diff --git a/charts/retool/Chart.yaml b/charts/retool/Chart.yaml index 3db454b8..b7349e69 100644 --- a/charts/retool/Chart.yaml +++ b/charts/retool/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: retool description: A Helm chart for Kubernetes type: application -version: 6.0.17 +version: 6.0.18 maintainers: - name: Retool Engineering email: engineering+helm@retool.com diff --git a/charts/retool/ci/kubeconform-values.yaml b/charts/retool/ci/kubeconform-values.yaml index 570b7af2..da057e20 100644 --- a/charts/retool/ci/kubeconform-values.yaml +++ b/charts/retool/ci/kubeconform-values.yaml @@ -17,12 +17,12 @@ config: # clientSecretSecretKey is the key in the k8s secret, default: google-client-secret # clientSecretSecretKey: domain: - encryptionKey: '0000000000' + encryptionKey: "0000000000" # encryptionKeySecretName is the name of the secret where the encryption key is stored (can be used instead of encryptionKey) # encryptionKeySecretName: # encryptionKeySecretKey is the key in the k8s secret, default: encryption-key # encryptionKeySecretKey: - jwtSecret: '0000000000' + jwtSecret: "0000000000" # jwtSecretSecretName is the name of the secret where the jwt secret is stored (can be used instead of jwtSecret) # jwtSecretSecretName: # jwtSecretSecretKey is the key in the k8s secret, default: jwt-secret @@ -30,7 +30,8 @@ config: # IMPORTANT: Incompatible with postgresql subchart # Please disable the subchart in order to use a managed or external postgres instance. - postgresql: {} + postgresql: + {} # Specify if postgresql subchart is disabled # host: # port: @@ -56,7 +57,8 @@ env: {} # Optionally specify additional environment variables to be populated from Kubernetes secrets. # Useful for passing in SCIM_AUTH_TOKEN or other secret environment variables from Kubernetes secrets. -environmentSecrets: [] +environmentSecrets: + [] # - name: SCIM_AUTH_TOKEN # secretKeyRef: # name: retool-scim-auth-token @@ -68,7 +70,8 @@ environmentSecrets: [] # Optionally specify environmental variables. Useful for variables that are not key-value, as env: {} above requires. # Can also include environment secrets here instead of in environmentSecrets -environmentVariables: [] +environmentVariables: + [] # - name: SCIM_AUTH_TOKEN # valueFrom: # secretKeyRef: @@ -98,7 +101,8 @@ externalSecrets: # Default set to AWS Secrets Manager. backendType: secretsManager # Array of name/path key/value pairs to use for the External Secrets Objects. - secretRef: [] + secretRef: + [] # - name: retool-config # path: global-retool-config # - name: retool-db @@ -134,9 +138,9 @@ ingress: kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" hosts: - - host: retool.example.com - paths: - - path: / + - host: retool.example.com + paths: + - path: / tls: # - secretName: retool.example.com # hosts: @@ -302,3 +306,6 @@ extraManifests: [] securityGroupPolicy: enabled: false groupIds: [] + +internalWorker: + enabled: true diff --git a/charts/retool/templates/NOTES.txt b/charts/retool/templates/NOTES.txt index 26f209b8..7210a2b2 100644 --- a/charts/retool/templates/NOTES.txt +++ b/charts/retool/templates/NOTES.txt @@ -29,4 +29,6 @@ Alternatively, you can fetch the randomly generated password and set the value i echo $(kubectl --namespace {{ .Release.Namespace }} get secret/{{ include "retool.fullname" . }}-postgresql -o jsonpath='{.data.postgres-password}' | base64 -d) We highly recommend you do NOT use this subchart as is to run Postgres in a container for your production instance of Retool. It is only suitable for proof-of-concepts. Please use a managed Postgres, or self-host more permanantly. *************************************************************************** -{{- end }} +{{- end }} + +{{- include "retool.validationRules" . }} diff --git a/charts/retool/templates/_helpers.tpl b/charts/retool/templates/_helpers.tpl index f3da2cfd..cc940095 100644 --- a/charts/retool/templates/_helpers.tpl +++ b/charts/retool/templates/_helpers.tpl @@ -196,6 +196,19 @@ Usage: (include "retool.codeExecutor.enabled" .) {{- $output -}} {{- end -}} +{{/* +Set Temporal enabled +Usage: (include "retool.temporal.enabled" .) +*/}} +{{- define "retool.temporal.enabled" -}} +{{- $output := "" -}} +{{- if or (index .Values "retool-temporal-services-helm" "enabled") (.Values.workflows.temporal.enabled) -}} + {{- $output = "1" -}} +{{- else -}} + {{- $output = "" -}} +{{- end -}} +{{- $output -}} +{{- end -}} {{/* Set Temporal frontend host @@ -258,3 +271,17 @@ Usage: (template "retool.codeExecutor.image.tag" .) {{- fail "Please set a value for .Values.image.tag" }} {{- end -}} {{- end -}} + +{{/* +Set Worker enabled +Usage: (include "retool.worker.enabled" .) +*/}} +{{- define "retool.worker.enabled" -}} +{{- $output := "" -}} +{{- if or (include "retool.workflows.enabled" .) (.Values.internalWorker.enabled) -}} + {{- $output = "1" -}} +{{- else -}} + {{- $output = "" -}} +{{- end -}} +{{- $output -}} +{{- end -}} diff --git a/charts/retool/templates/_validations.tpl b/charts/retool/templates/_validations.tpl new file mode 100644 index 00000000..38d39374 --- /dev/null +++ b/charts/retool/templates/_validations.tpl @@ -0,0 +1,17 @@ +{{/* Compile all validation warnings into a single message and call fail. */}} +{{- define "retool.validationRules" -}} +{{- $messages := list -}} +{{- $messages = append $messages (include "retool.validationRules.internalWorker" .) -}} +{{- $messages = without $messages "" -}} +{{- $message := join "\n" $messages -}} +{{- if $message -}} +{{- printf "\nVALUES VALIDATION:\n%s" $message | fail -}} +{{- end -}} +{{- end -}} + +{{- define "retool.validationRules.internalWorker" -}} +{{- if not (or (not (.Values.internalWorker.enabled)) (and (.Values.internalWorker.enabled) (or (include "retool.temporal.enabled" .) (include "retool.workflows.enabled" .)))) -}} +internalWorker: + Internal worker is enabled (via internalWorker.enabled), but Temporal is not enabled via retool-temporal-services-helm.enabled or workflows.temporal.enabled or via Retool's Managed Temporal for Retool Workflows (via workflows.enabled explicitly, or workflows.enabled implicitly based on image.tag > 3.6.11) +{{- end -}} +{{- end -}} diff --git a/charts/retool/templates/deployment_backend.yaml b/charts/retool/templates/deployment_backend.yaml index 009c9f95..77f3ac7f 100644 --- a/charts/retool/templates/deployment_backend.yaml +++ b/charts/retool/templates/deployment_backend.yaml @@ -106,14 +106,14 @@ spec: - name: DBCONNECTOR_QUERY_TIMEOUT_MS value: {{ .Values.config.dbConnectorTimeout | quote }} {{- end }} - {{- if and (include "retool.workflows.enabled" .) (or (index .Values "retool-temporal-services-helm" "enabled") (.Values.workflows.temporal.enabled)) }} - - name: WORKFLOW_TEMPORAL_CLUSTER_FRONTEND_HOST - value: {{ template "retool.temporal.host" . }} - - name: WORKFLOW_TEMPORAL_CLUSTER_FRONTEND_PORT - value: {{ template "retool.temporal.port" . }} - - name: WORKFLOW_TEMPORAL_CLUSTER_NAMESPACE - value: {{ template "retool.temporal.namespace" . }} - {{- end }} + {{- if and (include "retool.workflows.enabled" .) (include "retool.temporal.enabled" .) }} + - name: WORKFLOW_TEMPORAL_CLUSTER_FRONTEND_HOST + value: {{ template "retool.temporal.host" . }} + - name: WORKFLOW_TEMPORAL_CLUSTER_FRONTEND_PORT + value: {{ template "retool.temporal.port" . }} + - name: WORKFLOW_TEMPORAL_CLUSTER_NAMESPACE + value: {{ template "retool.temporal.namespace" . }} + {{- end }} {{- if include "retool.workflows.enabled" . }} - name: WORKFLOW_BACKEND_HOST value: http://{{ template "retool.fullname" . }}-workflow-backend diff --git a/charts/retool/templates/deployment_internal_worker.yaml b/charts/retool/templates/deployment_internal_worker.yaml new file mode 100644 index 00000000..c979cd51 --- /dev/null +++ b/charts/retool/templates/deployment_internal_worker.yaml @@ -0,0 +1,340 @@ +{{- if .Values.internalWorker.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "retool.fullname" . }}-internal-worker + labels: + retoolService: {{ template "retool.fullname" . }}-internal-worker +{{- include "retool.labels" . | nindent 4 }} +{{- if .Values.deployment.annotations }} + annotations: +{{ toYaml .Values.deployment.annotations | indent 4 }} +{{- end }} +spec: + replicas: {{ .Values.internalWorker.replicaCount }} + selector: + matchLabels: + retoolService: {{ template "retool.fullname" . }}-internal-worker + revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} + template: + metadata: + annotations: + prometheus.io/job: {{ template "retool.fullname" . }}-internal-worker + prometheus.io/scrape: 'true' + prometheus.io/port: '9090' +{{- if .Values.podAnnotations }} +{{ toYaml .Values.podAnnotations | indent 8 }} +{{- end }} +{{- if .Values.backend.annotations }} +{{ toYaml .Values.backend.annotations | indent 8 }} +{{- end }} +{{- if .Values.internalWorker.annotations }} +{{ toYaml .Values.internalWorker.annotations | indent 8 }} +{{- end }} + labels: + retoolService: {{ template "retool.fullname" . }}-internal-worker +{{- if .Values.podLabels }} +{{ toYaml .Values.podLabels | indent 8 }} +{{- end }} +{{- if .Values.internalWorker.labels }} +{{ toYaml .Values.internalWorker.labels | indent 8 }} +{{- end }} + spec: + serviceAccountName: {{ template "retool.serviceAccountName" . }} + {{- if .Values.priorityClassName }} + priorityClassName: "{{ .Values.priorityClassName }}" + {{- end }} +{{- if .Values.initContainers }} + initContainers: +{{- range $key, $value := .Values.initContainers }} + - name: "{{ $key }}" +{{ toYaml $value | indent 8 }} +{{- end }} +{{- end }} + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ required "Please set a value for .Values.image.tag" .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + args: + - bash + - -c + - chmod -R +x ./docker_scripts; sync; ./docker_scripts/wait-for-it.sh -t 0 {{ template "retool.postgresql.host" . }}:{{ template "retool.postgresql.port" . }}; ./docker_scripts/start_api.sh + {{- if .Values.commandline.args }} +{{ toYaml .Values.commandline.args | indent 10 }} + {{- end }} + env: + - name: NODE_ENV + value: production + - name: NODE_OPTIONS + value: {{(.Values.internalWorker.config).nodeOptions | default "--max_old_space_size=1024" }} + - name: SERVICE_TYPE + value: INTERNAL_TEMPORAL_WORKER + - name: DBCONNECTOR_POSTGRES_POOL_MAX_SIZE + value: "100" + - name: DBCONNECTOR_QUERY_TIMEOUT_MS + {{- if .Values.internalWorker.dbConnectorTimeout }} + value: {{ .Values.internalWorker.dbConnectorTimeout | quote}} + {{- else if .Values.config.dbConnectorTimeout }} + value: {{ .Values.config.dbConnectorTimeout | quote}} + {{- else }} + value: "5400000" + {{- end }} + - name: DISABLE_DATABASE_MIGRATIONS + value: "true" + {{- if (include "retool.temporal.enabled" .) }} + - name: WORKFLOW_TEMPORAL_CLUSTER_FRONTEND_HOST + value: {{ template "retool.temporal.host" . }} + - name: WORKFLOW_TEMPORAL_CLUSTER_FRONTEND_PORT + value: {{ template "retool.temporal.port" . }} + - name: WORKFLOW_TEMPORAL_CLUSTER_NAMESPACE + value: {{ template "retool.temporal.namespace" . }} + {{- end }} + {{- if (.Values.workflows.temporal).sslEnabled }} + - name: WORKFLOW_TEMPORAL_TLS_ENABLED + value: "true" + {{- if (and (.Values.workflows.temporal).sslCert (.Values.workflows.temporal).sslKey) }} + - name: WORKFLOW_TEMPORAL_TLS_CRT + value: {{ .Values.workflows.temporal.sslCert }} + - name: WORKFLOW_TEMPORAL_TLS_KEY + valueFrom: + secretKeyRef: + {{- if (.Values.workflows.temporal).sslKeySecretName }} + name: {{ .Values.workflows.temporal.sslKeySecretName }} + key: {{ .Values.workflows.temporal.sslKeySecretKey | default "temporal-tls-key" }} + {{- else }} + name: {{ template "retool.fullname" . }} + key: "temporal-tls-key" + {{- end }} + {{- end }} + {{- end }} + - name: WORKFLOW_WORKER_HEALTHCHECK_PORT + value: "3010" + - name: WORKFLOW_BACKEND_HOST + value: http://{{ template "retool.fullname" . }}-workflow-backend + - name: CLIENT_ID + value: {{ default "" .Values.config.auth.google.clientId }} + - name: COOKIE_INSECURE + value: {{ .Values.config.useInsecureCookies | quote }} + - name: POSTGRES_HOST + value: {{ template "retool.postgresql.host" . }} + - name: POSTGRES_PORT + value: {{ template "retool.postgresql.port" . }} + - name: POSTGRES_DB + value: {{ template "retool.postgresql.database" . }} + - name: POSTGRES_USER + value: {{ template "retool.postgresql.user" . }} + - name: POSTGRES_SSL_ENABLED + value: {{ template "retool.postgresql.ssl_enabled" . }} + {{- if .Values.codeExecutor.enabled }} + - name: CODE_EXECUTOR_INGRESS_DOMAIN + value: http://{{ template "retool.codeExecutor.name" . }} + {{- end }} + {{- if and (((.Values.internalWorker.config).otelCollector).enabled) (((.Values.internalWorker.config).otelCollector).endpoint) }} + - name: OTEL_EXPORTER_OTLP_ENDPOINT + value: {{ ((.Values.internalWorker.config).otelCollector).endpoint }} + {{- else if ((.Values.internalWorker.config).otelCollector).enabled }} + - name: HOST_IP + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: OTEL_EXPORTER_OTLP_ENDPOINT + value: "http://$(HOST_IP):4317" + {{- end }} + {{- if and (not .Values.externalSecrets.enabled) (not .Values.externalSecrets.externalSecretsOperator.enabled) }} + - name: LICENSE_KEY + valueFrom: + secretKeyRef: + {{- if .Values.config.licenseKeySecretName }} + name: {{ .Values.config.licenseKeySecretName }} + key: {{ .Values.config.licenseKeySecretKey | default "license-key" }} + {{- else }} + name: {{ template "retool.fullname" . }} + key: license-key + {{- end }} + - name: JWT_SECRET + valueFrom: + secretKeyRef: + {{- if .Values.config.jwtSecretSecretName }} + name: {{ .Values.config.jwtSecretSecretName }} + key: {{ .Values.config.jwtSecretSecretKey | default "jwt-secret" }} + {{- else }} + name: {{ template "retool.fullname" . }} + key: jwt-secret + {{- end }} + - name: ENCRYPTION_KEY + valueFrom: + secretKeyRef: + {{- if .Values.config.encryptionKeySecretName }} + name: {{ .Values.config.encryptionKeySecretName }} + key: {{ .Values.config.encryptionKeySecretKey | default "encryption-key" }} + {{- else }} + name: {{ template "retool.fullname" . }} + key: encryption-key + {{- end }} + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + {{- if .Values.postgresql.enabled }} + name: {{ template "retool.postgresql.fullname" . }} + key: postgres-password + {{- else }} + {{- if .Values.config.postgresql.passwordSecretName }} + name: {{ .Values.config.postgresql.passwordSecretName }} + key: {{ .Values.config.postgresql.passwordSecretKey | default "postgresql-password" }} + {{- else }} + name: {{ template "retool.fullname" . }} + key: postgresql-password + {{- end }} + {{- end }} + - name: CLIENT_SECRET + valueFrom: + secretKeyRef: + {{- if .Values.config.auth.google.clientSecretSecretName }} + name: {{ .Values.config.auth.google.clientSecretSecretName }} + key: {{ .Values.config.auth.google.clientSecretSecretKey | default "google-client-secret" }} + {{- else }} + name: {{ template "retool.fullname" . }} + key: google-client-secret + {{- end }} + {{- end }} + {{- range $key, $value := .Values.env }} + - name: "{{ $key }}" + value: "{{ $value }}" + {{- end }} + {{- range .Values.environmentSecrets }} + - name: {{ .name }} + valueFrom: + secretKeyRef: + name: {{ .secretKeyRef.name }} + key: {{ .secretKeyRef.key }} + {{- end }} + {{- with .Values.environmentVariables }} +{{ toYaml . | indent 10 }} + {{- end }} + {{- with .Values.internalWorker.config.environmentVariables }} +{{ toYaml . | indent 10 }} + {{- end }} + {{- if .Values.externalSecrets.enabled }} + envFrom: + - secretRef: + name: {{ .Values.externalSecrets.name }} + {{- range .Values.externalSecrets.secrets }} + - secretRef: + name: {{ .name }} + {{- end }} + {{- end }} + {{- if .Values.externalSecrets.externalSecretsOperator.enabled }} + envFrom: + {{- range .Values.externalSecrets.externalSecretsOperator.secretRef }} + - secretRef: + name: {{ .name }} + {{- end }} + {{- end }} + ports: + - containerPort: 3015 + name: {{ template "retool.name" . }} + protocol: TCP + - containerPort: 9090 + name: metrics + protocol: TCP + +{{- if .Values.livenessProbe.enabled }} + livenessProbe: + httpGet: + path: {{ .Values.livenessProbe.path }} + port: 3015 + initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} + timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} + failureThreshold: {{ .Values.livenessProbe.failureThreshold }} +{{- end }} +{{- if .Values.readinessProbe.enabled }} + readinessProbe: + httpGet: + path: {{ .Values.readinessProbe.path }} + port: 3015 + initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} + timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.readinessProbe.successThreshold }} + periodSeconds: {{ .Values.readinessProbe.periodSeconds }} +{{- end }} + resources: +{{ toYaml .Values.internalWorker.resources | indent 10 }} + volumeMounts: + {{- range $configFile := (keys .Values.files) }} + - name: {{ template "retool.name" $ }} + mountPath: "/usr/share/retool/config/{{ $configFile }}" + subPath: {{ $configFile }} + {{- end }} +{{- if .Values.extraVolumeMounts }} +{{ toYaml .Values.extraVolumeMounts | indent 8 }} +{{- end }} +{{- with .Values.extraContainers }} +{{ tpl . $ | indent 6 }} +{{- end }} +{{- range .Values.extraConfigMapMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath }} +{{- end }} + {{- if .Values.image.pullSecrets }} + imagePullSecrets: +{{ toYaml .Values.image.pullSecrets | indent 8 }} + {{- end }} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end }} + tolerations: +{{ toYaml .Values.tolerations | indent 8 }} +{{- if .Values.securityContext.enabled }} + securityContext: + runAsUser: {{ .Values.securityContext.runAsUser }} + fsGroup: {{ .Values.securityContext.fsGroup }} +{{- end }} + volumes: +{{- range .Values.extraConfigMapMounts }} + - name: {{ .name }} + configMap: + name: {{ .configMap }} +{{- end }} +{{- if .Values.extraVolumes }} +{{ toYaml .Values.extraVolumes | indent 8 }} +{{- end }} +--- +{{- if .Values.podDisruptionBudget }} +{{- if semverCompare ">=1.21-0" .Capabilities.KubeVersion.Version -}} +apiVersion: policy/v1 +{{- else -}} +apiVersion: policy/v1beta1 +{{- end }} +kind: PodDisruptionBudget +metadata: + name: {{ template "retool.fullname" . }} +spec: + {{ toYaml .Values.podDisruptionBudget }} + selector: + matchLabels: + {{- include "retool.selectorLabels" . | nindent 6 }} +{{- end }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ template "retool.fullname" . }}-internal-worker +spec: + selector: + retoolService: {{ template "retool.fullname" . }}-internal-worker + ports: + - protocol: TCP + port: 3015 + targetPort: 3015 + name: {{ template "retool.name" . }} + - protocol: TCP + port: 9090 + targetPort: metrics + name: metrics +{{- end }} diff --git a/charts/retool/templates/deployment_workflows.yaml b/charts/retool/templates/deployment_workflows.yaml index fae6243d..48e935d3 100644 --- a/charts/retool/templates/deployment_workflows.yaml +++ b/charts/retool/templates/deployment_workflows.yaml @@ -82,7 +82,7 @@ spec: {{- end }} - name: DISABLE_DATABASE_MIGRATIONS value: "true" - {{- if or (index .Values "retool-temporal-services-helm" "enabled") (.Values.workflows.temporal.enabled) }} + {{- if (include "retool.temporal.enabled" .) }} - name: WORKFLOW_TEMPORAL_CLUSTER_FRONTEND_HOST value: {{ template "retool.temporal.host" . }} - name: WORKFLOW_TEMPORAL_CLUSTER_FRONTEND_PORT diff --git a/charts/retool/templates/deployment_workflows_worker.yaml b/charts/retool/templates/deployment_workflows_worker.yaml index cafe370b..788dcc14 100644 --- a/charts/retool/templates/deployment_workflows_worker.yaml +++ b/charts/retool/templates/deployment_workflows_worker.yaml @@ -85,7 +85,7 @@ spec: {{- end }} - name: DISABLE_DATABASE_MIGRATIONS value: "true" - {{- if or (index .Values "retool-temporal-services-helm" "enabled") (.Values.workflows.temporal.enabled) }} + {{- if (include "retool.temporal.enabled" .) }} - name: WORKFLOW_TEMPORAL_CLUSTER_FRONTEND_HOST value: {{ template "retool.temporal.host" . }} - name: WORKFLOW_TEMPORAL_CLUSTER_FRONTEND_PORT diff --git a/charts/retool/values.yaml b/charts/retool/values.yaml index 93a78574..17b20dad 100644 --- a/charts/retool/values.yaml +++ b/charts/retool/values.yaml @@ -316,6 +316,12 @@ ui: # Labels for ui pods labels: {} +dbconnector: + java: + # Enable this to use Retool's experimental next-gen dbconnector to connect to resources. + # This feature is not ready for production use; please check with the Retool team before enablement. + enabled: false + workflows: # enabled by default from Chart version 6.0.2 and Retool image 3.6.11 onwards # explicitly set other fields as needed @@ -399,11 +405,40 @@ workflows: cpu: 1000m memory: 2048Mi -dbconnector: - java: - # Enable this to use Retool's experimental next-gen dbconnector to connect to resources. - # This feature is not ready for production use; please check with the Retool team before enablement. - enabled: false +internalWorker: + # Enable for internal workers for Temporal-powered Retool features (e.g. Vectors) + enabled: false + + replicaCount: 1 + + # Config for internal worker pods. Node heap size limits can be overridden here + # otelCollector can be set to an OpenTelemetry Collector in your k8s cluster. This will configure Temporal metrics collection which + # provides observability into worker performance, particularly useful in high QPS use-cases + # environmentVariables will only be set on the worker + config: {} + # config: { + # nodeOptions: --max_old_space_size=1024 + # otelCollector: { + # enabled: true + # endpoint: http://$(HOST_IP):4317 + # } + # environmentVariables: [] + # - name: FOO + # value: "bar" + # } + # Resources for the internal worker - these are sane inputs that bias towards stability + # Can adjust but may see OOM errors if memory too low for heavy load + resources: + limits: + cpu: 2000m + memory: 8192Mi + requests: + cpu: 1000m + memory: 2048Mi + # Timeout for queries, in ms. This will set the timeout for internal worker-related pods only + # If this value is not set but config.dbConnectorTimeout is, we will set internal worker pod timeouts + # to .Values.config.dbConnectorTimeout + # dbConnectorTimeout: 120000 codeExecutor: # enabled by default from Chart version 6.0.15 and Retool image 3.20.15 onwards diff --git a/values.yaml b/values.yaml index 93a78574..17b20dad 100644 --- a/values.yaml +++ b/values.yaml @@ -316,6 +316,12 @@ ui: # Labels for ui pods labels: {} +dbconnector: + java: + # Enable this to use Retool's experimental next-gen dbconnector to connect to resources. + # This feature is not ready for production use; please check with the Retool team before enablement. + enabled: false + workflows: # enabled by default from Chart version 6.0.2 and Retool image 3.6.11 onwards # explicitly set other fields as needed @@ -399,11 +405,40 @@ workflows: cpu: 1000m memory: 2048Mi -dbconnector: - java: - # Enable this to use Retool's experimental next-gen dbconnector to connect to resources. - # This feature is not ready for production use; please check with the Retool team before enablement. - enabled: false +internalWorker: + # Enable for internal workers for Temporal-powered Retool features (e.g. Vectors) + enabled: false + + replicaCount: 1 + + # Config for internal worker pods. Node heap size limits can be overridden here + # otelCollector can be set to an OpenTelemetry Collector in your k8s cluster. This will configure Temporal metrics collection which + # provides observability into worker performance, particularly useful in high QPS use-cases + # environmentVariables will only be set on the worker + config: {} + # config: { + # nodeOptions: --max_old_space_size=1024 + # otelCollector: { + # enabled: true + # endpoint: http://$(HOST_IP):4317 + # } + # environmentVariables: [] + # - name: FOO + # value: "bar" + # } + # Resources for the internal worker - these are sane inputs that bias towards stability + # Can adjust but may see OOM errors if memory too low for heavy load + resources: + limits: + cpu: 2000m + memory: 8192Mi + requests: + cpu: 1000m + memory: 2048Mi + # Timeout for queries, in ms. This will set the timeout for internal worker-related pods only + # If this value is not set but config.dbConnectorTimeout is, we will set internal worker pod timeouts + # to .Values.config.dbConnectorTimeout + # dbConnectorTimeout: 120000 codeExecutor: # enabled by default from Chart version 6.0.15 and Retool image 3.20.15 onwards