From eef251f80167b3e900eead403f85e1e0b0a1253b Mon Sep 17 00:00:00 2001 From: iops Date: Wed, 2 Oct 2024 22:38:00 +0300 Subject: [PATCH] feature: add caching nginx --- .../verdaccio/templates/configmap-nginx.yaml | 78 +++++++++++++++++++ charts/verdaccio/templates/deployment.yaml | 25 ++++++ charts/verdaccio/templates/service.yaml | 4 + charts/verdaccio/values.yaml | 10 +++ 4 files changed, 117 insertions(+) create mode 100644 charts/verdaccio/templates/configmap-nginx.yaml diff --git a/charts/verdaccio/templates/configmap-nginx.yaml b/charts/verdaccio/templates/configmap-nginx.yaml new file mode 100644 index 0000000..dadf837 --- /dev/null +++ b/charts/verdaccio/templates/configmap-nginx.yaml @@ -0,0 +1,78 @@ +{{- if .Values.cachingNginx.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "verdaccio.fullname" . }}-nginx-config +data: + nginx.conf: | + user nginx; + worker_processes 4; + pid /var/run/nginx.pid; + error_log /dev/stderr info; + events { + worker_connections 10240; + use epoll; + } + http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + server_names_hash_max_size 512; + server_names_hash_bucket_size 64; + sendfile on; + tcp_nopush on; + tcp_nodelay on; + proxy_buffer_size 4k; + proxy_buffers 1024 4k; + proxy_read_timeout 2m; + proxy_send_timeout 2m; + fastcgi_buffer_size 4k; + fastcgi_buffers 1024 4k; + keepalive_timeout 10; + keepalive_requests 100; + reset_timedout_connection on; + client_max_body_size 100m; + gzip on; + gzip_types text/css application/x-javascript application/javascript text/javascript text/plain; + gzip_comp_level 6; + gzip_min_length 100; + gzip_http_version 1.0; + gzip_proxied any; + gzip_disable "msie6"; + gzip_vary on; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_ciphers 'EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4'; + ssl_session_cache shared:SSL:10m; + ssl_session_timeout 30m; + ssl_buffer_size 4k; + ssl_prefer_server_ciphers on; + ssl_session_tickets off; + log_format main escape=json + '{' + '"time_local":"$time_local",' + '"remote_addr":"$remote_addr",' + '"remote_user":"$remote_user",' + '"request":"$request",' + '"status": "$status",' + '"body_bytes_sent":"$body_bytes_sent",' + '"request_time":"$request_time",' + '"http_referrer":"$http_referer",' + '"http_user_agent":"$http_user_agent"' + '}'; + access_log /dev/stdout main; + real_ip_header X-Real-IP; + set_real_ip_from 0.0.0.0/0; + proxy_cache_path {{ .Values.cachingNginx.proxyCachePath }} + include /etc/nginx/conf.d/*.conf; + } + default.conf: | + server { + listen 80; + location / { + proxy_pass http://127.0.0.1:4873; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_set_header Host $host; + } + } +{{- end }} diff --git a/charts/verdaccio/templates/deployment.yaml b/charts/verdaccio/templates/deployment.yaml index 956cb34..efe49b4 100644 --- a/charts/verdaccio/templates/deployment.yaml +++ b/charts/verdaccio/templates/deployment.yaml @@ -31,6 +31,9 @@ spec: {{- if .Values.secretEnvVars }} checksum/env-secret: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }} {{- end }} + {{- if .Values.cachingNginx.enabled }} + checksum/config-nginx: {{ include (print $.Template.BasePath "/configmap-nginx.yaml") . | sha256sum }} + {{- end }} {{- include "verdaccio.podAnnotations" . | nindent 8 }} labels: {{- include "verdaccio.podLabels" . | nindent 8 }} @@ -46,6 +49,23 @@ spec: {{- include "tplvalues.render" (dict "value" . "context" $) | nindent 8 }} {{- end }} containers: + {{- if .Values.cachingNginx.enabled }} + - name: {{ template "verdaccio.name" . }}-nginx + imagePullPolicy: {{ .Values.cachingNginx.pullPolicy }} + image: {{ .Values.cachingNginx.repository }}:{{ .Values.cachingNginx.tag }} + volumeMounts: + - name: config-volume + mountPath: /etc/nginx/nginx.conf + subPath: nginx.conf + - name: config-volume + mountPath: /etc/nginx/conf.d/default.conf + subPath: default.conf + resources: + {{ toYaml .Values.cachingNginx.resources | nindent 12 }} + ports: + - containerPort: 80 + name: caching-nginx + {{- end }} - name: {{ template "verdaccio.name" . }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.image.pullPolicy }} @@ -126,6 +146,11 @@ spec: secret: secretName: {{ include "verdaccio.fullname" . }}-htpasswd {{- end }} + {{- if .Values.cachingNginx.enabled }} + - name: config-volume + configMap: + name: {{ include "verdaccio.fullname" . }}-nginx-config + {{- end }} {{- with .Values.persistence.volumes }} {{- include "tplvalues.render" (dict "value" . "context" $) | nindent 6 }} {{- end }} diff --git a/charts/verdaccio/templates/service.yaml b/charts/verdaccio/templates/service.yaml index 55b0050..e4a2fd6 100644 --- a/charts/verdaccio/templates/service.yaml +++ b/charts/verdaccio/templates/service.yaml @@ -25,7 +25,11 @@ spec: {{- end }} ports: - port: {{ .Values.service.port }} + {{- if .Values.cachingNginx.enabled }} + targetPort: caching-nginx + {{- else }} targetPort: http + {{- end }} protocol: TCP name: {{ .Values.service.name | default "http"}} {{- if contains "NodePort" .Values.service.type }} diff --git a/charts/verdaccio/values.yaml b/charts/verdaccio/values.yaml index b3a6814..dd9f821 100644 --- a/charts/verdaccio/values.yaml +++ b/charts/verdaccio/values.yaml @@ -278,3 +278,13 @@ extraManifests: [] # app: verdaccio # endpoints: # - port: metrics + +# Additional container with caching nginx +# Can be useful for intensive load +cachingNginx: + enabled: false + repository: nginx + tag: 1.25.0 + pullPolicy: IfNotPresent + proxyCachePath: '/var/cache/nginx levels=1:2 keys_zone=STATIC:100m inactive=12h max_size=1g;' + resources: {}