Add helm chart #245
Add helm chart #245
Conversation
|
Thank you for your pull request and welcome to the Trino community. We require contributors to sign our Contributor License Agreement, and we don't seem to have you on file. Continue to work with us on the review and improvements in this PR, and submit the signed CLA to [email protected]. Photos, scans, or digitally-signed PDF files are all suitable. Processing may take a few days. The CLA needs to be on file before we merge your changes. For more information, see https://github.com/trinodb/cla |
|
Thank you for your pull request and welcome to the Trino community. We require contributors to sign our Contributor License Agreement, and we don't seem to have you on file. Continue to work with us on the review and improvements in this PR, and submit the signed CLA to [email protected]. Photos, scans, or digitally-signed PDF files are all suitable. Processing may take a few days. The CLA needs to be on file before we merge your changes. For more information, see https://github.com/trinodb/cla |
|
Thank you for your pull request and welcome to the Trino community. We require contributors to sign our Contributor License Agreement, and we don't seem to have you on file. Continue to work with us on the review and improvements in this PR, and submit the signed CLA to [email protected]. Photos, scans, or digitally-signed PDF files are all suitable. Processing may take a few days. The CLA needs to be on file before we merge your changes. For more information, see https://github.com/trinodb/cla |
|
Thank you for your pull request and welcome to the Trino community. We require contributors to sign our Contributor License Agreement, and we don't seem to have you on file. Continue to work with us on the review and improvements in this PR, and submit the signed CLA to [email protected]. Photos, scans, or digitally-signed PDF files are all suitable. Processing may take a few days. The CLA needs to be on file before we merge your changes. For more information, see https://github.com/trinodb/cla |
|
Thank you for your pull request and welcome to the Trino community. We require contributors to sign our Contributor License Agreement, and we don't seem to have you on file. Continue to work with us on the review and improvements in this PR, and submit the signed CLA to [email protected]. Photos, scans, or digitally-signed PDF files are all suitable. Processing may take a few days. The CLA needs to be on file before we merge your changes. For more information, see https://github.com/trinodb/cla |
|
Thank you for your pull request and welcome to the Trino community. We require contributors to sign our Contributor License Agreement, and we don't seem to have you on file. Continue to work with us on the review and improvements in this PR, and submit the signed CLA to [email protected]. Photos, scans, or digitally-signed PDF files are all suitable. Processing may take a few days. The CLA needs to be on file before we merge your changes. For more information, see https://github.com/trinodb/cla |
|
Thank you for your pull request and welcome to the Trino community. We require contributors to sign our Contributor License Agreement, and we don't seem to have you on file. Continue to work with us on the review and improvements in this PR, and submit the signed CLA to [email protected]. Photos, scans, or digitally-signed PDF files are all suitable. Processing may take a few days. The CLA needs to be on file before we merge your changes. For more information, see https://github.com/trinodb/cla |
|
Thank you for your pull request and welcome to the Trino community. We require contributors to sign our Contributor License Agreement, and we don't seem to have you on file. Continue to work with us on the review and improvements in this PR, and submit the signed CLA to [email protected]. Photos, scans, or digitally-signed PDF files are all suitable. Processing may take a few days. The CLA needs to be on file before we merge your changes. For more information, see https://github.com/trinodb/cla |
| labels: | ||
| {{- include "gateway.labels" . | nindent 4 }} | ||
| data: | ||
| gateway-ha-persistence-postgres.sql: | |
There was a problem hiding this comment.
hmm is it necessary to have sql as configmap? How about copying during dockerfile as it does not change that often
There was a problem hiding this comment.
well, it depends.
in that case user needs a customised postgres/mysql image.
or, using the existent postgres/mysql images, for instance, in initContainer first install curl + get sql scripts and then run psql/mysql commands.
There was a problem hiding this comment.
I see. How about adding such explanation to readme? so that user can customize to fit their needs
There was a problem hiding this comment.
I agree with @Chaho12 - we should not redefine the DB initialization SQL here. This risks getting out of sync when it is updated.
|
Thank you for your pull request and welcome to the Trino community. We require contributors to sign our Contributor License Agreement, and we don't seem to have you on file. Continue to work with us on the review and improvements in this PR, and submit the signed CLA to [email protected]. Photos, scans, or digitally-signed PDF files are all suitable. Processing may take a few days. The CLA needs to be on file before we merge your changes. For more information, see https://github.com/trinodb/cla |
|
Thank you for your pull request and welcome to the Trino community. We require contributors to sign our Contributor License Agreement, and we don't seem to have you on file. Continue to work with us on the review and improvements in this PR, and submit the signed CLA to [email protected]. Photos, scans, or digitally-signed PDF files are all suitable. Processing may take a few days. The CLA needs to be on file before we merge your changes. For more information, see https://github.com/trinodb/cla |
|
Thank you for your pull request and welcome to the Trino community. We require contributors to sign our Contributor License Agreement, and we don't seem to have you on file. Continue to work with us on the review and improvements in this PR, and submit the signed CLA to [email protected]. Photos, scans, or digitally-signed PDF files are all suitable. Processing may take a few days. The CLA needs to be on file before we merge your changes. For more information, see https://github.com/trinodb/cla |
|
Thank you for your pull request and welcome to the Trino community. We require contributors to sign our Contributor License Agreement, and we don't seem to have you on file. Continue to work with us on the review and improvements in this PR, and submit the signed CLA to [email protected]. Photos, scans, or digitally-signed PDF files are all suitable. Processing may take a few days. The CLA needs to be on file before we merge your changes. For more information, see https://github.com/trinodb/cla |
|
Thank you for your pull request and welcome to the Trino community. We require contributors to sign our Contributor License Agreement, and we don't seem to have you on file. Continue to work with us on the review and improvements in this PR, and submit the signed CLA to [email protected]. Photos, scans, or digitally-signed PDF files are all suitable. Processing may take a few days. The CLA needs to be on file before we merge your changes. For more information, see https://github.com/trinodb/cla |
|
Thank you for your pull request and welcome to the Trino community. We require contributors to sign our Contributor License Agreement, and we don't seem to have you on file. Continue to work with us on the review and improvements in this PR, and submit the signed CLA to [email protected]. Photos, scans, or digitally-signed PDF files are all suitable. Processing may take a few days. The CLA needs to be on file before we merge your changes. For more information, see https://github.com/trinodb/cla |
|
Thank you for your pull request and welcome to the Trino community. We require contributors to sign our Contributor License Agreement, and we don't seem to have you on file. Continue to work with us on the review and improvements in this PR, and submit the signed CLA to [email protected]. Photos, scans, or digitally-signed PDF files are all suitable. Processing may take a few days. The CLA needs to be on file before we merge your changes. For more information, see https://github.com/trinodb/cla |
|
Thank you for your pull request and welcome to the Trino community. We require contributors to sign our Contributor License Agreement, and we don't seem to have you on file. Continue to work with us on the review and improvements in this PR, and submit the signed CLA to [email protected]. Photos, scans, or digitally-signed PDF files are all suitable. Processing may take a few days. The CLA needs to be on file before we merge your changes. For more information, see https://github.com/trinodb/cla |
|
Thank you for your pull request and welcome to the Trino community. We require contributors to sign our Contributor License Agreement, and we don't seem to have you on file. Continue to work with us on the review and improvements in this PR, and submit the signed CLA to [email protected]. Photos, scans, or digitally-signed PDF files are all suitable. Processing may take a few days. The CLA needs to be on file before we merge your changes. For more information, see https://github.com/trinodb/cla |
|
Hello @Chaho12 The requested changes have been done |
|
Have you signed & sent the CLA? |
|
@vishalya @willmostly Can you guys also take a look on this? |
| | backendState.password | string | `nil` | | | ||
| | backendState.ssl | bool | `false` | | | ||
| | backendState.username | string | `nil` | | | ||
| | bootstrap.configMap.enabled | bool | `true` | | |
There was a problem hiding this comment.
nitpick: bootstrap is pretty generic, should we add everything to a subfield to the prefix of bootstrap.database. to make it a bit more evident that we're initializing the database underneath the gateway?
just throwing out some random naming ideas: bootstrap.backendDatabase, including it within backendDatabase.boostrap etc etc
|
|
||
| ## Bootstrap database | ||
|
|
||
| By default the chart uses a configMap with sql script + public postgres/mysql images <br /> |
There was a problem hiding this comment.
@mosabua should we spin up a backlogged Github issue for implementing schema evolution for the Trino Gateway?
My thinking is we probably don't want to be explicitly mounting SQL files like this into the Helm chart long term. As the product takes off every change to the underlying datastore schema will be important and having an automated solution for this (Flyway, Liquibase, etc) would be beneficial for simplifying end user migrations
| user_name VARCHAR(256), | ||
| source VARCHAR(256) | ||
| ); | ||
| CREATE INDEX query_history_created_idx ON query_history(created); |
There was a problem hiding this comment.
question: I'm guessing the bootstrap initContainer will fail if it's run more than once right? Should we add to the docs that the user must make sure to do explicit deployments?
Aka:
- Deploy chart for the first time, bootstrap enabled.
- Deploy chart for the second time, (probably nearly immediately), with the bootstrap disabled
| port: {{ default .Env.REQUEST_ROUTER_PORT "8080" }} | ||
| name: trinoRouter | ||
| historySize: {{ default .Env.QUERY_HISTORY_SIZE "1000" }} | ||
| requestBufferSize: 8192 |
There was a problem hiding this comment.
The docker image should not set configurations that already have default values provided. If you think the default requestBufferSize is too small please open a separate PR to increase it.
| user: {{ default .Env.DB_USER "" }} | ||
| password: {{ default .Env.DB_PASSWORD "" }} | ||
| driver: {{ default .Env.JDBC_DRIVER "" }} | ||
| queryHistoryHoursRetention: 24 |
There was a problem hiding this comment.
remove queryHistoryHoursRetention (see above comment on defaults)
| ssl: {{ default .Env.BACKEND_STATE_SSL "true" }} | ||
|
|
||
| clusterStatsConfiguration: | ||
| useApi: true |
There was a problem hiding this comment.
remove/make configurable (see above comment on defaults)
helm/docker-image/Dockerfile
Outdated
| RUN set -eux && \ | ||
| apt-get -qq update && apt-get --no-install-recommends --no-install-suggests -yqq install curl && \ | ||
| curl --silent --location --retry 3 -o /tmp/gateway-ha.jar https://repo1.maven.org/maven2/io/trino/gateway/gateway-ha/$GATEWAY_VERSION/gateway-ha-$GATEWAY_VERSION-jar-with-dependencies.jar && \ | ||
| curl --silent --location --retry 3 https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz | tar xz -C /usr/bin && \ |
There was a problem hiding this comment.
Can we do without the dockerize utility? If it is unmaintained it could open concerns about the security of the docker image, which would prevent adoption.
- Is this project still maintained or abandoned ? jwilder/dockerize#147 - This open issue raises serious doubts about whether dockerize is actively maintained
- GO lang vulnerabilities jwilder/dockerize#194 - This open issue notes a critical CVE that may apply to dockerize.
This fork claims to be a replacement, however the last merged PR was 11 months ago.
helm/docker-image/Dockerfile
Outdated
| ARG FROM_REPO=<myrepo>/temurin | ||
| ARG FROM_TAG=jre-17 | ||
|
|
||
| FROM ${FROM_REPO}:${FROM_TAG} as builder |
There was a problem hiding this comment.
The chart should use the standard trino gateway image. Any additional logic for configuration, etc should be handled by a separate init container.
Consider all below notes on the Dockerfile as applying to the init container.
| modules: | ||
| - io.trino.gateway.ha.module.HaGatewayProviderModule | ||
| - io.trino.gateway.ha.module.ClusterStateListenerModule | ||
| - io.trino.gateway.ha.module.ClusterStatsMonitorModule | ||
|
|
||
| managedApps: | ||
| - io.trino.gateway.ha.GatewayManagedApp | ||
| - io.trino.gateway.ha.clustermonitor.ActiveClusterMonitor | ||
|
|
There was a problem hiding this comment.
These should be configurable. Reasonable defaults can be provided in values.yaml
| labels: | ||
| {{- include "gateway.labels" . | nindent 4 }} | ||
| data: | ||
| gateway-ha-persistence-postgres.sql: | |
There was a problem hiding this comment.
I agree with @Chaho12 - we should not redefine the DB initialization SQL here. This risks getting out of sync when it is updated.
| value: {{ .Values.backendState.password}} | ||
| - name: BACKEND_STATE_SSL | ||
| value: {{ .Values.backendState.ssl | quote }} | ||
| - name: EXTRA_JVM_OPTIONS |
There was a problem hiding this comment.
unused currently - see above comment that this functionality should be added :)
| @@ -0,0 +1,92 @@ | |||
| bootstrap: | |||
There was a problem hiding this comment.
Is there an option to not deploy the DB for those that want to provide their own?
| admin: | ||
| app: | ||
|
|
||
| securityConf: "" |
There was a problem hiding this comment.
This is not wired up to gateway-ha-config.yaml. Is the intent for the user to supply the entire security config as a string, and copy that directly into gateway-ha-config.yaml? That would be a good approach imo. If not, then this needs to support security configuration one way or another.
|
@luismacosta I see a number of my comments are marked outdated. Could you please squash your commits? |
There was a problem hiding this comment.
I have not reviewed in detail but just a first initial input.
Can we cut down the complexity and get rid of having all these separate values in values.yaml that just mirror config properties that go into the config files. I think it would be much simpler and more flexible if we just have a minimum amount of values that are basically the content of the needed config files.. similar to the config files in the Trino helm chart but even cleaner and less overhead..
And maybe even have no defaults in the chart that go beyond what the docker container already has.
I second this approach. Providing the gateway configuration as a configmap seems like a nice clean approach, possibly with a mechanism for interpolating usernames and passwords from secrets. |
|
Suggestion: Please consider including the following additions:
|
|
Suggestion: Then we will have all in one chart without external deps (except the trino clusters) |
|
Replaced by #323 |
|
it looks like #323 it is not fully covering scope of this PR. There is no support for bootstrapping DB. Perhaps, initContainer is not best solution for DB bootstrap, imho better to have k8s Job with pre-install, pre-upgrade Helm hook and also I would consider to have dependency to psql/mysql charts in case someone wants to quickly bootstrap some PoC on k8s (configured via values). With current state of Helm chart it requires a few manual steps to get Trino gateway working. Install psql/mysql and run manually SQL bootstrap. Does this project support (ORM/sql module) DB migrations? |
|
We kept the Helm chart simple on purpose and therefore did not include the db. We have docker compose and other setups for that but in production this will vary widely. We might do more depending on community contributions and what we observe from using the chart. Also we dont have any db migration at this stage but discussed wanting to add this in the future potentially. Current the schema is easy and if needed we add info to the release notes and docs. |
|
Feel free to create separate issues or PR if you want to discuss more. Also find us on trino slack |
[trino-gateway] add helm chart:
Fixes #87