Added helm chart - closes #38

voltrondata · Jul 25, 2024 · b752092 · b752092
1 parent c23fb93
commit b752092
Show file tree

Hide file tree

Showing 17 changed files with 372 additions and 2 deletions.
diff --git a/helm-chart/.helmignore b/helm-chart/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/helm-chart/Chart.yaml b/helm-chart/Chart.yaml
@@ -0,0 +1,24 @@
+apiVersion: v2
+name: sqlflite
+description: A Helm chart for Kubernetes
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "1.5.0"
diff --git a/helm-chart/install_helm_chart.sh b/helm-chart/install_helm_chart.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+
+set -e
+
+kubectl config set-context --current --namespace=sqlflite
+
+helm upgrade demo \
+     --install . \
+     --namespace sqlflite \
+     --create-namespace \
+     --values values.yaml
diff --git a/helm-chart/secrets/README.md b/helm-chart/secrets/README.md
@@ -0,0 +1,6 @@
+# Needed files to support the helm chart
+Use the "opaque" folder to create opaque secrets.
+
+Use the "tls" folder to create tls secrets (cert0.pem, cert0.key, ca.crt)
+
+The files are git ignored for security reasons.
diff --git a/helm-chart/secrets/opaque/.gitignore b/helm-chart/secrets/opaque/.gitignore
@@ -0,0 +1 @@
+*
diff --git a/helm-chart/secrets/opaque/README.md b/helm-chart/secrets/opaque/README.md
@@ -0,0 +1,16 @@
+# Needed files to support the helm chart
+Create the following files in this folder with the EXACT names shown (no extensions):
+1. SQLFLITE_PASSWORD
+
+You may set the contents of the files however you choose.
+
+The files are git ignored for security reasons.
+
+# AWS variables (optional)
+Authenticate to AWS S3, choose your project, then choose: "Command line or programmatic access" to get the values for the AWS_* variables.
+
+Create files with these EXACT names for the AWS variables - and put the values provided by AWS into the corresponding files:
+1. AWS_ACCESS_KEY_ID
+2. AWS_DEFAULT_REGION
+3. AWS_SECRET_ACCESS_KEY
+4. AWS_SESSION_TOKEN
diff --git a/helm-chart/secrets/tls/.gitignore b/helm-chart/secrets/tls/.gitignore
@@ -0,0 +1 @@
+*
diff --git a/helm-chart/secrets/tls/README.md b/helm-chart/secrets/tls/README.md
@@ -0,0 +1,10 @@
+# Needed files to support the helm chart
+Create the following files in this folder with the EXACT names shown:
+1. cert0.pem
+2. cert0.key
+
+Descriptions:   
+cert0.pem - Full-chain TLS Public Certificate   
+cert0.key - TLS Private Key
+
+The files are git ignored for security reasons.
diff --git a/helm-chart/templates/NOTES.txt b/helm-chart/templates/NOTES.txt
@@ -0,0 +1,20 @@
+SQLFlite has been installed.
+
+1. Get the JDBC URL and ADBC URI by running these commands:
+
+```bash
+export SERVICE_NAME={{ include "sqlflite.fullname" . }}
+export NAMESPACE={{ .Release.Namespace }}
+
+# Wait for the external IP to be allocated
+unset EXTERNAL_IP
+while [ -z "$EXTERNAL_IP" ]; do
+  EXTERNAL_IP=$(kubectl get svc $SERVICE_NAME -n $NAMESPACE -o jsonpath='{.status.loadBalancer.ingress[0].hostname}')
+  [ -z "$EXTERNAL_IP" ] && echo "Waiting for external IP..." && sleep 10
+done
+
+PORT=$(kubectl get svc $SERVICE_NAME -n $NAMESPACE -o jsonpath='{.spec.ports[0].port}')
+echo -e "\nJDBC URL:\njdbc:arrow-flight-sql://${EXTERNAL_IP}:${PORT}?useEncryption=true&disableCertificateVerification=true"
+
+echo -e "\nADBC URI:\ngrpc+tls://${EXTERNAL_IP}:${PORT}"
+```
diff --git a/helm-chart/templates/_helpers.tpl b/helm-chart/templates/_helpers.tpl
@@ -0,0 +1,51 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "sqlflite.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "sqlflite.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "sqlflite.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "sqlflite.labels" -}}
+helm.sh/chart: {{ include "sqlflite.chart" . }}
+{{ include "sqlflite.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "sqlflite.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "sqlflite.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
diff --git a/helm-chart/templates/global-secret.yaml b/helm-chart/templates/global-secret.yaml
@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "sqlflite.fullname" . }}-secret
+  labels:
+    {{- include "sqlflite.labels" . | nindent 4 }}
+type: Opaque
+data:
+{{ (.Files.Glob "secrets/opaque/*").AsSecrets | indent 2 }}
diff --git a/helm-chart/templates/server-service.yaml b/helm-chart/templates/server-service.yaml
@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "sqlflite.fullname" . }}
+  labels:
+    {{- include "sqlflite.labels" . | nindent 4 }}
+spec:
+  type: {{ .Values.sqlFliteServer.service.type }}
+  ports:
+    - port: {{ .Values.sqlFliteServer.service.port }}
+      targetPort: sqlflite-port
+      protocol: TCP
+      name: sqlflite-port
+  selector:
+    {{- include "sqlflite.selectorLabels" . | nindent 4 }}
+    app: sqlflite-server
diff --git a/helm-chart/templates/server-statefulset.yaml b/helm-chart/templates/server-statefulset.yaml
@@ -0,0 +1,126 @@
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: {{ include "sqlflite.fullname" . }}-server
+  labels:
+    {{- include "sqlflite.labels" . | nindent 4 }}
+    app: sqlflite-server
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      {{- include "sqlflite.selectorLabels" . | nindent 6 }}
+      app: sqlflite-server
+  serviceName: sqlflite
+  template:
+    metadata:
+      annotations:
+        checksum/config: {{ include (print $.Template.BasePath "/global-secret.yaml") . | sha256sum }}
+        {{- with .Values.sqlFliteServer.podAnnotations }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      labels:
+        {{- include "sqlflite.selectorLabels" . | nindent 8 }}
+        app: sqlflite-server
+    spec:
+      {{- with .Values.sqlFliteServer.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      securityContext:
+        {{- toYaml .Values.sqlFliteServer.podSecurityContext | nindent 8 }}
+      volumes:
+# See: https://aws.amazon.com/blogs/containers/eks-persistent-volumes-for-instance-store/ for details on using local NVMe for supported nodes
+# Uncomment the following lines to mount the local NVMe disk as a data volume
+#        - name: nvme-volume
+#          hostPath:
+#            # directory location on host
+#            path: /nvme/disk
+#            # this field is optional
+#            type: Directory
+        - name: tls-volume
+          secret:
+            secretName: {{ include "sqlflite.fullname" . }}-tls-secret
+            optional: true
+# Uncomment the following lines to mount the local NVMe disk as a data volume
+#      initContainers:
+#        - name: volume-mount-chmod
+#          image: busybox
+#          command: [ "sh", "-c", "chmod 777 /data" ]
+#          volumeMounts:
+#            - name: nvme-volume
+#              mountPath: /data
+      containers:
+        - name: sqlflite
+          volumeMounts:
+# Uncomment the following lines to mount the local NVMe disk as a data volume
+#            - name: nvme-volume
+#              mountPath: /opt/sqlflite/data
+            - name: tls-volume
+              mountPath: /opt/sqlflite/tls
+              readOnly: true
+          env:
+            - name: DATABASE_BACKEND
+              value: duckdb
+            - name: DATABASE_FILENAME
+              value: {{ .Values.sqlFliteServer.config.DATABASE_FILENAME }}
+            - name: SQLFLITE_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "sqlflite.fullname" . }}-secret
+                  key: SQLFLITE_PASSWORD
+                  optional: false
+            - name: AWS_ACCESS_KEY_ID
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "sqlflite.fullname" . }}-secret
+                  key: AWS_ACCESS_KEY_ID
+                  optional: true
+            - name: AWS_SECRET_ACCESS_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "sqlflite.fullname" . }}-secret
+                  key: AWS_SECRET_ACCESS_KEY
+                  optional: true
+            - name: AWS_SESSION_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "sqlflite.fullname" . }}-secret
+                  key: AWS_SESSION_TOKEN
+                  optional: true
+            - name: AWS_DEFAULT_REGION
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "sqlflite.fullname" . }}-secret
+                  key: AWS_DEFAULT_REGION
+                  optional: true
+          securityContext:
+            {{- toYaml .Values.sqlFliteServer.securityContext | nindent 12 }}
+          image: "{{ .Values.sqlFliteServer.image.repository }}:{{ .Values.sqlFliteServer.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.sqlFliteServer.image.pullPolicy }}
+          ports:
+            - name: sqlflite-port
+              containerPort: {{ .Values.sqlFliteServer.service.port }}
+              protocol: TCP
+#          livenessProbe:
+#            httpGet:
+#              path: /
+#              port: http
+#          readinessProbe:
+#            httpGet:
+#              path: /
+#              port: http
+          resources:
+            {{- toYaml .Values.sqlFliteServer.resources | nindent 12 }}
+      {{- with .Values.sqlFliteServer.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.sqlFliteServer.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.sqlFliteServer.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
diff --git a/helm-chart/templates/tls-secret.yaml b/helm-chart/templates/tls-secret.yaml
@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "sqlflite.fullname" . }}-tls-secret
+  labels:
+    {{- include "sqlflite.labels" . | nindent 4 }}
+type: Opaque
+data:
+{{ (.Files.Glob "secrets/tls/*").AsSecrets | indent 2 }}
diff --git a/helm-chart/values.yaml b/helm-chart/values.yaml
@@ -0,0 +1,47 @@
+sqlFliteServer:
+  hostName: sqlflite.example.com
+  replicaCount: 1
+
+  config:
+    DATABASE_BACKEND: duckdb
+    DATABASE_FILENAME: data/TPC-H-small.duckdb
+
+  image:
+    repository: voltrondata/sqlflite
+    pullPolicy: Always
+    # Overrides the image tag whose default is the chart appVersion.
+    tag: latest
+
+  imagePullSecrets: []
+  nameOverride: ""
+  fullnameOverride: ""
+
+  podAnnotations: {}
+
+  podSecurityContext:
+    fsGroup: 1000
+
+  securityContext: {}
+
+  service:
+    type: LoadBalancer
+    port: 31337
+
+  resources:
+    limits:
+      cpu: 500m
+      memory: 6Gi
+    requests:
+      cpu: 500m
+      memory: 6Gi
+
+  nodeSelector:
+    instanceType: r7gd.medium  # Change this to match your node's label(s)
+
+#  tolerations:
+#    - key: sidewinder
+#      operator: Equal
+#      value: "true"
+#      effect: NoSchedule
+
+  affinity: {}
diff --git a/src/duckdb/duckdb_sql_info.cpp b/src/duckdb/duckdb_sql_info.cpp
@@ -38,7 +38,7 @@ sql::SqlInfoResultMap GetSqlInfoResultMap() {
 
   return {
       {SqlInfoOptions::SqlInfo::FLIGHT_SQL_SERVER_NAME,
-       SqlInfoResult(std::string("db_name"))},
+       SqlInfoResult(std::string("sqlflite"))},
       {SqlInfoOptions::SqlInfo::FLIGHT_SQL_SERVER_VERSION,
        SqlInfoResult(std::string("duckdb " + std::string(duckdb_library_version())))},
       {SqlInfoOptions::SqlInfo::FLIGHT_SQL_SERVER_ARROW_VERSION,