phase 14-15: docker build validation and helm deployment
This commit is contained in:
Celes Renata
+63
-26
@@ -6,6 +6,7 @@ metadata:
|
||||
labels:
|
||||
app: trino
|
||||
app.kubernetes.io/part-of: stonks-oracle
|
||||
stonks-oracle/tier: analytics
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
@@ -15,12 +16,73 @@ spec:
|
||||
metadata:
|
||||
labels:
|
||||
app: trino
|
||||
stonks-oracle/tier: analytics
|
||||
spec:
|
||||
automountServiceAccountToken: false
|
||||
securityContext:
|
||||
runAsNonRoot: true
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
fsGroup: 1000
|
||||
seccompProfile:
|
||||
type: RuntimeDefault
|
||||
initContainers:
|
||||
- name: catalog-init
|
||||
image: busybox:1.36
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop: ["ALL"]
|
||||
command: ["sh", "-c"]
|
||||
args:
|
||||
- |
|
||||
cat > /catalog/iceberg.properties <<EOF
|
||||
connector.name=iceberg
|
||||
iceberg.catalog.type=hive_metastore
|
||||
hive.metastore.uri=thrift://hive-metastore.stonks-oracle.svc.cluster.local:9083
|
||||
hive.s3.endpoint=http://minio.minio-service.svc.cluster.local:80
|
||||
hive.s3.path-style-access=true
|
||||
hive.s3.aws-access-key=${MINIO_ACCESS_KEY}
|
||||
hive.s3.aws-secret-key=${MINIO_SECRET_KEY}
|
||||
fs.native-s3.enabled=true
|
||||
s3.endpoint=http://minio.minio-service.svc.cluster.local:80
|
||||
s3.path-style-access=true
|
||||
s3.aws-access-key=${MINIO_ACCESS_KEY}
|
||||
s3.aws-secret-key=${MINIO_SECRET_KEY}
|
||||
EOF
|
||||
cat > /catalog/lakehouse.properties <<EOF
|
||||
connector.name=hive
|
||||
hive.metastore.uri=thrift://hive-metastore.stonks-oracle.svc.cluster.local:9083
|
||||
hive.s3.endpoint=http://minio.minio-service.svc.cluster.local:80
|
||||
hive.s3.path-style-access=true
|
||||
hive.s3.aws-access-key=${MINIO_ACCESS_KEY}
|
||||
hive.s3.aws-secret-key=${MINIO_SECRET_KEY}
|
||||
hive.non-managed-table-writes-enabled=true
|
||||
hive.s3select-pushdown.enabled=true
|
||||
EOF
|
||||
env:
|
||||
- name: MINIO_ACCESS_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: stonks-core-secrets
|
||||
key: MINIO_ACCESS_KEY
|
||||
- name: MINIO_SECRET_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: stonks-core-secrets
|
||||
key: MINIO_SECRET_KEY
|
||||
volumeMounts:
|
||||
- name: catalog-config
|
||||
mountPath: /catalog
|
||||
containers:
|
||||
- name: trino
|
||||
image: trinodb/trino:latest
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop: ["ALL"]
|
||||
volumeMounts:
|
||||
- name: catalog-config
|
||||
mountPath: /etc/trino/catalog
|
||||
@@ -39,8 +101,7 @@ spec:
|
||||
periodSeconds: 10
|
||||
volumes:
|
||||
- name: catalog-config
|
||||
configMap:
|
||||
name: trino-catalog
|
||||
emptyDir: {}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
@@ -53,27 +114,3 @@ spec:
|
||||
ports:
|
||||
- port: 8080
|
||||
targetPort: 8080
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: trino-catalog
|
||||
namespace: stonks-oracle
|
||||
data:
|
||||
iceberg.properties: |
|
||||
connector.name=iceberg
|
||||
iceberg.catalog.type=hive_metastore
|
||||
hive.metastore.uri=thrift://hive-metastore.stonks-oracle.svc.cluster.local:9083
|
||||
hive.s3.endpoint=http://minio.minio-service.svc.cluster.local:80
|
||||
hive.s3.path-style-access=true
|
||||
hive.s3.aws-access-key=changeme
|
||||
hive.s3.aws-secret-key=changeme
|
||||
lakehouse.properties: |
|
||||
connector.name=hive
|
||||
hive.metastore.uri=thrift://hive-metastore.stonks-oracle.svc.cluster.local:9083
|
||||
hive.s3.endpoint=http://minio.minio-service.svc.cluster.local:80
|
||||
hive.s3.path-style-access=true
|
||||
hive.s3.aws-access-key=changeme
|
||||
hive.s3.aws-secret-key=changeme
|
||||
hive.non-managed-table-writes-enabled=true
|
||||
hive.s3select-pushdown.enabled=true
|
||||
|
||||
Reference in New Issue
Block a user