglue.customBashScript }}
-          - name: CLEARML_K8S_GLUE_EXTRA_BASH_SCRIPT
-            value: "{{.Values.agentk8sglue.customBashScript}}"
-          {{- end }}
-          {{ if .Values.agentk8sglue.containerCustomBashScript }}
-          - name: CLEARML_K8S_GLUE_POD_BASH_SCRIPT
-            value: "{{.Values.agentk8sglue.containerCustomBashScript}}"
-          {{- end }}
-          {{- if .Values.agentk8sglue.debugMode }}
-          - name: "CLEARML_K8S_GLUE_DEBUG"
-            value: "1"
-          {{- end }}
-          {{- if .Values.agentk8sglue.extraEnvs }}
-          {{ toYaml .Values.agentk8sglue.extraEnvs | nindent 10 }}
-          {{- end }}
-          {{- if  .Values.sessions.portModeEnabled }}
-          {{- if  .Values.sessions.setInteractiveQueuesTag }}
-          - name: "CLEARML_K8S_GLUE_SET_QUEUE_SYSTEM_TAGS"
-            value: "interactive"
-          {{- end }}
-          {{- end }}
-          {{- if .Values.enterpriseFeatures.enabled }}
-          - name: K8S_GLUE_QUEUE
-            value: {{ include "agentk8sglue.queues" . | quote }}
-          - name: CLEARML_K8S_GLUE_APPLY_VAULT_ENV_VARS
-            value: {{ .Values.enterpriseFeatures.applyVaultEnvVars | quote }}
-          - name: "CLEARML_K8S_GLUE_POD_MIN_RES_FIELD"
-            value: {{.Values.enterpriseFeatures.monitoredResources.minResourcesFieldName}}
-          - name: "CLEARML_K8S_GLUE_MAX_RESOURCES"
-            value: "{{.Values.enterpriseFeatures.monitoredResources.maxResources}}"
-          - name: "CLEARML_K8S_GLUE_POD_MAX_RES_FIELD"
-            value: {{.Values.enterpriseFeatures.monitoredResources.maxResourcesFieldName}}
-          {{- else }}
-          - name: K8S_GLUE_QUEUE
-            value: {{ .Values.agentk8sglue.queue }}
-          {{- end }}
+        - name: k8s-glue
+          image: "{{ include "registryNamePrefix" (dict "globalValues" .Values.global "imageRegistryValue" .Values.agentk8sglue.image.registry) }}{{ .Values.agentk8sglue.image.repository }}:{{ .Values.agentk8sglue.image.tag }}"
+          imagePullPolicy: IfNotPresent
+          command:
+            - /bin/bash
+            - -c
+            - >
+              export PATH=$PATH:$HOME/bin;
+              source /root/.bashrc && /root/entrypoint.sh
+          volumeMounts:
+            - name: {{ include "clearmlAgent.fullname" . }}-pt
+              mountPath: /root/template
+            {{ if .Values.clearml.clearmlConfig }}
+            - name: k8sagent-clearml-conf-volume
+              mountPath: /root/clearml.conf
+              subPath: clearml.conf
+              readOnly: true
+            {{- end }}
+            {{- if .Values.agentk8sglue.volumeMounts }}
+            {{- toYaml .Values.agentk8sglue.volumeMounts | nindent 10 }}
+            {{- end }}
+            {{- range .Values.agentk8sglue.fileMounts }}
+            - name: filemounts
+              mountPath: "{{ .folderPath }}/{{ .name }}"
+              subPath: "{{ .name }}"
+              readOnly: true
+            {{- end }}
+          env:
+            - name: CLEARML_API_HOST
+              value: "{{.Values.agentk8sglue.apiServerUrlReference}}"
+            - name: CLEARML_WEB_HOST
+              value: "{{.Values.agentk8sglue.webServerUrlReference}}"
+            - name: CLEARML_FILES_HOST
+              value: "{{.Values.agentk8sglue.fileServerUrlReference}}"
+            {{- if not .Values.agentk8sglue.clearmlcheckCertificate }}
+            - name: CLEARML_API_HOST_VERIFY_CERT
+              value: "false"
+            {{- end }}
+            {{- if .Values.sessions.portModeEnabled }}
+            - name: K8S_GLUE_EXTRA_ARGS
+              value: "--namespace {{ .Release.Namespace }} --template-yaml /root/template/template.yaml \
+                      --ports-mode --num-of-services {{ .Values.sessions.maxServices }} \
+                      --base-port {{ .Values.sessions.startingPort }} \
+                      --gateway-address {{ .Values.sessions.externalIP }}"
+            {{- else}}
+            - name: K8S_GLUE_EXTRA_ARGS
+              value: "--namespace {{ .Release.Namespace }} --template-yaml /root/template/template.yaml"
+            {{- end }}
+            {{- if .Values.clearml.clearmlConfig }}
+            - name: CLEARML_CONFIG_FILE
+              value: /root/clearml.conf
+            {{- end }}
+            - name: K8S_DEFAULT_NAMESPACE
+              value: "{{ .Release.Namespace }}"
+            - name: CLEARML_API_ACCESS_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "clearmlAgent.fullname" . }}-ac
+                  key: agentk8sglue_key
+            - name: CLEARML_API_SECRET_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "clearmlAgent.fullname" . }}-ac
+                  key: agentk8sglue_secret
+            - name: CLEARML_WORKER_ID
+              value: {{ include "clearmlAgent.fullname" . }}
+            - name: CLEARML_AGENT_UPDATE_REPO
+              value: ""
+            - name: FORCE_CLEARML_AGENT_REPO
+              value: "" 
+            - name: CLEARML_DOCKER_IMAGE
+              value: "{{.Values.agentk8sglue.defaultContainerImage}}"
+            - name: K8S_GLUE_QUEUE
+              value: {{ .Values.agentk8sglue.queue }}
+            {{- if .Values.agentk8sglue.extraEnvs }}
+            {{ toYaml .Values.agentk8sglue.extraEnvs | nindent 12 }}
+            {{- end }}
+          securityContext:
+            {{ toYaml .Values.agentk8sglue.containerSecurityContext | nindent 12 }}
+          resources:
+            {{- toYaml .Values.agentk8sglue.resources | nindent 12 }}
       {{- with .Values.agentk8sglue.nodeSelector}}
       nodeSelector:
         {{- toYaml . | nindent 8 }}
       {{- end }}
+      {{- with .Values.agentk8sglue.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.agentk8sglue.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
       volumes:
-        - name: {{ include "clearml.name" . }}-pt
+        - name: {{ include "clearmlAgent.fullname" . }}-pt
           configMap:
-            name: {{ include "clearml.name" . }}-pt
+            name: {{ include "clearmlAgent.fullname" . }}-pt
         {{ if .Values.clearml.clearmlConfig }}
         - name: k8sagent-clearml-conf-volume
           secret:
-            secretName: {{ include "clearml.name" . }}-ac
+            secretName: {{ include "clearmlAgent.fullname" . }}-ac
             items:
             - key: clearml.conf
               path: clearml.conf
         {{ end }}
-        {{- if .Values.agentk8sglue.volumes }}
-        {{- toYaml .Values.agentk8sglue.volumes | nindent 8 }}
-        {{- end }}
         {{ if .Values.agentk8sglue.fileMounts }}
         - name: filemounts
           secret:
-            secretName: {{ include "clearml.name" . }}-afm
+            secretName: {{ include "clearmlAgent.fullname" . }}-afm
+        {{ end }}
+        {{- if .Values.agentk8sglue.volumes }}
+        {{- toYaml .Values.agentk8sglue.volumes | nindent 8 }}
         {{- end }}

charts/clearml-agent/templates/agentk8sglue-rbac.yaml

@@ -2,47 +2,14 @@
 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  name: {{ include "clearml.serviceAccountName" . }}
+  name: {{ include "clearmlAgent.serviceAccountName" . }}
   namespace: {{ .Release.Namespace }}
 {{- end }}
-{{- if .Values.enterpriseFeatures.serviceAccountClusterAccess }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: {{ include "clearml.name" . }}-kpa
-rules:
-  - apiGroups:
-      - ""
-    resources:
-      - pods
-      - secrets
-      - services
-    verbs: ["get", "list", "watch", "create", "patch", "delete"]
-  - apiGroups:
-      - ""
-    resources:
-      - namespaces
-    verbs: ["list"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: {{ include "clearml.name" . }}-kpa
-subjects:
-  - kind: ServiceAccount
-    name: {{ include "clearml.serviceAccountName" . }}
-    namespace: {{ .Release.Namespace }}
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: {{ include "clearml.name" . }}-kpa
-{{- else }}
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
-  name: {{ include "clearml.name" . }}-kpa
+  name: {{ include "clearmlAgent.fullname" . }}-kpa
 rules:
   - apiGroups:
       - ""
@@ -50,23 +17,61 @@ rules:
       - pods
       - secrets
       - services
+      - events
     verbs: ["get", "list", "watch", "create", "patch", "delete"]
   - apiGroups:
       - ""
     resources:
       - namespaces
     verbs: ["list"]
+  {{- if .Values.agentk8sglue.taskAsJob }}
+  - apiGroups:
+      - batch
+      - extensions
+    resources:
+      - jobs
+    verbs: ["get", "list", "watch", "create", "patch", "delete"]
+  {{- end }}    
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
-  name: {{ include "clearml.name" . }}-kpa
+  name: {{ include "clearmlAgent.fullname" . }}-kpa
 subjects:
   - kind: ServiceAccount
-    name: {{ include "clearml.serviceAccountName" . }}
+    name: {{ include "clearmlAgent.serviceAccountName" . }}
     namespace: {{ .Release.Namespace }}
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
-  name: {{ include "clearml.name" . }}-kpa
+  name: {{ include "clearmlAgent.fullname" . }}-kpa
+{{- range .Values.agentk8sglue.additionalClusterRoleBindings }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ include "clearmlAgent.fullname" $ }}-kpa-{{ . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ include "clearmlAgent.serviceAccountName" $ }}
+    namespace: {{ $.Release.Namespace }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ . }}
+{{- end }}
+{{- range .Values.agentk8sglue.additionalRoleBindings }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ include "clearmlAgent.fullname" $ }}-kpa-{{ . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ include "clearmlAgent.serviceAccountName" $ }}
+    namespace: {{ $.Release.Namespace }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: {{ . }}
 {{- end }}

charts/clearml-agent/templates/clearml-secrets.yaml

@@ -1,7 +1,7 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: {{ include "clearml.name" . }}-ac
+  name: {{ include "clearmlAgent.fullname" . }}-ac
 data:
   agentk8sglue_key: {{ .Values.clearml.agentk8sglueKey | b64enc }}
   agentk8sglue_secret: {{ .Values.clearml.agentk8sglueSecret | b64enc }}
@@ -12,7 +12,7 @@ data:
 apiVersion: v1
 kind: Secret
 metadata:
-  name: {{ include "clearml.name" . }}-ark
+  name: {{ include "clearmlAgent.fullname" . }}-ark
 type: kubernetes.io/dockerconfigjson
 data:
   .dockerconfigjson: {{ template "imagePullSecret" . }}

charts/clearml-agent/templates/service-secret.yaml

@@ -2,36 +2,9 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: {{ include "clearml.name" . }}-afm
+  name: {{ include "clearmlAgent.fullname" . }}-afm
 data:
   {{- range .Values.agentk8sglue.fileMounts }}
   {{ .name }}: {{ .fileContent | b64enc }}
   {{- end }}
 {{ end }}
----
-{{- if .Values.enterpriseFeatures.enabled }}
-{{ if .Values.agentk8sglue.basePodTemplate.fileMounts }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ include "clearml.name" . }}-fm
-data:
-  {{- range .Values.agentk8sglue.basePodTemplate.fileMounts }}
-  {{ .name }}: {{ .fileContent | b64enc }}
-  {{- end }}
-{{ end }}
----
-{{- range $key, $value := $.Values.agentk8sglue.queues }}
-{{ if .templateOverrides.fileMounts }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ include "clearml.name" $ }}-{{ $key }}-fm
-data:
-  {{- range .templateOverrides.fileMounts }}
-  {{ .name }}: {{ .fileContent | b64enc }}
-  {{- end }}
-{{ end }}
----
-{{- end }}
-{{- end }}

charts/clearml-agent/templates/service-sessions.yaml

@@ -1,5 +1,4 @@
 {{- if .Values.sessions.portModeEnabled }}
-{{- if not .Values.sessions.dynamicSvcs }}
 {{- range untilStep 1 ( ( add .Values.sessions.maxServices 1 ) | int ) 1 }}
 ---
 apiVersion: v1
@@ -7,7 +6,7 @@ kind: Service
 metadata:
   name: clearml-session-{{ . }}
   labels:
-    {{- include "clearml.labels" $ | nindent 4 }}
+    {{- include "clearmlAgent.labels" $ | nindent 4 }}
   {{- with $.Values.sessions.svcAnnotations }}
   annotations:
     {{- toYaml . | nindent 4 }}
@@ -29,4 +28,3 @@ spec:
     ai.allegro.agent.serial: pod-{{ . }}
 {{- end }}
 {{- end }}
-{{- end }}

charts/clearml-agent/values.yaml

@@ -1,3 +1,8 @@
+# -- Global parameters section
+global:
+  # -- Images registry
+  imageRegistry: "docker.io"
+
 # -- Private image registry configuration
 imageCredentials:
   # -- Use private authentication mode
@@ -35,21 +40,27 @@ clearml:
 agentk8sglue:
   # -- Glue Agent image configuration
   image:
+    registry: ""
     repository: "allegroai/clearml-agent-k8s-base"
     tag: "1.24-21"
 
   # -- Glue Agent number of pods
   replicaCount: 1
 
+  # -- Glue Agent pod resources
+  resources: {}
+
+  # -- Glue Agent pod initContainers configs
+  initContainers:
+    # -- Glue Agent initcontainers pod resources
+    resources: {}
+
   # -- if set, don't create a serviceAccountName but use defined existing one
   serviceExistingAccountName: ""
 
   # -- Check certificates validity for evefry UrlReference below.
   clearmlcheckCertificate: true
 
-  # -- Enable Debugging logs for Agent pod
-  debugMode: false
-
   # -- Reference to Api server url
   apiServerUrlReference: "https://api.clear.ml"
   # -- Reference to File server url
@@ -61,27 +72,37 @@ agentk8sglue:
   defaultContainerImage: ubuntu:18.04
   # -- ClearML queue this agent will consume
   queue: default
-  # -- Custom Bash script for the Glue Agent
   # -- labels setup for Agent pod (example in values.yaml comments)
   labels: {}
     # schedulerName: scheduler
   # -- annotations setup for Agent pod (example in values.yaml comments)
   annotations: {}
     # key1: value1
-  customBashScript: ""
-  # -- Custom Bash script for the Task Pods ran by Glue Agent
-  containerCustomBashScript: ""
   # -- Extra Environment variables for Glue Agent
   extraEnvs: []
     # - name: PYTHONPATH
     #   value: "somepath"
-    # -- Web Server pod security context
-  securityContext: {}
+  # -- container securityContext setup for Agent pod (example in values.yaml comments)
+  podSecurityContext: {}
     #  runAsUser: 1001
     #  fsGroup: 1001
+  # -- container securityContext setup for Agent pod (example in values.yaml comments)
+  containerSecurityContext: {}
+    #  runAsUser: 1001
+    #  fsGroup: 1001
+  # -- additional existing ClusterRoleBindings
+  additionalClusterRoleBindings: []
+    # - privileged
+  # -- additional existing RoleBindings
+  additionalRoleBindings: []
+    # - privileged
   # -- nodeSelector setup for Agent pod (example in values.yaml comments)
   nodeSelector: {}
     # fleet: agent-nodes
+  # -- tolerations setup for Agent pod (example in values.yaml comments)
+  tolerations: []
+  # -- affinity setup for Agent pod (example in values.yaml comments)
+  affinity: {}
   # -- volumes definition for Glue Agent (example in values.yaml comments)
   volumes: []
     # - name: "yourvolume"
@@ -157,25 +178,33 @@ agentk8sglue:
       # - name: CURL_CA_BUNDLE
       #   value: ""
       # - name: PYTHONWARNINGS
-      #   value: "=\"ignore:Unverified HTTPS request\""
+      #   value: "ignore:Unverified HTTPS request"
     # -- resources declaration for pods spawned to consume ClearML Task (example in values.yaml comments)
     resources: {}
       # limits:
       #   nvidia.com/gpu: 1
+    # -- priorityClassName setup for pods spawned to consume ClearML Task
+    priorityClassName: ""
+    # -- nodeSelector setup for pods spawned to consume ClearML Task (example in values.yaml comments)
+    nodeSelector: {}
+      # fleet: gpu-nodes
     # -- tolerations setup for pods spawned to consume ClearML Task (example in values.yaml comments)
     tolerations: []
       # - key: "nvidia.com/gpu"
       #   operator: Exists
       #   effect: "NoSchedule"
-    # -- nodeSelector setup for pods spawned to consume ClearML Task (example in values.yaml comments)
-    nodeSelector: {}
-      # fleet: gpu-nodes
+    # -- affinity setup for pods spawned to consume ClearML Task
+    affinity: {}
     # -- securityContext setup for pods spawned to consume ClearML Task (example in values.yaml comments)
-    securityContext: {}
+    podSecurityContext: {}
+      #  runAsUser: 1001
+      #  fsGroup: 1001
+    # -- securityContext setup for containers spawned to consume ClearML Task (example in values.yaml comments)
+    containerSecurityContext: {}
       #  runAsUser: 1001
       #  fsGroup: 1001
     # -- hostAliases setup for pods spawned to consume ClearML Task (example in values.yaml comments)
-    hostAliases: {}
+    hostAliases: []
     # - ip: "127.0.0.1"
     #   hostnames:
     #   - "foo.local"
@@ -185,8 +214,6 @@ agentk8sglue:
 sessions:
   # -- Enable/Disable sessions portmode WARNING: only one Agent deployment can have this set to true
   portModeEnabled: false
-  # -- Enable/Disable dynamic svc for sessions pods
-  dynamicSvcs: false
   # -- specific annotations for session services
   svcAnnotations: {}
   # -- service type ("NodePort" or "ClusterIP" or "LoadBalancer")
@@ -197,42 +224,3 @@ sessions:
   startingPort: 30000
   # -- maximum number of NodePorts exposed
   maxServices: 20
-  # -- set interactive queue tags
-  setInteractiveQueuesTag: true
-
-# -- Enterprise features (work only with an Enterprise license)
-enterpriseFeatures:
-  # -- Enable/Disable Enterprise features
-  enabled: false
-  # -- Image tag override for enterprise version
-  agentImageTagOverride: "1.24-57"
-  # -- service account access every namespace flag
-  serviceAccountClusterAccess: false
-  # -- push env vars from Clear.ML Vault to task pods
-  applyVaultEnvVars: true
-  # -- GPU resource general counters
-  monitoredResources:
-    # -- Field name used by Agent to count minimum resources
-    minResourcesFieldName: "resources|limits|nvidia.com/gpu"
-    # -- Maximum resources counter
-    maxResources: 0
-    # -- Field name used by Agent to count maximum resources
-    maxResourcesFieldName: "resources|limits|nvidia.com/gpu"
-  # -- maximum concurrent consume ClearML Task pod
-  maxPods: 10
-  # -- Agent must use owner Token
-  useOwnerToken: true
-  # -- ClearML queues and related template OVERRIDES used this agent will consume
-  queues:
-    # -- name of the queue will be used for this template
-    # default:
-      # -- overrides of the base template for this queue (must be declared even if empty!)
-      # templateOverrides: {}
-    ## -- name of the queue will be used for this template
-    # default-gpu:
-    #  # -- overrides of the base template for this queue
-    #  templateOverrides:
-    #     # -- resources declaration for pods spawned to consume ClearML Task
-    #    resources:
-    #      limits:
-    #        nvidia.com/gpu: 1

charts/clearml-serving/Chart.lock

@@ -0,0 +1,12 @@
+dependencies:
+- name: kafka
+  repository: https://charts.bitnami.com/bitnami
+  version: 21.4.0
+- name: prometheus
+  repository: https://prometheus-community.github.io/helm-charts
+  version: 19.7.2
+- name: grafana
+  repository: https://grafana.github.io/helm-charts
+  version: 6.52.3
+digest: sha256:b28d01875a50b24230ba164d14671225b71d79172192a97e345661e4832f484b
+generated: "2023-03-16T09:10:35.77395+01:00"

charts/clearml-serving/Chart.yaml

@@ -2,9 +2,14 @@ apiVersion: v2
 name: clearml-serving
 description: ClearML Serving Helm Chart
 type: application
-version: 0.7.0
-appVersion: "1.2.0"
-kubeVersion: ">= 1.19.0-0 < 1.26.0-0"
+version: "1.2.0"
+appVersion: "1.3.0"
+kubeVersion: ">= 1.21.0-0 < 1.28.0-0"
+home: https://clear.ml
+icon: https://raw.githubusercontent.com/allegroai/clearml/master/docs/clearml-logo.svg
+sources:
+  - https://github.com/allegroai/clearml-helm-charts
+  - https://github.com/allegroai/clearml
 maintainers:
   - name: valeriano-manassero
     url: https://github.com/valeriano-manassero
@@ -13,3 +18,22 @@ keywords:
   - "machine learning"
   - mlops
   - "model serving"
+dependencies:
+  - name: kafka
+    version: "21.4.0"
+    repository: "https://charts.bitnami.com/bitnami"
+    condition: kafka.enabled
+  - name: prometheus
+    version: "19.7.2"
+    repository: "https://prometheus-community.github.io/helm-charts"
+    condition: prometheus.enabled
+  - name: grafana
+    version: "6.52.3"
+    repository: "https://grafana.github.io/helm-charts"
+    condition: grafana.enabled
+annotations:
+  artifacthub.io/changes: |
+    - kind: changed
+      description: app version to 1.3.0
+    - kind: fixed
+      description: triton hpa disabled if triton disabled

charts/clearml-serving/README.md

@@ -1,55 +1,98 @@
-# clearml-serving
+# ClearML Kubernetes Serving
 
-![Version: 0.7.0](https://img.shields.io/badge/Version-0.7.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.2.0](https://img.shields.io/badge/AppVersion-1.2.0-informational?style=flat-square)
+![Version: 1.2.0](https://img.shields.io/badge/Version-1.2.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.3.0](https://img.shields.io/badge/AppVersion-1.3.0-informational?style=flat-square)
 
 ClearML Serving Helm Chart
 
+**Homepage:** <https://clear.ml>
+
 ## Maintainers
 
 | Name | Email | Url |
 | ---- | ------ | --- |
 | valeriano-manassero |  | <https://github.com/valeriano-manassero> |
 
+## Introduction
+
+The **clearml-serving** is the Kubernetes serving for for [ClearML](https://github.com/allegroai/clearml-serving).
+It allows you to serve models on a Kubernetes cluster.
+
+# Upgrading Chart
+
+## Upgrades/ Values upgrades
+
+Updating to latest version of this chart can be done in two steps:
+
+```
+helm repo update
+helm upgrade clearml-serving allegroai/clearml-serving
+```
+
+Changing values on existing installation can be done with:
+
+```
+helm upgrade clearml-serving allegroai/clearml-serving --version <CURRENT CHART VERSION> -f custom_values.yaml
+```
+
+## Source Code
+
+* <https://github.com/allegroai/clearml-helm-charts>
+* <https://github.com/allegroai/clearml>
+
 ## Requirements
 
-Kubernetes: `>= 1.19.0-0 < 1.26.0-0`
+Kubernetes: `>= 1.21.0-0 < 1.28.0-0`
+
+| Repository | Name | Version |
+|------------|------|---------|
+| https://charts.bitnami.com/bitnami | kafka | 21.4.0 |
+| https://grafana.github.io/helm-charts | grafana | 6.52.3 |
+| https://prometheus-community.github.io/helm-charts | prometheus | 19.7.2 |
 
 ## Values
 
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
-| alertmanager | object | `{"affinity":{},"image":{"repository":"prom/alertmanager","tag":"v0.23.0"},"nodeSelector":{},"resources":{},"tolerations":[]}` | Alertmanager generic configigurations |
 | clearml | object | `{"apiAccessKey":"ClearML API Access Key","apiHost":"http://clearml-server-apiserver:8008","apiSecretKey":"ClearML API Secret Key","defaultBaseServeUrl":"http://127.0.0.1:8080/serve","filesHost":"http://clearml-server-fileserver:8081","servingTaskId":"ClearML Serving Task ID","webHost":"http://clearml-server-webserver:80"}` | ClearMl generic configurations |
-| clearml_serving_inference | object | `{"affinity":{},"autoscaling":{"enabled":false,"maxReplicas":11,"minReplicas":1,"targetCPU":50,"targetMemory":50},"extraPythonPackages":[],"image":{"repository":"allegroai/clearml-serving-inference","tag":"1.2.0"},"ingress":{"annotations":{},"enabled":false,"hostName":"serving.clearml.127-0-0-1.nip.io","path":"/","tlsSecretName":""},"nodeSelector":{},"resources":{},"tolerations":[]}` | ClearML serving inference configurations |
+| clearml_serving_inference | object | `{"affinity":{},"autoscaling":{"enabled":false,"maxReplicas":11,"minReplicas":1,"targetCPU":50,"targetMemory":50},"extraEnvironment":[],"extraPythonPackages":[],"image":{"repository":"allegroai/clearml-serving-inference","tag":"1.3.0"},"ingress":{"annotations":{},"enabled":false,"hostName":"serving.clearml.127-0-0-1.nip.io","ingressClassName":"","path":"/","tlsSecretName":""},"nodeSelector":{},"resources":{},"tolerations":[]}` | ClearML serving inference configurations |
 | clearml_serving_inference.affinity | object | `{}` | Affinity configuration |
 | clearml_serving_inference.autoscaling | object | `{"enabled":false,"maxReplicas":11,"minReplicas":1,"targetCPU":50,"targetMemory":50}` | Autoscaling configuration |
+| clearml_serving_inference.extraEnvironment | list | `[]` | Extra environment variables |
 | clearml_serving_inference.extraPythonPackages | list | `[]` | Extra Python Packages to be installed in running pods |
-| clearml_serving_inference.image | object | `{"repository":"allegroai/clearml-serving-inference","tag":"1.2.0"}` | Container Image |
-| clearml_serving_inference.ingress | object | `{"annotations":{},"enabled":false,"hostName":"serving.clearml.127-0-0-1.nip.io","path":"/","tlsSecretName":""}` | Ingress exposing configurations |
+| clearml_serving_inference.image | object | `{"repository":"allegroai/clearml-serving-inference","tag":"1.3.0"}` | Container Image |
+| clearml_serving_inference.ingress | object | `{"annotations":{},"enabled":false,"hostName":"serving.clearml.127-0-0-1.nip.io","ingressClassName":"","path":"/","tlsSecretName":""}` | Ingress exposing configurations |
+| clearml_serving_inference.ingress.annotations | object | `{}` | Ingress annotations |
+| clearml_serving_inference.ingress.enabled | bool | `false` | Enable/Disable ingress |
+| clearml_serving_inference.ingress.hostName | string | `"serving.clearml.127-0-0-1.nip.io"` | Ingress hostname domain |
+| clearml_serving_inference.ingress.ingressClassName | string | `""` | ClassName (must be defined if no default ingressClassName is available) |
+| clearml_serving_inference.ingress.path | string | `"/"` | Ingress root path url |
+| clearml_serving_inference.ingress.tlsSecretName | string | `""` | Reference to secret containing TLS certificate. If set, it enables HTTPS on ingress rule. |
 | clearml_serving_inference.nodeSelector | object | `{}` | Node Selector configuration |
 | clearml_serving_inference.resources | object | `{}` | Pod resources definition |
 | clearml_serving_inference.tolerations | list | `[]` | Tolerations configuration |
-| clearml_serving_statistics | object | `{"affinity":{},"extraPythonPackages":[],"image":{"repository":"allegroai/clearml-serving-statistics","tag":"1.2.0"},"nodeSelector":{},"resources":{},"tolerations":[]}` | ClearML serving statistics configurations |
+| clearml_serving_statistics | object | `{"affinity":{},"extraPythonPackages":[],"image":{"repository":"allegroai/clearml-serving-statistics","tag":"1.3.0"},"nodeSelector":{},"resources":{},"tolerations":[]}` | ClearML serving statistics configurations |
 | clearml_serving_statistics.affinity | object | `{}` | Affinity configuration |
 | clearml_serving_statistics.extraPythonPackages | list | `[]` | Extra Python Packages to be installed in running pods |
-| clearml_serving_statistics.image | object | `{"repository":"allegroai/clearml-serving-statistics","tag":"1.2.0"}` | Container Image |
+| clearml_serving_statistics.image | object | `{"repository":"allegroai/clearml-serving-statistics","tag":"1.3.0"}` | Container Image |
 | clearml_serving_statistics.nodeSelector | object | `{}` | Node Selector configuration |
 | clearml_serving_statistics.resources | object | `{}` | Pod resources definition |
 | clearml_serving_statistics.tolerations | list | `[]` | Tolerations configuration |
-| clearml_serving_triton | object | `{"affinity":{},"autoscaling":{"enabled":false,"maxReplicas":11,"minReplicas":1,"targetCPU":50,"targetMemory":50},"enabled":true,"extraPythonPackages":[],"image":{"repository":"allegroai/clearml-serving-triton","tag":"1.2.0-22.07"},"ingress":{"annotations":{},"enabled":false,"hostName":"serving-grpc.clearml.127-0-0-1.nip.io","path":"/","tlsSecretName":""},"nodeSelector":{},"resources":{},"tolerations":[]}` | ClearML serving Triton configurations |
+| clearml_serving_triton | object | `{"affinity":{},"autoscaling":{"enabled":false,"maxReplicas":11,"minReplicas":1,"targetCPU":50,"targetMemory":50},"enabled":true,"extraPythonPackages":[],"image":{"repository":"allegroai/clearml-serving-triton","tag":"1.3.0"},"ingress":{"annotations":{},"enabled":false,"hostName":"serving-grpc.clearml.127-0-0-1.nip.io","ingressClassName":"","path":"/","tlsSecretName":""},"nodeSelector":{},"resources":{},"tolerations":[]}` | ClearML serving Triton configurations |
 | clearml_serving_triton.affinity | object | `{}` | Affinity configuration |
 | clearml_serving_triton.autoscaling | object | `{"enabled":false,"maxReplicas":11,"minReplicas":1,"targetCPU":50,"targetMemory":50}` | Autoscaling configuration |
 | clearml_serving_triton.enabled | bool | `true` | Triton pod creation enable/disable |
 | clearml_serving_triton.extraPythonPackages | list | `[]` | Extra Python Packages to be installed in running pods |
-| clearml_serving_triton.image | object | `{"repository":"allegroai/clearml-serving-triton","tag":"1.2.0-22.07"}` | Container Image |
-| clearml_serving_triton.ingress | object | `{"annotations":{},"enabled":false,"hostName":"serving-grpc.clearml.127-0-0-1.nip.io","path":"/","tlsSecretName":""}` | Ingress exposing configurations |
+| clearml_serving_triton.image | object | `{"repository":"allegroai/clearml-serving-triton","tag":"1.3.0"}` | Container Image |
+| clearml_serving_triton.ingress | object | `{"annotations":{},"enabled":false,"hostName":"serving-grpc.clearml.127-0-0-1.nip.io","ingressClassName":"","path":"/","tlsSecretName":""}` | Ingress exposing configurations |
+| clearml_serving_triton.ingress.annotations | object | `{}` | Ingress annotations |
+| clearml_serving_triton.ingress.enabled | bool | `false` | Enable/Disable ingress |
+| clearml_serving_triton.ingress.hostName | string | `"serving-grpc.clearml.127-0-0-1.nip.io"` | Ingress hostname domain |
+| clearml_serving_triton.ingress.ingressClassName | string | `""` | ClassName (must be defined if no default ingressClassName is available) |
+| clearml_serving_triton.ingress.path | string | `"/"` | Ingress root path url |
+| clearml_serving_triton.ingress.tlsSecretName | string | `""` | Reference to secret containing TLS certificate. If set, it enables HTTPS on ingress rule. |
 | clearml_serving_triton.nodeSelector | object | `{}` | Node Selector configuration |
 | clearml_serving_triton.resources | object | `{}` | Pod resources definition |
 | clearml_serving_triton.tolerations | list | `[]` | Tolerations configuration |
-| grafana | object | `{"affinity":{},"image":{"repository":"grafana/grafana","tag":"8.4.4-ubuntu"},"ingress":{"annotations":{},"enabled":false,"hostName":"serving-grafana.clearml.127-0-0-1.nip.io","path":"/","tlsSecretName":""},"nodeSelector":{},"resources":{},"tolerations":[]}` | Grafana generic configigurations |
-| kafka | object | `{"affinity":{},"image":{"repository":"bitnami/kafka","tag":"3.1.0"},"nodeSelector":{},"resources":{},"tolerations":[]}` | Kafka generic configigurations |
-| prometheus | object | `{"affinity":{},"image":{"repository":"prom/prometheus","tag":"v2.34.0"},"nodeSelector":{},"resources":{},"tolerations":[]}` | Prometheus generic configigurations |
-| zookeeper | object | `{"affinity":{},"image":{"repository":"bitnami/zookeeper","tag":"3.7.0"},"nodeSelector":{},"resources":{},"tolerations":[]}` | Zookeeper generic configigurations |
-
-----------------------------------------------
-Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0)
+| grafana | object | `{"adminPassword":"clearml","adminUser":"admin","datasources":{"datasources.yaml":{"apiVersion":1,"datasources":[{"access":"proxy","isDefault":true,"name":"Prometheus","type":"prometheus","url":"http://{{ .Release.Name }}-prometheus-server"}]}},"enabled":true}` | Configuration from https://github.com/grafana/helm-charts/blob/main/charts/grafana/values.yaml |
+| kafka | object | `{"enabled":true}` | Configuration from https://github.com/bitnami/charts/blob/main/bitnami/kafka/values.yaml |
+| prometheus | object | `{"enabled":true,"extraScrapeConfigs":"- job_name: \"{{ .Release.Name }}-stats\"\n  static_configs:\n    - targets:\n      - \"{{ .Release.Name }}-statistics:9999\"\n","kube-state-metrics":{"enabled":false},"prometheus-node-exporter":{"enabled":false},"prometheus-pushgateway":{"enabled":false},"serverFiles":{"prometheus.yml":{"scrape_configs":[{"job_name":"prometheus","static_configs":[{"targets":["localhost:9090"]}]}]}}}` | Configuration from https://github.com/prometheus-community/helm-charts/blob/main/charts/prometheus/values.yaml |

charts/clearml-serving/README.md.gotmpl

@@ -0,0 +1,38 @@
+# ClearML Kubernetes Serving
+{{ template "chart.deprecationWarning" . }}
+
+{{ template "chart.badgesSection" . }}
+
+{{ template "chart.description" . }}
+
+{{ template "chart.homepageLine" . }}
+
+{{ template "chart.maintainersSection" . }}
+
+## Introduction
+
+The **clearml-serving** is the Kubernetes serving for for [ClearML](https://github.com/allegroai/clearml-serving).
+It allows you to serve models on a Kubernetes cluster.
+
+# Upgrading Chart
+
+## Upgrades/ Values upgrades
+
+Updating to latest version of this chart can be done in two steps:
+
+```
+helm repo update
+helm upgrade clearml-serving allegroai/clearml-serving
+```
+
+Changing values on existing installation can be done with:
+
+```
+helm upgrade clearml-serving allegroai/clearml-serving --version <CURRENT CHART VERSION> -f custom_values.yaml
+```
+
+{{ template "chart.sourcesSection" . }}
+
+{{ template "chart.requirementsSection" . }}
+
+{{ template "chart.valuesSection" . }}

charts/clearml-serving/templates/_helpers.tpl

@@ -1,7 +1,7 @@
 {{/*
 Expand the name of the chart.
 */}}
-{{- define "clearml-serving.name" -}}
+{{- define "clearmlServing.name" -}}
 {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
 {{- end }}
 
@@ -10,7 +10,7 @@ Create a default fully qualified app name.
 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
 If release name contains chart name it will be used as a full name.
 */}}
-{{- define "clearml-serving.fullname" -}}
+{{- define "clearmlServing.fullname" -}}
 {{- if .Values.fullnameOverride }}
 {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
 {{- else }}
@@ -26,16 +26,16 @@ If release name contains chart name it will be used as a full name.
 {{/*
 Create chart name and version as used by the chart label.
 */}}
-{{- define "clearml-serving.chart" -}}
+{{- define "clearmlServing.chart" -}}
 {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
 {{- end }}
 
 {{/*
 Common labels
 */}}
-{{- define "clearml-serving.labels" -}}
-helm.sh/chart: {{ include "clearml-serving.chart" . }}
-{{ include "clearml-serving.selectorLabels" . }}
+{{- define "clearmlServing.labels" -}}
+helm.sh/chart: {{ include "clearmlServing.chart" . }}
+{{ include "clearmlServing.selectorLabels" . }}
 {{- if .Chart.AppVersion }}
 app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
 {{- end }}
@@ -45,17 +45,17 @@ app.kubernetes.io/managed-by: {{ .Release.Service }}
 {{/*
 Selector labels
 */}}
-{{- define "clearml-serving.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "clearml-serving.name" . }}
+{{- define "clearmlServing.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "clearmlServing.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end }}
 
 {{/*
 Create the name of the service account to use
 */}}
-{{- define "clearml-serving.serviceAccountName" -}}
+{{- define "clearmlServing.serviceAccountName" -}}
 {{- if .Values.serviceAccount.create }}
-{{- default (include "clearml-serving.fullname" .) .Values.serviceAccount.name }}
+{{- default (include "clearmlServing.fullname" .) .Values.serviceAccount.name }}
 {{- else }}
 {{- default "default" .Values.serviceAccount.name }}
 {{- end }}

charts/clearml-serving/templates/alertmanager-deployment.yaml

@@ -1,27 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  annotations: {}
-  labels:
-    clearml.serving.service: alertmanager
-  name: alertmanager
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      clearml.serving.service: alertmanager
-  strategy: {}
-  template:
-    metadata:
-      annotations: {}
-      labels:
-        clearml.serving.network/clearml-serving-backend: "true"
-        clearml.serving.service: alertmanager
-    spec:
-      containers:
-        - image: "{{ .Values.alertmanager.image.repository }}:{{ .Values.alertmanager.image.tag }}"
-          name: clearml-serving-alertmanager
-          ports:
-            - containerPort: 9093
-          resources: {}
-      restartPolicy: Always

charts/clearml-serving/templates/alertmanager-service.yaml

@@ -1,14 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  annotations: {}
-  labels:
-    clearml.serving.service: alertmanager
-  name: clearml-serving-alertmanager
-spec:
-  ports:
-    - name: "9093"
-      port: 9093
-      targetPort: 9093
-  selector:
-    clearml.serving.service: alertmanager

charts/clearml-serving/templates/clearml-serving-backend-networkpolicy.yaml

@@ -1,7 +1,7 @@
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
-  name: clearml-serving-backend
+  name: {{ include "clearmlServing.fullname" . }}-backend
 spec:
   ingress:
     - from:

charts/clearml-serving/templates/clearml-serving-inference-deployment.yaml

@@ -3,20 +3,20 @@ kind: Deployment
 metadata:
   annotations: {}
   labels:
-    clearml.serving.service: clearml-serving-inference
-  name: clearml-serving-inference
+    clearml.serving.service: {{ include "clearmlServing.fullname" . }}-inference
+  name: {{ include "clearmlServing.fullname" . }}-inference
 spec:
   replicas: 1
   selector:
     matchLabels:
-      clearml.serving.service: clearml-serving-inference
+      clearml.serving.service: {{ include "clearmlServing.fullname" . }}-inference
   strategy: {}
   template:
     metadata:
       annotations: {}
       labels:
         clearml.serving.network/clearml-serving-backend: "true"
-        clearml.serving.service: clearml-serving-inference
+        clearml.serving.service: {{ include "clearmlServing.fullname" . }}-inference
     spec:
       containers:
         - env:
@@ -31,14 +31,14 @@ spec:
             - name: CLEARML_WEB_HOST
               value: "{{ .Values.clearml.webHost }}"
             - name: CLEARML_DEFAULT_KAFKA_SERVE_URL
-              value: clearml-serving-kafka:9092
+              value: {{ include "clearmlServing.fullname" . }}-kafka:9092
             - name: CLEARML_SERVING_POLL_FREQ
               value: "1.0"
             - name: CLEARML_DEFAULT_BASE_SERVE_URL
               value: "{{ .Values.clearml.defaultBaseServeUrl }}"
             - name: CLEARML_DEFAULT_TRITON_GRPC_ADDR
             {{- if .Values.clearml_serving_triton.enabled }}
-              value: "clearml-serving-triton:8001"
+              value: "{{ include "clearmlServing.fullname" . }}-triton:8001"
             {{- else }}
               value: ""
             {{- end }}
@@ -51,12 +51,16 @@ spec:
             - name: CLEARML_USE_GUNICORN
               value: "true"
             {{- if .Values.clearml_serving_inference.extraPythonPackages }}
-            - name: EXTRA_PYTHON_PACKAGES
+            - name: CLEARML_EXTRA_PYTHON_PACKAGES
               value: '{{ join " " .Values.clearml_serving_inference.extraPythonPackages }}'
             {{- end }}
+            {{- with .Values.clearml_serving_inference.extraEnvironment }}
+            {{- toYaml . | nindent 12 }}
+            {{- end }}
           image: "{{ .Values.clearml_serving_inference.image.repository }}:{{ .Values.clearml_serving_inference.image.tag }}"
-          name: clearml-serving-inference
+          name: {{ include "clearmlServing.fullname" . }}-inference
           ports:
             - containerPort: 8080
-          resources: {}
+          resources:
+            {{- toYaml .Values.clearml_serving_inference.resources | nindent 12 }}
       restartPolicy: Always

charts/clearml-serving/templates/clearml-serving-inference-hpa.yaml

@@ -2,16 +2,16 @@
 apiVersion: {{ include "common.capabilities.hpa.apiVersion" ( dict "context" $ ) }}
 kind: HorizontalPodAutoscaler
 metadata:
-  name: clearml-serving-inference-hpa
+  name: {{ include "clearmlServing.fullname" . }}-inference-hpa
   namespace: {{ .Release.Namespace | quote }}
   annotations: {}
   labels:
-    clearml.serving.service: clearml-serving-inference
+    clearml.serving.service: {{ include "clearmlServing.fullname" . }}-inference
 spec:
   scaleTargetRef:
     apiVersion: "apps/v1"
     kind: Deployment
-    name: clearml-serving-inference
+    name: {{ include "clearmlServing.fullname" . }}-inference
   minReplicas: {{ .Values.clearml_serving_inference.autoscaling.minReplicas }}
   maxReplicas: {{ .Values.clearml_serving_inference.autoscaling.maxReplicas }}
   metrics:

charts/clearml-serving/templates/clearml-serving-inference-ingress.yaml

@@ -8,9 +8,9 @@ apiVersion: extensions/v1beta1
 {{- end }}
 kind: Ingress
 metadata:
-  name: clearml-serving-inference
+  name: {{ include "clearmlServing.fullname" . }}-inference
   labels:
-    clearml.serving.service: clearml-serving-inference
+    clearml.serving.service: {{ include "clearmlServing.fullname" . }}-inference
   annotations:
     {{- toYaml .Values.clearml_serving_inference.ingress.annotations | nindent 4 }}
 spec:
@@ -29,12 +29,12 @@ spec:
         pathType: Prefix
         backend:
           service:
-            name: clearml-serving-inference
+            name: {{ include "clearmlServing.fullname" . }}-inference
             port:
               number: 8080
   {{ else }}
         backend:
-          serviceName: clearml-serving-inference
+          servicename: {{ include "clearmlServing.fullname" . }}-inference
           servicePort: 8080
   {{ end }}
 {{- end }}

charts/clearml-serving/templates/clearml-serving-inference-service.yaml

@@ -3,12 +3,12 @@ kind: Service
 metadata:
   annotations: {}
   labels:
-    clearml.serving.service: clearml-serving-inference
-  name: clearml-serving-inference
+    clearml.serving.service: {{ include "clearmlServing.fullname" . }}-inference
+  name: {{ include "clearmlServing.fullname" . }}-inference
 spec:
   ports:
     - name: "8080"
       port: 8080
       targetPort: 8080
   selector:
-    clearml.serving.service: clearml-serving-inference
+    clearml.serving.service: {{ include "clearmlServing.fullname" . }}-inference

charts/clearml-serving/templates/clearml-serving-statistics-deployment.yaml

@@ -3,20 +3,20 @@ kind: Deployment
 metadata:
   annotations: {}
   labels:
-    clearml.serving.service: clearml-serving-statistics
-  name: clearml-serving-statistics
+    clearml.serving.service: {{ include "clearmlServing.fullname" . }}-statistics
+  name: {{ include "clearmlServing.fullname" . }}-statistics
 spec:
   replicas: 1
   selector:
     matchLabels:
-      clearml.serving.service: clearml-serving-statistics
+      clearml.serving.service: {{ include "clearmlServing.fullname" . }}-statistics
   strategy: {}
   template:
     metadata:
       annotations: {}
       labels:
         clearml.serving.network/clearml-serving-backend: "true"
-        clearml.serving.service: clearml-serving-statistics
+        clearml.serving.service: {{ include "clearmlServing.fullname" . }}-statistics
     spec:
       containers:
         - env:
@@ -31,18 +31,19 @@ spec:
             - name: CLEARML_WEB_HOST
               value: "{{ .Values.clearml.webHost }}"
             - name: CLEARML_DEFAULT_KAFKA_SERVE_URL
-              value: clearml-serving-kafka:9092
+              value: {{ include "clearmlServing.fullname" . }}-kafka:9092
             - name: CLEARML_SERVING_POLL_FREQ
               value: "1.0"
             - name: CLEARML_SERVING_TASK_ID
               value: "{{ .Values.clearml.servingTaskId }}"
             {{- if .Values.clearml_serving_statistics.extraPythonPackages }}
-            - name: EXTRA_PYTHON_PACKAGES
+            - name: CLEARML_EXTRA_PYTHON_PACKAGES
               value: '{{ join " " .Values.clearml_serving_statistics.extraPythonPackages }}'
             {{- end }}
           image: "{{ .Values.clearml_serving_statistics.image.repository }}:{{ .Values.clearml_serving_statistics.image.tag }}"
-          name: clearml-serving-statistics
+          name: {{ include "clearmlServing.fullname" . }}-statistics
           ports:
             - containerPort: 9999
-          resources: {}
+          resources:
+            {{- toYaml .Values.clearml_serving_statistics.resources | nindent 12 }}
       restartPolicy: Always

charts/clearml-serving/templates/clearml-serving-statistics-service.yaml

@@ -3,12 +3,12 @@ kind: Service
 metadata:
   annotations: {}
   labels:
-    clearml.serving.service: clearml-serving-statistics
-  name: clearml-serving-statistics
+    clearml.serving.service: {{ include "clearmlServing.fullname" . }}-statistics
+  name: {{ include "clearmlServing.fullname" . }}-statistics
 spec:
   ports:
     - name: "9999"
       port: 9999
       targetPort: 9999
   selector:
-    clearml.serving.service: clearml-serving-statistics
+    clearml.serving.service: {{ include "clearmlServing.fullname" . }}-statistics

charts/clearml-serving/templates/clearml-serving-triton-deployment.yaml

@@ -4,20 +4,20 @@ kind: Deployment
 metadata:
   annotations: {}
   labels:
-    clearml.serving.service: clearml-serving-triton
-  name: clearml-serving-triton
+    clearml.serving.service: {{ include "clearmlServing.fullname" . }}-triton
+  name: {{ include "clearmlServing.fullname" . }}-triton
 spec:
   replicas: 1
   selector:
     matchLabels:
-      clearml.serving.service: clearml-serving-triton
+      clearml.serving.service: {{ include "clearmlServing.fullname" . }}-triton
   strategy: {}
   template:
     metadata:
       annotations: {}
       labels:
         clearml.serving.network/clearml-serving-backend: "true"
-        clearml.serving.service: clearml-serving-triton
+        clearml.serving.service: {{ include "clearmlServing.fullname" . }}-triton
     spec:
       containers:
         - env:
@@ -38,14 +38,15 @@ spec:
             - name: CLEARML_TRITON_METRIC_FREQ
               value: "1.0"
             {{- if .Values.clearml_serving_triton.extraPythonPackages }}
-            - name: EXTRA_PYTHON_PACKAGES
+            - name: CLEARML_EXTRA_PYTHON_PACKAGES
               value: '{{ join " " .Values.clearml_serving_triton.extraPythonPackages }}'
             {{- end }}
           image: "{{ .Values.clearml_serving_triton.image.repository }}:{{ .Values.clearml_serving_triton.image.tag }}"
-          name: clearml-serving-triton
+          name: {{ include "clearmlServing.fullname" . }}-triton
           ports:
             - containerPort: 8001
-          resources: {}
+          resources:
+            {{- toYaml .Values.clearml_serving_triton.resources | nindent 12 }}
       restartPolicy: Always
 {{ end }}
 

charts/clearml-serving/templates/clearml-serving-triton-hpa.yaml

@@ -1,17 +1,18 @@
+{{- if .Values.clearml_serving_triton.enabled }}
 {{- if .Values.clearml_serving_triton.autoscaling.enabled }}
 apiVersion: {{ include "common.capabilities.hpa.apiVersion" ( dict "context" $ ) }}
 kind: HorizontalPodAutoscaler
 metadata:
-  name: clearml-serving-triton-hpa
+  name: {{ include "clearmlServing.fullname" . }}-triton-hpa
   namespace: {{ .Release.Namespace | quote }}
   annotations: {}
   labels:
-    clearml.serving.service: clearml-serving-triton
+    clearml.serving.service: {{ include "clearmlServing.fullname" . }}-triton
 spec:
   scaleTargetRef:
     apiVersion: "apps/v1"
     kind: Deployment
-    name: clearml-serving-triton
+    name: {{ include "clearmlServing.fullname" . }}-triton
   minReplicas: {{ .Values.clearml_serving_triton.autoscaling.minReplicas }}
   maxReplicas: {{ .Values.clearml_serving_triton.autoscaling.maxReplicas }}
   metrics:
@@ -40,3 +41,4 @@ spec:
         {{- end }}
     {{- end }}
 {{- end }}
+{{- end }}

charts/clearml-serving/templates/clearml-serving-triton-ingress.yaml

@@ -9,9 +9,9 @@ apiVersion: extensions/v1beta1
 {{- end }}
 kind: Ingress
 metadata:
-  name: clearml-serving-triton
+  name: {{ include "clearmlServing.fullname" . }}-triton
   labels:
-    clearml.serving.service: clearml-serving-triton
+    clearml.serving.service: {{ include "clearmlServing.fullname" . }}-triton
   annotations:
     {{- toYaml .Values.clearml_serving_triton.ingress.annotations | nindent 4 }}
 spec:
@@ -30,12 +30,12 @@ spec:
         pathType: Prefix
         backend:
           service:
-            name: clearml-serving-triton
+            name: {{ include "clearmlServing.fullname" . }}-triton
             port:
               number: 8001
   {{ else }}
         backend:
-          serviceName: clearml-serving-triton
+          servicename: {{ include "clearmlServing.fullname" . }}-triton
           servicePort: 8001
   {{ end }}
 {{- end }}

charts/clearml-serving/templates/clearml-serving-triton-service.yaml

@@ -4,13 +4,13 @@ kind: Service
 metadata:
   annotations: {}
   labels:
-    clearml.serving.service: clearml-serving-triton
-  name: clearml-serving-triton
+    clearml.serving.service: {{ include "clearmlServing.fullname" . }}-triton
+  name: {{ include "clearmlServing.fullname" . }}-triton
 spec:
   ports:
     - name: "8001"
       port: 8001
       targetPort: 8001
   selector:
-    clearml.serving.service: clearml-serving-triton
+    clearml.serving.service: {{ include "clearmlServing.fullname" . }}-triton
 {{ end }}

charts/clearml-serving/templates/grafana-config-secret.yaml

@@ -1,14 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
-  name: grafana-config
-stringData:
-  datasource.yaml: |-
-    apiVersion: 1
-
-    datasources:
-      - name: Prometheus
-        type: prometheus
-        # Access mode - proxy (server in the UI) or direct (browser in the UI).
-        access: proxy
-        url: http://clearml-serving-prometheus:9090

charts/clearml-serving/templates/grafana-deployment.yaml

@@ -1,35 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  annotations: {}
-  labels:
-    clearml.serving.service: grafana
-  name: grafana
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      clearml.serving.service: grafana
-  strategy:
-    type: Recreate
-  template:
-    metadata:
-      annotations: {}
-      labels:
-        clearml.serving.network/clearml-serving-backend: "true"
-        clearml.serving.service: grafana
-    spec:
-      containers:
-        - image: "{{ .Values.grafana.image.repository }}:{{ .Values.grafana.image.tag }}"
-          name: clearml-serving-grafana
-          ports:
-            - containerPort: 3000
-          resources: {}
-          volumeMounts:
-            - mountPath: /etc/grafana/provisioning/datasources/
-              name: grafana-conf
-      restartPolicy: Always
-      volumes:
-        - name: grafana-conf
-          secret:
-            secretName: grafana-config

charts/clearml-serving/templates/grafana-ingress.yaml

@@ -1,40 +0,0 @@
-{{- if .Values.grafana.ingress.enabled -}}
-{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
-apiVersion: networking.k8s.io/v1
-{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
-apiVersion: networking.k8s.io/v1beta1
-{{- else -}}
-apiVersion: extensions/v1beta1
-{{- end }}
-kind: Ingress
-metadata:
-  name: clearml-serving-grafana
-  labels:
-    clearml.serving.service: clearml-serving-grafana
-  annotations:
-    {{- toYaml .Values.grafana.ingress.annotations | nindent 4 }}
-spec:
-  {{- if .Values.grafana.ingress.tlsSecretName }}
-  tls:
-    - hosts:
-        - {{ .Values.grafana.ingress.hostName }}
-      secretName: {{ .Values.grafana.ingress.tlsSecretName }}
-  {{- end }}
-  rules:
-  - host: {{ .Values.grafana.ingress.hostName }}
-    http:
-      paths:
-      - path: {{ .Values.grafana.ingress.path }}
-  {{ if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion }}
-        pathType: Prefix
-        backend:
-          service:
-            name: clearml-serving-grafana
-            port:
-              number: 3000
-  {{ else }}
-        backend:
-          serviceName: clearml-serving-grafana
-          servicePort: 3000
-  {{ end }}
-{{- end }}

charts/clearml-serving/templates/grafana-service.yaml

@@ -1,14 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  annotations: {}
-  labels:
-    clearml.serving.service: grafana
-  name: clearml-serving-grafana
-spec:
-  ports:
-    - name: "3000"
-      port: 3000
-      targetPort: 3000
-  selector:
-    clearml.serving.service: grafana

charts/clearml-serving/templates/kafka-deployment.yaml

@@ -1,40 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  annotations: {}
-  labels:
-    clearml.serving.service: kafka
-  name: kafka
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      clearml.serving.service: kafka
-  strategy: {}
-  template:
-    metadata:
-      annotations: {}
-      labels:
-        clearml.serving.network/clearml-serving-backend: "true"
-        clearml.serving.service: kafka
-    spec:
-      containers:
-        - env:
-            - name: ALLOW_PLAINTEXT_LISTENER
-              value: "yes"
-            - name: KAFKA_BROKER_ID
-              value: "1"
-            - name: KAFKA_CFG_ADVERTISED_LISTENERS
-              value: PLAINTEXT://clearml-serving-kafka:9092
-            - name: KAFKA_CFG_LISTENERS
-              value: PLAINTEXT://0.0.0.0:9092
-            - name: KAFKA_CFG_ZOOKEEPER_CONNECT
-              value: clearml-serving-zookeeper:2181
-            - name: KAFKA_CREATE_TOPICS
-              value: '"topic_test:1:1"'
-          image: "{{ .Values.kafka.image.repository }}:{{ .Values.kafka.image.tag }}"
-          name: clearml-serving-kafka
-          ports:
-            - containerPort: 9092
-          resources: {}
-      restartPolicy: Always

charts/clearml-serving/templates/kafka-service.yaml

@@ -1,14 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  annotations: {}
-  labels:
-    clearml.serving.service: kafka
-  name: clearml-serving-kafka
-spec:
-  ports:
-    - name: "9092"
-      port: 9092
-      targetPort: 9092
-  selector:
-    clearml.serving.service: kafka

charts/clearml-serving/templates/prometheus-config-secret.yaml

@@ -1,28 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
-  name: prometheus-config
-stringData:
-  prometheus.yml: |-
-    global:
-      scrape_interval:     "15s" # By default, scrape targets every 15 seconds.
-      evaluation_interval:     15s # By default, scrape targets every 15 seconds.
-      external_labels:
-        monitor: 'clearml-serving'
-
-    scrape_configs:
-      # The job name is added as a label `job=<job_name>` to any timeseries scraped from this config.
-      - job_name: 'prometheus'
-
-        scrape_interval: 5s
-
-        static_configs:
-          - targets: ['localhost:9090']
-
-      # The job name is added as a label `job=<job_name>` to any timeseries scraped from this config.
-      - job_name: 'clearml-inference-stats'
-
-        scrape_interval: 5s
-
-        static_configs:
-          - targets: ['clearml-serving-statistics:9999']

charts/clearml-serving/templates/prometheus-deployment.yaml

@@ -1,42 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  annotations: {}
-  labels:
-    clearml.serving.service: prometheus
-  name: prometheus
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      clearml.serving.service: prometheus
-  strategy:
-    type: Recreate
-  template:
-    metadata:
-      annotations: {}
-      labels:
-        clearml.serving.network/clearml-serving-backend: "true"
-        clearml.serving.service: prometheus
-    spec:
-      containers:
-        - args:
-            - --config.file=/mnt/prometheus.yml
-            - --storage.tsdb.path=/prometheus
-            - --web.console.libraries=/etc/prometheus/console_libraries
-            - --web.console.templates=/etc/prometheus/consoles
-            - --storage.tsdb.retention.time=200h
-            - --web.enable-lifecycle
-          image: "{{ .Values.prometheus.image.repository }}:{{ .Values.prometheus.image.tag }}"
-          name: clearml-serving-prometheus
-          ports:
-            - containerPort: 9090
-          resources: {}
-          volumeMounts:
-            - mountPath: /mnt
-              name: prometheus-conf
-      restartPolicy: Always
-      volumes:
-        - name: prometheus-conf
-          secret:
-            secretName: prometheus-config

charts/clearml-serving/templates/prometheus-service.yaml

@@ -1,14 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  annotations: {}
-  labels:
-    clearml.serving.service: prometheus
-  name: clearml-serving-prometheus
-spec:
-  ports:
-    - name: "9090"
-      port: 9090
-      targetPort: 9090
-  selector:
-    clearml.serving.service: prometheus

charts/clearml-serving/templates/zookeeper-deployment.yaml

@@ -1,30 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  annotations: {}
-  labels:
-    clearml.serving.service: zookeeper
-  name: zookeeper
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      clearml.serving.service: zookeeper
-  strategy: {}
-  template:
-    metadata:
-      annotations: {}
-      labels:
-        clearml.serving.network/clearml-serving-backend: "true"
-        clearml.serving.service: zookeeper
-    spec:
-      containers:
-        - env:
-            - name: ALLOW_ANONYMOUS_LOGIN
-              value: "yes"
-          image: "{{ .Values.zookeeper.image.repository }}:{{ .Values.zookeeper.image.tag }}"
-          name: clearml-serving-zookeeper
-          ports:
-            - containerPort: 2181
-          resources: {}
-      restartPolicy: Always

charts/clearml-serving/templates/zookeeper-service.yaml

@@ -1,14 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  annotations: {}
-  labels:
-    clearml.serving.service: zookeeper
-  name: clearml-serving-zookeeper
-spec:
-  ports:
-    - name: "2181"
-      port: 2181
-      targetPort: 2181
-  selector:
-    clearml.serving.service: zookeeper

charts/clearml-serving/values.yaml

@@ -8,68 +8,12 @@ clearml:
   defaultBaseServeUrl: http://127.0.0.1:8080/serve
   servingTaskId: "ClearML Serving Task ID"
 
-# -- Zookeeper generic configigurations
-zookeeper:
-  image:
-    repository: "bitnami/zookeeper"
-    tag: "3.7.0"
-  nodeSelector: {}
-  tolerations: []
-  affinity: {}
-  resources: {}
-
-# -- Kafka generic configigurations
-kafka:
-  image:
-    repository: "bitnami/kafka"
-    tag: "3.1.0"
-  nodeSelector: {}
-  tolerations: []
-  affinity: {}
-  resources: {}
-
-# -- Prometheus generic configigurations
-prometheus:
-  image:
-    repository: "prom/prometheus"
-    tag: "v2.34.0"
-  nodeSelector: {}
-  tolerations: []
-  affinity: {}
-  resources: {}
-
-# -- Grafana generic configigurations
-grafana:
-  image:
-    repository: "grafana/grafana"
-    tag: "8.4.4-ubuntu"
-  nodeSelector: {}
-  tolerations: []
-  affinity: {}
-  resources: {}
-  ingress:
-    enabled: false
-    hostName: "serving-grafana.clearml.127-0-0-1.nip.io"
-    tlsSecretName: ""
-    annotations: {}
-    path: "/"
-
-# -- Alertmanager generic configigurations
-alertmanager:
-  image:
-    repository: "prom/alertmanager"
-    tag: "v0.23.0"
-  nodeSelector: {}
-  tolerations: []
-  affinity: {}
-  resources: {}
-
 # -- ClearML serving statistics configurations
 clearml_serving_statistics:
   # -- Container Image
   image:
     repository: "allegroai/clearml-serving-statistics"
-    tag: "1.2.0"
+    tag: "1.3.0"
   # -- Node Selector configuration
   nodeSelector: {}
   # -- Tolerations configuration
@@ -88,7 +32,7 @@ clearml_serving_inference:
   # -- Container Image
   image:
     repository: "allegroai/clearml-serving-inference"
-    tag: "1.2.0"
+    tag: "1.3.0"
   # -- Node Selector configuration
   nodeSelector: {}
   # -- Tolerations configuration
@@ -97,6 +41,8 @@ clearml_serving_inference:
   affinity: {}
   # -- Pod resources definition
   resources: {}
+  # -- Extra environment variables
+  extraEnvironment: []
   # -- Extra Python Packages to be installed in running pods
   extraPythonPackages: []
   #  - numpy==1.22.4
@@ -110,10 +56,17 @@ clearml_serving_inference:
     targetMemory: 50
   # -- Ingress exposing configurations
   ingress:
+    # -- Enable/Disable ingress
     enabled: false
+    # -- ClassName (must be defined if no default ingressClassName is available)
+    ingressClassName: ""
+    # -- Ingress hostname domain
     hostName: "serving.clearml.127-0-0-1.nip.io"
+    # -- Reference to secret containing TLS certificate. If set, it enables HTTPS on ingress rule.
     tlsSecretName: ""
+    # -- Ingress annotations
     annotations: {}
+    # -- Ingress root path url
     path: "/"
 
 # -- ClearML serving Triton configurations
@@ -123,7 +76,7 @@ clearml_serving_triton:
   # -- Container Image
   image:
     repository: "allegroai/clearml-serving-triton"
-    tag: "1.2.0-22.07"
+    tag: "1.3.0"
   # -- Node Selector configuration
   nodeSelector: {}
   # -- Tolerations configuration
@@ -145,20 +98,56 @@ clearml_serving_triton:
     targetMemory: 50
   # -- Ingress exposing configurations
   ingress:
+    # -- Enable/Disable ingress
     enabled: false
+    # -- ClassName (must be defined if no default ingressClassName is available)
+    ingressClassName: ""
+    # -- Ingress hostname domain
     hostName: "serving-grpc.clearml.127-0-0-1.nip.io"
+    # -- Reference to secret containing TLS certificate. If set, it enables HTTPS on ingress rule.
     tlsSecretName: ""
+    # -- Ingress annotations
     annotations: {}
-    #  # Example for AWS ALB
-    #  kubernetes.io/ingress.class: alb
-    #  alb.ingress.kubernetes.io/backend-protocol: HTTP
-    #  alb.ingress.kubernetes.io/backend-protocol-version: GRPC
-    #  alb.ingress.kubernetes.io/certificate-arn: <cerntificate arn>
-    #  alb.ingress.kubernetes.io/ssl-redirect: '443'
-    #  alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]'
-    #  alb.ingress.kubernetes.io/target-type: ip
-    #
-    #  # Example for NNGINX ingress controller
-    #  nginx.ingress.kubernetes.io/ssl-redirect: "true"
-    #  nginx.ingress.kubernetes.io/backend-protocol: "GRPC"
+    # -- Ingress root path url
     path: "/"
+
+# -- Configuration from https://github.com/bitnami/charts/blob/main/bitnami/kafka/values.yaml
+kafka:
+  enabled: true
+
+# -- Configuration from https://github.com/prometheus-community/helm-charts/blob/main/charts/prometheus/values.yaml
+prometheus:
+  enabled: true
+  kube-state-metrics:
+    enabled: false
+  prometheus-node-exporter:
+    enabled: false
+  prometheus-pushgateway:
+    enabled: false
+  serverFiles:
+    prometheus.yml:
+      scrape_configs:
+        - job_name: prometheus
+          static_configs:
+            - targets:
+              - localhost:9090
+  extraScrapeConfigs: |
+    - job_name: "{{ .Release.Name }}-stats"
+      static_configs:
+        - targets:
+          - "{{ .Release.Name }}-statistics:9999"
+
+# -- Configuration from https://github.com/grafana/helm-charts/blob/main/charts/grafana/values.yaml
+grafana:
+  enabled: true
+  adminUser: admin
+  adminPassword: clearml
+  datasources:
+    datasources.yaml:
+      apiVersion: 1
+      datasources:
+      - name: Prometheus
+        type: prometheus
+        url: "http://{{ .Release.Name }}-prometheus-server"
+        access: proxy
+        isDefault: true

charts/clearml/Chart.lock

@@ -1,12 +1,12 @@
 dependencies:
 - name: redis
-  repository: file://../../dependency_charts/redis
-  version: 10.9.0
+  repository: https://charts.bitnami.com/bitnami
+  version: 17.8.3
 - name: mongodb
-  repository: file://../../dependency_charts/mongodb
-  version: 10.3.4
+  repository: https://charts.bitnami.com/bitnami
+  version: 12.1.31
 - name: elasticsearch
-  repository: file://../../dependency_charts/elasticsearch
-  version: 7.16.2
-digest: sha256:149b5a49382d280b1e083f3c193d014d3d2eb7fcdf3ec1402008996960cc173a
-generated: "2022-06-02T21:09:00.961174+02:00"
+  repository: https://helm.elastic.co
+  version: 7.17.3
+digest: sha256:e92c4ac212dfd90a527af0260fa71a5fcc33f485a21c1cca3daa2ced667858b2
+generated: "2023-03-10T14:59:49.01676+01:00"

charts/clearml/Chart.yaml

@@ -2,9 +2,9 @@ apiVersion: v2
 name: clearml
 description: MLOps platform
 type: application
-version: "5.5.1"
-appVersion: "1.9.2"
-kubeVersion: ">= 1.21.0-0 < 1.27.0-0"
+version: "7.2.2"
+appVersion: "1.11.0"
+kubeVersion: ">= 1.21.0-0 < 1.28.0-0"
 home: https://clear.ml
 icon: https://raw.githubusercontent.com/allegroai/clearml/master/docs/clearml-logo.svg
 sources:
@@ -19,18 +19,18 @@ keywords:
   - mlops
 dependencies:
   - name: redis
-    version: "10.9.0"
-    repository: "file://../../dependency_charts/redis"
+    version: "17.8.3"
+    repository: "https://charts.bitnami.com/bitnami"
     condition: redis.enabled
   - name: mongodb
-    version: "10.3.4"
-    repository: "file://../../dependency_charts/mongodb"
+    version: "12.1.31"
+    repository: "https://charts.bitnami.com/bitnami"
     condition: mongodb.enabled
   - name: elasticsearch
-    version: "7.16.2"
-    repository: "file://../../dependency_charts/elasticsearch"
+    version: "7.17.3"
+    repository: "https://helm.elastic.co"
     condition: elasticsearch.enabled
 annotations:
   artifacthub.io/changes: |
-    - kind: changed
-      description: check redis and mongodb too before starting apiserver
+    - kind: added
+      description: defaulr externalServices value

charts/clearml/README.md

@@ -1,6 +1,6 @@
 # ClearML Ecosystem for Kubernetes
 
-![Version: 5.5.1](https://img.shields.io/badge/Version-5.5.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.9.2](https://img.shields.io/badge/AppVersion-1.9.2-informational?style=flat-square)
+![Version: 7.2.2](https://img.shields.io/badge/Version-7.2.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.11.0](https://img.shields.io/badge/AppVersion-1.11.0-informational?style=flat-square)
 
 MLOps platform
 
@@ -109,10 +109,13 @@ helm upgrade clearml allegroai/clearml --version <CURRENT CHART VERSION> -f cust
 Please note: updating values only should always be done setting explicit chart version to avoid a possible chart update.
 Keeping separate updates procedures between version and values can be a good practice to seprate potential concerns.
 
-## ENTERPRISE Version
+### Major upgrade from 5.* to 6.*
 
-There are some specific Enterprise version features that can be enabled only with specific Enterprise licensed images.
-Enabling this features on OSS version can cause the entire installation to break.
+Before issuing helm upgrade:
+
+* delete Redis statefulset(s)
+* scale MongoDB deployment(s) replicas to 0
+* if using securityContexts check for new value form in values.yaml (podSecurityContext and containerSecurityContext)
 
 ## Additional Configuration for ClearML Server
 
@@ -130,26 +133,27 @@ For detailed instructions, see the [Optional Configuration](https://github.com/a
 
 ## Requirements
 
-Kubernetes: `>= 1.21.0-0 < 1.27.0-0`
+Kubernetes: `>= 1.21.0-0 < 1.28.0-0`
 
 | Repository | Name | Version |
 |------------|------|---------|
-| file://../../dependency_charts/elasticsearch | elasticsearch | 7.16.2 |
-| file://../../dependency_charts/mongodb | mongodb | 10.3.4 |
-| file://../../dependency_charts/redis | redis | 10.9.0 |
+| https://charts.bitnami.com/bitnami | mongodb | 12.1.31 |
+| https://charts.bitnami.com/bitnami | redis | 17.8.3 |
+| https://helm.elastic.co | elasticsearch | 7.17.3 |
 
 ## Values
 
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
-| apiserver | object | `{"additionalConfigs":{},"affinity":{},"enabled":true,"existingAdditionalConfigsConfigMap":"","existingAdditionalConfigsSecret":"","extraEnvs":[],"image":{"pullPolicy":"IfNotPresent","repository":"allegroai/clearml","tag":"1.9.2-317"},"indexReplicas":0,"indexShards":1,"ingress":{"annotations":{},"enabled":false,"hostName":"api.clearml.127-0-0-1.nip.io","ingressClassName":"","path":"/","tlsSecretName":""},"nodeSelector":{},"podAnnotations":{},"prepopulateEnabled":true,"processes":{"count":8,"maxRequests":1000,"maxRequestsJitter":300,"timeout":24000},"replicaCount":1,"resources":{"limits":{"cpu":"2000m","memory":"1Gi"},"requests":{"cpu":"100m","memory":"256Mi"}},"securityContext":{},"service":{"nodePort":30008,"port":8008,"type":"NodePort"},"tolerations":[]}` | Api Server configurations |
+| apiserver | object | `{"additionalConfigs":{},"affinity":{},"containerSecurityContext":{},"enabled":true,"existingAdditionalConfigsConfigMap":"","existingAdditionalConfigsSecret":"","extraEnvs":[],"image":{"pullPolicy":"IfNotPresent","registry":"","repository":"allegroai/clearml","tag":"1.11.0-373"},"indexReplicas":0,"indexShards":1,"ingress":{"annotations":{},"enabled":false,"hostName":"api.clearml.127-0-0-1.nip.io","ingressClassName":"","path":"/","tlsSecretName":""},"initContainers":{"resources":{"limits":{"cpu":"10m","memory":"64Mi"},"requests":{"cpu":"10m","memory":"64Mi"}}},"nodeSelector":{},"podAnnotations":{},"podSecurityContext":{},"prepopulateEnabled":true,"processes":{"count":8,"maxRequests":1000,"maxRequestsJitter":300,"timeout":24000},"replicaCount":1,"resources":{"limits":{"cpu":"2000m","memory":"1Gi"},"requests":{"cpu":"100m","memory":"256Mi"}},"service":{"annotations":{},"nodePort":30008,"port":8008,"type":"NodePort"},"tolerations":[]}` | Api Server configurations |
 | apiserver.additionalConfigs | object | `{}` | files declared in this parameter will be mounted and read by apiserver (examples in values.yaml) if not overridden by existingAdditionalConfigsSecret |
 | apiserver.affinity | object | `{}` | Api Server affinity setup |
+| apiserver.containerSecurityContext | object | `{}` | Api Server containers security context |
 | apiserver.enabled | bool | `true` | Enable/Disable component deployment |
 | apiserver.existingAdditionalConfigsConfigMap | string | `""` | reference for files declared in existing ConfigMap will be mounted and read by apiserver (examples in values.yaml) |
 | apiserver.existingAdditionalConfigsSecret | string | `""` | reference for files declared in existing Secret will be mounted and read by apiserver (examples in values.yaml) if not overridden by existingAdditionalConfigsConfigMap |
 | apiserver.extraEnvs | list | `[]` | Api Server extra envrinoment variables |
-| apiserver.image | object | `{"pullPolicy":"IfNotPresent","repository":"allegroai/clearml","tag":"1.9.2-317"}` | Api Server image configuration |
+| apiserver.image | object | `{"pullPolicy":"IfNotPresent","registry":"","repository":"allegroai/clearml","tag":"1.11.0-373"}` | Api Server image configuration |
 | apiserver.indexReplicas | int | `0` | Number of additional replicas in Elasticsearch indexes |
 | apiserver.indexShards | int | `1` | Number of shards in Elasticsearch indexes |
 | apiserver.ingress | object | `{"annotations":{},"enabled":false,"hostName":"api.clearml.127-0-0-1.nip.io","ingressClassName":"","path":"/","tlsSecretName":""}` | Ingress configuration for Api Server component |
@@ -159,8 +163,10 @@ Kubernetes: `>= 1.21.0-0 < 1.27.0-0`
 | apiserver.ingress.ingressClassName | string | `""` | ClassName (must be defined if no default ingressClassName is available) |
 | apiserver.ingress.path | string | `"/"` | Ingress root path url |
 | apiserver.ingress.tlsSecretName | string | `""` | Reference to secret containing TLS certificate. If set, it enables HTTPS on ingress rule. |
+| apiserver.initContainers | object | `{"resources":{"limits":{"cpu":"10m","memory":"64Mi"},"requests":{"cpu":"10m","memory":"64Mi"}}}` | Api Server resources per initContainers pod |
 | apiserver.nodeSelector | object | `{}` | Api Server nodeselector |
 | apiserver.podAnnotations | object | `{}` | specific annotation for Api Server pods |
+| apiserver.podSecurityContext | object | `{}` | Api Server pod security context |
 | apiserver.prepopulateEnabled | bool | `true` | Enable/Disable example data load |
 | apiserver.processes | object | `{"count":8,"maxRequests":1000,"maxRequestsJitter":300,"timeout":24000}` | Api Server internal processes configuration |
 | apiserver.processes.count | int | `8` | Api Server internal listing processes |
@@ -169,11 +175,11 @@ Kubernetes: `>= 1.21.0-0 < 1.27.0-0`
 | apiserver.processes.timeout | int | `24000` | Api timeout (ms) |
 | apiserver.replicaCount | int | `1` | Api Server number of pods |
 | apiserver.resources | object | `{"limits":{"cpu":"2000m","memory":"1Gi"},"requests":{"cpu":"100m","memory":"256Mi"}}` | Api Server resources per pod; these are minimal requirements, it's suggested to increase these values in production environments |
-| apiserver.securityContext | object | `{}` | Api Server pod security context |
-| apiserver.service | object | `{"nodePort":30008,"port":8008,"type":"NodePort"}` | Api Server internal service configuration |
+| apiserver.service | object | `{"annotations":{},"nodePort":30008,"port":8008,"type":"NodePort"}` | Api Server internal service configuration |
+| apiserver.service.annotations | object | `{}` | specific annotation for Api Server service |
 | apiserver.service.nodePort | int | `30008` | If service.type set to NodePort, this will be set to service's nodePort field. If service.type is set to others, this field will be ignored |
 | apiserver.tolerations | list | `[]` | Api Server tolerations setup |
-| clearml | object | `{"apiserverKey":"GGS9F4M6XB2DXJ5AFT9F","apiserverSecret":"2oGujVFhPfaozhpuz2GzQfA5OyxmMsR3WVJpsCR5hrgHFs20PO","clientConfigurationApiUrl":"","clientConfigurationFilesUrl":"","cookieDomain":"","cookieName":"clearml-token-k8s","defaultCompany":"d1bd92a3b039400cbafc60a7a5b1e52b","fileserverKey":"XXCRJ123CEE2KSQ068WO","fileserverSecret":"YIy8EVAC7QCT4FtgitxAQGyW7xRHDZ4jpYlTE7HKiscpORl1hG","readinessprobeKey":"GK4PRTVT3706T25K6BA1","readinessprobeSecret":"ymLh1ok5k5xNUQfS944Xdx9xjf0wueokqKM2dMZfHuH9ayItG2","secureAuthTokenSecret":"ymLh1ok5k5xNUQfS944Xdx9xjf0wueokqKM2dMZfHuH9ayItG2","testUserKey":"ENP39EQM4SLACGD5FXB7","testUserSecret":"lPcm0imbcBZ8mwgO7tpadutiS3gnJD05x9j7afwXPS35IKbpiQ"}` | ClearMl generic configurations |
+| clearml | object | `{"apiserverKey":"GGS9F4M6XB2DXJ5AFT9F","apiserverSecret":"2oGujVFhPfaozhpuz2GzQfA5OyxmMsR3WVJpsCR5hrgHFs20PO","clientConfigurationApiUrl":"","clientConfigurationFilesUrl":"","cookieDomain":"","cookieName":"clearml-token-k8s","defaultCompany":"d1bd92a3b039400cbafc60a7a5b1e52b","existingSecret":"","fileserverKey":"XXCRJ123CEE2KSQ068WO","fileserverSecret":"YIy8EVAC7QCT4FtgitxAQGyW7xRHDZ4jpYlTE7HKiscpORl1hG","readinessprobeKey":"GK4PRTVT3706T25K6BA1","readinessprobeSecret":"ymLh1ok5k5xNUQfS944Xdx9xjf0wueokqKM2dMZfHuH9ayItG2","secureAuthTokenSecret":"ymLh1ok5k5xNUQfS944Xdx9xjf0wueokqKM2dMZfHuH9ayItG2","testUserKey":"ENP39EQM4SLACGD5FXB7","testUserSecret":"lPcm0imbcBZ8mwgO7tpadutiS3gnJD05x9j7afwXPS35IKbpiQ"}` | ClearMl generic configurations |
 | clearml.apiserverKey | string | `"GGS9F4M6XB2DXJ5AFT9F"` | Api Server basic auth key |
 | clearml.apiserverSecret | string | `"2oGujVFhPfaozhpuz2GzQfA5OyxmMsR3WVJpsCR5hrgHFs20PO"` | Api Server basic auth secret |
 | clearml.clientConfigurationApiUrl | string | `""` | Override the API Urls displayed when showing an example of the SDK's clearml.conf configuration |
@@ -181,6 +187,7 @@ Kubernetes: `>= 1.21.0-0 < 1.27.0-0`
 | clearml.cookieDomain | string | `""` | Cookie domain to be left empty if not exposed with an ingress |
 | clearml.cookieName | string | `"clearml-token-k8s"` | Name fo the UI cookie |
 | clearml.defaultCompany | string | `"d1bd92a3b039400cbafc60a7a5b1e52b"` | Company name |
+| clearml.existingSecret | string | `""` | Pass Clearml secrets using an existing secret must contain the keys: apiserver_key, apiserver_secret, secure_auth_token_secret, test_user_key, test_user_secret |
 | clearml.fileserverKey | string | `"XXCRJ123CEE2KSQ068WO"` | File Server basic auth key |
 | clearml.fileserverSecret | string | `"YIy8EVAC7QCT4FtgitxAQGyW7xRHDZ4jpYlTE7HKiscpORl1hG"` | File Server basic auth secret |
 | clearml.readinessprobeKey | string | `"GK4PRTVT3706T25K6BA1"` | Readiness probe basic auth key |
@@ -189,45 +196,18 @@ Kubernetes: `>= 1.21.0-0 < 1.27.0-0`
 | clearml.testUserKey | string | `"ENP39EQM4SLACGD5FXB7"` | Test Server basic auth key |
 | clearml.testUserSecret | string | `"lPcm0imbcBZ8mwgO7tpadutiS3gnJD05x9j7afwXPS35IKbpiQ"` | Test File Server basic auth secret |
 | elasticsearch | object | `{"clusterHealthCheckParams":"wait_for_status=yellow&timeout=1s","clusterName":"clearml-elastic","enabled":true,"esConfig":{"elasticsearch.yml":"xpack.security.enabled: false\n"},"esJavaOpts":"-Xmx2g -Xms2g","extraEnvs":[{"name":"bootstrap.memory_lock","value":"false"},{"name":"cluster.routing.allocation.node_initial_primaries_recoveries","value":"500"},{"name":"cluster.routing.allocation.disk.watermark.low","value":"500mb"},{"name":"cluster.routing.allocation.disk.watermark.high","value":"500mb"},{"name":"cluster.routing.allocation.disk.watermark.flood_stage","value":"500mb"},{"name":"http.compression_level","value":"7"},{"name":"reindex.remote.whitelist","value":"*.*"},{"name":"xpack.monitoring.enabled","value":"false"},{"name":"xpack.security.enabled","value":"false"}],"httpPort":9200,"minimumMasterNodes":1,"persistence":{"enabled":true},"replicas":1,"resources":{"limits":{"cpu":"2000m","memory":"4Gi"},"requests":{"cpu":"100m","memory":"2Gi"}},"roles":{"data":"true","ingest":"true","master":"true","remote_cluster_client":"true"},"volumeClaimTemplate":{"accessModes":["ReadWriteOnce"],"resources":{"requests":{"storage":"50Gi"}},"storageClassName":null}}` | Configuration from https://github.com/elastic/helm-charts/blob/7.16/elasticsearch/values.yaml |
-| enterpriseFeatures | object | `{"airGappedDocumentation":{"enabled":false,"image":{"repository":"","tag":"4"}},"apiserverImageTagOverride":"3.15.3-909","clearmlApplications":{"affinity":{},"agentKey":"GK4PRTVT3706T25K6BA1","agentSecret":"ymLh1ok5k5xNUQfS944Xdx9xjf0wueokqKM2dMZfHuH9ayItG2","basePodImage":{"repository":"","tag":"app-1.1.1-47"},"enabled":true,"extraEnvs":[],"gitAgentPass":"git_password","gitAgentUser":"git_user","image":{"pullPolicy":"IfNotPresent","repository":"","tag":"1.24-57"},"nodeSelector":{},"podAnnotations":{},"replicaCount":1,"resources":{"limits":{"cpu":"2000m","memory":"1Gi"},"requests":{"cpu":"100m","memory":"256Mi"}},"tolerations":[]},"defaultCompanyGuid":"d1bd92a3b039400cbafc60a7a5b1e52b","enabled":false,"extraIndexUrl":"","fileserverImageTagOverride":"3.15.3-909","overrideReferenceApiUrl":"","overrideReferenceFileUrl":"","webserverImageTagOverride":"3.15.3-801"}` | Enterprise features (work only with an Enterprise license) |
-| enterpriseFeatures.airGappedDocumentation | object | `{"enabled":false,"image":{"repository":"","tag":"4"}}` | Air gapped documentation  configurations |
-| enterpriseFeatures.airGappedDocumentation.enabled | bool | `false` | Enable/Disable air gapped documentation deployment |
-| enterpriseFeatures.airGappedDocumentation.image | object | `{"repository":"","tag":"4"}` | Air gapped documentation image configuration |
-| enterpriseFeatures.apiserverImageTagOverride | string | `"3.15.3-909"` | Image tag override for apiserver enterprise version |
-| enterpriseFeatures.clearmlApplications | object | `{"affinity":{},"agentKey":"GK4PRTVT3706T25K6BA1","agentSecret":"ymLh1ok5k5xNUQfS944Xdx9xjf0wueokqKM2dMZfHuH9ayItG2","basePodImage":{"repository":"","tag":"app-1.1.1-47"},"enabled":true,"extraEnvs":[],"gitAgentPass":"git_password","gitAgentUser":"git_user","image":{"pullPolicy":"IfNotPresent","repository":"","tag":"1.24-57"},"nodeSelector":{},"podAnnotations":{},"replicaCount":1,"resources":{"limits":{"cpu":"2000m","memory":"1Gi"},"requests":{"cpu":"100m","memory":"256Mi"}},"tolerations":[]}` | APPS configurations |
-| enterpriseFeatures.clearmlApplications.affinity | object | `{}` | APPS affinity setup |
-| enterpriseFeatures.clearmlApplications.agentKey | string | `"GK4PRTVT3706T25K6BA1"` | Apps Server basic auth key |
-| enterpriseFeatures.clearmlApplications.agentSecret | string | `"ymLh1ok5k5xNUQfS944Xdx9xjf0wueokqKM2dMZfHuH9ayItG2"` | Apps Server basic auth secret |
-| enterpriseFeatures.clearmlApplications.basePodImage | object | `{"repository":"","tag":"app-1.1.1-47"}` | APPS base spawning pods image |
-| enterpriseFeatures.clearmlApplications.enabled | bool | `true` | Enable/Disable component deployment |
-| enterpriseFeatures.clearmlApplications.extraEnvs | list | `[]` | APPS extra envrinoment variables |
-| enterpriseFeatures.clearmlApplications.gitAgentPass | string | `"git_password"` | Apps Server Git password |
-| enterpriseFeatures.clearmlApplications.gitAgentUser | string | `"git_user"` | Apps Server Git user |
-| enterpriseFeatures.clearmlApplications.image | object | `{"pullPolicy":"IfNotPresent","repository":"","tag":"1.24-57"}` | APPS image configuration |
-| enterpriseFeatures.clearmlApplications.nodeSelector | object | `{}` | APPS nodeselector |
-| enterpriseFeatures.clearmlApplications.podAnnotations | object | `{}` | specific annotation for APPS pods |
-| enterpriseFeatures.clearmlApplications.replicaCount | int | `1` | APPS number of pods |
-| enterpriseFeatures.clearmlApplications.resources | object | `{"limits":{"cpu":"2000m","memory":"1Gi"},"requests":{"cpu":"100m","memory":"256Mi"}}` | APPS resources per pod; these are minimal requirements, it's suggested to increase these values in production environments |
-| enterpriseFeatures.clearmlApplications.tolerations | list | `[]` | APPS tolerations setup |
-| enterpriseFeatures.defaultCompanyGuid | string | `"d1bd92a3b039400cbafc60a7a5b1e52b"` | Company ID |
-| enterpriseFeatures.enabled | bool | `false` | Enable/Disable Enterprise features |
-| enterpriseFeatures.extraIndexUrl | string | `""` | extra index URL for Enterprise packages |
-| enterpriseFeatures.fileserverImageTagOverride | string | `"3.15.3-909"` | Image tag override for fileserver enterprise version |
-| enterpriseFeatures.overrideReferenceApiUrl | string | `""` | set this value AND overrideReferenceFileUrl if external endpoint exposure is in place (like a LoadBalancer) example: "https://api.clearml.local" |
-| enterpriseFeatures.overrideReferenceFileUrl | string | `""` | set this value AND overrideReferenceAPIUrl if external endpoint exposure is in place (like a LoadBalancer) example: "https://files.clearml.local" |
-| enterpriseFeatures.webserverImageTagOverride | string | `"3.15.3-801"` | Image tag override for webserver enterprise version |
-| externalServices | object | `{"elasticsearchHost":"","elasticsearchPort":9200,"mongodbConnectionStringAuth":"","mongodbConnectionStringBackend":"","redisHost":"","redisPort":6379}` | Definition of external services to use if not enabled as dependency charts here |
-| externalServices.elasticsearchHost | string | `""` | Existing ElasticSearch Hostname to use if elasticsearch.enabled is false |
-| externalServices.elasticsearchPort | int | `9200` | Existing ElasticSearch Port to use if elasticsearch.enabled is false |
-| externalServices.mongodbConnectionStringAuth | string | `""` | Existing MongoDB connection string for BACKEND to use if mongodb.enabled is false |
-| externalServices.mongodbConnectionStringBackend | string | `""` | Existing MongoDB connection string for AUTH to use if mongodb.enabled is false |
-| externalServices.redisHost | string | `""` | Existing Redis Hostname to use if redis.enabled is false |
+| externalServices | object | `{"elasticsearchConnectionString":"[{\"host\":\"es_hostname1\",\"port\":9200},{\"host\":\"es_hostname2\",\"port\":9200},{\"host\":\"es_hostname3\",\"port\":9200}]","mongodbConnectionStringAuth":"mongodb://mongodb_hostname:27017/auth","mongodbConnectionStringBackend":"mongodb://mongodb_hostnamehostname:27017/backend","redisHost":"redis_hostname","redisPort":6379}` | Definition of external services to use if not enabled as dependency charts here |
+| externalServices.elasticsearchConnectionString | string | `"[{\"host\":\"es_hostname1\",\"port\":9200},{\"host\":\"es_hostname2\",\"port\":9200},{\"host\":\"es_hostname3\",\"port\":9200}]"` | Existing ElasticSearch connectionstring if elasticsearch.enabled is false (example in values.yaml) |
+| externalServices.mongodbConnectionStringAuth | string | `"mongodb://mongodb_hostname:27017/auth"` | Existing MongoDB connection string for BACKEND to use if mongodb.enabled is false (example in values.yaml) |
+| externalServices.mongodbConnectionStringBackend | string | `"mongodb://mongodb_hostnamehostname:27017/backend"` | Existing MongoDB connection string for AUTH to use if mongodb.enabled is false (example in values.yaml) |
+| externalServices.redisHost | string | `"redis_hostname"` | Existing Redis Hostname to use if redis.enabled is false (example in values.yaml) |
 | externalServices.redisPort | int | `6379` | Existing Redis Port to use if redis.enabled is false |
-| fileserver | object | `{"affinity":{},"enabled":true,"extraEnvs":[],"image":{"pullPolicy":"IfNotPresent","repository":"allegroai/clearml","tag":"1.9.2-317"},"ingress":{"annotations":{},"enabled":false,"hostName":"files.clearml.127-0-0-1.nip.io","ingressClassName":"","path":"/","tlsSecretName":""},"nodeSelector":{},"podAnnotations":{},"replicaCount":1,"resources":{"limits":{"cpu":"2000m","memory":"1Gi"},"requests":{"cpu":"100m","memory":"256Mi"}},"securityContext":{},"service":{"nodePort":30081,"port":8081,"type":"NodePort"},"storage":{"data":{"accessMode":"ReadWriteOnce","class":"","existingPVC":"","size":"50Gi"}},"tolerations":[]}` | File Server configurations |
+| fileserver | object | `{"affinity":{},"containerSecurityContext":{},"enabled":true,"extraEnvs":[],"image":{"pullPolicy":"IfNotPresent","registry":"","repository":"allegroai/clearml","tag":"1.11.0-373"},"ingress":{"annotations":{},"enabled":false,"hostName":"files.clearml.127-0-0-1.nip.io","ingressClassName":"","path":"/","tlsSecretName":""},"initContainers":{"resources":{"limits":{"cpu":"10m","memory":"64Mi"},"requests":{"cpu":"10m","memory":"64Mi"}}},"nodeSelector":{},"podAnnotations":{},"podSecurityContext":{},"replicaCount":1,"resources":{"limits":{"cpu":"2000m","memory":"1Gi"},"requests":{"cpu":"100m","memory":"256Mi"}},"service":{"annotations":{},"nodePort":30081,"port":8081,"type":"NodePort"},"storage":{"data":{"accessMode":"ReadWriteOnce","class":"","existingPVC":"","size":"50Gi"},"enabled":true},"tolerations":[]}` | File Server configurations |
 | fileserver.affinity | object | `{}` | File Server affinity setup |
+| fileserver.containerSecurityContext | object | `{}` | File Server containers security context |
 | fileserver.enabled | bool | `true` | Enable/Disable component deployment |
 | fileserver.extraEnvs | list | `[]` | File Server extra envrinoment variables |
-| fileserver.image | object | `{"pullPolicy":"IfNotPresent","repository":"allegroai/clearml","tag":"1.9.2-317"}` | File Server image configuration |
+| fileserver.image | object | `{"pullPolicy":"IfNotPresent","registry":"","repository":"allegroai/clearml","tag":"1.11.0-373"}` | File Server image configuration |
 | fileserver.ingress | object | `{"annotations":{},"enabled":false,"hostName":"files.clearml.127-0-0-1.nip.io","ingressClassName":"","path":"/","tlsSecretName":""}` | Ingress configuration for File Server component |
 | fileserver.ingress.annotations | object | `{}` | Ingress annotations |
 | fileserver.ingress.enabled | bool | `false` | Enable/Disable ingress |
@@ -235,18 +215,23 @@ Kubernetes: `>= 1.21.0-0 < 1.27.0-0`
 | fileserver.ingress.ingressClassName | string | `""` | ClassName (must be defined if no default ingressClassName is available) |
 | fileserver.ingress.path | string | `"/"` | Ingress root path url |
 | fileserver.ingress.tlsSecretName | string | `""` | Reference to secret containing TLS certificate. If set, it enables HTTPS on ingress rule. |
+| fileserver.initContainers | object | `{"resources":{"limits":{"cpu":"10m","memory":"64Mi"},"requests":{"cpu":"10m","memory":"64Mi"}}}` | File Server resources per initContainers pod |
 | fileserver.nodeSelector | object | `{}` | File Server nodeselector |
 | fileserver.podAnnotations | object | `{}` | specific annotation for File Server pods |
+| fileserver.podSecurityContext | object | `{}` | File Server pod security context |
 | fileserver.replicaCount | int | `1` | File Server number of pods |
 | fileserver.resources | object | `{"limits":{"cpu":"2000m","memory":"1Gi"},"requests":{"cpu":"100m","memory":"256Mi"}}` | File Server resources per pod; these are minimal requirements, it's suggested to increase these values in production environments |
-| fileserver.securityContext | object | `{}` | File Server pod security context |
-| fileserver.service | object | `{"nodePort":30081,"port":8081,"type":"NodePort"}` | File Server internal service configuration |
+| fileserver.service | object | `{"annotations":{},"nodePort":30081,"port":8081,"type":"NodePort"}` | File Server internal service configuration |
+| fileserver.service.annotations | object | `{}` | specific annotation for File Server service |
 | fileserver.service.nodePort | int | `30081` | If service.type set to NodePort, this will be set to service's nodePort field. If service.type is set to others, this field will be ignored |
-| fileserver.storage | object | `{"data":{"accessMode":"ReadWriteOnce","class":"","existingPVC":"","size":"50Gi"}}` | File server persistence settings |
+| fileserver.storage | object | `{"data":{"accessMode":"ReadWriteOnce","class":"","existingPVC":"","size":"50Gi"},"enabled":true}` | File server persistence settings |
 | fileserver.storage.data.accessMode | string | `"ReadWriteOnce"` | Access mode (must be ReadWriteMany if fileserver replica > 1) |
 | fileserver.storage.data.class | string | `""` | Storage class (use default if empty) |
 | fileserver.storage.data.existingPVC | string | `""` | If set, it uses an already existing PVC instead of dynamic provisioning |
+| fileserver.storage.enabled | bool | `true` | If set to false no PVC is created and emptyDir is used |
 | fileserver.tolerations | list | `[]` | File Server tolerations setup |
+| global | object | `{"imageRegistry":"docker.io"}` | Global parameters section |
+| global.imageRegistry | string | `"docker.io"` | Images registry |
 | imageCredentials | object | `{"email":"someone@host.com","enabled":false,"existingSecret":"","password":"pwd","registry":"docker.io","username":"someone"}` | Container registry configuration |
 | imageCredentials.email | string | `"someone@host.com"` | Email |
 | imageCredentials.enabled | bool | `false` | Use private authentication mode |
@@ -255,13 +240,14 @@ Kubernetes: `>= 1.21.0-0 < 1.27.0-0`
 | imageCredentials.registry | string | `"docker.io"` | Registry name |
 | imageCredentials.username | string | `"someone"` | Registry username |
 | mongodb | object | `{"architecture":"standalone","auth":{"enabled":false},"enabled":true,"persistence":{"accessModes":["ReadWriteOnce"],"enabled":true,"size":"50Gi","storageClass":null},"replicaCount":1}` | Configuration from https://github.com/bitnami/charts/blob/master/bitnami/mongodb/values.yaml |
-| redis | object | `{"cluster":{"enabled":false},"databaseNumber":0,"enabled":true,"master":{"name":"{{ .Release.Name }}-redis-master","persistence":{"accessModes":["ReadWriteOnce"],"enabled":true,"size":"5Gi","storageClass":null},"port":6379},"usePassword":false}` | Configuration from https://github.com/bitnami/charts/blob/master/bitnami/redis/values.yaml |
-| webserver | object | `{"additionalConfigs":{},"affinity":{},"enabled":true,"extraEnvs":[],"image":{"pullPolicy":"IfNotPresent","repository":"allegroai/clearml","tag":"1.9.2-317"},"ingress":{"annotations":{},"enabled":false,"hostName":"app.clearml.127-0-0-1.nip.io","ingressClassName":"","path":"/","tlsSecretName":""},"nodeSelector":{},"podAnnotations":{},"podSecurityContext":{},"replicaCount":1,"resources":{"limits":{"cpu":"2000m","memory":"1Gi"},"requests":{"cpu":"100m","memory":"256Mi"}},"service":{"nodePort":30080,"port":8080,"type":"NodePort"},"tolerations":[]}` | Web Server configurations |
+| redis | object | `{"architecture":"standalone","auth":{"enabled":false},"databaseNumber":0,"enabled":true,"master":{"name":"{{ .Release.Name }}-redis-master","persistence":{"accessModes":["ReadWriteOnce"],"enabled":true,"size":"5Gi","storageClass":null},"port":6379}}` | Configuration from https://github.com/bitnami/charts/blob/master/bitnami/redis/values.yaml |
+| webserver | object | `{"additionalConfigs":{},"affinity":{},"containerSecurityContext":{},"enabled":true,"extraEnvs":[],"image":{"pullPolicy":"IfNotPresent","registry":"","repository":"allegroai/clearml","tag":"1.11.0-373"},"ingress":{"annotations":{},"enabled":false,"hostName":"app.clearml.127-0-0-1.nip.io","ingressClassName":"","path":"/","tlsSecretName":""},"initContainers":{"resources":{"limits":{"cpu":"10m","memory":"64Mi"},"requests":{"cpu":"10m","memory":"64Mi"}}},"nodeSelector":{},"podAnnotations":{},"podSecurityContext":{},"replicaCount":1,"resources":{"limits":{"cpu":"2000m","memory":"1Gi"},"requests":{"cpu":"100m","memory":"256Mi"}},"service":{"annotations":{},"nodePort":30080,"port":8080,"type":"NodePort"},"tolerations":[]}` | Web Server configurations |
 | webserver.additionalConfigs | object | `{}` | Additional specific webserver configurations |
 | webserver.affinity | object | `{}` | Web Server affinity setup |
+| webserver.containerSecurityContext | object | `{}` | Web Server containers security context |
 | webserver.enabled | bool | `true` | Enable/Disable component deployment |
 | webserver.extraEnvs | list | `[]` | Web Server extra envrinoment variables |
-| webserver.image | object | `{"pullPolicy":"IfNotPresent","repository":"allegroai/clearml","tag":"1.9.2-317"}` | Web Server image configuration |
+| webserver.image | object | `{"pullPolicy":"IfNotPresent","registry":"","repository":"allegroai/clearml","tag":"1.11.0-373"}` | Web Server image configuration |
 | webserver.ingress | object | `{"annotations":{},"enabled":false,"hostName":"app.clearml.127-0-0-1.nip.io","ingressClassName":"","path":"/","tlsSecretName":""}` | Ingress configuration for Web Server component |
 | webserver.ingress.annotations | object | `{}` | Ingress annotations |
 | webserver.ingress.enabled | bool | `false` | Enable/Disable ingress |
@@ -269,11 +255,13 @@ Kubernetes: `>= 1.21.0-0 < 1.27.0-0`
 | webserver.ingress.ingressClassName | string | `""` | ClassName (must be defined if no default ingressClassName is available) |
 | webserver.ingress.path | string | `"/"` | Ingress root path url |
 | webserver.ingress.tlsSecretName | string | `""` | Reference to secret containing TLS certificate. If set, it enables HTTPS on ingress rule. |
+| webserver.initContainers | object | `{"resources":{"limits":{"cpu":"10m","memory":"64Mi"},"requests":{"cpu":"10m","memory":"64Mi"}}}` | Web Server resources per initContainers pod |
 | webserver.nodeSelector | object | `{}` | Web Server nodeselector |
 | webserver.podAnnotations | object | `{}` | specific annotation for Web Server pods |
 | webserver.podSecurityContext | object | `{}` | Web Server pod security context |
 | webserver.replicaCount | int | `1` | Web Server number of pods |
 | webserver.resources | object | `{"limits":{"cpu":"2000m","memory":"1Gi"},"requests":{"cpu":"100m","memory":"256Mi"}}` | Web Server resources per pod; these are minimal requirements, it's suggested to increase these values in production environments |
-| webserver.service | object | `{"nodePort":30080,"port":8080,"type":"NodePort"}` | Web Server internal service configuration |
+| webserver.service | object | `{"annotations":{},"nodePort":30080,"port":8080,"type":"NodePort"}` | Web Server internal service configuration |
+| webserver.service.annotations | object | `{}` | specific annotation for Web Server service |
 | webserver.service.nodePort | int | `30080` | If service.type set to NodePort, this will be set to service's nodePort field. If service.type is set to others, this field will be ignored |
 | webserver.tolerations | list | `[]` | Web Server tolerations setup |

charts/clearml/README.md.gotmpl

@@ -106,10 +106,13 @@ helm upgrade clearml allegroai/clearml --version <CURRENT CHART VERSION> -f cust
 Please note: updating values only should always be done setting explicit chart version to avoid a possible chart update. 
 Keeping separate updates procedures between version and values can be a good practice to seprate potential concerns.
 
-## ENTERPRISE Version
+### Major upgrade from 5.* to 6.*
 
-There are some specific Enterprise version features that can be enabled only with specific Enterprise licensed images. 
-Enabling this features on OSS version can cause the entire installation to break.
+Before issuing helm upgrade:
+
+* delete Redis statefulset(s)
+* scale MongoDB deployment(s) replicas to 0
+* if using securityContexts check for new value form in values.yaml (podSecurityContext and containerSecurityContext)
 
 ## Additional Configuration for ClearML Server
 

charts/clearml/templates/NOTES.txt

@@ -11,7 +11,7 @@
   export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "clearml.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
   echo http://$SERVICE_IP:{{ .Values.webserver.service.port }}
 {{- else if contains "ClusterIP" .Values.webserver.service.type }}
-  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "clearml.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "clearml.fullname" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
   export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
   echo "Visit http://127.0.0.1:8080 to use your application"
   kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT

charts/clearml/templates/_helpers.tpl

@@ -46,22 +46,38 @@ app.kubernetes.io/managed-by: {{ .Release.Service }}
 Selector labels
 */}}
 {{- define "clearml.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "clearml.name" . }}
+app.kubernetes.io/name: {{ include "clearml.fullname" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end }}
 
+{{/*
+Registry name
+*/}}
+{{- define "registryNamePrefix" -}}
+  {{- $registryName := "" -}}
+  {{- if .globalValues }}
+    {{- if .globalValues.imageRegistry }}
+      {{- $registryName = printf "%s/" .globalValues.imageRegistry -}}
+    {{- end -}}
+  {{- end -}}
+  {{- if .imageRegistryValue }}
+    {{- $registryName = printf "%s/" .imageRegistryValue -}}
+  {{- end -}}
+{{- printf "%s" $registryName }}
+{{- end }}
+
 {{/*
 Reference Name (apiserver)
 */}}
 {{- define "apiserver.referenceName" -}}
-{{- include "clearml.name" . }}-apiserver
+{{- include "clearml.fullname" . }}-apiserver
 {{- end }}
 
 {{/*
 Selector labels (apiserver)
 */}}
 {{- define "apiserver.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "clearml.name" . }}
+app.kubernetes.io/name: {{ include "clearml.fullname" . }}
 app.kubernetes.io/instance: {{ include "apiserver.referenceName" . }}
 {{- end }}
 
@@ -69,14 +85,14 @@ app.kubernetes.io/instance: {{ include "apiserver.referenceName" . }}
 Reference Name (fileserver)
 */}}
 {{- define "fileserver.referenceName" -}}
-{{- include "clearml.name" . }}-fileserver
+{{- include "clearml.fullname" . }}-fileserver
 {{- end }}
 
 {{/*
 Selector labels (fileserver)
 */}}
 {{- define "fileserver.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "clearml.name" . }}
+app.kubernetes.io/name: {{ include "clearml.fullname" . }}
 app.kubernetes.io/instance: {{ include "fileserver.referenceName" . }}
 {{- end }}
 
@@ -84,14 +100,14 @@ app.kubernetes.io/instance: {{ include "fileserver.referenceName" . }}
 Reference Name (webserver)
 */}}
 {{- define "webserver.referenceName" -}}
-{{- include "clearml.name" . }}-webserver
+{{- include "clearml.fullname" . }}-webserver
 {{- end }}
 
 {{/*
 Selector labels (webserver)
 */}}
 {{- define "webserver.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "clearml.name" . }}
+app.kubernetes.io/name: {{ include "clearml.fullname" . }}
 app.kubernetes.io/instance: {{ include "webserver.referenceName" . }}
 {{- end }}
 
@@ -99,14 +115,14 @@ app.kubernetes.io/instance: {{ include "webserver.referenceName" . }}
 Reference Name (apps)
 */}}
 {{- define "clearmlApplications.referenceName" -}}
-{{- include "clearml.name" . }}-apps
+{{- include "clearml.fullname" . }}-apps
 {{- end }}
 
 {{/*
 Selector labels (apps)
 */}}
 {{- define "clearmlApplications.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "clearml.name" . }}
+app.kubernetes.io/name: {{ include "clearml.fullname" . }}
 app.kubernetes.io/instance: {{ include "clearmlApplications.referenceName" . }}
 {{- end }}
 
@@ -137,25 +153,35 @@ Create readiness probe auth token
 {{- printf "%s:%s" .Values.clearml.readinessprobeKey .Values.clearml.readinessprobeSecret | b64enc }}
 {{- end }}
 
+{{/*
+Create configuration secret name
+*/}}
+{{- define "clearml.confSecretName" }}
+{{- if .Values.clearml.existingSecret -}} {{ default "clearml-conf" .Values.clearml.existingSecret | quote }} {{- else -}} "clearml-conf" {{- end }}
+{{- end }}
+
 {{/*
 Elasticsearch Service name
 */}}
 {{- define "elasticsearch.servicename" -}}
-{{- if .Values.elasticsearch.enabled }}
 {{- .Values.elasticsearch.clusterName }}-master
-{{- else }}
-{{- .Values.externalServices.elasticsearchHost }}
-{{- end }}
 {{- end }}
 
 {{/*
 Elasticsearch Service port
 */}}
 {{- define "elasticsearch.serviceport" -}}
-{{- if .Values.elasticsearch.enabled }}
 {{- .Values.elasticsearch.httpPort }}
+{{- end }}
+
+{{/*
+Elasticsearch Comnnection string
+*/}}
+{{- define "elasticsearch.connectionstring" -}}
+{{- if .Values.elasticsearch.enabled }}
+{{- printf "[{\"host\":\"%s\",\"port\":%s}]" (include "elasticsearch.servicename" .) (include "elasticsearch.serviceport" .) | quote }}
 {{- else }}
-{{- .Values.externalServices.elasticsearchPort }}
+{{- .Values.externalServices.elasticsearchConnectionString | quote }}
 {{- end }}
 {{- end }}
 
@@ -174,13 +200,28 @@ MongoDB Comnnection string
 {{- end }}
 {{- end }}
 
+{{/*
+MongoDB hostname
+*/}}
+{{- define "mongodb.hostname" -}}
+{{- if eq .Values.mongodb.architecture "standalone" }}
+{{- printf "%s" "mongodb" }}
+{{- else }}
+{{- printf "%s" "mongodb-headless" }}
+{{- end }}
+{{- end }}
+
 {{/*
 Redis Service name
 */}}
 {{- define "redis.servicename" -}}
 {{- if .Values.redis.enabled }}
+{{- if eq .Values.redis.architecture "standalone" }}
 {{- tpl .Values.redis.master.name . }}
 {{- else }}
+{{- printf "%s-headless" (tpl .Values.redis.master.name . ) }}
+{{- end }}
+{{- else }}
 {{- .Values.externalServices.redisHost }}
 {{- end }}
 {{- end }}

charts/clearml/templates/apiserver-deployment.yaml

@@ -22,7 +22,7 @@ spec:
       {{- if .Values.imageCredentials.enabled }}
       imagePullSecrets:
       {{- if .Values.imageCredentials.existingSecret }}
-      - name: .Values.imageCredentials.existingSecret
+      - name: {{ .Values.imageCredentials.existingSecret }}
       {{- else }}
       - name: clearml-registry-key
       {{- end }}
@@ -41,14 +41,11 @@ spec:
             name: "{{ include "apiserver.referenceName" . }}-configmap"
           {{- end }}
       {{- end }}
-      securityContext: {{ toYaml .Values.apiserver.podSecurityContext | nindent 8 }}
+      securityContext:
+        {{ toYaml .Values.apiserver.podSecurityContext | nindent 8 }}
       initContainers:
         - name: init-apiserver
-          {{- if .Values.enterpriseFeatures.enabled }}
-          image: "{{ .Values.apiserver.image.repository }}:{{ .Values.enterpriseFeatures.apiserverImageTagOverride }}"
-          {{- else }}
-          image: "{{ .Values.apiserver.image.repository }}:{{ .Values.apiserver.image.tag }}"
-          {{- end }}
+          image: "{{ include "registryNamePrefix" (dict "globalValues" .Values.global "imageRegistryValue" .Values.apiserver.image.registry) }}{{ .Values.apiserver.image.repository }}:{{ .Values.apiserver.image.tag }}"
           command:
             - /bin/sh
             - -c
@@ -61,7 +58,7 @@ spec:
               done ;
               {{- end }}
               {{- if .Values.mongodb.enabled }}
-              while [ $(curl --telnet-option BOGUS --connect-timeout 2 -s "telnet://{{ .Release.Name }}-mongodb:27017" -o /dev/null; echo $?) -ne 49 ] ; do
+              while [ $(curl --telnet-option BOGUS --connect-timeout 2 -s "telnet://{{ .Release.Name }}-{{ include "mongodb.hostname" . }}:27017" -o /dev/null; echo $?) -ne 49 ] ; do
                 echo "waiting for mongodb" ;
                 sleep 5 ;
               done ;
@@ -72,23 +69,27 @@ spec:
                 sleep 5 ;
               done ;
               {{- end }}
+          securityContext:
+            {{ toYaml .Values.apiserver.containerSecurityContext | nindent 12 }}
+          resources:
+            {{- toYaml .Values.apiserver.initContainers.resources | nindent 12 }}
       containers:
         - name: clearml-apiserver
-          {{- if .Values.enterpriseFeatures.enabled }}
-          image: "{{ .Values.apiserver.image.repository }}:{{ .Values.enterpriseFeatures.apiserverImageTagOverride }}"
-          {{- else }}
-          image: "{{ .Values.apiserver.image.repository }}:{{ .Values.apiserver.image.tag }}"
-          {{- end }}
+          image: "{{ include "registryNamePrefix" (dict "globalValues" .Values.global "imageRegistryValue" .Values.apiserver.image.registry) }}{{ .Values.apiserver.image.repository }}:{{ .Values.apiserver.image.tag }}"
           imagePullPolicy: {{ .Values.apiserver.image.pullPolicy }}
           ports:
             - name: http
               containerPort: 8008
               protocol: TCP
           env:
-          - name: CLEARML_ELASTIC_SERVICE_HOST
-            value: {{ include "elasticsearch.servicename" . }}
-          - name: CLEARML_ELASTIC_SERVICE_PORT
-            value: "{{ include "elasticsearch.serviceport" . }}"
+          - name: CLEARML__HOSTS__ELASTIC__WORKERS__HOSTS
+            value: {{ include "elasticsearch.connectionstring" . }}
+          - name: CLEARML__HOSTS__ELASTIC__EVENTS__HOSTS
+            value: {{ include "elasticsearch.connectionstring" . }}
+          - name: CLEARML__HOSTS__ELASTIC__DATASETS__HOSTS
+            value: {{ include "elasticsearch.connectionstring" . }}
+          - name: CLEARML__HOSTS__ELASTIC__LOGS__HOSTS
+            value: {{ include "elasticsearch.connectionstring" . }}
           {{- if .Values.mongodb.enabled }}
           - name: CLEARML_MONGODB_SERVICE_CONNECTION_STRING
             value: {{ include "mongodb.connectionstring" . | quote }}
@@ -106,26 +107,26 @@ spec:
             value: /opt/clearml/config
           - name: CLEARML__apiserver__default_company_name
             value: "{{ .Values.clearml.defaultCompany }}"
-          {{- if not (eq .Values.clearml.cookieDomain "") }}
           - name: CLEARML__APISERVER__AUTH__SESSION_AUTH_COOKIE_NAME
             value: {{ .Values.clearml.cookieName }}
+          {{- if .Values.clearml.cookieDomain }}
           - name: CLEARML__APISERVER__AUTH__COOKIES__DOMAIN
             value: ".{{ .Values.clearml.cookieDomain }}"
           {{- end }}
           - name: CLEARML__secure__credentials__apiserver__user_key
             valueFrom:
               secretKeyRef:
-                name: clearml-conf
+                name: {{ include "clearml.confSecretName" .}}
                 key: apiserver_key
           - name: CLEARML__secure__credentials__apiserver__user_secret
             valueFrom:
               secretKeyRef:
-                name: clearml-conf
+                name: {{ include "clearml.confSecretName" .}}
                 key: apiserver_secret
           - name: CLEARML__secure__auth__token_secret
             valueFrom:
               secretKeyRef:
-                name: clearml-conf
+                name: {{ include "clearml.confSecretName" .}}
                 key: secure_auth_token_secret
           {{- if .Values.apiserver.prepopulateEnabled }}
           - name: CLEARML__APISERVER__PRE_POPULATE__ENABLED
@@ -133,92 +134,23 @@ spec:
           - name: CLEARML__APISERVER__PRE_POPULATE__ZIP_FILES
             value: "/opt/clearml/db-pre-populate"
           {{- end }}
-          {{- if .Values.enterpriseFeatures.enabled }}
-          - name: CLEARML__apiserver__default_company
-            value: "{{ .Values.enterpriseFeatures.defaultCompanyGuid }}"
-          - name: APPLY_ES_MAPPINGS
-            value: "false"
-          - name: CLEARML__HOSTS__ELASTIC__LOGS__HOSTS
-            value: "[\"http://{{ include "elasticsearch.servicename" . }}:{{ include "elasticsearch.serviceport" . }}\"]"
-          - name: NUMBER_OF_GUNICORN_WORKERS
-            value: "{{ .Values.apiserver.processes.count }}"
-          - name: GUNICORN_TIMEOUT
-            value: "{{ .Values.apiserver.processes.timeout }}"
-          - name: GUNICORN_MAX_REQUESTS
-            value: "{{ .Values.apiserver.processes.maxRequests }}"
-          - name: GUNICORN_MAX_REQUESTS_JITTER
-            value: "{{ .Values.apiserver.processes.maxRequestsJitter }}"
-          - name: CLEARML_CONFIG_VERBOSE
-            value: "0"
-          - name: CLEARML__SERVICES__APPLICATIONS__TEMPLATES__FOLDER
-            value: "/opt/allegro/config/applications"
-          - name: CLEARML__apiserver__apilog__prefix
-            value: "fluentd."
-          - name: CLEARML__apiserver__apilog__index_name_prefix__default
-            value: "allegro.apiserver.api-logs."
-          - name: CLEARML__apiserver__apilog__adapter
-            value: "logging"
-          - name: CLEARML__apiserver__apilog__rotation__index_size
-            value: "225000"
-          - name: CLEARML__services__tasks__non_responsive_tasks_watchdog__enabled
-            value: "false"
-          - name: CLEARML__APISERVER__AUTH__COOKIES__MAX_AGE
-            value: "2678400"
-          - name: CLEARML__services__frames__scroll_state_expiration_hours
-            value: "6"
-          - name: CLEARML__services__organization__features__applications
-            value: "true"
-          - name: CLEARML__services__organization__features__app_management
-            value: "true"
-          - name: CLEARML__SERVICES___ELASTIC__MAPPINGS__EVENTS__NUMBER_OF_REPLICAS
-            value: {{ .Values.apiserver.indexReplicas | quote }}
-          - name: CLEARML__SERVICES___ELASTIC__MAPPINGS__EVENTS__NUMBER_OF_SHARDS
-            value: {{ .Values.apiserver.indexShards | quote }}
-          - name: CLEARML__APISERVER__LOG_CALLS
-            value: "false"
-          - name: ALLEGRO_ENV
-            value: "onprem_k8s"
-          - name: CLEARML__secure__credentials__fileserver__user_key
-            valueFrom:
-              secretKeyRef:
-                name: clearml-conf
-                key: fileserver_key
-          - name: CLEARML__secure__credentials__fileserver__user_secret
-            valueFrom:
-              secretKeyRef:
-                name: clearml-conf
-                key: fileserver_secret
-          - name: CLEARML__secure__applications__agents_credentials__apps_agent__user_key
-            valueFrom:
-              secretKeyRef:
-                name: clearml-conf
-                key: apps_agent_key
-          - name: CLEARML__secure__applications__agents_credentials__apps_agent__user_secret
-            valueFrom:
-              secretKeyRef:
-                name: clearml-conf
-                key: apps_agent_secret
-          {{- else }}
           - name: CLEARML__SECURE__CREDENTIALS__TESTS__USER_KEY
             valueFrom:
               secretKeyRef:
-                name: "clearml-conf"
+                name: {{ include "clearml.confSecretName" .}}
                 key: test_user_key
           - name: CLEARML__SECURE__CREDENTIALS__TESTS__USER_SECRET
             valueFrom:
               secretKeyRef:
-                name: "clearml-conf"
+                name: {{ include "clearml.confSecretName" .}}
                 key: test_user_secret
           - name: CLEARML_ENV
             value: "helm-cloud"
-          {{- end }}
           {{- if .Values.apiserver.extraEnvs }}
           {{ toYaml .Values.apiserver.extraEnvs | nindent 10 }}
           {{- end }}
-          {{- if not .Values.enterpriseFeatures.enabled }}
           args:
             - apiserver
-          {{- end }}
           livenessProbe:
             initialDelaySeconds: 60
             httpGet:
@@ -228,11 +160,7 @@ spec:
             initialDelaySeconds: 60
             failureThreshold: 8
             httpGet:
-              {{- if .Values.enterpriseFeatures.enabled }}
-              path: /server.health_check
-              {{- else }}
               path: /debug.ping
-              {{- end }}
               port: 8008
               httpHeaders:
                 - name: Authorization
@@ -240,14 +168,12 @@ spec:
           {{- if or .Values.apiserver.additionalConfigs .Values.apiserver.existingAdditionalConfigsConfigMap  .Values.apiserver.existingAdditionalConfigsSecret }}
           volumeMounts:  
             - name: apiserver-config
-              {{- if .Values.enterpriseFeatures.enabled }}
-              mountPath: /opt/clearml/config/default
-              {{- else }}
               mountPath: /opt/clearml/config
-              {{- end }}
           {{- end }}
           resources:
             {{- toYaml .Values.apiserver.resources | nindent 12 }}
+          securityContext:
+            {{ toYaml .Values.apiserver.containerSecurityContext | nindent 12 }}
       {{- with .Values.apiserver.nodeSelector }}
       nodeSelector:
         {{- toYaml . | nindent 8 }}

charts/clearml/templates/apiserver-service.yaml

@@ -5,6 +5,10 @@ metadata:
   name: {{ include "apiserver.referenceName" . }}
   labels:
     {{- include "clearml.labels" . | nindent 4 }}
+  {{- with .Values.apiserver.service.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
 spec:
   type: {{ .Values.apiserver.service.type }}
   ports:

charts/clearml/templates/apps-configmap.yaml

@@ -1,32 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ include "clearml.name" . }}-apps-pt
-data:
-  template.yaml: |
-    apps_queue:
-      apiVersion: v1
-      metadata:
-        namespace: {{ $.Release.Namespace }}
-      spec:
-        {{- if $.Values.imageCredentials.enabled }}
-        imagePullSecrets:
-        {{- if $.Values.imageCredentials.existingSecret }}
-          - name: $.Values.imageCredentials.existingSecret
-        {{- else }}
-          - name: clearml-registry-key
-        {{- end }}
-        {{- end }}
-        serviceAccountName: "clearml-apps-sa"
-        containers:
-        - resources:
-          ports:
-            - containerPort: 10022
-          volumeMounts:
-          env:
-          - name: CLEARML_API_HOST
-            value: "http://{{ include "apiserver.referenceName" . }}:{{ .Values.apiserver.service.port }}"
-          - name: CLEARML_FILES_HOST
-            value: "http://{{ include "fileserver.referenceName" . }}:{{ .Values.fileserver.service.port }}"
-          - name: CLEARML_WEB_HOST
-            value: "http://{{ include "webserver.referenceName" . }}:{{ .Values.webserver.service.port }}"

charts/clearml/templates/apps-deployment.yaml

@@ -1,126 +0,0 @@
-{{- if .Values.enterpriseFeatures.enabled }}
-{{- if .Values.enterpriseFeatures.clearmlApplications.enabled }}
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: {{ include "clearmlApplications.referenceName" . }}
-  labels:
-    {{- include "clearml.labels" . | nindent 4 }}
-spec:
-  replicas: {{ .Values.enterpriseFeatures.clearmlApplications.replicaCount }}
-  selector:
-    matchLabels:
-      {{- include "clearmlApplications.selectorLabels" . | nindent 6 }}
-  template:
-    metadata:
-      {{- with .Values.enterpriseFeatures.clearmlApplications.podAnnotations }}
-      annotations:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      labels:
-        {{- include "clearmlApplications.selectorLabels" . | nindent 8 }}
-    spec:
-      {{- if .Values.imageCredentials.enabled }}
-      imagePullSecrets:
-      {{- if .Values.imageCredentials.existingSecret }}
-      - name: .Values.imageCredentials.existingSecret
-      {{- else }}
-      - name: clearml-registry-key
-      {{- end }}
-      {{- end }}
-      volumes:
-        - name: {{ include "clearml.name" . }}-apps-pt
-          configMap:
-            name: {{ include "clearml.name" . }}-apps-pt
-      {{- if .Values.enterpriseFeatures.clearmlApplications.additionalConfigs }}
-        - name: apps-config
-          configMap:
-            name: "{{ include "clearmlApplications.referenceName" . }}-configmap"
-      {{- end }}
-      serviceAccountName: "clearml-apps-sa"
-      initContainers:
-        - name: init-apps
-          image: "{{ .Values.enterpriseFeatures.clearmlApplications.image.repository }}:{{ .Values.enterpriseFeatures.clearmlApplications.image.tag | default .Chart.AppVersion }}"
-          command:
-            - /bin/sh
-            - -c
-            - >
-              set -x;
-              while [ $(curl -sw '%{http_code}' "http://{{ include "apiserver.referenceName" . }}:{{ .Values.apiserver.service.port }}/debug.ping" -o /dev/null) -ne 200 ] ; do
-                echo "waiting for apiserver" ;
-                sleep 5 ;
-              done
-      containers:
-        - name: clearml-apps
-          image: "{{ .Values.enterpriseFeatures.clearmlApplications.image.repository }}:{{ .Values.enterpriseFeatures.clearmlApplications.image.tag | default .Chart.AppVersion }}"
-          imagePullPolicy: {{ .Values.enterpriseFeatures.clearmlApplications.image.pullPolicy }}
-          ports:
-            - name: http
-              containerPort: 8008
-              protocol: TCP
-          env:
-          - name: CLEARML_API_HOST
-            value: "http://{{ include "apiserver.referenceName" . }}:{{ .Values.apiserver.service.port }}"
-          - name: CLEARML_FILES_HOST
-            value: "http://{{ include "fileserver.referenceName" . }}:{{ .Values.fileserver.service.port }}"
-          - name: CLEARML_WEB_HOST
-            value: "http://{{ include "webserver.referenceName" . }}:{{ .Values.webserver.service.port }}"
-          - name: CLEARML_AGENT_DEFAULT_BASE_DOCKER
-            value: "{{ .Values.enterpriseFeatures.clearmlApplications.basePodImage.repository }}:{{ .Values.enterpriseFeatures.clearmlApplications.basePodImage.tag }}"
-          - name: CLEARML_WORKER_ID
-            value: "apps-agent-1"
-          - name: CLEARML_NO_DEFAULT_SERVER
-            value: "true"
-          - name: K8S_GLUE_EXTRA_ARGS
-            value: "--namespace {{ .Release.Namespace }} --template-yaml /root/template/template.yaml \
-                    --child-report-tags application --max-pods 5 --use-owner-token"
-          - name: K8S_GLUE_QUEUE
-            value: "apps_queue"
-          - name: CLEARML_AGENT_DISABLE_SSH_MOUNT
-            value: "1"
-          - name: CLEARML_API_ACCESS_KEY
-            valueFrom:
-              secretKeyRef:
-                name: clearml-conf
-                key: apps_agent_key
-          - name: CLEARML_API_SECRET_KEY
-            valueFrom:
-              secretKeyRef:
-                name: clearml-conf
-                key: apps_agent_secret
-          - name: CLEARML_AGENT_GIT_USER
-            valueFrom:
-              secretKeyRef:
-                name: clearml-conf
-                key: apps_git_agent_user
-          - name: CLEARML_AGENT_GIT_PASS
-            valueFrom:
-              secretKeyRef:
-                name: clearml-conf
-                key: apps_git_agent_pass
-          {{- if .Values.enterpriseFeatures.clearmlApplications.extraEnvs }}
-          {{ toYaml .Values.enterpriseFeatures.clearmlApplications.extraEnvs | nindent 10 }}
-          {{- end }}
-          volumeMounts:
-          - name: {{ include "clearml.name" . }}-apps-pt
-            mountPath: /root/template
-          {{- if .Values.enterpriseFeatures.clearmlApplications.additionalConfigs }}
-            - name: apps-config
-              mountPath: /opt/clearml/config/default
-          {{- end }}
-          resources:
-            {{- toYaml .Values.enterpriseFeatures.clearmlApplications.resources | nindent 12 }}
-      {{- with .Values.enterpriseFeatures.clearmlApplications.nodeSelector }}
-      nodeSelector:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.enterpriseFeatures.clearmlApplications.affinity }}
-      affinity:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.enterpriseFeatures.clearmlApplications.tolerations }}
-      tolerations:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-{{- end }}
-{{- end }}

charts/clearml/templates/apps-rbac.yaml

@@ -1,33 +0,0 @@
-{{- if .Values.enterpriseFeatures.enabled }}
-{{- if .Values.enterpriseFeatures.clearmlApplications.enabled }}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: "clearml-apps-sa"
-  namespace: {{ .Release.Namespace }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  name: {{ include "clearmlApplications.referenceName" . }}-kpa
-rules:
-  - apiGroups:
-      - ""
-    resources:
-      - pods
-    verbs: ["get", "list", "watch", "create", "patch", "delete"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: {{ include "clearmlApplications.referenceName" . }}-kpa
-subjects:
-  - kind: ServiceAccount
-    name: "clearml-apps-sa"
-    namespace: {{ .Release.Namespace }}
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: {{ include "clearmlApplications.referenceName" . }}-kpa
-{{- end }}
-{{- end }}

charts/clearml/templates/clearml-secrets.yaml

@@ -7,11 +7,7 @@ data:
   apiserver_secret: {{ .Values.clearml.apiserverSecret | b64enc }}
   fileserver_key: {{ .Values.clearml.fileserverKey | b64enc }}
   fileserver_secret: {{ .Values.clearml.fileserverSecret | b64enc }}
-  apps_agent_key: {{ .Values.enterpriseFeatures.clearmlApplications.agentKey | b64enc }}
-  apps_agent_secret: {{ .Values.enterpriseFeatures.clearmlApplications.agentSecret | b64enc }}
   secure_auth_token_secret: {{ .Values.clearml.secureAuthTokenSecret | b64enc }}
-  apps_git_agent_user: {{ .Values.enterpriseFeatures.clearmlApplications.gitAgentUser | b64enc }}
-  apps_git_agent_pass: {{ .Values.enterpriseFeatures.clearmlApplications.gitAgentPass | b64enc }}
   test_user_key: {{ .Values.clearml.testUserKey | b64enc }}
   test_user_secret: {{ .Values.clearml.testUserSecret | b64enc }}
 ---

charts/clearml/templates/fileserver-deployment.yaml

@@ -22,12 +22,13 @@ spec:
       {{- if .Values.imageCredentials.enabled }}
       imagePullSecrets:
       {{- if .Values.imageCredentials.existingSecret }}
-      - name: .Values.imageCredentials.existingSecret
+      - name: {{ .Values.imageCredentials.existingSecret }}
       {{- else }}
       - name: clearml-registry-key
       {{- end }}
       {{- end }}
       volumes:
+        {{- if .Values.fileserver.storage.enabled }}
         {{- if .Values.fileserver.storage.data.existingPVC }}
         - name: fileserver-data
           persistentVolumeClaim:
@@ -37,30 +38,31 @@ spec:
           persistentVolumeClaim:
             claimName: {{ include "fileserver.referenceName" . }}-data
         {{- end }}
-      securityContext: {{ toYaml .Values.fileserver.podSecurityContext | nindent 8 }}
+        {{- else }}
+        - name: fileserver-data
+          emptyDir: {}
+        {{- end }}
+      securityContext:
+        {{ toYaml .Values.fileserver.podSecurityContext | nindent 8 }}
       initContainers:
-          - name: init-fileserver
-            {{- if .Values.enterpriseFeatures.enabled }}
-            image: "{{ .Values.fileserver.image.repository }}:{{ .Values.enterpriseFeatures.fileserverImageTagOverride }}"
-            {{- else }}
-            image: "{{ .Values.fileserver.image.repository }}:{{ .Values.fileserver.image.tag }}"
-            {{- end }}
-            command:
-              - /bin/sh
-              - -c
-              - >
-                set -x;
-                while [ $(curl -sw '%{http_code}' "http://{{ include "apiserver.referenceName" . }}:{{ .Values.apiserver.service.port }}/debug.ping" -o /dev/null) -ne 200 ] ; do
-                  echo "waiting for apiserver" ;
-                  sleep 5 ;
-                done
+        - name: init-fileserver
+          image: "{{ include "registryNamePrefix" (dict "globalValues" .Values.global "imageRegistryValue" .Values.fileserver.image.registry) }}{{ .Values.fileserver.image.repository }}:{{ .Values.fileserver.image.tag }}"
+          command:
+            - /bin/sh
+            - -c
+            - >
+              set -x;
+              while [ $(curl -sw '%{http_code}' "http://{{ include "apiserver.referenceName" . }}:{{ .Values.apiserver.service.port }}/debug.ping" -o /dev/null) -ne 200 ] ; do
+                echo "waiting for apiserver" ;
+                sleep 5 ;
+              done
+          securityContext:
+            {{ toYaml .Values.fileserver.containerSecurityContext | nindent 12 }}
+          resources:
+            {{- toYaml .Values.fileserver.initContainers.resources | nindent 12 }}
       containers:
         - name: clearml-fileserver
-          {{- if .Values.enterpriseFeatures.enabled }}
-          image: "{{ .Values.fileserver.image.repository }}:{{ .Values.enterpriseFeatures.fileserverImageTagOverride }}"
-          {{- else }}
-          image: "{{ .Values.fileserver.image.repository }}:{{ .Values.fileserver.image.tag }}"
-          {{- end }}
+          image: "{{ include "registryNamePrefix" (dict "globalValues" .Values.global "imageRegistryValue" .Values.fileserver.image.registry) }}{{ .Values.fileserver.image.repository }}:{{ .Values.fileserver.image.tag }}"
           imagePullPolicy: {{ .Values.fileserver.image.pullPolicy }}
           ports:
             - name: http
@@ -80,20 +82,18 @@ spec:
           - name: USER_KEY
             valueFrom:
               secretKeyRef:
-                name: clearml-conf
+                name: {{ include "clearml.confSecretName" .}}
                 key: fileserver_key
           - name: USER_SECRET
             valueFrom:
-              secretKeyRef:
-                name: clearml-conf
+              secretKeyRef: 
+                name: {{ include "clearml.confSecretName" .}}
                 key: fileserver_secret
           {{- if .Values.fileserver.extraEnvs }}
           {{ toYaml .Values.fileserver.extraEnvs | nindent 10 }}
           {{- end }}
-          {{- if not .Values.enterpriseFeatures.enabled }}
           args:
             - fileserver
-          {{- end }}
           livenessProbe:
             exec:
               command:
@@ -111,6 +111,8 @@ spec:
               mountPath: /mnt/fileserver
           resources:
             {{- toYaml .Values.fileserver.resources | nindent 12 }}
+          securityContext:
+            {{ toYaml .Values.fileserver.containerSecurityContext | nindent 12 }}
       {{- with .Values.fileserver.nodeSelector }}
       nodeSelector:
         {{- toYaml . | nindent 8 }}

charts/clearml/templates/fileserver-pvc.yaml

@@ -1,4 +1,5 @@
 {{- if .Values.fileserver.enabled }}
+{{- if .Values.fileserver.storage.enabled }}
 {{- if not .Values.fileserver.storage.data.existingPVC }}
 kind: PersistentVolumeClaim
 apiVersion: v1
@@ -17,3 +18,4 @@ spec:
   {{- end -}}
 {{- end }}
 {{- end }}
+{{- end }}

charts/clearml/templates/fileserver-service.yaml

@@ -5,6 +5,10 @@ metadata:
   name: {{ include "fileserver.referenceName" . }}
   labels:
     {{- include "clearml.labels" . | nindent 4 }}
+  {{- with .Values.fileserver.service.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
 spec:
   type: {{ .Values.fileserver.service.type }}
   ports:

charts/clearml/templates/webserver-configmap.yaml

@@ -6,24 +6,6 @@ metadata:
   labels:
     {{- include "clearml.labels" . | nindent 4 }}
 data:
-  {{- if .Values.enterpriseFeatures.enabled }}
-  configuration.json: |
-    {
-      "gettingStartedContext": {
-        "install":"pip install -U --extra-index-url {{ .Values.enterpriseFeatures.extraIndexUrl }} allegroai",
-        "configure": "allegroai-init",
-        "packageName": "allegroai",
-        "agentName": "allegroai"
-      },
-      "docsLink": "https://clear.ml/docs/",
-      "applicationsBackground": "ui-assets/apps-message.svg"
-      {{- if and .Values.enterpriseFeatures.overrideReferenceApiUrl .Values.enterpriseFeatures.overrideReferenceFileUrl }}
-      ,
-      "fileBaseUrl": "{{ .Values.enterpriseFeatures.overrideReferenceFileUrl }}",
-      "apiBaseUrl": "{{ .Values.enterpriseFeatures.overrideReferenceApiUrl }}"
-      {{- end }}
-    }
-  {{- end }}
   {{- range $key, $val := .Values.webserver.additionalConfigs }}
   {{ $key }}: |
     {{- $val | nindent 4 }}

charts/clearml/templates/webserver-deployment.yaml

@@ -22,7 +22,7 @@ spec:
       {{- if .Values.imageCredentials.enabled }}
       imagePullSecrets:
       {{- if .Values.imageCredentials.existingSecret }}
-      - name: .Values.imageCredentials.existingSecret
+      - name: {{ .Values.imageCredentials.existingSecret }}
       {{- else }}
       - name: clearml-registry-key
       {{- end }}
@@ -31,33 +31,11 @@ spec:
         - name: webserver-config
           configMap:
             name: "{{ include "webserver.referenceName" . }}-configmap"
-        {{- if .Values.enterpriseFeatures.airGappedDocumentation.enabled }}
-        - name: documentation
-          emptyDir: {}
-        {{- end }}
-      securityContext: {{ toYaml .Values.webserver.podSecurityContext | nindent 8 }}
+      securityContext:
+        {{ toYaml .Values.webserver.podSecurityContext | nindent 8 }}
       initContainers:
-        {{- if .Values.enterpriseFeatures.airGappedDocumentation.enabled }}
-        - name: init-airgap-docs
-          image: "{{ .Values.enterpriseFeatures.airGappedDocumentation.image.repository }}:{{ .Values.enterpriseFeatures.airGappedDocumentation.image.tag | default .Chart.AppVersion }}"
-          command:
-            - /bin/sh
-            - -c
-            - cp -a /docs_site/* /usr/share/nginx/html/clearml
-          volumeMounts:
-            - name: webserver-config
-              mountPath: /mnt/external_files/configs
-            {{- if .Values.enterpriseFeatures.airGappedDocumentation.enabled }}
-            - mountPath: /usr/share/nginx/html/clearml
-              name: documentation
-            {{- end }}
-        {{- end }}
         - name: init-webserver
-          {{- if .Values.enterpriseFeatures.enabled }}
-          image: "{{ .Values.webserver.image.repository }}:{{ .Values.enterpriseFeatures.webserverImageTagOverride }}"
-          {{- else }}
-          image: "{{ .Values.webserver.image.repository }}:{{ .Values.webserver.image.tag }}"
-          {{- end }}
+          image: "{{ include "registryNamePrefix" (dict "globalValues" .Values.global "imageRegistryValue" .Values.webserver.image.registry) }}{{ .Values.webserver.image.repository }}:{{ .Values.webserver.image.tag }}"
           command:
             - /bin/sh
             - -c
@@ -67,69 +45,35 @@ spec:
                 echo "waiting for apiserver" ;
                 sleep 5 ;
               done
+          securityContext:
+            {{ toYaml .Values.webserver.containerSecurityContext | nindent 12 }}
+          resources:
+            {{- toYaml .Values.webserver.initContainers.resources | nindent 12 }}
       containers:
         - name: clearml-webserver
-          {{- if .Values.enterpriseFeatures.enabled }}
-          image: "{{ .Values.webserver.image.repository }}:{{ .Values.enterpriseFeatures.webserverImageTagOverride }}"
-          {{- else }}
-          image: "{{ .Values.webserver.image.repository }}:{{ .Values.webserver.image.tag }}"
-          {{- end }}
+          image: "{{ include "registryNamePrefix" (dict "globalValues" .Values.global "imageRegistryValue" .Values.webserver.image.registry) }}{{ .Values.webserver.image.repository }}:{{ .Values.webserver.image.tag }}"
           imagePullPolicy: {{ .Values.webserver.image.pullPolicy }}
           ports:
             - name: http
-              {{- if .Values.enterpriseFeatures.enabled }}
-              containerPort: 8080
-              {{- else }}
               containerPort: 80
-              {{- end }}
               protocol: TCP
           livenessProbe:
             exec:
               command:
                 - curl
                 - -X OPTIONS
-                {{- if .Values.enterpriseFeatures.enabled }}
-                - http://localhost:8080/
-                {{- else }}
                 - http://localhost:80/
-                {{- end }}
           readinessProbe:
             exec:
               command:
                 - curl
                 - -X OPTIONS
-                {{- if .Values.enterpriseFeatures.enabled }}
-                - http://localhost:8080/
-                {{- else }}
                 - http://localhost:80/
-                {{- end }}
           env:
           - name: NGINX_APISERVER_ADDRESS
             value: "http://{{ include "apiserver.referenceName" . }}:{{ .Values.apiserver.service.port }}"
           - name: NGINX_FILESERVER_ADDRESS
             value: "http://{{ include "fileserver.referenceName" . }}:{{ .Values.fileserver.service.port }}"
-          {{- if .Values.enterpriseFeatures.enabled }}
-          {{- if .Values.enterpriseFeatures.airGappedDocumentation.enabled }}
-          - name: WEBSERVER__docsLink
-            value: "\"clearml/docs/\""
-          {{- end }}
-          - name: COMPANY_ID
-            value: "{{ .Values.clearml.defaultCompany }}"
-          - name: WEBSERVER__appsYouTubeIntroLink
-            value: "\"https://www.youtube.com/embed/HACL60h1Z54\""
-          - name: WEBSERVER__appsYouTubeIntroVideoId
-            value: "\"HACL60h1Z54\""
-          - name: USER_KEY
-            valueFrom:
-              secretKeyRef:
-                name: clearml-conf
-                key: apiserver_key
-          - name: USER_SECRET
-            valueFrom:
-              secretKeyRef:
-                name: clearml-conf
-                key: apiserver_secret
-          {{- end }}
           {{- if include "clearml.clientConfiguration" . }}
           - name: WEBSERVER__displayedServerUrls
             value: {{ include "clearml.clientConfiguration" . | quote }} 
@@ -137,19 +81,15 @@ spec:
           {{- if .Values.webserver.extraEnvs }}
           {{ toYaml .Values.webserver.extraEnvs | nindent 10 }}
           {{- end }}
-          {{- if not .Values.enterpriseFeatures.enabled }}
           args:
             - webserver
-          {{- end }}
           volumeMounts:
             - name: webserver-config
               mountPath: /mnt/external_files/configs
-            {{- if .Values.enterpriseFeatures.airGappedDocumentation.enabled }}
-            - mountPath: /usr/share/nginx/html/clearml
-              name: documentation
-            {{- end }}
           resources:
             {{- toYaml .Values.webserver.resources | nindent 12 }}
+          securityContext:
+            {{ toYaml .Values.webserver.containerSecurityContext | nindent 12 }}
       {{- with .Values.webserver.nodeSelector }}
       nodeSelector:
         {{- toYaml . | nindent 8 }}

charts/clearml/templates/webserver-service.yaml

@@ -5,15 +5,15 @@ metadata:
   name: {{ include "webserver.referenceName" . }}
   labels:
     {{- include "clearml.labels" . | nindent 4 }}
+  {{- with .Values.webserver.service.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
 spec:
   type: {{ .Values.webserver.service.type }}
   ports:
     - port: {{ .Values.webserver.service.port }}
-      {{- if .Values.enterpriseFeatures.enabled }}
-      targetPort: 8080
-      {{- else }}
       targetPort: 80
-      {{- end }}
       {{- if eq .Values.webserver.service.type "NodePort" }}
       nodePort: {{ .Values.webserver.service.nodePort }}
       {{- end }}

charts/clearml/values-production.yaml

@@ -16,6 +16,26 @@ webserver:
   ingress:
     enabled: true
     hostName: "app.clearml.127-0-0-1.nip.io"
+redis:
+  master:
+    name: "{{ .Release.Name }}-redis"
+    persistence:
+      enabled: true
+      accessModes:
+        - ReadWriteOnce
+      size: 5Gi
+      ## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner
+      storageClass: null
+  slave:
+    persistence:
+      enabled: true
+      accessModes:
+        - ReadWriteOnce
+      size: 5Gi
+      ## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner
+      storageClass: null
+  architecture: replication
+
 mongodb:
   enabled: true
   architecture: replicaset

charts/clearml/values.yaml

@@ -1,3 +1,8 @@
+# -- Global parameters section
+global:
+  # -- Images registry
+  imageRegistry: "docker.io"
+
 # -- Container registry configuration
 imageCredentials:
   # -- Use private authentication mode
@@ -43,6 +48,9 @@ clearml:
   clientConfigurationApiUrl: ""
   # -- Override the Files Urls displayed when showing an example of the SDK's clearml.conf configuration
   clientConfigurationFilesUrl: ""
+  # -- Pass Clearml secrets using an existing secret
+  # must contain the keys: apiserver_key, apiserver_secret, secure_auth_token_secret, test_user_key, test_user_secret
+  existingSecret: ""
 
 # -- Api Server configurations
 apiserver:
@@ -52,11 +60,14 @@ apiserver:
   prepopulateEnabled: true
   # -- Api Server image configuration
   image:
+    registry: ""
     repository: "allegroai/clearml"
     pullPolicy: IfNotPresent
-    tag: "1.9.2-317"
+    tag: "1.11.0-373"
   # -- Api Server internal service configuration
   service:
+    # -- specific annotation for Api Server service
+    annotations: {}
     type: NodePort
     port: 8008
     # -- If service.type set to NodePort, this will be set to service's nodePort field.
@@ -64,6 +75,15 @@ apiserver:
     nodePort: 30008
   # -- Api Server number of pods
   replicaCount: 1
+  # -- Api Server resources per initContainers pod
+  initContainers:
+    resources:
+      requests:
+        cpu: 10m
+        memory: 64Mi
+      limits:
+        cpu: 10m
+        memory: 64Mi
   # -- Ingress configuration for Api Server component
   ingress:
     # -- Enable/Disable ingress
@@ -112,7 +132,9 @@ apiserver:
   # -- Api Server affinity setup
   affinity: {}
   # -- Api Server pod security context
-  securityContext: {}
+  podSecurityContext: {}
+  # -- Api Server containers security context
+  containerSecurityContext: {}
   #   runAsUser: 1001
   #   fsGroup: 1001
   # -- reference for files declared in existing ConfigMap will be mounted and read by apiserver (examples in values.yaml)
@@ -156,11 +178,14 @@ fileserver:
   enabled: true
   # -- File Server image configuration
   image:
+    registry: ""
     repository: "allegroai/clearml"
     pullPolicy: IfNotPresent
-    tag: "1.9.2-317"
+    tag: "1.11.0-373"
   # -- File Server internal service configuration
   service:
+    # -- specific annotation for File Server service
+    annotations: {}
     type: NodePort
     port: 8081
     # -- If service.type set to NodePort, this will be set to service's nodePort field.
@@ -168,6 +193,15 @@ fileserver:
     nodePort: 30081
   # -- File Server number of pods
   replicaCount: 1
+  # -- File Server resources per initContainers pod
+  initContainers:
+    resources:
+      requests:
+        cpu: 10m
+        memory: 64Mi
+      limits:
+        cpu: 10m
+        memory: 64Mi
   # -- Ingress configuration for File Server component
   ingress:
     # -- Enable/Disable ingress
@@ -202,11 +236,15 @@ fileserver:
   # -- File Server affinity setup
   affinity: {}
   # -- File Server pod security context
-  securityContext: {}
+  podSecurityContext: {}
+  # -- File Server containers security context
+  containerSecurityContext: {}
   #   runAsUser: 1001
   #   fsGroup: 1001
   # -- File server persistence settings
   storage:
+    # -- If set to false no PVC is created and emptyDir is used
+    enabled: true
     data:
       # -- If set, it uses an already existing PVC instead of dynamic provisioning
       existingPVC: ""
@@ -222,11 +260,14 @@ webserver:
   enabled: true
   # -- Web Server image configuration
   image:
+    registry: ""
     repository: "allegroai/clearml"
     pullPolicy: IfNotPresent
-    tag: "1.9.2-317"
+    tag: "1.11.0-373"
   # -- Web Server internal service configuration
   service:
+    # -- specific annotation for Web Server service
+    annotations: {}
     type: NodePort
     port: 8080
     # -- If service.type set to NodePort, this will be set to service's nodePort field.
@@ -234,6 +275,15 @@ webserver:
     nodePort: 30080
   # -- Web Server number of pods
   replicaCount: 1
+  # -- Web Server resources per initContainers pod
+  initContainers:
+    resources:
+      requests:
+        cpu: 10m
+        memory: 64Mi
+      limits:
+        cpu: 10m
+        memory: 64Mi
   # -- Ingress configuration for Web Server component
   ingress:
     # -- Enable/Disable ingress
@@ -269,6 +319,8 @@ webserver:
   affinity: {}
   # -- Web Server pod security context
   podSecurityContext: {}
+  # -- Web Server containers security context
+  containerSecurityContext: {}
   #   runAsUser: 1001
   #   fsGroup: 1001
   # -- Additional specific webserver configurations
@@ -276,23 +328,22 @@ webserver:
 
 # -- Definition of external services to use if not enabled as dependency charts here
 externalServices:
-  # -- Existing ElasticSearch Hostname to use if elasticsearch.enabled is false
-  elasticsearchHost: ""
-  # -- Existing ElasticSearch Port to use if elasticsearch.enabled is false
-  elasticsearchPort: 9200
-  # -- Existing MongoDB connection string for BACKEND to use if mongodb.enabled is false
-  mongodbConnectionStringAuth: ""
-  # -- Existing MongoDB connection string for AUTH to use if mongodb.enabled is false
-  mongodbConnectionStringBackend: ""
-  # -- Existing Redis Hostname to use if redis.enabled is false
-  redisHost: ""
+  # -- Existing ElasticSearch connectionstring if elasticsearch.enabled is false (example in values.yaml)
+  elasticsearchConnectionString: "[{\"host\":\"es_hostname1\",\"port\":9200},{\"host\":\"es_hostname2\",\"port\":9200},{\"host\":\"es_hostname3\",\"port\":9200}]"
+  # -- Existing MongoDB connection string for BACKEND to use if mongodb.enabled is false (example in values.yaml)
+  mongodbConnectionStringAuth: "mongodb://mongodb_hostname:27017/auth"
+  # -- Existing MongoDB connection string for AUTH to use if mongodb.enabled is false (example in values.yaml)
+  mongodbConnectionStringBackend: "mongodb://mongodb_hostnamehostname:27017/backend"
+  # -- Existing Redis Hostname to use if redis.enabled is false (example in values.yaml)
+  redisHost: "redis_hostname"
   # -- Existing Redis Port to use if redis.enabled is false
   redisPort: 6379
 
 # -- Configuration from https://github.com/bitnami/charts/blob/master/bitnami/redis/values.yaml
 redis:
   enabled: true
-  usePassword: false
+  auth:
+    enabled: false
   databaseNumber: 0
   master:
     name: "{{ .Release.Name }}-redis-master"
@@ -304,8 +355,7 @@ redis:
       size: 5Gi
       ## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner
       storageClass: null
-  cluster:
-    enabled: false
+  architecture: standalone
 
 # -- Configuration from https://github.com/bitnami/charts/blob/master/bitnami/mongodb/values.yaml
 mongodb:
@@ -376,74 +426,3 @@ elasticsearch:
   esConfig:
     elasticsearch.yml: |
       xpack.security.enabled: false
-
-# -- Enterprise features (work only with an Enterprise license)
-enterpriseFeatures:
-  # -- Enable/Disable Enterprise features
-  enabled: false
-  # -- Company ID
-  defaultCompanyGuid: "d1bd92a3b039400cbafc60a7a5b1e52b"
-  # -- Image tag override for apiserver enterprise version
-  apiserverImageTagOverride: "3.15.3-909"
-  # -- Image tag override for fileserver enterprise version
-  fileserverImageTagOverride: "3.15.3-909"
-  # -- Image tag override for webserver enterprise version
-  webserverImageTagOverride: "3.15.3-801"
-  # -- Air gapped documentation  configurations
-  airGappedDocumentation:
-    # -- Enable/Disable air gapped documentation deployment
-    enabled: false
-    # -- Air gapped documentation image configuration
-    image:
-      repository: ""
-      tag: "4"
-  # -- set this value AND overrideReferenceFileUrl if external endpoint exposure is in place (like a LoadBalancer)
-  # example: "https://api.clearml.local"
-  overrideReferenceApiUrl: ""
-  # -- set this value AND overrideReferenceAPIUrl if external endpoint exposure is in place (like a LoadBalancer)
-  # example: "https://files.clearml.local"
-  overrideReferenceFileUrl: ""
-  # -- extra index URL for Enterprise packages
-  extraIndexUrl: ""
-  # -- APPS configurations
-  clearmlApplications:
-    # -- Apps Server basic auth key
-    agentKey: GK4PRTVT3706T25K6BA1
-    # -- Apps Server basic auth secret
-    agentSecret: ymLh1ok5k5xNUQfS944Xdx9xjf0wueokqKM2dMZfHuH9ayItG2
-    # -- Apps Server Git user
-    gitAgentUser: "git_user"
-    # -- Apps Server Git password
-    gitAgentPass: "git_password"
-    # -- Enable/Disable component deployment
-    enabled: true
-    # -- APPS image configuration
-    image:
-      repository: ""
-      pullPolicy: IfNotPresent
-      tag: "1.24-57"
-    # -- APPS base spawning pods image
-    basePodImage:
-      repository: ""
-      tag: "app-1.1.1-47"
-    # -- APPS number of pods
-    replicaCount: 1
-    # -- APPS extra envrinoment variables
-    extraEnvs: []
-    # -- specific annotation for APPS pods
-    podAnnotations: {}
-    # -- APPS resources per pod; these are minimal requirements, it's suggested to increase
-    # these values in production environments
-    resources:
-      requests:
-        cpu: 100m
-        memory: 256Mi
-      limits:
-        cpu: 2000m
-        memory: 1Gi
-    # -- APPS nodeselector
-    nodeSelector: {}
-    # -- APPS tolerations setup
-    tolerations: []
-    # -- APPS affinity setup
-    affinity: {}

dependency_charts/elasticsearch/.helmignore

@@ -1,2 +0,0 @@
-tests/
-.pytest_cache/

dependency_charts/elasticsearch/Chart.yaml

@@ -1,12 +0,0 @@
-apiVersion: v1
-appVersion: 7.16.2
-description: Official Elastic helm chart for Elasticsearch
-home: https://github.com/elastic/helm-charts
-icon: https://helm.elastic.co/icons/elasticsearch.png
-maintainers:
-- email: helm-charts@elastic.co
-  name: Elastic
-name: elasticsearch
-sources:
-- https://github.com/elastic/elasticsearch
-version: 7.16.2

dependency_charts/elasticsearch/Makefile

@@ -1 +0,0 @@
-include ../helpers/common.mk

dependency_charts/elasticsearch/README.md

@@ -1,457 +0,0 @@
-# Elasticsearch Helm Chart
-
-[![Build Status](https://img.shields.io/jenkins/s/https/devops-ci.elastic.co/job/elastic+helm-charts+master.svg)](https://devops-ci.elastic.co/job/elastic+helm-charts+master/) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/elastic)](https://artifacthub.io/packages/search?repo=elastic)
-
-This Helm chart is a lightweight way to configure and run our official
-[Elasticsearch Docker image][].
-
-<!-- development warning placeholder -->
-
-<!-- START doctoc generated TOC please keep comment here to allow auto update -->
-<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
-
-
-- [Requirements](#requirements)
-- [Installing](#installing)
-  - [Install released version using Helm repository](#install-released-version-using-helm-repository)
-  - [Install development version from a branch](#install-development-version-from-a-branch)
-- [Upgrading](#upgrading)
-- [Usage notes](#usage-notes)
-- [Configuration](#configuration)
-  - [Deprecated](#deprecated)
-- [FAQ](#faq)
-  - [How to deploy this chart on a specific K8S distribution?](#how-to-deploy-this-chart-on-a-specific-k8s-distribution)
-  - [How to deploy dedicated nodes types?](#how-to-deploy-dedicated-nodes-types)
-    - [Clustering and Node Discovery](#clustering-and-node-discovery)
-  - [How to deploy clusters with security (authentication and TLS) enabled?](#how-to-deploy-clusters-with-security-authentication-and-tls-enabled)
-  - [How to migrate from helm/charts stable chart?](#how-to-migrate-from-helmcharts-stable-chart)
-  - [How to install plugins?](#how-to-install-plugins)
-  - [How to use the keystore?](#how-to-use-the-keystore)
-    - [Basic example](#basic-example)
-    - [Multiple keys](#multiple-keys)
-    - [Custom paths and keys](#custom-paths-and-keys)
-  - [How to enable snapshotting?](#how-to-enable-snapshotting)
-  - [How to configure templates post-deployment?](#how-to-configure-templates-post-deployment)
-- [Contributing](#contributing)
-
-<!-- END doctoc generated TOC please keep comment here to allow auto update -->
-<!-- Use this to update TOC: -->
-<!-- docker run --rm -it -v $(pwd):/usr/src jorgeandrada/doctoc --github -->
-
-
-## Requirements
-
-* Kubernetes >= 1.14
-* [Helm][] >= 2.17.0
-* Minimum cluster requirements include the following to run this chart with
-default settings. All of these settings are configurable.
-  * Three Kubernetes nodes to respect the default "hard" affinity settings
-  * 1GB of RAM for the JVM heap
-
-See [supported configurations][] for more details.
-
-## Installing
-
-This chart is tested with the latest 7.16.2 version.
-
-### Install released version using Helm repository
-
-* Add the Elastic Helm charts repo:
-`helm repo add elastic https://helm.elastic.co`
-
-* Install it:
-  - with Helm 3: `helm install elasticsearch --version <version> elastic/elasticsearch`
-  - with Helm 2 (deprecated): `helm install --name elasticsearch --version <version> elastic/elasticsearch`
-
-### Install development version from a branch
-
-* Clone the git repo: `git clone git@github.com:elastic/helm-charts.git`
-
-* Checkout the branch : `git checkout 7.16`
-
-* Install it:
-  - with Helm 3: `helm install elasticsearch ./helm-charts/elasticsearch --set imageTag=7.16.2`
-  - with Helm 2 (deprecated): `helm install --name elasticsearch ./helm-charts/elasticsearch --set imageTag=7.16.2`
-
-
-## Upgrading
-
-Please always check [CHANGELOG.md][] and [BREAKING_CHANGES.md][] before
-upgrading to a new chart version.
-
-
-## Usage notes
-
-* This repo includes a number of [examples][] configurations which can be used
-as a reference. They are also used in the automated testing of this chart.
-* Automated testing of this chart is currently only run against GKE (Google
-Kubernetes Engine).
-* The chart deploys a StatefulSet and by default will do an automated rolling
-update of your cluster. It does this by waiting for the cluster health to become
-green after each instance is updated. If you prefer to update manually you can
-set `OnDelete` [updateStrategy][].
-* It is important to verify that the JVM heap size in `esJavaOpts` and to set
-the CPU/Memory `resources` to something suitable for your cluster.
-* To simplify chart and maintenance each set of node groups is deployed as a
-separate Helm release. Take a look at the [multi][] example to get an idea for
-how this works. Without doing this it isn't possible to resize persistent
-volumes in a StatefulSet. By setting it up this way it makes it possible to add
-more nodes with a new storage size then drain the old ones. It also solves the
-problem of allowing the user to determine which node groups to update first when
-doing upgrades or changes.
-* We have designed this chart to be very un-opinionated about how to configure
-Elasticsearch. It exposes ways to set environment variables and mount secrets
-inside of the container. Doing this makes it much easier for this chart to
-support multiple versions with minimal changes.
-
-
-## Configuration
-
-| Parameter                          | Description                                                                                                                                                                                                                                                                                                       | Default                                          |
-|------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------|
-| `antiAffinityTopologyKey`          | The [anti-affinity][] topology key. By default this will prevent multiple Elasticsearch nodes from running on the same Kubernetes node                                                                                                                                                                            | `kubernetes.io/hostname`                         |
-| `antiAffinity`                     | Setting this to hard enforces the [anti-affinity][] rules. If it is set to soft it will be done "best effort". Other values will be ignored                                                                                                                                                                       | `hard`                                           |
-| `clusterHealthCheckParams`         | The [Elasticsearch cluster health status params][] that will be used by readiness [probe][] command                                                                                                                                                                                                               | `wait_for_status=green&timeout=1s`               |
-| `clusterName`                      | This will be used as the Elasticsearch [cluster.name][] and should be unique per cluster in the namespace                                                                                                                                                                                                         | `elasticsearch`                                  |
-| `clusterDeprecationIndexing`       | Enable or disable deprecation logs to be indexed (should be disabled when deploying master only node groups)                                                                                                                                                                                                      | `false`                                          |
-| `enableServiceLinks`               | Set to false to disabling service links, which can cause slow pod startup times when there are many services in the current namespace.                                                                                                                                                                            | `true`                                           |
-| `envFrom`                          | Templatable string to be passed to the [environment from variables][] which will be appended to the `envFrom:` definition for the container                                                                                                                                                                       | `[]`                                             |
-| `esConfig`                         | Allows you to add any config files in `/usr/share/elasticsearch/config/` such as `elasticsearch.yml` and `log4j2.properties`. See [values.yaml][] for an example of the formatting                                                                                                                                | `{}`                                             |
-| `esJavaOpts`                       | [Java options][] for Elasticsearch. This is where you could configure the [jvm heap size][]                                                                                                                                                                                                                       | `""`                                             |
-| `esMajorVersion`                   | Deprecated. Instead, use the version of the chart corresponding to your ES minor version. Used to set major version specific configuration. If you are using a custom image and not running the default Elasticsearch version you will need to set this to the version you are running (e.g. `esMajorVersion: 6`) | `""`                                             |
-| `extraContainers`                  | Templatable string of additional `containers` to be passed to the `tpl` function                                                                                                                                                                                                                                  | `""`                                             |
-| `extraEnvs`                        | Extra [environment variables][] which will be appended to the `env:` definition for the container                                                                                                                                                                                                                 | `[]`                                             |
-| `extraInitContainers`              | Templatable string of additional `initContainers` to be passed to the `tpl` function                                                                                                                                                                                                                              | `""`                                             |
-| `extraVolumeMounts`                | Templatable string of additional `volumeMounts` to be passed to the `tpl` function                                                                                                                                                                                                                                | `""`                                             |
-| `extraVolumes`                     | Templatable string of additional `volumes` to be passed to the `tpl` function                                                                                                                                                                                                                                     | `""`                                             |
-| `fullnameOverride`                 | Overrides the `clusterName` and `nodeGroup` when used in the naming of resources. This should only be used when using a single `nodeGroup`, otherwise you will have name conflicts                                                                                                                                | `""`                                             |
-| `healthNameOverride`               | Overrides `test-elasticsearch-health` pod name                                                                                                                                                                                                                                                                    | `""`                                             |
-| `hostAliases`                      | Configurable [hostAliases][]                                                                                                                                                                                                                                                                                      | `[]`                                             |
-| `httpPort`                         | The http port that Kubernetes will use for the healthchecks and the service. If you change this you will also need to set [http.port][] in `extraEnvs`                                                                                                                                                            | `9200`                                           |
-| `imagePullPolicy`                  | The Kubernetes [imagePullPolicy][] value                                                                                                                                                                                                                                                                          | `IfNotPresent`                                   |
-| `imagePullSecrets`                 | Configuration for [imagePullSecrets][] so that you can use a private registry for your image                                                                                                                                                                                                                      | `[]`                                             |
-| `imageTag`                         | The Elasticsearch Docker image tag                                                                                                                                                                                                                                                                                | `7.16.2`                                         |
-| `image`                            | The Elasticsearch Docker image                                                                                                                                                                                                                                                                                    | `docker.elastic.co/elasticsearch/elasticsearch`  |
-| `ingress`                          | Configurable [ingress][] to expose the Elasticsearch service. See [values.yaml][] for an example                                                                                                                                                                                                                  | see [values.yaml][]                              |
-| `initResources`                    | Allows you to set the [resources][] for the `initContainer` in the StatefulSet                                                                                                                                                                                                                                    | `{}`                                             |
-| `keystore`                         | Allows you map Kubernetes secrets into the keystore. See the [config example][] and [how to use the keystore][]                                                                                                                                                                                                   | `[]`                                             |
-| `labels`                           | Configurable [labels][] applied to all Elasticsearch pods                                                                                                                                                                                                                                                         | `{}`                                             |
-| `lifecycle`                        | Allows you to add [lifecycle hooks][]. See [values.yaml][] for an example of the formatting                                                                                                                                                                                                                       | `{}`                                             |
-| `masterService`                    | The service name used to connect to the masters. You only need to set this if your master `nodeGroup` is set to something other than `master`. See [Clustering and Node Discovery][] for more information                                                                                                         | `""`                                             |
-| `maxUnavailable`                   | The [maxUnavailable][] value for the pod disruption budget. By default this will prevent Kubernetes from having more than 1 unhealthy pod in the node group                                                                                                                                                       | `1`                                              |
-| `minimumMasterNodes`               | The value for [discovery.zen.minimum_master_nodes][]. Should be set to `(master_eligible_nodes / 2) + 1`. Ignored in Elasticsearch versions >= 7                                                                                                                                                                  | `2`                                              |
-| `nameOverride`                     | Overrides the `clusterName` when used in the naming of resources                                                                                                                                                                                                                                                  | `""`                                             |
-| `networkHost`                      | Value for the [network.host Elasticsearch setting][]                                                                                                                                                                                                                                                              | `0.0.0.0`                                        |
-| `networkPolicy`                    | The [NetworkPolicy](https://kubernetes.io/docs/concepts/services-networking/network-policies/) to set. See [`values.yaml`](./values.yaml) for an example                                                                                                                                                          | `{http.enabled: false,transport.enabled: false}` |
-| `nodeAffinity`                     | Value for the [node affinity settings][]                                                                                                                                                                                                                                                                          | `{}`                                             |
-| `nodeGroup`                        | This is the name that will be used for each group of nodes in the cluster. The name will be `clusterName-nodeGroup-X` , `nameOverride-nodeGroup-X` if a `nameOverride` is specified, and `fullnameOverride-X` if a `fullnameOverride` is specified                                                                | `master`                                         |
-| `nodeSelector`                     | Configurable [nodeSelector][] so that you can target specific nodes for your Elasticsearch cluster                                                                                                                                                                                                                | `{}`                                             |
-| `persistence`                      | Enables a persistent volume for Elasticsearch data. Can be disabled for nodes that only have [roles][] which don't require persistent data                                                                                                                                                                        | see [values.yaml][]                              |
-| `podAnnotations`                   | Configurable [annotations][] applied to all Elasticsearch pods                                                                                                                                                                                                                                                    | `{}`                                             |
-| `podManagementPolicy`              | By default Kubernetes [deploys StatefulSets serially][]. This deploys them in parallel so that they can discover each other                                                                                                                                                                                       | `Parallel`                                       |
-| `podSecurityContext`               | Allows you to set the [securityContext][] for the pod                                                                                                                                                                                                                                                             | see [values.yaml][]                              |
-| `podSecurityPolicy`                | Configuration for create a pod security policy with minimal permissions to run this Helm chart with `create: true`. Also can be used to reference an external pod security policy with `name: "externalPodSecurityPolicy"`                                                                                        | see [values.yaml][]                              |
-| `priorityClassName`                | The name of the [PriorityClass][]. No default is supplied as the PriorityClass must be created first                                                                                                                                                                                                              | `""`                                             |
-| `protocol`                         | The protocol that will be used for the readiness [probe][]. Change this to `https` if you have `xpack.security.http.ssl.enabled` set                                                                                                                                                                              | `http`                                           |
-| `rbac`                             | Configuration for creating a role, role binding and ServiceAccount as part of this Helm chart with `create: true`. Also can be used to reference an external ServiceAccount with `serviceAccountName: "externalServiceAccountName"`, or automount the service account token                                       | see [values.yaml][]                              |
-| `readinessProbe`                   | Configuration fields for the readiness [probe][]                                                                                                                                                                                                                                                                  | see [values.yaml][]                              |
-| `replicas`                         | Kubernetes replica count for the StatefulSet (i.e. how many pods)                                                                                                                                                                                                                                                 | `3`                                              |
-| `resources`                        | Allows you to set the [resources][] for the StatefulSet                                                                                                                                                                                                                                                           | see [values.yaml][]                              |
-| `roles`                            | A hash map with the specific [roles][] for the `nodeGroup`                                                                                                                                                                                                                                                        | see [values.yaml][]                              |
-| `schedulerName`                    | Name of the [alternate scheduler][]                                                                                                                                                                                                                                                                               | `""`                                             |
-| `secretMounts`                     | Allows you easily mount a secret as a file inside the StatefulSet. Useful for mounting certificates and other secrets. See [values.yaml][] for an example                                                                                                                                                         | `[]`                                             |
-| `securityContext`                  | Allows you to set the [securityContext][] for the container                                                                                                                                                                                                                                                       | see [values.yaml][]                              |
-| `service.annotations`              | [LoadBalancer annotations][] that Kubernetes will use for the service. This will configure load balancer if `service.type` is `LoadBalancer`                                                                                                                                                                      | `{}`                                             |
-| `service.enabled`                  | Enable non-headless service                                                                                                                                                                                                                                                                                       | `true`                                           |
-| `service.externalTrafficPolicy`    | Some cloud providers allow you to specify the [LoadBalancer externalTrafficPolicy][]. Kubernetes will use this to preserve the client source IP. This will configure load balancer if `service.type` is `LoadBalancer`                                                                                            | `""`                                             |
-| `service.httpPortName`             | The name of the http port within the service                                                                                                                                                                                                                                                                      | `http`                                           |
-| `service.labelsHeadless`           | Labels to be added to headless service                                                                                                                                                                                                                                                                            | `{}`                                             |
-| `service.labels`                   | Labels to be added to non-headless service                                                                                                                                                                                                                                                                        | `{}`                                             |
-| `service.loadBalancerIP`           | Some cloud providers allow you to specify the [loadBalancer][] IP. If the `loadBalancerIP` field is not specified, the IP is dynamically assigned. If you specify a `loadBalancerIP` but your cloud provider does not support the feature, it is ignored.                                                         | `""`                                             |
-| `service.loadBalancerSourceRanges` | The IP ranges that are allowed to access                                                                                                                                                                                                                                                                          | `[]`                                             |
-| `service.nodePort`                 | Custom [nodePort][] port that can be set if you are using `service.type: nodePort`                                                                                                                                                                                                                                | `""`                                             |
-| `service.transportPortName`        | The name of the transport port within the service                                                                                                                                                                                                                                                                 | `transport`                                      |
-| `service.type`                     | Elasticsearch [Service Types][]                                                                                                                                                                                                                                                                                   | `ClusterIP`                                      |
-| `sysctlInitContainer`              | Allows you to disable the `sysctlInitContainer` if you are setting [sysctl vm.max_map_count][] with another method                                                                                                                                                                                                | `enabled: true`                                  |
-| `sysctlVmMaxMapCount`              | Sets the [sysctl vm.max_map_count][] needed for Elasticsearch                                                                                                                                                                                                                                                     | `262144`                                         |
-| `terminationGracePeriod`           | The [terminationGracePeriod][] in seconds used when trying to stop the pod                                                                                                                                                                                                                                        | `120`                                            |
-| `tests.enabled`                    | Enable creating test related resources when running `helm template` or `helm test`                                                                                                                                                                                                                                | `true`                                           |
-| `tolerations`                      | Configurable [tolerations][]                                                                                                                                                                                                                                                                                      | `[]`                                             |
-| `transportPort`                    | The transport port that Kubernetes will use for the service. If you change this you will also need to set [transport port configuration][] in `extraEnvs`                                                                                                                                                         | `9300`                                           |
-| `updateStrategy`                   | The [updateStrategy][] for the StatefulSet. By default Kubernetes will wait for the cluster to be green after upgrading each pod. Setting this to `OnDelete` will allow you to manually delete each pod during upgrades                                                                                           | `RollingUpdate`                                  |
-| `volumeClaimTemplate`              | Configuration for the [volumeClaimTemplate for StatefulSets][]. You will want to adjust the storage (default `30Gi` ) and the `storageClassName` if you are using a different storage class                                                                                                                       | see [values.yaml][]                              |
-
-### Deprecated
-
-| Parameter | Description                                                                                                   | Default |
-|-----------|---------------------------------------------------------------------------------------------------------------|---------|
-| `fsGroup` | The Group ID (GID) for [securityContext][] so that the Elasticsearch user can read from the persistent volume | `""`    |
-
-
-## FAQ
-
-### How to deploy this chart on a specific K8S distribution?
-
-This chart is designed to run on production scale Kubernetes clusters with
-multiple nodes, lots of memory and persistent storage. For that reason it can be
-a bit tricky to run them against local Kubernetes environments such as
-[Minikube][].
-
-This chart is highly tested with [GKE][], but some K8S distribution also
-requires specific configurations.
-
-We provide examples of configuration for the following K8S providers:
-
-- [Docker for Mac][]
-- [KIND][]
-- [Minikube][]
-- [MicroK8S][]
-- [OpenShift][]
-
-### How to deploy dedicated nodes types?
-
-All the Elasticsearch pods deployed share the same configuration. If you need to
-deploy dedicated [nodes types][] (for example dedicated master and data nodes),
-you can deploy multiple releases of this chart with different configurations
-while they share the same `clusterName` value.
-
-For each Helm release, the nodes types can then be defined using `roles` value.
-
-An example of Elasticsearch cluster using 2 different Helm releases for master
-and data nodes can be found in [examples/multi][].
-
-#### Clustering and Node Discovery
-
-This chart facilitates Elasticsearch node discovery and services by creating two
-`Service` definitions in Kubernetes, one with the name `$clusterName-$nodeGroup`
-and another named `$clusterName-$nodeGroup-headless`.
-Only `Ready` pods are a part of the `$clusterName-$nodeGroup` service, while all
-pods ( `Ready` or not) are a part of `$clusterName-$nodeGroup-headless`.
-
-If your group of master nodes has the default `nodeGroup: master` then you can
-just add new groups of nodes with a different `nodeGroup` and they will
-automatically discover the correct master. If your master nodes have a different
-`nodeGroup` name then you will need to set `masterService` to
-`$clusterName-$masterNodeGroup`.
-
-The chart value for `masterService` is used to populate
-`discovery.zen.ping.unicast.hosts` , which Elasticsearch nodes will use to
-contact master nodes and form a cluster.
-Therefore, to add a group of nodes to an existing cluster, setting
-`masterService` to the desired `Service` name of the related cluster is
-sufficient.
-
-### How to deploy clusters with security (authentication and TLS) enabled?
-
-This Helm chart can use existing [Kubernetes secrets][] to setup
-credentials or certificates for examples. These secrets should be created
-outside of this chart and accessed using [environment variables][] and volumes.
-
-An example of Elasticsearch cluster using security can be found in
-[examples/security][].
-
-### How to migrate from helm/charts stable chart?
-
-If you currently have a cluster deployed with the [helm/charts stable][] chart
-you can follow the [migration guide][].
-
-### How to install plugins?
-
-The recommended way to install plugins into our Docker images is to create a
-[custom Docker image][].
-
-The Dockerfile would look something like:
-
-```
-ARG elasticsearch_version
-FROM docker.elastic.co/elasticsearch/elasticsearch:${elasticsearch_version}
-
-RUN bin/elasticsearch-plugin install --batch repository-gcs
-```
-
-And then updating the `image` in values to point to your custom image.
-
-There are a couple reasons we recommend this.
-
-1. Tying the availability of Elasticsearch to the download service to install
-plugins is not a great idea or something that we recommend. Especially in
-Kubernetes where it is normal and expected for a container to be moved to
-another host at random times.
-2. Mutating the state of a running Docker image (by installing plugins) goes
-against best practices of containers and immutable infrastructure.
-
-### How to use the keystore?
-
-#### Basic example
-
-Create the secret, the key name needs to be the keystore key path. In this
-example we will create a secret from a file and from a literal string.
-
-```
-kubectl create secret generic encryption-key --from-file=xpack.watcher.encryption_key=./watcher_encryption_key
-kubectl create secret generic slack-hook --from-literal=xpack.notification.slack.account.monitoring.secure_url='https://hooks.slack.com/services/asdasdasd/asdasdas/asdasd'
-```
-
-To add these secrets to the keystore:
-
-```
-keystore:
-  - secretName: encryption-key
-  - secretName: slack-hook
-```
-
-#### Multiple keys
-
-All keys in the secret will be added to the keystore. To create the previous
-example in one secret you could also do:
-
-```
-kubectl create secret generic keystore-secrets --from-file=xpack.watcher.encryption_key=./watcher_encryption_key --from-literal=xpack.notification.slack.account.monitoring.secure_url='https://hooks.slack.com/services/asdasdasd/asdasdas/asdasd'
-```
-
-```
-keystore:
-  - secretName: keystore-secrets
-```
-
-#### Custom paths and keys
-
-If you are using these secrets for other applications (besides the Elasticsearch
-keystore) then it is also possible to specify the keystore path and which keys
-you want to add. Everything specified under each `keystore` item will be passed
-through to the `volumeMounts` section for mounting the [secret][]. In this
-example we will only add the `slack_hook` key from a secret that also has other
-keys. Our secret looks like this:
-
-```
-kubectl create secret generic slack-secrets --from-literal=slack_channel='#general' --from-literal=slack_hook='https://hooks.slack.com/services/asdasdasd/asdasdas/asdasd'
-```
-
-We only want to add the `slack_hook` key to the keystore at path
-`xpack.notification.slack.account.monitoring.secure_url`:
-
-```
-keystore:
-  - secretName: slack-secrets
-    items:
-    - key: slack_hook
-      path: xpack.notification.slack.account.monitoring.secure_url
-```
-
-You can also take a look at the [config example][] which is used as part of the
-automated testing pipeline.
-
-### How to enable snapshotting?
-
-1. Install your [snapshot plugin][] into a custom Docker image following the
-[how to install plugins guide][].
-2. Add any required secrets or credentials into an Elasticsearch keystore
-following the [how to use the keystore][] guide.
-3. Configure the [snapshot repository][] as you normally would.
-4. To automate snapshots you can use [Snapshot Lifecycle Management][] or a tool
-like [curator][].
-
-### How to configure templates post-deployment?
-
-You can use `postStart` [lifecycle hooks][] to run code triggered after a
-container is created.
-
-Here is an example of `postStart` hook to configure templates:
-
-```yaml
-lifecycle:
-  postStart:
-    exec:
-      command:
-        - bash
-        - -c
-        - |
-          #!/bin/bash
-          # Add a template to adjust number of shards/replicas
-          TEMPLATE_NAME=my_template
-          INDEX_PATTERN="logstash-*"
-          SHARD_COUNT=8
-          REPLICA_COUNT=1
-          ES_URL=http://localhost:9200
-          while [[ "$(curl -s -o /dev/null -w '%{http_code}\n' $ES_URL)" != "200" ]]; do sleep 1; done
-          curl -XPUT "$ES_URL/_template/$TEMPLATE_NAME" -H 'Content-Type: application/json' -d'{"index_patterns":['\""$INDEX_PATTERN"\"'],"settings":{"number_of_shards":'$SHARD_COUNT',"number_of_replicas":'$REPLICA_COUNT'}}'
-```
-
-
-## Contributing
-
-Please check [CONTRIBUTING.md][] before any contribution or for any questions
-about our development and testing process.
-
-[7.16]: https://github.com/elastic/helm-charts/releases
-[#63]: https://github.com/elastic/helm-charts/issues/63
-[BREAKING_CHANGES.md]: https://github.com/elastic/helm-charts/blob/master/BREAKING_CHANGES.md
-[CHANGELOG.md]: https://github.com/elastic/helm-charts/blob/master/CHANGELOG.md
-[CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md
-[alternate scheduler]: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/#specify-schedulers-for-pods
-[annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
-[anti-affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
-[cluster.name]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/important-settings.html#cluster-name
-[clustering and node discovery]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/README.md#clustering-and-node-discovery
-[config example]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/examples/config/values.yaml
-[curator]: https://www.elastic.co/guide/en/elasticsearch/client/curator/7.9/snapshot.html
-[custom docker image]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/docker.html#_c_customized_image
-[deploys statefulsets serially]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies
-[discovery.zen.minimum_master_nodes]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/discovery-settings.html#minimum_master_nodes
-[docker for mac]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/examples/docker-for-mac
-[elasticsearch cluster health status params]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/cluster-health.html#request-params
-[elasticsearch docker image]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/docker.html
-[environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config
-[environment from variables]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables
-[examples]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/examples/
-[examples/multi]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/examples/multi
-[examples/security]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/examples/security
-[gke]: https://cloud.google.com/kubernetes-engine
-[helm]: https://helm.sh
-[helm/charts stable]: https://github.com/helm/charts/tree/master/stable/elasticsearch/
-[how to install plugins guide]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/README.md#how-to-install-plugins
-[how to use the keystore]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/README.md#how-to-use-the-keystore
-[http.port]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/modules-http.html#_settings
-[imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images
-[imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret
-[ingress]: https://kubernetes.io/docs/concepts/services-networking/ingress/
-[java options]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/jvm-options.html
-[jvm heap size]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/heap-size.html
-[hostAliases]: https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
-[kind]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/examples/kubernetes-kind
-[kubernetes secrets]: https://kubernetes.io/docs/concepts/configuration/secret/
-[labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
-[lifecycle hooks]: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/
-[loadBalancer annotations]: https://kubernetes.io/docs/concepts/services-networking/service/#ssl-support-on-aws
-[loadBalancer externalTrafficPolicy]: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
-[loadBalancer]: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer
-[maxUnavailable]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget
-[migration guide]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/examples/migration/README.md
-[minikube]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/examples/minikube
-[microk8s]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/examples/microk8s
-[multi]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/examples/multi/
-[network.host elasticsearch setting]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/network.host.html
-[node affinity settings]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity-beta-feature
-[node-certificates]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/configuring-tls.html#node-certificates
-[nodePort]: https://kubernetes.io/docs/concepts/services-networking/service/#nodeport
-[nodes types]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/modules-node.html
-[nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
-[openshift]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/examples/openshift
-[priorityClass]: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass
-[probe]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/
-[resources]: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
-[roles]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/modules-node.html
-[secret]: https://kubernetes.io/docs/concepts/configuration/secret/#using-secrets
-[securityContext]: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
-[service types]: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
-[snapshot lifecycle management]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/snapshot-lifecycle-management.html
-[snapshot plugin]: https://www.elastic.co/guide/en/elasticsearch/plugins/7.16/repository.html
-[snapshot repository]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/modules-snapshots.html
-[supported configurations]: https://github.com/elastic/helm-charts/tree/7.16/README.md#supported-configurations
-[sysctl vm.max_map_count]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/vm-max-map-count.html#vm-max-map-count
-[terminationGracePeriod]: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods
-[tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
-[transport port configuration]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/modules-transport.html#_transport_settings
-[updateStrategy]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/
-[values.yaml]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/values.yaml
-[volumeClaimTemplate for statefulsets]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#stable-storage

dependency_charts/elasticsearch/examples/config/Makefile

@@ -1,21 +0,0 @@
-default: test
-
-include ../../../helpers/examples.mk
-
-RELEASE := helm-es-config
-TIMEOUT := 1200s
-
-install:
-	helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../
-
-secrets:
-	kubectl delete secret elastic-config-credentials elastic-config-secret elastic-config-slack elastic-config-custom-path || true
-	kubectl create secret generic elastic-config-credentials --from-literal=password=changeme --from-literal=username=elastic
-	kubectl create secret generic elastic-config-slack --from-literal=xpack.notification.slack.account.monitoring.secure_url='https://hooks.slack.com/services/asdasdasd/asdasdas/asdasd'
-	kubectl create secret generic elastic-config-secret --from-file=xpack.watcher.encryption_key=./watcher_encryption_key
-	kubectl create secret generic elastic-config-custom-path --from-literal=slack_url='https://hooks.slack.com/services/asdasdasd/asdasdas/asdasd' --from-literal=thing_i_don_tcare_about=test
-
-test: secrets install goss
-
-purge:
-	helm del $(RELEASE)

dependency_charts/elasticsearch/examples/config/README.md

@@ -1,27 +0,0 @@
-# Config
-
-This example deploy a single node Elasticsearch 7.16.2 with authentication and
-custom [values][].
-
-
-## Usage
-
-* Create the required secrets: `make secrets`
-
-* Deploy Elasticsearch chart with the default values: `make install`
-
-* You can now setup a port forward to query Elasticsearch API:
-
-  ```
-  kubectl port-forward svc/config-master 9200
-  curl -u elastic:changeme http://localhost:9200/_cat/indices
-  ```
-
-
-## Testing
-
-You can also run [goss integration tests][] using `make test`
-
-
-[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/examples/config/test/goss.yaml
-[values]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/examples/config/values.yaml

dependency_charts/elasticsearch/examples/config/test/goss.yaml

@@ -1,29 +0,0 @@
-http:
-  http://localhost:9200/_cluster/health:
-    status: 200
-    timeout: 2000
-    username: elastic
-    password: "{{ .Env.ELASTIC_PASSWORD }}"
-    body:
-      - "green"
-      - '"number_of_nodes":1'
-      - '"number_of_data_nodes":1'
-
-  http://localhost:9200:
-    status: 200
-    timeout: 2000
-    username: elastic
-    password: "{{ .Env.ELASTIC_PASSWORD }}"
-    body:
-      - '"cluster_name" : "config"'
-      - "You Know, for Search"
-
-command:
-  "elasticsearch-keystore list":
-    exit-status: 0
-    stdout:
-      - keystore.seed
-      - bootstrap.password
-      - xpack.notification.slack.account.monitoring.secure_url
-      - xpack.notification.slack.account.otheraccount.secure_url
-      - xpack.watcher.encryption_key

dependency_charts/elasticsearch/examples/config/values.yaml

@@ -1,27 +0,0 @@
----
-
-clusterName: "config"
-replicas: 1
-
-extraEnvs:
-  - name: ELASTIC_PASSWORD
-    valueFrom:
-      secretKeyRef:
-        name: elastic-config-credentials
-        key: password
-
-# This is just a dummy file to make sure that
-# the keystore can be mounted at the same time
-# as a custom elasticsearch.yml
-esConfig:
-  elasticsearch.yml: |
-    xpack.security.enabled: true
-    path.data: /usr/share/elasticsearch/data
-
-keystore:
-  - secretName: elastic-config-secret
-  - secretName: elastic-config-slack
-  - secretName: elastic-config-custom-path
-    items:
-    - key: slack_url
-      path: xpack.notification.slack.account.otheraccount.secure_url

dependency_charts/elasticsearch/examples/config/watcher_encryption_key

@@ -1 +0,0 @@
-supersecret

dependency_charts/elasticsearch/examples/default/Makefile

@@ -1,14 +0,0 @@
-default: test
-
-include ../../../helpers/examples.mk
-
-RELEASE := helm-es-default
-TIMEOUT := 1200s
-
-install:
-	helm upgrade --wait --timeout=$(TIMEOUT) --install $(RELEASE) ../../
-
-test: install goss
-
-purge:
-	helm del $(RELEASE)

dependency_charts/elasticsearch/examples/default/README.md

@@ -1,25 +0,0 @@
-# Default
-
-This example deploy a 3 nodes Elasticsearch 7.16.2 cluster using
-[default values][].
-
-
-## Usage
-
-* Deploy Elasticsearch chart with the default values: `make install`
-
-* You can now setup a port forward to query Elasticsearch API:
-
-  ```
-  kubectl port-forward svc/elasticsearch-master 9200
-  curl localhost:9200/_cat/indices
-  ```
-
-
-## Testing
-
-You can also run [goss integration tests][] using `make test`
-
-
-[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/examples/default/test/goss.yaml
-[default values]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/values.yaml

dependency_charts/elasticsearch/examples/default/rolling_upgrade.sh

@@ -1,19 +0,0 @@
-#!/usr/bin/env bash -x
-
-kubectl proxy || true &
-
-make &
-PROC_ID=$!
-
-while kill -0 "$PROC_ID" >/dev/null 2>&1; do
-    echo "PROCESS IS RUNNING"
-    if curl --fail 'http://localhost:8001/api/v1/proxy/namespaces/default/services/elasticsearch-master:9200/_search' ; then
-        echo "cluster is healthy"
-    else
-        echo "cluster not healthy!"
-        exit 1
-    fi
-    sleep 1
-done
-echo "PROCESS TERMINATED"
-exit 0

dependency_charts/elasticsearch/examples/default/test/goss.yaml

@@ -1,38 +0,0 @@
-kernel-param:
-  vm.max_map_count:
-    value: "262144"
-
-http:
-  http://elasticsearch-master:9200/_cluster/health:
-    status: 200
-    timeout: 2000
-    body:
-      - "green"
-      - '"number_of_nodes":3'
-      - '"number_of_data_nodes":3'
-
-  http://localhost:9200:
-    status: 200
-    timeout: 2000
-    body:
-      - '"number" : "7.16.2"'
-      - '"cluster_name" : "elasticsearch"'
-      - "You Know, for Search"
-
-file:
-  /usr/share/elasticsearch/data:
-    exists: true
-    mode: "2775"
-    owner: root
-    group: elasticsearch
-    filetype: directory
-
-mount:
-  /usr/share/elasticsearch/data:
-    exists: true
-
-user:
-  elasticsearch:
-    exists: true
-    uid: 1000
-    gid: 1000

dependency_charts/elasticsearch/examples/docker-for-mac/Makefile

@@ -1,13 +0,0 @@
-default: test
-
-RELEASE := helm-es-docker-for-mac
-TIMEOUT := 1200s
-
-install:
-	helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../
-
-test: install
-	helm test $(RELEASE)
-
-purge:
-	helm del $(RELEASE)

dependency_charts/elasticsearch/examples/docker-for-mac/README.md

@@ -1,23 +0,0 @@
-# Docker for Mac
-
-This example deploy a 3 nodes Elasticsearch 7.16.2 cluster on [Docker for Mac][]
-using [custom values][].
-
-Note that this configuration should be used for test only and isn't recommended
-for production.
-
-
-## Usage
-
-* Deploy Elasticsearch chart with the default values: `make install`
-
-* You can now setup a port forward to query Elasticsearch API:
-
-  ```
-  kubectl port-forward svc/elasticsearch-master 9200
-  curl localhost:9200/_cat/indices
-  ```
-
-
-[custom values]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/examples/docker-for-mac/values.yaml
-[docker for mac]: https://docs.docker.com/docker-for-mac/kubernetes/

dependency_charts/elasticsearch/examples/docker-for-mac/values.yaml

@@ -1,23 +0,0 @@
----
-# Permit co-located instances for solitary minikube virtual machines.
-antiAffinity: "soft"
-
-# Shrink default JVM heap.
-esJavaOpts: "-Xmx128m -Xms128m"
-
-# Allocate smaller chunks of memory per pod.
-resources:
-  requests:
-    cpu: "100m"
-    memory: "512M"
-  limits:
-    cpu: "1000m"
-    memory: "512M"
-
-# Request smaller persistent volumes.
-volumeClaimTemplate:
-  accessModes: [ "ReadWriteOnce" ]
-  storageClassName: "hostpath"
-  resources:
-    requests:
-      storage: 100M

dependency_charts/elasticsearch/examples/kubernetes-kind/Makefile

@@ -1,17 +0,0 @@
-default: test
-
-RELEASE := helm-es-kind
-TIMEOUT := 1200s
-
-install:
-	helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../
-
-install-local-path:
-	kubectl apply -f https://raw.githubusercontent.com/rancher/local-path-provisioner/master/deploy/local-path-storage.yaml
-	helm upgrade --wait --timeout=$(TIMEOUT) --install --values values-local-path.yaml $(RELEASE) ../../
-
-test: install
-	helm test $(RELEASE)
-
-purge:
-	helm del $(RELEASE)

dependency_charts/elasticsearch/examples/kubernetes-kind/README.md

@@ -1,36 +0,0 @@
-# KIND
-
-This example deploy a 3 nodes Elasticsearch 7.16.2 cluster on [Kind][]
-using [custom values][].
-
-Note that this configuration should be used for test only and isn't recommended
-for production.
-
-Note that Kind < 0.7.0 are affected by a [kind issue][] with mount points
-created from PVCs not writable by non-root users. [kubernetes-sigs/kind#1157][]
-fix it in Kind 0.7.0.
-
-The workaround for Kind < 0.7.0 is to install manually
-[Rancher Local Path Provisioner][] and use `local-path` storage class for
-Elasticsearch volumes (see [Makefile][] instructions).
-
-
-## Usage
-
-* For Kind >= 0.7.0: Deploy Elasticsearch chart with the default values: `make install`
-* For Kind < 0.7.0: Deploy Elasticsearch chart with `local-path` storage class: `make install-local-path`
-
-* You can now setup a port forward to query Elasticsearch API:
-
-  ```
-  kubectl port-forward svc/elasticsearch-master 9200
-  curl localhost:9200/_cat/indices
-  ```
-
-
-[custom values]: https://github.com/elastic/helm-charts/blob/7.16/elasticsearch/examples/kubernetes-kind/values.yaml
-[kind]: https://kind.sigs.k8s.io/
-[kind issue]: https://github.com/kubernetes-sigs/kind/issues/830
-[kubernetes-sigs/kind#1157]: https://github.com/kubernetes-sigs/kind/pull/1157
-[rancher local path provisioner]: https://github.com/rancher/local-path-provisioner
-[Makefile]: https://github.com/elastic/helm-charts/blob/7.16/elasticsearch/examples/kubernetes-kind/Makefile#L5

dependency_charts/elasticsearch/examples/kubernetes-kind/values-local-path.yaml

@@ -1,23 +0,0 @@
----
-# Permit co-located instances for solitary minikube virtual machines.
-antiAffinity: "soft"
-
-# Shrink default JVM heap.
-esJavaOpts: "-Xmx128m -Xms128m"
-
-# Allocate smaller chunks of memory per pod.
-resources:
-  requests:
-    cpu: "100m"
-    memory: "512M"
-  limits:
-    cpu: "1000m"
-    memory: "512M"
-
-# Request smaller persistent volumes.
-volumeClaimTemplate:
-  accessModes: [ "ReadWriteOnce" ]
-  storageClassName: "local-path"
-  resources:
-    requests:
-      storage: 100M

dependency_charts/elasticsearch/examples/kubernetes-kind/values.yaml

@@ -1,23 +0,0 @@
----
-# Permit co-located instances for solitary minikube virtual machines.
-antiAffinity: "soft"
-
-# Shrink default JVM heap.
-esJavaOpts: "-Xmx128m -Xms128m"
-
-# Allocate smaller chunks of memory per pod.
-resources:
-  requests:
-    cpu: "100m"
-    memory: "512M"
-  limits:
-    cpu: "1000m"
-    memory: "512M"
-
-# Request smaller persistent volumes.
-volumeClaimTemplate:
-  accessModes: [ "ReadWriteOnce" ]
-  storageClassName: "local-path"
-  resources:
-    requests:
-      storage: 100M