Merge pull request #124 from cephasara/master

Add helm chart
2021-01-14 08:57:17 +00:00 · 2021-01-14 08:57:17 +00:00 · a9a7863c3c
parent 849b2b8530 ce3ce48eb1
commit a9a7863c3c
10 changed files with 1585 additions and 0 deletions
--- a/helm/.DS_Store
+++ b/helm/.DS_Store
--- a/helm/Chart.yaml
+++ b/helm/Chart.yaml
@ -0,0 +1,7 @@
+apiVersion: v1
+appVersion: "0.0.1.0"
+description: default
+name: docker-osx
+version: 0.1.0
+keywords:
+- docker-osx
--- a/helm/README.md
+++ b/helm/README.md
@ -0,0 +1,44 @@
+# docker-osx
+
+## Information
+
+This installs `docker-osx` in Kubernetes.
+
+## Features
+
+### What works
+1) Setting cpu/memory options
+1) Setting VNC password
+1) Persistance
+1) Setting SMBIOS
+1) QEMU/virtio cpu changes
+1) Toggling Audio
+1) Additional port forwarding
+1) Kubernetes resource requests/limits
+1) Defining install partition size
+
+### What doesn't/isn't defined
+1) Defining a different version of macOS
+1) Additional QEMU parameters
+1) GPU support
+
+## Requirements
+
+*) Install [host machine requirements](https://github.com/cephasara/Docker-OSX#requirements-kvm-on-the-host)
+    *) Ensure you are running QEMU 5.X
+*) Kubernetes
+*) Helm
+*) `sickcodes/docker-osx-vnc` Docker image
+
+### Build `sickcodes/docker-osx-vnc`
+
+1) Go back to the root directory
+1) Build docker image
+
+    ```
+    docker build \
+        -t sickcodes/docker-osx-vnc:latest \
+        -f vnc-version/Dockerfile .
+    ```
+
+_Do not worry about passing `CPU`, `RAM`, etc as they are handled in `values.yaml` now._
--- a/helm/templates/_helpers.tpl
+++ b/helm/templates/_helpers.tpl
@ -0,0 +1,32 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "docker-osx.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "docker-osx.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "docker-osx.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
--- a/helm/templates/configmap.yaml
+++ b/helm/templates/configmap.yaml
--- a/helm/templates/data-pvc.yaml
+++ b/helm/templates/data-pvc.yaml
@ -0,0 +1,28 @@
+{{- if and .Values.persistence.data.enabled (not .Values.persistence.data.existingClaim) }}
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: {{ template "docker-osx.fullname" . }}-config
+  labels:
+    app: {{ template "docker-osx.name" . }}
+    chart: {{ template "docker-osx.chart" . }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+  {{- with .Values.persistence.annotations  }}
+  annotations:
+{{ toYaml . | indent 4 }}
+  {{- end }}
+spec:
+  accessModes:
+  - {{ .Values.persistence.config.accessMode | quote }}
+  resources:
+    requests:
+      storage: {{ .Values.persistence.config.size | quote }}
+{{- if .Values.persistence.config.storageClass }}
+{{- if (eq "-" .Values.persistence.config.storageClass) }}
+  storageClassName: ""
+  {{- else }}
+  storageClassName: "{{ .Values.persistence.config.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
--- a/helm/templates/deployment.yaml
+++ b/helm/templates/deployment.yaml
@ -0,0 +1,124 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "docker-osx.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "docker-osx.name" . }}
+    helm.sh/chart: {{ include "docker-osx.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: {{ include "docker-osx.name" . }}
+      app.kubernetes.io/instance: {{ .Release.Name }}
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: {{ include "docker-osx.name" . }}
+        app.kubernetes.io/instance: {{ .Release.Name }}
+    spec:
+      containers:
+      - name: {{ .Chart.Name }}
+        image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+        imagePullPolicy: {{ .Values.image.pullPolicy }}
+        securityContext:
+          allowPrivilegeEscalation: true
+          readOnlyRootFilesystem: false
+          privileged: true
+          capabilities:
+            add:
+            - net_raw
+            - NET_ADMIN
+        ports:
+        - name: http
+          containerPort: {{ .Values.service.port }}
+          protocol: TCP
+        livenessProbe:
+          tcpSocket:
+            port: http
+        readinessProbe:
+          tcpSocket:
+            port: http
+        env:
+        - name: CORES
+          value: "{{ .Values.resources.requests.cpu }}"
+        - name: SMP
+          value: "{{ .Values.resources.requests.cpu }}"
+        - name: RAM
+          value: "{{ .Values.resources.requests.memory | trimSuffix "Mi" }}"
+        - name: TZ
+          value: "{{ .Values.tz }}"
+        resources:
+{{ toYaml .Values.resources | indent 10 }}
+        volumeMounts:
+        - mountPath: /home/arch/OSX-KVM/config.plist
+          subPath: config.plist
+          name: boot-components
+        - mountPath: /home/arch/OSX-KVM/macOS-libvirt-Catalina.xml
+          subPath: macOS-libvirt-Catalina.xml
+          name: boot-components
+        - mountPath: /home/arch/OSX-KVM/Launch_custom.sh
+          subPath: Launch_custom.sh
+          name: boot-components
+        - mountPath: /home/arch/OSX-KVM/vncpasswd_file
+          subPath: vncpasswd_file
+          name: boot-components
+        - mountPath: /dev/kvm
+          name: kvm
+        - mountPath: /dev/net/tun
+          name: tun
+        - mountPath: /dev/vfio/vfio
+          name: vfio
+        - mountPath: /dev/snd
+          name: snd
+        - mountPath: /tmp/.X11-unix
+          name: x11
+        {{- if .Values.persistence.data.enabled }}
+        - name: data
+          mountPath: /mnt/data
+        {{- end }}
+        {{- if .Values.extraVolumeMounts }}{{ toYaml .Values.extraVolumeMounts | trim | nindent 8 }}{{ end }}
+        # args:
+        # - 
+      volumes:
+      - name: boot-components
+        configMap: 
+          name: {{ template "docker-osx.fullname" . }}-boot-components
+          items:
+          - key: config.plist
+            path: config.plist
+          - key: macOS-libvirt-Catalina.xml
+            path: macOS-libvirt-Catalina.xml
+          - key: Launch_custom.sh
+            path: Launch_custom.sh
+          - key: vncpasswd_file
+            path: vncpasswd_file
+      - name: kvm
+        hostPath:
+          path: /dev/kvm
+      - name: tun
+        hostPath:
+          path: /dev/net/tun
+      - name: vfio
+        hostPath:
+          path: /dev/vfio/vfio
+      - name: snd
+        hostPath:
+          path: /dev/snd
+      - name: x11
+        hostPath:
+          path: /dev/ssd_data/default/{{ .Release.Name }}/.X11-unix
+      {{- if .Values.persistence.data.enabled }}
+      - name: data
+        persistentVolumeClaim:
+          claimName: {{ if .Values.persistence.data.existingClaim }}{{ .Values.persistence.data.existingClaim }}{{- else }}{{ template "docker-osx.fullname" . }}-data{{- end }}
+      {{- else }}
+          emptyDir: {}
+      {{- end }}
+      {{- if .Values.extraVolumes  }}{{ toYaml .Values.extraVolumes | trim | nindent 6 }}{{ end }}
+{{- if .Values.nodeSelector }}
+      nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+{{- end }}
--- a/helm/templates/ingress.yaml
+++ b/helm/templates/ingress.yaml
@ -0,0 +1,39 @@
+{{- if .Values.ingress.enabled -}}
+{{- $fullName := include "docker-osx.fullname" . -}}
+{{- $ingressPath := .Values.ingress.path -}}
+apiVersion: extensions/v1
+kind: Ingress
+metadata:
+  name: {{ $fullName }}
+  labels:
+    app.kubernetes.io/name: {{ include "docker-osx.name" . }}
+    helm.sh/chart: {{ include "docker-osx.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+  {{- with .Values.ingress.annotations }}
+  annotations:
+    {{ toYaml . | indent 4 }}
+  {{- end }}
+
+spec:
+{{- if .Values.ingress.tls }}
+  tls:
+  {{- range .Values.ingress.tls }}
+  - hosts:
+    {{- range .hosts }}
+    - {{ . | quote }}
+    {{- end }}
+    secretName: {{ .secretName }}
+  {{- end }}
+{{- end }}
+  rules:
+  {{- range .Values.ingress.hosts }}
+  - host: {{ . | quote }}
+    http:
+      paths:
+      - path: {{ $ingressPath }}
+        backend:
+          serviceName: {{ $fullName }}
+          servicePort: http
+  {{- end }}
+{{- end }}
--- a/helm/templates/service.yaml
+++ b/helm/templates/service.yaml
@ -0,0 +1,30 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "docker-osx.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "docker-osx.name" . }}
+    helm.sh/chart: {{ include "docker-osx.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - port: {{ .Values.service.port }}
+      targetPort: {{ .Values.service.targetPort }}
+      protocol: TCP
+      name: http
+    - port: 8888
+      targetPort: 5999
+      protocol: TCP
+      name: vnc
+    - port: 1359
+      targetPort: 1359
+      protocol: TCP
+      name: airmessage
+  selector:
+    app.kubernetes.io/name: {{ include "docker-osx.name" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+  {{- if .Values.service.ip }}
+  loadBalancerIP: {{ .Values.service.ip }}
+  {{- end }}
--- a/helm/values.yaml
+++ b/helm/values.yaml
@ -0,0 +1,106 @@
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+  repository: sickcodes/docker-osx-vnc
+  tag: latest
+  pullPolicy: IfNotPresent
+
+# Please note, this must be a directory name within `/system_image` mounted at the bottom in extraVolumeMounts
+serverName: server
+
+# SMBIOS settings (please be sure to update these as to use something unique for iServices)
+configPlist:
+  SystemProductName: iMacPro1,1
+  MLB: D25338500GUF8YLJA
+  SystemSerialNumber: D25LF7ZEF8JC
+  SystemUUID: 139C94D6-A533-47D2-874F-D365BFD8B047
+
+# This defines QEMU and virtlo parameters
+qemu:
+  cpu: Penryn,vendor=GenuineIntel,+hypervisor,+invtsc,kvm=on,+fma,+avx,+avx2,+aes,+ssse3,+sse4_2,+popcnt,+sse4a,+bmi1,+bmi2
+  diskSize: 128G
+  audio:
+    enabled: true
+    driver: alsa
+  netdev:
+    extraArgs: 
+
+# Password for accessing vm over vnc
+vnc:
+  password: updateme
+
+nameOverride: ""
+fullnameOverride: ""
+
+service:
+  type: LoadBalancer
+  ip: 192.168.1.10
+  targetPort: 50922
+  port: 10022
+
+ingress:
+  enabled: false
+  annotations: {}
+    # kubernetes.io/ingress.class: nginx
+  # kubernetes.io/tls-acme: "true"
+  paths:
+  - /
+  hosts:
+  - docker-osx.local
+  tls: []
+  #  - secretName: chart-example-tls
+  #    hosts:
+  #      - chart-example.local
+
+# Note: seems that host needs around x5 the cpu and x8 memory limits allocated to MacOS
+#  when under load. This may be due to my personal hardware or inefficencies such as
+#  software GPU rendering. Otherwise the pod will be killed due to OOMing.
+#
+#  Warning: do not perform unit conversion on cpu and memory requests, as these units
+#   are tied qemu and virtio settings. Also, only use intergers for cpu requests.
+resources:
+  limits:
+   cpu: 10
+   memory: 33554Mi
+  requests:
+   cpu: 2
+   memory: 4096Mi
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
+
+persistence:
+  data:
+    enabled: false
+    ## configuration data Persistent Volume Storage Class
+    ## If defined, storageClassName: <storageClass>
+    ## If set to "-", storageClassName: "", which disables dynamic provisioning
+    ## If undefined (the default) or set to null, no storageClassName spec is
+    ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
+    ##   GKE, AWS & OpenStack)
+    ##
+    # storageClass: "-"
+    ##
+    ## If you want to reuse an existing claim, you can pass the name of the PVC using
+    ## the existingClaim variable
+    existingClaim: docker-osx
+    accessMode: ReadWriteOnce
+    size: 5Gi
+
+# Any extra volumes to define for the pod
+extraVolumes:
+  - name: data
+    hostPath:
+      path: /mnt/data/default/docker_osx/
+      type: DirectoryOrCreate
+
+# Any extra volume mounts to define for the containers
+extraVolumeMounts:
+  - name: data
+    mountPath: /system_image