Rebecca Servaites
05/10/2021, 8:17 PMKevin Kho
Rebecca Servaites
05/10/2021, 8:20 PM# prefect-server configuration
# serverVersionTag configures the default tag for prefect server
# images which are used for the apollo, graphql, and towel
# services. If null, this value defaults to `appVersion` but is
# provided here to allow override at chart install time. Each
# service image tag can be overriden individually in their
# configurations but it is not recommended.
# See <https://github.com/helm/helm/issues/8194> for details
# on why the `appVersion` cannot be set at install time.
serverVersionTag: null
# prefectVersionTag configures the default tag for Prefect Core based
# services, including the agent and default tenant creation job.
# This value is automatically pinned on chart release to the latest
# core version.
prefectVersionTag: "latest"
# uiVersionTag configures the default tag for the Prefect UI service.
# It is defined here for easy update using `sed` for automation.
# This value is automatically pinned on chart release to the latest
# ui version.
uiVersionTag: "latest"
# imagePullSecrets provides configuration to reference the k8s Secret
# resources the Helm chart's pods can get credentials from to pull
# their images.
imagePullSecrets: []
# annotations to merge into all object configurations
# NOTE: These will not apply to the postgresql subchart and must be
# defined within `postgresql` as well if that is desired
annotations: {}
# postgresql configures the backing database
# NOTE: the variables names must remain as is to match the
# bitnami subchart even if the bitnami subchart is not being
# used, these variables are used to create the connection
# string
postgresql:
postgresqlDatabase: prefect
# postgresqlUsername defines the username to authenticate
# with.
# NOTE: If you are using Azure, this will include an '@'
# which must be encoded as '%40' for the connection string
# to work with both Hasura, the GraphQL server, and the
# Alembic migration manager
postgresqlUsername: prefect
# existingSecret configures which secret should be referenced
# for access to the database. If null and `useSubChart` is
# enabled, the secret will be generated. If using an external
# postgres service, this value should be set to a secret
# containing the key `postgresql-password`
existingSecret: null
# postgresqlPassword sets the password to be used if
# `existingSecret` is not set. This is the password for
# `postgresqlUsername` and will be set within the secret at
# the key `postgresql-password`
postgresqlPassword: my-super-secret-password
# servicePort configures the port that the database should be
# accessed at
servicePort: 5432
# externalHostname defines the address to contact an externally
# managed postgres database instance at. This is not required if
# `internalPostgres` is `true`
externalHostname: ""
# useSubChart determines if a this chart should deploy a
# user-manager postgres database or use an externally managed
# postgres instance. If `useSubChart` is `true`, the
# bitnami/postgresql subchart will be deployed
useSubChart: true
# postgresql configuration below here is only used if using
# the subchart
# persistence enables a PVC that stores the database between
# deployments. If making changes to the database deployment, this
# PVC will need to be deleted for database changes to take effect.
# This is especially notable when the authentication password
# changes on redeploys.
# This is disabled by default because we do not recommend using
# the subchart deployment for production deployments.
persistence:
enabled: false
size: 8Gi
initdbUser: postgres
initdbScripts:
create_pgcrypto.sql: |
-- create pgcrypto extension, required for Hasura UUID
CREATE EXTENSION IF NOT EXISTS pgcrypto;
CREATE EXTENSION IF NOT EXISTS "pg_trgm";
SET TIME ZONE 'UTC';
# prefectConfig allows override of prefect_server/config.toml values
# Values placed here will result in environment variable definitions
# starting with "PREFECT_SERVER__" and will be passed to relevant
# services
prefectConfig:
# env: "local"
# debug: "false"
# queued_runs_returned_limit: "25"
# hasura:
# execute_retry_seconds: "10"
# logging:
# level: "DEBUG"
# format: "[%(asctime)s] %(levelname)s - %(name)s | %(message)s"
# services:
# scheduler:
# scheduler_loop_seconds: "300"
# lazarus:
# resurrection_attempt_limit: "3"
# telemetry:
# enabled: "true"
# hasura configures the Prefect hasura deployment and service
# which creates a graphql api from the postgres database
hasura:
# hasura.image configures the docker image used for hasura
# and is the only image in the chart that is not hosted by
# Prefect
image:
name: hasura/graphql-engine
tag: v1.3.3
pullPolicy: IfNotPresent
pullSecrets: []
service:
# type defines the service type and defaults to ClusterIP
# because this service does not need to be exposed outside
# the cluster
type: ClusterIP
port: 3000
labels: {}
annotations: {}
replicas: 1
strategy: {}
podSecurityContext: {}
securityContext: {}
resources: {}
nodeSelector: {}
tolerations: []
affinity: {}
# graphql configures the Prefect graphql deployment and service
# which provides a python graphql server on starlette
graphql:
image:
name: prefecthq/server
tag: null
pullPolicy: Always
pullSecrets: []
service:
type: ClusterIP
port: 4201
labels: {}
annotations: {}
replicas: 1
strategy: {}
podSecurityContext: {}
securityContext: {}
resources: {}
nodeSelector: {}
tolerations: []
affinity: {}
init:
# init.resources configures resources for the initContainer
# which upgrades the database
resources: {}
# apollo configures the Prefect apollo deployment and service
# which provides a unified graphql schema for users and the UI
# to interact with
apollo:
image:
name: prefecthq/apollo
tag: null
pullPolicy: Always
pullSecrets: []
options:
telemetryEnabled: true
service:
# type defines the service type and defaults to LoadBalancer
# to expose the apollo service to users and the UI.
# type: LoadBalancer
type: LoadBalancer
port: 4200
ingress:
enabled: true
# For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName
# See <https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress>
# ingressClassName: nginx
annotations: {}
labels: {}
## Hosts must be provided if Ingress is enabled.
hosts:
# - <http://prefecthq-apollo.domain.com|prefecthq-apollo.domain.com>
- <http://prefect-apollo.mycluster.com|prefect-apollo.mycluster.com>
## Path to use for ingress rules
path: /
## TLS configuration for Prefect Ingress
## Secret must be manually created in the namespace
tls:
# - secretName: prefecthq-apollo-general-tls
# hosts:
# - <http://prefecthq-apollo.example.com|prefecthq-apollo.example.com>
hosts:
- <http://prefect-apollo.mycluster.com|prefect-apollo.mycluster.com>
labels: {}
annotations: {}
replicas: 1
strategy: {}
podSecurityContext: {}
securityContext: {}
resources: {}
nodeSelector: {}
tolerations: []
affinity: {}
# ui configures the Prefect ui deployment and service
ui:
image:
name: prefecthq/ui
tag: null # See `uiVersionTag` instead
pullPolicy: Always
pullSecrets: []
# apolloApiUrl defines the default gateway to the Apollo
# GraphQL server. This location must be accessible by the
# user of the API because the browser is making requests
# (not the ui server)
apolloApiUrl: <http://prefect-apollo.mycluster.com>
service:
# type defines the service type and defaults to LoadBalancer
# to expose the ui service to users and the UI.
# type: LoadBalancer
type: LoadBalancer
port: 8080
ingress:
enabled: true
# For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName
# See <https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress>
# ingressClassName: nginx
annotations: {}
labels: {}
## Hosts must be provided if Ingress is enabled.
hosts:
# - <http://prefecthq-ui.domain.com|prefecthq-ui.domain.com>
- <http://prefect-ui.mycluster.com|prefect-ui.mycluster.com>
## Path to use for ingress rules
path: /
## TLS configuration for Prefect Ingress
## Secret must be manually created in the namespace
tls:
# - secretName: prefecthq-ui-general-tls
# hosts:
# - <http://prefecthq-ui.example.com|prefecthq-ui.example.com>
hosts:
- <http://prefect-ui.mycluster.com|prefect-ui.mycluster.com>
labels: {}
annotations: {}
replicas: 1
strategy: {}
podSecurityContext: {}
securityContext: {}
resources: {}
nodeSelector: {}
tolerations: []
affinity: {}
# towel configures the Prefect towel deployment which provides
# a group of useful services
towel:
image:
name: prefecthq/server
tag: null
pullPolicy: Always
pullSecrets: []
labels: {}
annotations: {}
replicas: 1
strategy: {}
podSecurityContext: {}
securityContext: {}
resources: {}
nodeSelector: {}
tolerations: []
affinity: {}
# agent configures an optional Prefect Kubernetes agent which will
# schedule flows as jobs in the cluster
agent:
# enabled determines if the Prefect Kubernetes agent is deployed
enabled: false
# prefectLabels defines what scheduling labels (not K8s labels) should
# be associated with the agent
prefectLabels: []
# image configures the container image for the agent deployment
image:
name: prefecthq/prefect
tag: null
pullPolicy: Always
pullSecrets: []
labels: {}
annotations: {}
replicas: 1
strategy: {}
podSecurityContext: {}
securityContext: {}
nodeSelector: {}
tolerations: []
affinity: {}
# resources defines the computational resources for the Prefect Agent
resources:
limits:
cpu: 100m
memory: 128Mi
# job configures values associated with jobs the agent launches
job:
# resources defines the computational resources for flow jobs
resources:
limits:
memory: "2Gi"
cpu: "1Gi"
requests:
memory: ""
cpu: ""
# imagePullPolicy configures the image pull policy for the flow job
imagePullPolicy: ""
# imagePullSecrets defines image pull secrets for the flow job
# NOTE: These secrets are not merged with the global imagePullSecrets
imagePullSecrets: []
serviceAccount:
# create specifies whether a service account should be created to be
# associated with the prefect-server infrastructure
create: true
# name sets the name of the service account to use
# If not set and create is true, a name is generated using the
# prefect-server.nameField template
name: null
# jobs contain one-time job definitions
jobs:
# create a tenant so that Agent and UI are immediately usable after installation
createTenant:
enabled: true
# tenant sets the details of the created tenant
tenant:
name: default
slug: default
# image configures the container image for the job
image:
name: prefecthq/prefect
tag: null
pullPolicy: Always
pullSecrets: []
labels: {}
annotations: {}
podSecurityContext: {}
securityContext: {}
nodeSelector: {}
tolerations: []
affinity: {}
# backoffLimit configures the number of retries; needed to wait for the server to become available
backoffLimit: 10
Kevin Kho
Jenny
05/10/2021, 8:32 PMRebecca Servaites
05/10/2021, 9:22 PMcurl -X POST -H "Content-Type: application/json" -d '{"query": "{ hello }"}' <http://prefect-apollo.mycluster.com/graphql>
Jenny
05/11/2021, 8:31 PMRebecca Servaites
05/11/2021, 8:35 PMTyler Wanner
05/11/2021, 9:30 PMRebecca Servaites
05/11/2021, 10:22 PM<html>
<head><title>308 Permanent Redirect</title></head>
<body>
<center><h1>308 Permanent Redirect</h1></center>
<hr><center>nginx</center>
</body>
</html>
Jenny
05/13/2021, 2:54 PMTyler Wanner
05/13/2021, 2:57 PMRebecca Servaites
05/13/2021, 3:06 PMTyler Wanner
05/13/2021, 3:45 PM<http://prefect-apollo.mycluster.com|prefect-apollo.mycluster.com>
Rebecca Servaites
05/13/2021, 8:29 PMTyler Wanner
05/14/2021, 3:35 PMui.apolloApiUrl
, I think you'll want to try <http://prefect-apollo.mycluster.com:4200/graphql|prefect-apollo.mycluster.com:4200/graphql>
2. Please downgrade the UI image by setting uiVersionTag
to "core-0.14.19"
--there is a bug in latest
atm
3. You've defined ui.ingress.hosts
and apollo.ingress.hosts
twice--it looks like the second definition should be under ui.ingress.tls.hosts
and apollo.ingress.tls.hosts
instead. This won't provide TLS until you add some certificate via a secret.Rebecca Servaites
05/18/2021, 8:38 PMMarko Jamedzija
05/21/2021, 10:00 AMcore-X.X.X
versions? On ui Github page I see only YYYY-MM-DD
releases. Thanks!Rebecca Servaites
05/21/2021, 4:07 PMyyyy-mm-dd
tag.Tyler Wanner
05/21/2021, 9:08 PMRebecca Servaites
05/21/2021, 9:36 PMui.apolloApiUrl
with the UI tag core-0.14.19
It only affects the value in the UI Home Page, Prefect Sever Tab Item 2 Prefect Server GraphQL endpoint
text box. When you click the Reset stored Graphql endpoint
then it shows up. I know this because I wanted to try not having the UI automatically connect to the graphql endpoint on startup and for me to manually enter the URL in the UI home page - so, I set ui.apolloApiUi
to http://localhost:4200/graphql and the endpoint it kept trying to connect to was the value I entered for apollo.hosts
which was apollo.mycluster.com with the graphql path.
I have all my pods set to ClusterIP
now because we don't have public IP addresses and the L7 ingress should work for it, because I can access it from my browser. I'm really stumped on why it's not connecting.