ScribblerCoder / CTFd-Helm

A Helm chart to deploy CTFd HA/Autoscaling + Redis + MariaDB + SeaweedFS S3-Compatible Storage
MIT License
15 stars 1 forks source link
autoscaling ctfd helm helm-chart high-availability k8s

CTFd Helm Chart

Version: 0.2.0 Type: application Lint and Server-side Dryrun Chart

This is a Helm chart for deploying CTFd on Kubernetes. It deploys the official CTFd Docker image. HA and Autoscaling + MariaDB + Redis + S3 Storage. Also supports using external MariaDB/Redis/S3.

Add the helm repo

helm repo add ctfd https://scribblercoder.github.io/CTFd-Helm

Install

helm install ctfd ctfd/ctfd
# OR
helm install ctfd ctfd/ctfd -f values.yaml

Install from source

Build helm dependencies (MariaDB/Redis/SeaweedFS) before installing the chart.

helm dependency update

Set the values in values.yaml to your desired configuration. Then install

helm install release-name . -f values.yaml --create-namespace --namespace ctfd

Uninstall

helm uninstall release-name --namespace ctfd

Info

Values examples

Deploy Bitnami MariaDB/Redis and SeaweedFS S3

ctfd:
  image:
    tag: "3.7.3"
  autoscaling:
    enabled: true
    minReplicas: 2
    maxReplicas: 10
mariadb:
  enabled: true
  architecture: standalone
  primary:
    size: 2Gi
redis:
  enabled: true
seaweedfs:
  enabled: true
  s3:
    enabled: true

Configure your own external DB/Redis/S3

ctfd:
  image:
    tag: "3.7.3"
  autoscaling:
    enabled: true
    minReplicas: 2
    maxReplicas: 10
  uploadprovider:
    s3:
      bucket: ""
      endpoint_url: ""
      secret_access_key: ""
      access_key_id: ""
mariadb:
  enabled: false
  external:
    port: 3306
    host: ""
    username: ""
    password: ""
    database: ""
redis:
  enabled: false
  external:
    port: 6379
    host: ""
    username: ""
    password: ""
seaweedfs:
  enabled: false

Disable CTFd autoscaling

ctfd:
  image:
    tag: "3.7.3"
  replicas: 2
  autoscaling:
    enabled: false
  resources:
    limits:
      cpu: "2"
      memory: 2Gi
    requests:
      cpu: "1"
      memory: 1Gi

Features

To Do

Requirements

Repository Name Version
https://charts.bitnami.com/bitnami mariadb 19.0.5
https://charts.bitnami.com/bitnami redis 20.0.5
https://seaweedfs.github.io/seaweedfs/helm seaweedfs 4.0.0

Values

Key Type Default Description
ctfd.affinity object {} CTFd affinity
ctfd.autoscaling.enabled bool true Enables HPA autoscaling
ctfd.autoscaling.maxReplicas int 10 Autoscaling max replicas
ctfd.autoscaling.minReplicas int 2 Autoscaling min replicas
ctfd.autoscaling.targetCPUUtilizationPercentage int 80 Autoscaling target CPU utilization percentage
ctfd.autoscaling.targetMemoryUtilizationPercentage int 80 Autoscaling target memory utilization percentage
ctfd.fullnameOverride string "" Chart fullname override
ctfd.image.pullPolicy string "IfNotPresent" image pull policy. One of Always, Never, IfNotPresent
ctfd.image.repository string "ghcr.io/ctfd/ctfd" repository link to the CTFd docker image
ctfd.image.tag string latest CTFd image tag (check https://github.com/CTFd/CTFd/pkgs/container/ctfd)
ctfd.imagePullSecrets list [] Image pull secrets (use this for private repos)
ctfd.ingress.annotations object {} Ingress annotations
ctfd.ingress.className string "" Ingress class
ctfd.ingress.enabled bool false Enables ingress
ctfd.initContainers list []
ctfd.livenessProbe object Check values.yaml CTFd readiness probe
ctfd.nameOverride string "" Chart name override
ctfd.nodeSelector object {} CTFd node selector
ctfd.pdb.enabled bool true Deploy a [PodDisruptionBudget] for the application controller
ctfd.pdb.maxUnavailable string "50%" Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). # Has higher precedence over controller.pdb.minAvailable
ctfd.pdb.minAvailable string "" (defaults to 0 if not specified) Number of pods that are available after eviction as number or percentage (eg.: 50%)
ctfd.podAnnotations object {} CTFd pod annotations
ctfd.podLabels object {} CTFd pod labels
ctfd.podSecurityContext object {} CTFd pod security context
ctfd.readinessProbe object Check values.yaml CTFd readiness probe
ctfd.replicaCount int 2 CTFd replica count (If autoscaling is enabled, this value is ignored)
ctfd.resources.limits.cpu string "2" CTFd pod CPU limit
ctfd.resources.limits.memory string "2Gi" CTFd pod memory limit
ctfd.resources.requests.cpu string "1" CTFd pod CPU request
ctfd.resources.requests.memory string "1Gi" CTFd pod memory request
ctfd.securityContext.runAsNonRoot bool true
ctfd.securityContext.runAsUser int 1001
ctfd.serviceAccount.annotations object {} CTFd service account annotations
ctfd.serviceAccount.automount bool true CTFd service account mount API credentials
ctfd.serviceAccount.create bool true creates a CTFd service account
ctfd.serviceAccount.name string "" CTFd service account name
ctfd.tolerations list [] CTFd tolerations
ctfd.updateStrategy.maxSurge int 2 CTFd update strategy rolling update max surge (extra pods during rolling update)
ctfd.updateStrategy.maxUnavailable string "25%" CTFd update strategy rolling update max unavailable pods count
ctfd.uploadprovider.s3.access_key_id string "" AWS S3 bucket secret key id
ctfd.uploadprovider.s3.bucket string "" AWS S3 bucket name
ctfd.uploadprovider.s3.endpoint_url string "" AWS S3 bucket region
ctfd.uploadprovider.s3.secret_access_key string "" AWS S3 bucket access key
ctfd.volumeMounts list [] CTFd volumeMounts
ctfd.volumes list [] CTFd volumes
mariadb.architecture string "standalone" MariaDB Architecture (standalone, replication)
mariadb.auth.database string "ctfd"
mariadb.auth.password string "ctfd"
mariadb.auth.rootPassword string "ctfd"
mariadb.auth.username string "ctfd"
mariadb.enabled bool true Deploys bitnami's mariadb (set to false if you want to use an external database)
mariadb.external object ignored External database connection details. Takes effect if mariadb.enabled is set to false
mariadb.metrics.enabled bool true
mariadb.primary.extraFlags string Check values.yaml. Used by official CTFd docker-compose.yml MariaDB primary entrypoint extra flags
mariadb.primary.persistence.enabled bool true
mariadb.primary.persistence.size string "2Gi"
mariadb.primary.resourcesPreset string "small" Check Bintami's documentation
mariadb.secondary.extraFlags string Check values.yaml. Used by official CTFd docker-compose.yml MariaDB primary entrypoint extra flags
mariadb.secondary.persistence.enabled bool true
mariadb.secondary.persistence.size string "2Gi"
mariadb.secondary.replicaCount int 1
mariadb.secondary.resourcesPreset string "small" Check Bintami's documentation
mariadb.volumePermissions.enabled bool true
redis.auth.enabled bool false
redis.enabled bool true Deploys bitnami's redis (set to false if you want to use an external cache)
redis.external object ignored External redis cache connection details. Takes effect if redis.enabled is set to false
redis.master.count int 1
redis.master.persistence.enabled bool false
redis.master.resourcesPreset string "micro" Check Bintami's documentation
redis.metrics.enabled bool true
redis.replica.autoscaling.enabled bool true
redis.replica.autoscaling.targetCPU string "80"
redis.replica.persistence.enabled bool false
redis.replica.resourcesPreset string "micro" Check Bintami's documentation
redis.sysctl.enabled bool true
redis.volumePermissions.enabled bool true
seaweedfs.enabled bool true Deploys seaweedfs (set to false if you want to use an bucket)
seaweedfs.filer.data.size string "5Gi" seaweedfs-filer storage size
seaweedfs.filer.data.type string "persistentVolumeClaim" seaweedfs-filer data storage type
seaweedfs.filer.enablePVC bool true seaweedfs-filer enable PVC for data persistence
seaweedfs.filer.replicas int 1 seaweedfs-filer replicas
seaweedfs.filer.s3.createBuckets list [{"name":"ctfd-bucket"}] seaweedfs-s3 create bucket upon deploying
seaweedfs.filer.s3.enableAuth bool false seaweedfs-s3 enable authentication (no need since seaweed is private to the cluster)
seaweedfs.filer.s3.enabled bool true seaweedfs-s3 enable. This enables S3 API (Should be left to true)
seaweedfs.filer.storage string "5Gi" seaweedfs-filer PVC storage size
seaweedfs.master.data.size string "5Gi" seaweedfs storage size
seaweedfs.master.data.type string "persistentVolumeClaim" seaweedfs data storage type
seaweedfs.master.replicas int 1 seaweedfs-master replicas
seaweedfs.volume.replicas int 1 seaweedfs-volume replicas

Autogenerated from chart metadata using helm-docs