Skip to content

Latest commit

 

History

History
423 lines (335 loc) · 108 KB

README.md

File metadata and controls

423 lines (335 loc) · 108 KB

FROST-Server Helm chart

The FROST-Server (FRaunhofer Opensource SensorThings-Server) is the first complete, open-source implementation of the OGC SensorThings API Part 1 (Sensing).

TL;DR

Declare the Helm repo or update it

$ helm repo add fraunhoferiosb https://fraunhoferiosb.github.io/helm-charts/
$ helm repo update fraunhoferiosb

Install the FROST-Server chart

$ helm install fraunhoferiosb/frost-server

Introduction

This chart bootstraps a FROST-Server deployment on a Kubernetes cluster using the Helm package manager.

Prerequisites

Installing the Chart

Before to go, declare the Helm repo or update it

$ helm repo add fraunhoferiosb https://fraunhoferiosb.github.io/helm-charts/
$ helm repo update fraunhoferiosb

Then, to install the chart with the release name my-release

$ helm install my-release fraunhoferiosb/frost-server

This command deploys FROST-Server on the Kubernetes cluster in the default configuration. The configuration section lists the parameters that can be configured during installation.

By default, the FROST-Server instance is reachable at the http://frost-server:30080 URL (concatenation of the frost.http.serviceHost and frost.http.ports.http.servicePort configuration values).

Warning: Make sure to be able to resolve the frost-server DNS name by adding a rule either in your DNS server or in your local DNS resolver (e.g. /etc/hosts in Unix-based environments), or use an IP instead of a DNS name by setting the frost.http.serviceHost value.

Deployed FROST-Server resources

This chart deploys a fully operational FROST-Server stack composed of:

  • A (or several, depending on the number of replicas) FROST-Server's HTTP service(s)
  • A (or several, depending on the number of replicas) FROST-Server's MQTT service(s)
  • (Not enabled by default) An internal FROST-Server's database
    • associated to a local volume (disabled by default but can be enabled as explained here)

To have a view about the deployed FROST-Server resources in the my-release deployment execute:

$ helm status my-release

To visualize logs about deployed Helm release's pods, execute:

$ kubectl logs -l release=my-release

Or, more precisely:

$ kubectl get pods -l release=my-release
$ kubectl logs <pod name>

Where <pod name> is your desired pod name

Or, even simpler, by using kubetail:

$ kubetail -l release=my-release

Uninstalling the Chart

To uninstall/delete the my-release release:

$ helm delete my-release

This command removes all the Kubernetes components associated with the chart and deletes the release.

Configuration

The following table lists the configurable parameters of the FROST-Server chart and their default values.

Parameter Description Default
name Override of the base name for any FROST-Server Kubernetes component. nil (use the chart name, frost-server, by default)
frost.alwaysOrderbyId Always add an ‘orderby=id asc’ to queries to ensure consistent paging. true
frost.logSensitiveData If false, sensitive data like passwords and database connection URLs are not logged when loading settings. false
frost.queueLoggingInterval If non-zero, log queue statistics ever x milliseconds. Default: 0 (off) 0
frost.plugins.plugins A comma-separated list of class names, listing additional plugins to load. ``
frost.plugins.coreModel.enable Toggle indicating the CoreModel plugin should be enabled. true
frost.plugins.coreModel.editableDsProperties Toggle indicating the server-generated properties of (Multi)Datastreams can be edited. false
frost.plugins.coreModel.idType.default The default type of the primary key columns, can be overruled on a per-table basis: LONG, STRING, UUID. LONG
frost.plugins.coreModel.idType.datastream The type of the primary key column of the Datastream table. Defaults to the value of frost.plugins.coreModel.idType.default. ``
frost.plugins.coreModel.idType.feature The type of the primary key column of the Feature table. Defaults to the value of frost.plugins.coreModel.idType.default. ``
frost.plugins.coreModel.idType.historicalLocation The type of the primary key column of the HistoricalLocation table. Defaults to the value of frost.plugins.coreModel.idType.default. ``
frost.plugins.coreModel.idType.location The type of the primary key column of the Location table. Defaults to the value of frost.plugins.coreModel.idType.default. ``
frost.plugins.coreModel.idType.observedProperty The type of the primary key column of the ObservedProperty table. Defaults to the value of frost.plugins.coreModel.idType.default. ``
frost.plugins.coreModel.idType.observation The type of the primary key column of the Observation table. Defaults to the value of frost.plugins.coreModel.idType.default. ``
frost.plugins.coreModel.idType.sensor The type of the primary key column of the Sensor table. Defaults to the value of frost.plugins.coreModel.idType.default. ``
frost.plugins.coreModel.idType.thing The type of the primary key column of the Thing table. Defaults to the value of frost.plugins.coreModel.idType.default. ``
frost.plugins.actuation.enable Toggle indicating the Actuation plugin should be enabled. false
frost.plugins.actuation.idType.actuator The type of the primary key column of the Actuator table. Defaults to the value of frost.plugins.coreModel.idType.default. ``
frost.plugins.actuation.idType.task The type of the primary key column of the Task table. Defaults to the value of frost.plugins.coreModel.idType.default. ``
frost.plugins.actuation.idType.taskingCapability The type of the primary key column of the TaskingCapability table. Defaults to the value of frost.plugins.coreModel.idType.default. ``
frost.plugins.multiDatastream.enable Toggle indicating the MultiDatastream plugin should be enabled. false
frost.plugins.multiDatastream.idType.multiDatastream The type of the primary key column of the MultiDatastream table. Defaults to the value of frost.plugins.coreModel.idType.default. ``
frost.plugins.modelLoader.enable Toggle indicating the ModelLoader plugin should be enabled. false
frost.plugins.modelLoader.modelPath Path to the model files that the ModelLoader plugin should load. ``
frost.plugins.modelLoader.modelFiles Comma-separated list of model files that the ModelLoader plugin should load. ``
frost.plugins.modelLoader.liquibasePath Path to the liquibase changelog files that the ModelLoader plugin should load. ``
frost.plugins.modelLoader.liquibaseFiles Comma-separated list of liquibase changelog files that the ModelLoader plugin should load. ``
frost.plugins.modelLoader.securityPath Path to the security definition files that the ModelLoader plugin should load. ``
frost.plugins.modelLoader.securityFiles Comma-separated list of security definition files that the ModelLoader plugin should load. ``
frost.plugins.modelLoader.metadataData A json-string containing extra data to add to the serverSettings object on the landing page. The added data is merged into the existing data. ``
frost.plugins.modelLoader.metadataPath The file path where extra metadata files are located. ``
frost.plugins.modelLoader.metadataFiles A comma-separated list of meta data files to load. Each file is loaded and its JSON-content is merged into the serverSettings object on the ROOT-URL. ``
frost.plugins.dataArray.enable Toggle indicating the DataArray plugin should be enabled. true
frost.plugins.csv.enable Toggle indicating the CSV plugin should be enabled. true
frost.plugins.geojson.enable Toggle indicating the GeoJSON plugin should be enabled. true
frost.plugins.batchProcessing.enable Toggle indicating the BatchProcessing plugin should be enabled. true
frost.plugins.odata.enable Toggle indicating the OData plugin should be enabled. false
frost.plugins.openApi.enable Toggle indicating the OpenApi plugin should be enabled. false
frost.auth.provider The java class used to configure authentication/authorisation (Short: basic / keycloak). ``
frost.auth.allowAnonymousRead If true, anonymous users are allowed to read (GET) data. false
frost.auth.authenticateOnly If true, the auth module only handles authentication, not authorisation. false
frost.auth.role.read The role in the external authentication system that represents read (GET) access. ``
frost.auth.role.create The role in the external authentication system that represents create (POST) access. ``
frost.auth.role.update The role in the external authentication system that represents update (PUT/PATCH) access. ``
frost.auth.role.delete The role in the external authentication system that represents delete (DELETE) access. ``
frost.auth.role.admin The role in the external authentication system that represents admin (DatabaseStatus) access. ``
frost.auth.realmName (Basic Auth) The name of the realm that the browser displays when asking for username and password. ``
frost.auth.plainTextPassword (Basic Auth) If true (the default), passwords are stored in plain text. Otherwise password are stored hashed. true
frost.auth.db.autoUpdateDatabase (Basic Auth) Automatically apply database updates. false
frost.auth.db.maximumConnection (Basic Auth) The maximum number of database connections to use. ``
frost.auth.db.maximumIdleConnection (Basic Auth) The maximum number of idle database connections to keep open. ``
frost.auth.db.minimumIdleConnection (Basic Auth) The minimum number of idle database connections to keep open. ``
frost.auth.keycloakConfig (Keycloak Auth) The json content of the keycloak json config file. ``
frost.auth.keycloakConfigFile (Keycloak Auth) The path to the keycloak json config file. ``
frost.auth.keycloakConfigUrl (Keycloak Auth) The URL on the Keycloak server that can be used to download the Keycloak config file. Usually this url is in the form of: https://keycloak.example.com/realms/[realm]/clients-registrations/install/[client id]. ``
frost.auth.keycloakConfigSecret (Keycloak Auth) If the client has “access-type” set to “confidential” then a secret is required to download the configuration. This secret can be found in the configuration itself, in Keycloak. ``
frost.http.replicas Number of FROST-Server HTTP module replicas. 1
frost.http.ports.http.nodePort The external port (node port) of the FROST-Server HTTP service, if not using Ingress. 30080
frost.http.ports.http.servicePort The internal port of the FROST-Server HTTP module. 80
frost.http.ingress.enabled If Ingress needs to be enabled for the FROST-Server HTTP module. See bellow for more information. true
frost.http.ingress.rewriteAnnotation Annotation, used for the ingress resource to rewrite the HTTP-Ingress request. This is specific for the ngixn ingress controller. If using an other ingress controller, adapt accordingly nginx.ingress.kubernetes:io/rewrite-target
frost.http.ingress.rewriteTarget Value for the rewriteAnnotation. Path, which is used to access the FROST-HTTP service. /FROST-Server/
frost.http.ingress.path Value for the path of the service in the ingress spec. /FROST-Server/
frost.http.ingress.annotations Annotations for the ingress definition. E.g. to define the ingress class use --set 'frost.http.ingress.annotations.kubernetes\.io/ingress\.class=nginx' nil
frost.http.ingress.tls.enabled Enable tls for the ingress. false
frost.http.ingress.tls.secretName Name of the secret used for tls in the ingress definition. nil
frost.http.serviceHost The host used by the serviceRootURL mandatory FROST-Server configuration parameter. frost-server
frost.http.serviceProtocol The protocol where the host will be available. http
frost.http.servicePort The external port of the FROST-Server HTTP module. If not set standard http(s) port is used, when ingress is enabled. Otherwise frost.http.ports.http.nodePort will be used. This value usefull when running a reverse proxy. nil
frost.http.urlSubPath The suffix added to the service url. This value is usefull when FROST-Server is not running in the root path of the doamin, e.g. when using a reverse proxy. nil
frost.http.cors.enable If true, a filter is added to allow cross-site-scripting. false
frost.http.cors.allowed.origins A list of origins that are allowed to access the resource. A * can be specified to enable access to resource from any origin. Otherwise, a whitelist of comma separated origins can be provided. Eg: http://www.w3.org, https://www.apache.org *
frost.http.cors.allowed.methods A comma separated list of HTTP methods that can be used to access the resource, using cross-origin requests. These are the methods which will also be included as part of Access-Control-Allow-Methods header in pre-flight response. Eg: GET, POST GET, HEAD, OPTIONS
frost.http.cors.allowed.headers A comma separated list of request headers that can be used when making an actual request. These headers will also be returned as part of Access-Control-Allow-Headers header in a pre-flight response. Eg: Origin,Accept Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
frost.http.cors.exposed.headers A comma separated list of headers other than simple response headers that browsers are allowed to access. These are the headers which will also be included as part of Access-Control-Expose-Headers header in the pre-flight response. Eg: X-CUSTOM-HEADER-PING,X-CUSTOM-HEADER-PONG Location
frost.http.cors.support.credentials A flag that indicates whether the resource supports user credentials. This flag is exposed as part of Access-Control-Allow-Credentials header in a pre-flight response. It helps browser determine whether or not an actual request can be made using credentials. false
frost.http.cors.preflight.maxage The amount of seconds, browser is allowed to cache the result of the pre-flight request. This will be included as part of Access-Control-Max-Age header in the pre-flight response. A negative value will prevent CORS Filter from adding this response header to pre-flight response. 1800
frost.http.cors.request.decorate A flag to control if CORS specific attributes should be added to HttpServletRequest object or not. true
frost.http.defaultCount The default value for the $count query option used by the FROST-Server HTTP module. false
frost.http.defaultTop The default value for the $top query option used by the FROST-Server HTTP module. 100
frost.http.maxTop The maximum allowed value for the $top query option used by the FROST-Server HTTP module. 1000
frost.http.useAbsoluteNavigationLinks If true, FROST-Server HTTP's navigationLinks are absolute, otherwise relative. true
frost.http.db.autoUpdate Automatically apply database updates. true
frost.http.db.maximumConnection The maximum number of database connections used by the FROST-Server HTTP module. 10
frost.http.db.maximumIdleConnection The maximum number of idle database connections to keep open by the FROST-Server HTTP module. 10
frost.http.db.minimumIdleConnection The minimum number of idle database connections to keep open by the FROST-Server HTTP module. 10
frost.http.bus.sendWorkerPoolSize The number of FROST-Server HTTP worker threads to handle sending messages to the bus. 10
frost.http.bus.sendQueueSize The size of the FROST-Server HTTP message queue to buffer messages to be sent to the bus. 100
frost.http.bus.recvWorkerPoolSize The number of FROST-Server HTTP worker threads to handle messages coming from the bus. 10
frost.http.bus.maxInFlight The maximum number of FROST-Server HTTP in-flight messages to allow on the MQTT bus. 50
frost.http.image.registry Image registry for the http module. docker.io
frost.http.image.repository Image for the http module. fraunhoferiosb/frost-server-http
frost.http.image.tag Imagetag for the http module. {VERSION}
frost.http.image.pullPolicy Image pull policy for the http module. IfNotPresent
frost.http.image.imagePullSecret Name of the pull secred to use when pulling the Image from the configured repository. nil
frost.http.resources.requests.cpu CPU requested by the http module. 1Gi
frost.http.resources.requests.memory Memory requested by the http module. 500m
frost.http.resources.limits.cpu CPU limit for the http module. NIL
frost.http.resources.limits.memory Memory limit for the http module. NIL
frost.http.envExtra Extra environment variables for the http module. See below for syntax. nil
frost.db.ports.postgresql.servicePort The internal port of the FROST-Server database service. 5432
frost.db.persistence.enabled If data persistence needs to be enabled. See bellow for more information. false
frost.db.enableIntegratedDb If set, the Helm chart will deploy a internal Postgis database server. When disabled, you can use the value below to specify a external connection string. true
frost.db.dbExternalConnectionString If the setting frost.db.enableIntegratedDb is set to true, you can specify the connection to connect to an external Postgres / PostGIS database jdbc:postgresql://externaldbhost:5432/sensorthings
frost.db.persistence.existingClaim If set, then use an existing PersistenceVolumeClaim for the FROST-Server database volume. See bellow for more information. nil (use the builtin PersistenceVol)
frost.db.persistence.storageClassName The StorageClassName to use by the FROST-Server database persistence. See bellow for more information. nil (use the default StorageClass currently in use)
frost.db.persistence.accessModes List of AccessModes to claim if FROST-Server database persistence is enabled. See bellow for more information. {ReadWriteOnce}
frost.db.persistence.capacity The storage capacity required by the FROST-Server database persistence. 10Gi
frost.db.persistence.mountPath The path the volume is mount into the database container. /var/lib/postgresql/data
frost.db.persistence.local.nodeMountPath The mount path to use if using the local StorageClassName as FROST-Server database StorageClass persistence. See bellow for more information. /mnt/frost-server-db
frost.db.persistence.hostPath If frost.db.persistence.enabled is set to false. Than this variable can be used to mount this hostPath to the database container. nil
frost.db.database The FROST-Server database name to use. sensorthings
frost.db.existingSecret If set, this secret is used for the database credentials. nil
frost.db.secretUsernameKey The key in the database secret for the username. Change if your secret differs. db.username
frost.db.secretPasswordKey The key in the database secret for the password. Change if your secret differs. db.password
frost.db.username The base64 username to use when connecting to the FROST-Server database. c2Vuc29ydGhpbmdz (sensorthings)
frost.db.password The base64 password to use when connecting to the FROST-Server database. bm93eW91Y2FuY2hhbmdlaXQ= (nowyoucanchangeit)
frost.db.idGenerationMode Determines how entity ids are generated by any FROST-Server module. See here for more information. ServerGeneratedOnly
frost.db.countMode The way to count entities. See here for more information. FULL
frost.db.implementationClass The Java class used for persistence by any FROST-Server module. [...].PostgresPersistenceManagerLong (see [1] bellow for the complete value)
frost.db.transactionRole If true, use SET LOCAL ROLE on database queries. false
frost.db.image.registry Image registry for the database. docker.io
frost.db.image.repository Image for the database. postgis/postgis
frost.db.image.tag Imagetag for the database. 14-3.2-alpine
frost.db.image.pullPolicy Image pull policy for the bus. IfNotPresent
frost.db.image.imagePullSecret Name of the pull secred to use when pulling the Image from the configured repository. nil
frost.db.securityContext.runAsUser The user id of the database process. nil
frost.db.securityContext.runAsGroup The group id of the database process. nil
frost.db.securityContext.fsGroup The fsGroup of the database process. nil
frost.db.requiredHostname If this is set, an affinity rule will be added, so that the database pod will only be scheduled on the node with this hostname. nil
frost.db.driver The Database driver to use when not using JNDI. org.postgresql.Driver
frost.mqtt.enabled If MQTT support needs to be enabled. See bellow for more information. true
frost.mqtt.annotations It is possible to set certain annotation for the service. This can be handy when using metallb as a LoadBalancer. With the annotation option it is possible to set a static ip address for the service. true
frost.mqtt.replicas The number of FROST-Server MQTT module replicas. 1
frost.mqtt.serviceHost The external host name for the mqtt service. same as frost.http.serviceHost
frost.mqtt.serviceType The serviceType that Kubernetes will use when deploying the mqtt service. This can either be NodePort or LoadBalancer. When choosing LoadBalancer the service will directly be exposed on a separate ip address by the loadbalancer. This can be useful in cloud environments on if you run metallb for example. When using metallb you can optionally set a annotation so you can specify a specific ip address to the service. NodePort
frost.mqtt.ports.mqtt.nodePort The external port (node port) of the FROST-Server MQTT service. nil (port selected by Kubernetes)
frost.mqtt.ports.mqtt.servicePort The internal port of the FROST-Server MQTT service. 1883
frost.mqtt.ports.websocket.nodePort The external port (node port) of the FROST-Server MQTT websocket service. nil (port selected by Kubernetes)
frost.mqtt.ports.websocket.servicePort The internal port of the FROST-Server MQTT websocket service. 9876
frost.mqtt.stickySessionTimeout Timeout (in seconds) of sticky time sessions used by the FROST-Server MQTT server. 10800 (3 hours)
frost.mqtt.qos Quality of Service Level for MQTT messages. 2
frost.mqtt.subscribeMessageQueueSize Queue size for messages to be published via MQTT. 100
frost.mqtt.subscribeThreadPoolSize Number of threads use to dispatch MQTT notifications. 10
frost.mqtt.createMessageQueueSize Queue size for create observation requests via MQTT. 100
frost.mqtt.createThreadPoolSize Number of threads use to dispatch observation creation requests. 10
frost.mqtt.maxInFlight The maximum number of in-flight messages to allow when sending notifications. 50
frost.mqtt.exposedEndpoints A comma separated list of MQTT endpoints to list on the index page. when not present, FROST will try to generate this list itself. nil
frost.mqtt.javaKeystorePath When using SSL (sslPort or secureWebsocketPort) this is the path to the key store with your certificates. nil
frost.mqtt.keyManagerPassword The password for the certificate itself. nil
frost.mqtt.keyStorePassword The password for the certificate keystore. nil
frost.mqtt.persistentStoreType The way the MQTT server keeps track of subscriptions, either in-memory (memory) or using an H2 database (h2). memory
frost.mqtt.secureWebsocketPort The port the MQTT server is reachable via secure WebSocket. nil
frost.mqtt.session_queue_size The size of the internal queue the mqtt broker uses per CPU core. 1024
frost.mqtt.persistent_client_expiration The maximum lifetime of disconnected sessions, postfix with s for seconds. 3600s
frost.mqtt.sslPort The port the MQTT server runs on, using ssl. nil
frost.mqtt.netty.mqtt.message_size The maximum size of MQTT messages. 8092 (Bytes)
frost.mqtt.host The external IP address or host name the MQTT server should listen on. Set by default to 0.0.0.0 to listen on all interfaces. 0.0.0.0
frost.mqtt.internalHost The internal host name of the MQTT server. localhost
frost.mqtt.waitForEnter When true, and running in an interactive console, the FROST-MQTT component will read the keyboard input, and exit when the enter key is pressed. When false, the FROST-MQTT component has to be stopped by sending it a TERM Signal. false
frost.mqtt.db.alwaysOrderbyId Always add an orderby=id asc to to FROST-Server MQTT's database queries to ensure consistent paging. false
frost.mqtt.db.maximumConnection The maximum number of database connections to use by the FROST-Server MQTT module. 10
frost.mqtt.db.maximumIdleConnection The maximum number of idle database connections to keep open by the FROST-Server MQTT module. 10
frost.mqtt.db.minimumIdleConnection The minimum number of idle database connections to keep open by the FROST-Server MQTT module. 10
frost.mqtt.bus.sendWorkerPoolSize The number of FROST-Server MQTT worker threads to handle sending messages to the MQTT bus. 10
frost.mqtt.bus.sendQueueSize The size of the FROST-Server MQTT message queue to buffer messages to be sent to the MQTT bus. 100
frost.mqtt.bus.recvWorkerPoolSize The number of FROST-Server MQTT worker threads to handle messages coming from the MQTT bus. 10
frost.mqtt.bus.maxInFlight The maximum number of FROST-Server MQTT in-flight messages to allow on the MQTT bus. 50
frost.mqtt.image.registry Image registry for the mqtt module. docker.io
frost.mqtt.image.repository Image for the mqtt module. fraunhoferiosb/frost-server-mqtt
frost.mqtt.image.tag Imagetag for the mqtt module. {VERSION}
frost.mqtt.image.pullPolicy Image pull policy for the mqtt module. IfNotPresent
frost.mqtt.image.imagePullSecret Name of the pull secred to use when pulling the Image from the configured repository. nil
frost.mqtt.envExtra Extra environment variables for the mqtt module. See below for syntax. nil
frost.mqtt.ingress.enabled If Ingress needs to be enabled for the FROST-Server MQTT module. See bellow for more information. true
frost.mqtt.ingress.path Value for the path of the service in the ingress spec. Some clients assume this to be /mqtt. /mqtt
frost.mqtt.ingress.annotations Annotations for the ingress definition. E.g. to define the ingress class use --set 'frost.http.ingress.annotations.kubernetes\.io/ingress\.class=nginx' nginx.ingress.kubernetes.io/proxy-read-timeout: 3600, nginx.ingress.kubernetes.io/proxy-send-timeout: 3600
frost.mqtt.ingress.tls.enabled Enable tls for the ingress. false
frost.mqtt.ingress.tls.secretName Name of the secret used for tls in the ingress definition. nil
frost.bus.ports.bus.servicePort The internal port of the FROST-Server Messages Bus service. 1883
frost.bus.implementationClass The Java class that is used to connect to the message bus, common for any FROST-Server modules. [...].MqttMessageBus (see [2] bellow for the complete value)
frost.bus.topicName The MQTT topic to use as a message bus by any FROST-Server module. FROST-Bus
frost.bus.qosLevel The Quality of Service Level for the MQTT bus by any FROST-Server module. 2
frost.bus.image.registry Image registry for the bus. docker.io
frost.bus.image.repository Image for the bus. eclipse-mosquitto
frost.bus.image.tag Imagetag for the bus. 1.4.12
frost.bus.image.pullPolicy Image pull policy for the bus. IfNotPresent
frost.bus.image.imagePullSecret Name of the pull secred to use when pulling the Image from the configured repository. nil
frost.extension.customLinks.enable Enable the custom entity links extension. false
frost.extension.customLinks.recurseDepth Set how deep in properies the extension searches for custom links. 0 (top level only)
frost.extension.filterDelete.enable Enable the Filtered Delete extension. false
frost.backup.enabled Enable the automated creation of daily backups. false
frost.backup.image.registry Image registry for the database. docker.io
frost.backup.image.repository Image for the database. kartoza/pg-backup
frost.backup.image.tag Imagetag for the database. 14-3.2
frost.backup.image.pullPolicy Image pull policy for the bus. IfNotPresent
frost.backup.image.imagePullSecret Name of the pull secred to use when pulling the Image from the configured repository. nil
frost.backup.removeBefore Remove all old backups older than specified amount of days. 14
frost.backup.persistence.existingClaim If set, then use an existing PersistenceVolumeClaim for the backup volume. nil (use the builtin PersistenceVol
frost.backup.persistence.storageClassName The StorageClassName to use by the backup persistence. nil (use the default StorageClass currently in use)
frost.backup.persistence.accessModes List of AccessModes to claim if backup persistence is enabled. {ReadWriteOnce}
frost.backup.persistence.capacity The storage capacity required by the backup persistence. 10Gi
frost.backup.persistence.mountPath The path the volume is mount into the backup container. /backups
frost.backup.securityContext.runAsUser The user id of the backup process. nil
frost.backup.securityContext.runAsGroup The group id of the backup process. nil
frost.backup.securityContext.fsGroup The fsGroup of the backup process. nil
frost.logging.default The “root” log level. INFO
frost.logging.parser The log level for the de.fraunhofer.iosb.ilt.frostserver.parser package. INFO
frost.logging.queries The log level for the de.fraunhofer.iosb.ilt.frostserver.persistence.pgjooq.QueryBuilder package. INFO
frost.logging.requests The log level for the request decoder. When set to DEBUG each request with its headers will be logged. INFO
frost.logging.service The log level for the de.fraunhofer.iosb.ilt.frostserver.service package. When set to DEBUG, 4xx error details and 5xx stack traces will be logged. INFO
frost.logging.settings The log level for the de.fraunhofer.iosb.ilt.frostserver.settings package. INFO
frost.logging.moquette The log level for the io.moquette package. WARN
frost.logging.liquibase The log level for the liquibase package. INFO
frost.logging.jooq The log level for the org.jooq package. INFO

[1]: The complete default frost.db.implementationClass value is de.fraunhofer.iosb.ilt.frostserver.persistence.pgjooq.PostgresPersistenceManager.

[2]: The complete default frost.bus.implementationClass value is de.fraunhofer.iosb.ilt.frostserver.messagebus.InternalMessageBus.

Specify each parameter using the --set key=value[,key=value] argument to helm install|upgrade. For example,

$ helm install my-release \
    --set key_1=value_1,key_2=value_2 \
    fraunhoferiosb/frost-server

Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,

# example for staging
$ helm install my-release -f values.yaml fraunhoferiosb/frost-server

Tip: You can use the default values.yaml

More information about the FROST-Server configuration can be found here.

Extra Environment Variables

It is possible to pass extra environment variables to FROST using frost.envExtra, frost.http.envExtra and frost.mqtt.envExtra. This variable accepts key-value pairs. Keys must be names usable for environment variables, values are quoted automatically.

# values.yaml
frost:
  envExtra:
    plugins_modelLoader_idType_User: string
    plugins_modelLoader_idType_Role: string

They can also be passed directly on the command line. Since it is not possible to include newline characters in value strings on the command line with escape characters like \n, the sting must be quoted with newline characters in tact:

helm install my-release --set "frost.mqtt.envExtra=- name: plugins_modelLoader_idType_User
  value: string
- name: plugins_modelLoader_idType_Role
  value: string"

MQTT

As described in the OGC SensorThings API specification, MQTT support is an optional extension but enabled by default in the FROST-Server Helm chart. To disable MQTT support, override the frost.mqtt.enabled configuration value to false.

$ helm install --set frost.mqtt.enabled=false fraunhoferiosb/frost-server

Persistence

By default, the FROST-Server database is working without data persistence. Thus, if the Helm release or the FROST-Server database pod is deleted, then all saved data is lost. To enable data persistence, turn on the frost.db.persistence.enabled configuration parameter:

$ helm install --set frost.db.persistence.enabled=true fraunhoferiosb/frost-server

Once FROST-Server database persistence is enabled, then the FROST-Server will either:

  • use its own PersistenceVolumeClaim, which is described bellow
  • or use an existing PersistenceVolumeClaim, if the frost.db.persistence.existingClaim is set

If persistence is enabled and no existing PersistenceVolumeClaim is defined (frost.db.persistence.existingClaim is unset), then the FROST-Server chart will claim a PersistentVolume that fits with its associated StorageClass name. By default, no name is defined, then the default StorageClass currently in use in the Kubernetes cluster will be used. But you can override this behaviour by setting the frost.db.persistence.storageClassName configuration value with your desired StorageClass name to use.

If necessary, the FROST-Server chart also defines its own StorageClass name, frost-server-db-local, bound to a builtin local volume, which stores data in a local directory within the cluster (more precisely within the node where this local volume is deployed). To enable it, set the frost.db.persistence.storageClassName to frost-server-db-local and precise the folder where data need to be persisted on the node

$ helm install \
    --set frost.db.persistence.enabled=true,frost.db.persistence.storageClassName=frost-server-db-local,frost.db.persistence.local.nodeMountPath=/mnt/frost-server-db \
    fraunhoferiosb/frost-server

Warning #1: The local StorageClass cannot be scaled.

Warning #2: The local StorageClass can only be used if only the ReadWriteOnce AccessMode is claimed (check the frost.db.persistence.accessModes configuration parameter).

Secret

It is also possible to create your own secret. To do so set the frost.db.existingSecret to your secret. If your keys differ, you can also set them by setting frost.db.secretUsernameKey and frost.db.secretPasswordKey.

Ingress HTTP

The FROST-Server HTTP component can be accessed through an Ingress controller, which is the recommended mode of operation. By default, Ingress is enabled but can be disabled using the frost.http.ingress.enabled option:

$ helm install --set frost.http.ingress.enabled=false fraunhoferiosb/frost-server

Or if you want to disable it in your current living my-release release:

$ helm upgrade --set frost.http.ingress.enabled=false my-release fraunhoferiosb/frost-server

Once Ingress is enabled on the FROST-Server HTTP component, then the FROST-Server HTTP API can be accessed at http://<frost.http.serviceHost> (http://frost-server by default), on the standard 80 HTTP port, without being constrained to specify the frost.http.ports.http.nodePort port.

Warning: frost.http.serviceHost needs to be a DNS name. Make sure to be able to resolve it by adding a rule either in your DNS server or in your local DNS resolver (e.g. /etc/hosts in Unix-based environments).

Since the HTTP endpoint of FROST is reachable under the /FROST-Server-path, we leverage the Ingress rewriting capability.

Caution: Our configuration is specific for nginx ingress controller version 0.22.0 or above. It needs to be adjusted, if another ingress controller is used.

For nginx below 0.22.0 set frost.http.ingress.rewriteTarget=/FROST-Server and frost.http.ingress.path=/

Ingress MQTT/WebSockets

The FROST-Server MQTT component can be accessed through an Ingress controller, which is the recommended mode of operation. By default, Ingress is disabled but can be disabled using the frost.http.ingress.enabled option:

$ helm install --set frost.mqtt.ingress.enabled=true fraunhoferiosb/frost-server

Caution: Our configuration is specific for nginx ingress controller.