From c07beba50d9220dd0a6fb7c0c26351b801688fc8 Mon Sep 17 00:00:00 2001 From: Christopher Hakkaart Date: Wed, 20 Aug 2025 13:54:07 +1200 Subject: [PATCH 1/8] Start reshaping install Signed-off-by: Christopher Hakkaart --- docs/install/docker-compose.md | 75 +++++++++++++++++++--------------- 1 file changed, 43 insertions(+), 32 deletions(-) diff --git a/docs/install/docker-compose.md b/docs/install/docker-compose.md index 4115de0d3..c6efac248 100644 --- a/docs/install/docker-compose.md +++ b/docs/install/docker-compose.md @@ -6,55 +6,66 @@ Wave enables you to provision container images on demand, removing the need to b Docker Compose installations support Wave Lite, a configuration mode for Wave that includes only container augmentation and inspection capabilities, and enables the use of Fusion file system in Nextflow pipelines. -## Prerequisites +This page describes how run self-hosted Wave in Docker Compose. It includes: -Before installing Wave, you need the following infrastructure components: +- Database configuration +- Wave configuration +- Deploying Wave +- Advanced configuration -- **PostgreSQL instance** - Version 12, or higher -- **Redis instance** - Version 6.2, or higher +:::info[**Prerequisites**] +You will need the following to get started: -## System requirements +- A PostgreSQL instance (version 12 or higher) +- A Redis instance (version 6.2 or higher) +::: +:::info[**System requirements**] The minimum system requirements for self-hosted Wave in Docker Compose are: -- Current, supported versions of **Docker Engine** and **Docker Compose**. -- Compute instance minimum requirements: - - **Memory**: 32 GB RAM available to be used by the Wave application on the host system. - - **CPU**: 8 CPU cores available on the host system. - - **Storage**: 10 GB in addition to sufficient disk space for your container images and temporary files. - - For example, in AWS EC2, `m5a.2xlarge` or greater - - **Network**: Connectivity to your PostgreSQL and Redis instances. +- Current, supported versions of Docker Engine and Docker Compose +- A compute instance with the minimum requirements: + - **Memory**: 32 GB RAM available for use by the Wave application on the host system + - **CPU**: 8 CPU cores available on the host system + - **Storage**: 10 GB in addition to sufficient disk space for your container images and temporary files (for example, in AWS EC2, `m5a.2xlarge` or greater) + - **Network**: Connectivity to your PostgreSQL and Redis instances +::: ## Database configuration Wave requires a PostgreSQL database to operate. -Create a dedicated `wave` database and user account with the appropriate privileges: +To configure : -```sql --- Create a dedicated user for Wave -CREATE ROLE wave_user LOGIN PASSWORD 'your_secure_password'; +1. Access PostgreSQL +2. Create a dedicated `wave` database and user account with the appropriate privileges: --- Create the Wave database -CREATE DATABASE wave; + ```sql + -- Create a dedicated user for Wave + CREATE ROLE wave_user LOGIN PASSWORD ''; --- Connect to the wave database -\c wave; + -- Create the Wave database + CREATE DATABASE wave; --- Grant basic schema access -GRANT USAGE, CREATE ON SCHEMA public TO wave_user; + -- Connect to the wave database + \c wave; --- Grant privileges on existing tables and sequences -GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA public TO wave_user; -GRANT USAGE, SELECT, UPDATE ON ALL SEQUENCES IN SCHEMA public TO wave_user; + -- Grant basic schema access + GRANT USAGE, CREATE ON SCHEMA public TO wave_user; --- Grant privileges on future tables and sequences -ALTER DEFAULT PRIVILEGES IN SCHEMA public -GRANT SELECT, INSERT, UPDATE, DELETE ON TABLES TO wave_user; + -- Grant privileges on existing tables and sequences + GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA public TO wave_user; + GRANT USAGE, SELECT, UPDATE ON ALL SEQUENCES IN SCHEMA public TO wave_user; -ALTER DEFAULT PRIVILEGES IN SCHEMA public -GRANT USAGE, SELECT, UPDATE ON SEQUENCES TO wave_user; -``` + -- Grant privileges on future tables and sequences + ALTER DEFAULT PRIVILEGES IN SCHEMA public + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLES TO wave_user; + + ALTER DEFAULT PRIVILEGES IN SCHEMA public + GRANT USAGE, SELECT, UPDATE ON SEQUENCES TO wave_user; + ``` + + Replace `` with a secure password for the database user. Wave will automatically handle schema migrations on startup and create the required database objects. @@ -176,7 +187,7 @@ services: restart: unless-stopped ``` -## Deploy Wave +## Deploying Wave 1. Download and populate the [wave.env](./_templates/wave.env) file with the settings corresponding to your system. From e08e7e7cf827f5657558fa73393c6085c30f91d8 Mon Sep 17 00:00:00 2001 From: Christopher Hakkaart Date: Thu, 21 Aug 2025 13:39:55 +1200 Subject: [PATCH 2/8] Update configuration section Signed-off-by: Christopher Hakkaart --- docs/install/docker-compose.md | 207 ++++++++++++++++++--------------- 1 file changed, 115 insertions(+), 92 deletions(-) diff --git a/docs/install/docker-compose.md b/docs/install/docker-compose.md index c6efac248..97f42834e 100644 --- a/docs/install/docker-compose.md +++ b/docs/install/docker-compose.md @@ -1,5 +1,5 @@ --- -title: Docker Compose installation +title: Docker Compose --- Wave enables you to provision container images on demand, removing the need to build and upload them manually to a container registry. Wave can provision both ephemeral and regular registry-persisted container images. @@ -10,6 +10,7 @@ This page describes how run self-hosted Wave in Docker Compose. It includes: - Database configuration - Wave configuration +- Docker Compose - Deploying Wave - Advanced configuration @@ -35,29 +36,45 @@ The minimum system requirements for self-hosted Wave in Docker Compose are: Wave requires a PostgreSQL database to operate. -To configure : +To configure your PostgreSQL database: -1. Access PostgreSQL -2. Create a dedicated `wave` database and user account with the appropriate privileges: +1. Connect to PostgreSQL. +2. Create a dedicated user for Wave: ```sql - -- Create a dedicated user for Wave CREATE ROLE wave_user LOGIN PASSWORD ''; + ``` + + Replace `` with a secure password for the database user. + +3. Create the Wave database: - -- Create the Wave database + ```sql CREATE DATABASE wave; + ``` + +4. Connect to the wave database: - -- Connect to the wave database + ```sql \c wave; + ``` + +5. Grant basic schema access: - -- Grant basic schema access + ```sql GRANT USAGE, CREATE ON SCHEMA public TO wave_user; + ``` + +6. Grant privileges on existing tables and sequences: - -- Grant privileges on existing tables and sequences + ```sql GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA public TO wave_user; GRANT USAGE, SELECT, UPDATE ON ALL SEQUENCES IN SCHEMA public TO wave_user; + ``` + +7. Grant privileges on future tables and sequences: - -- Grant privileges on future tables and sequences + ```sql ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT, INSERT, UPDATE, DELETE ON TABLES TO wave_user; @@ -65,90 +82,96 @@ To configure : GRANT USAGE, SELECT, UPDATE ON SEQUENCES TO wave_user; ``` - Replace `` with a secure password for the database user. - -Wave will automatically handle schema migrations on startup and create the required database objects. - -## Wave config - -Create a configuration file that defines Wave's behavior and integrations. Save this as `config/wave-config.yml` in your Docker Compose directory. +:::note +Wave will automatically handle schema migrations and create the required database objects on startup. +::: -```yaml -wave: - # Build service configuration - disabled for Docker Compose - build: - enabled: false - # Mirror service configuration - disabled for Docker Compose - mirror: - enabled: false - # Security scanning configuration - disabled for Docker Compose - scan: - enabled: false - # Blob caching configuration - disabled for Docker Compose - blobCache: - enabled: false - # Database connection settings - db: - uri: "jdbc:postgresql://your-postgres-host:5432/wave" - user: "wave_user" - password: "your_secure_password" - -# Redis configuration for caching and session management -redis: - uri: "redis://your-redis-host:6379" - -# Platform integration (optional) -tower: - endpoint: - url: "https://your-platform-server.com" - -# Micronaut framework configuration -micronaut: - # Netty HTTP server configuration - netty: - event-loops: - default: - num-threads: 64 - stream-pool: - executor: stream-executor - # HTTP client configuration - http: - services: - stream-client: - read-timeout: 30s - read-idle-timeout: 5m - event-loop-group: stream-pool - -# Management endpoints configuration -loggers: - env: - enabled: false - bean: - enabled: false - caches: - enabled: false - refresh: - enabled: false - loggers: - enabled: false - info: - enabled: false - # Enable metrics for monitoring - metrics: - enabled: true - # Enable health checks - health: - enabled: true - disk-space: - enabled: false - jdbc: - enabled: false -``` +## Wave configuration + +Wave requires a configuration file to defines its behavior and integrations. + +To define your Wave configuration: + +1. Create `config/wave-config.yml` in your Docker Compose directory. +2. Add the following configuration: + + ```yaml + wave: + # Build service configuration - disabled for Docker Compose + build: + enabled: false + # Mirror service configuration - disabled for Docker Compose + mirror: + enabled: false + # Security scanning configuration - disabled for Docker Compose + scan: + enabled: false + # Blob caching configuration - disabled for Docker Compose + blobCache: + enabled: false + # Database connection settings + db: + uri: "jdbc:postgresql://:5432/wave" + user: "wave_user" + password: "your_secure_password" + + # Redis configuration for caching and session management + redis: + uri: "redis://:6379" + + # Platform integration (optional) + tower: + endpoint: + url: "https://your-platform-server.com" + + # Micronaut framework configuration + micronaut: + # Netty HTTP server configuration + netty: + event-loops: + default: + num-threads: 64 + stream-pool: + executor: stream-executor + # HTTP client configuration + http: + services: + stream-client: + read-timeout: 30s + read-idle-timeout: 5m + event-loop-group: stream-pool + + # Management endpoints configuration + loggers: + env: + enabled: false + bean: + enabled: false + caches: + enabled: false + refresh: + enabled: false + loggers: + enabled: false + info: + enabled: false + # Enable metrics for monitoring + metrics: + enabled: true + # Enable health checks + health: + enabled: true + disk-space: + enabled: false + jdbc: + enabled: false + ``` -Configuration notes: + Replace the following: -- Replace `your-postgres-host` and `your-redis-host` with your service endpoints. -- Adjust `number-of-threads` (16) and `num-threads` (64) based on your CPU cores — Use between 2x and 4x your CPU core count. + - ``: your Postgres service endpoint + - ``: your Redis service endpoint + - Adjust `number-of-threads` (16) and `num-threads` (64) based on your CPU cores — Use between 2x and 4x your CPU core count. ## Docker Compose @@ -226,6 +249,6 @@ services: If Wave Lite is running in the same container as Platform Connect for [Studios](https://docs.seqera.io/platform-enterprise/25.2/enterprise/studios#docker-compose), tearing down the service will also interrupt Connect services. ::: -### Advanced configuration +## Advanced configuration See [Configuring Wave](./configure-wave.md) for advanced Wave features, scaling guidance, and integration options. From b5e59bfd189446da44a04651d5bee353122fe008 Mon Sep 17 00:00:00 2001 From: Christopher Hakkaart Date: Fri, 22 Aug 2025 06:52:47 +1200 Subject: [PATCH 3/8] Stash --- docs/install/docker-compose.md | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/docs/install/docker-compose.md b/docs/install/docker-compose.md index 97f42834e..cbf02c354 100644 --- a/docs/install/docker-compose.md +++ b/docs/install/docker-compose.md @@ -88,12 +88,11 @@ Wave will automatically handle schema migrations and create the required databas ## Wave configuration -Wave requires a configuration file to defines its behavior and integrations. +Wave requires a configuration file to define its behavior and integrations. To define your Wave configuration: -1. Create `config/wave-config.yml` in your Docker Compose directory. -2. Add the following configuration: +1. Create a `config/wave-config.yml` file in your Docker Compose directory with the following configuration: ```yaml wave: @@ -113,7 +112,7 @@ To define your Wave configuration: db: uri: "jdbc:postgresql://:5432/wave" user: "wave_user" - password: "your_secure_password" + password: "" # Redis configuration for caching and session management redis: @@ -171,10 +170,17 @@ To define your Wave configuration: - ``: your Postgres service endpoint - ``: your Redis service endpoint - - Adjust `number-of-threads` (16) and `num-threads` (64) based on your CPU cores — Use between 2x and 4x your CPU core count. + - ``: your secure password for the database user + + Adjust the following values based on your CPU cores: + + - `number-of-threads`: Set between 2x and 4x your CPU core count (default: 16) + - `num-threads`: Set between 2x and 4x your CPU core count (default: 64) ## Docker Compose +Docker Compose requires configuration to work with Wave. + Add the following to your `docker-compose.yml`: ```yaml @@ -216,7 +222,6 @@ services: 1. Use Docker Swarm to deploy Wave Lite. See [Create a swarm](https://docs.docker.com/engine/swarm/swarm-tutorial/create-swarm/) for detailed setup instructions. - 1. Deploy the Wave service, running two replicas: ```bash From fb46776ee0664d98c06a566f28f0e6c22ed0db5e Mon Sep 17 00:00:00 2001 From: Christopher Hakkaart Date: Tue, 26 Aug 2025 11:18:18 +1200 Subject: [PATCH 4/8] Revise next sections Signed-off-by: Christopher Hakkaart --- docs/install/docker-compose.md | 184 ++++++----- docs/install/kubernetes.md | 553 ++++++++++++++++++--------------- 2 files changed, 401 insertions(+), 336 deletions(-) diff --git a/docs/install/docker-compose.md b/docs/install/docker-compose.md index cbf02c354..266660826 100644 --- a/docs/install/docker-compose.md +++ b/docs/install/docker-compose.md @@ -1,17 +1,19 @@ --- title: Docker Compose +description: Run Wave in Docker Compose +tags: [docker compose, install, wave] --- Wave enables you to provision container images on demand, removing the need to build and upload them manually to a container registry. Wave can provision both ephemeral and regular registry-persisted container images. -Docker Compose installations support Wave Lite, a configuration mode for Wave that includes only container augmentation and inspection capabilities, and enables the use of Fusion file system in Nextflow pipelines. +Docker Compose installations support Wave Lite, a configuration mode for Wave that includes only container augmentation and inspection capabilities, and enables the use of Fusion file system in Nextflow pipelines. See [Wave Lite](../wave-lite.md) for more information. -This page describes how run self-hosted Wave in Docker Compose. It includes: +This page describes how to run Wave on Docker Compose. It includes: - Database configuration - Wave configuration - Docker Compose -- Deploying Wave +- Wave deployment - Advanced configuration :::info[**Prerequisites**] @@ -19,13 +21,8 @@ You will need the following to get started: - A PostgreSQL instance (version 12 or higher) - A Redis instance (version 6.2 or higher) -::: - -:::info[**System requirements**] -The minimum system requirements for self-hosted Wave in Docker Compose are: - -- Current, supported versions of Docker Engine and Docker Compose -- A compute instance with the minimum requirements: +- Supported versions of Docker Engine and Docker Compose +- A compute instance with at least: - **Memory**: 32 GB RAM available for use by the Wave application on the host system - **CPU**: 8 CPU cores available on the host system - **Storage**: 10 GB in addition to sufficient disk space for your container images and temporary files (for example, in AWS EC2, `m5a.2xlarge` or greater) @@ -34,12 +31,12 @@ The minimum system requirements for self-hosted Wave in Docker Compose are: ## Database configuration -Wave requires a PostgreSQL database to operate. +PostgreSQL is a relational database that stores and manages data using SQL queries. Wave requires a PostgreSQL database to operate. -To configure your PostgreSQL database: +To create your `wave` PostgreSQL database and user account with appropriate privileges: 1. Connect to PostgreSQL. -2. Create a dedicated user for Wave: +1. Create a dedicated user for Wave: ```sql CREATE ROLE wave_user LOGIN PASSWORD ''; @@ -47,32 +44,32 @@ To configure your PostgreSQL database: Replace `` with a secure password for the database user. -3. Create the Wave database: +1. Create the Wave database: ```sql CREATE DATABASE wave; ``` -4. Connect to the wave database: +1. Connect to the wave database: ```sql \c wave; ``` -5. Grant basic schema access: +1. Grant basic schema access: ```sql GRANT USAGE, CREATE ON SCHEMA public TO wave_user; ``` -6. Grant privileges on existing tables and sequences: +1. Grant privileges on existing tables and sequences: ```sql GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA public TO wave_user; GRANT USAGE, SELECT, UPDATE ON ALL SEQUENCES IN SCHEMA public TO wave_user; ``` -7. Grant privileges on future tables and sequences: +1. Grant privileges on future tables and sequences: ```sql ALTER DEFAULT PRIVILEGES IN SCHEMA public @@ -88,100 +85,99 @@ Wave will automatically handle schema migrations and create the required databas ## Wave configuration -Wave requires a configuration file to define its behavior and integrations. - -To define your Wave configuration: - -1. Create a `config/wave-config.yml` file in your Docker Compose directory with the following configuration: - - ```yaml - wave: - # Build service configuration - disabled for Docker Compose - build: - enabled: false - # Mirror service configuration - disabled for Docker Compose - mirror: - enabled: false - # Security scanning configuration - disabled for Docker Compose - scan: - enabled: false - # Blob caching configuration - disabled for Docker Compose - blobCache: - enabled: false - # Database connection settings - db: - uri: "jdbc:postgresql://:5432/wave" - user: "wave_user" - password: "" - - # Redis configuration for caching and session management - redis: +Wave requires configuration for database connections, Redis caching, and server settings. + +To configure Wave, create a `config/wave-config.yml` file with the following configuration in your Docker Compose directory: + +```yaml +wave: + # Build service configuration - disabled for Docker Compose + build: + enabled: false + # Mirror service configuration - disabled for Docker Compose + mirror: + enabled: false + # Security scanning configuration - disabled for Docker Compose + scan: + enabled: false + # Blob caching configuration - disabled for Docker Compose + blobCache: + enabled: false + # Database connection settings + db: + uri: "jdbc:postgresql://:5432/wave" + user: "wave_user" + password: "" + + # Redis configuration for caching and session management + redis: uri: "redis://:6379" - # Platform integration (optional) - tower: + # Platform integration (optional) + tower: endpoint: - url: "https://your-platform-server.com" + url: "" - # Micronaut framework configuration - micronaut: + # Micronaut framework configuration + micronaut: # Netty HTTP server configuration netty: - event-loops: + event-loops: default: - num-threads: 64 + num-threads: 64 stream-pool: - executor: stream-executor + executor: stream-executor # HTTP client configuration http: - services: + services: stream-client: - read-timeout: 30s - read-idle-timeout: 5m - event-loop-group: stream-pool - - # Management endpoints configuration - loggers: - env: - enabled: false - bean: - enabled: false - caches: - enabled: false - refresh: - enabled: false - loggers: - enabled: false - info: - enabled: false - # Enable metrics for monitoring - metrics: - enabled: true - # Enable health checks - health: - enabled: true - disk-space: - enabled: false - jdbc: - enabled: false - ``` + read-timeout: 30s + read-idle-timeout: 5m + event-loop-group: stream-pool + +# Management endpoints configuration +loggers: + env: + enabled: false + bean: + enabled: false + caches: + enabled: false + refresh: + enabled: false + loggers: + enabled: false + info: + enabled: false +# Enable metrics for monitoring +metrics: + enabled: true +# Enable health checks +health: + enabled: true + disk-space: + enabled: false + jdbc: + enabled: false +``` - Replace the following: +Replace the following: - - ``: your Postgres service endpoint - - ``: your Redis service endpoint - - ``: your secure password for the database user +- ``: your Postgres service endpoint +- ``: your Redis service endpoint +- ``: your secure password for the database user +- ``: your Platform endpoint URL (_optional_) - Adjust the following values based on your CPU cores: +Adjust the following values based on your CPU cores: - - `number-of-threads`: Set between 2x and 4x your CPU core count (default: 16) - - `num-threads`: Set between 2x and 4x your CPU core count (default: 64) +- `number-of-threads`: Set between 2x and 4x your CPU core count (default: 16) +- `num-threads`: Set between 2x and 4x your CPU core count (default: 64) ## Docker Compose -Docker Compose requires configuration to work with Wave. +Docker Compose is a tool for defining and running multi-container Docker applications. It requires configuration to work with Wave. -Add the following to your `docker-compose.yml`: +To configure Docker Compose, add the following to your `docker-compose.yml`: ```yaml services: @@ -216,7 +212,7 @@ services: restart: unless-stopped ``` -## Deploying Wave +## Wave deployment 1. Download and populate the [wave.env](./_templates/wave.env) file with the settings corresponding to your system. diff --git a/docs/install/kubernetes.md b/docs/install/kubernetes.md index 66ee4be7b..353cdee4f 100644 --- a/docs/install/kubernetes.md +++ b/docs/install/kubernetes.md @@ -1,268 +1,333 @@ --- -title: Kubernetes installation +title: Kubernetes +description: Run Wave Lite on Kubernetes +tags: [kubernetes, install, wave, wave lite] --- -Wave enables you to provision container images on-demand, removing the need to build and upload them manually to a container registry. Wave can can provision both disposable containers that are only accessible for a short period, and regular registry-persisted container images. +Wave enables you to provision container images on-demand, removing the need to build and upload them manually to a container registry. Wave can provision both disposable containers that are only accessible for a short period, and regular registry-persisted container images. -This installation guide covers Wave in [Lite](../wave-lite.md) mode. Wave Lite provides container augmentation and inspection capabilities on AWS, Azure, and GCP cloud deployments, and enables the use of Fusion file system in Nextflow pipelines. +Kubernetes installations support Wave Lite, a configuration mode for Wave that supports container augmentation and inspection on AWS, Azure, and GCP deployments, and enables the use of Fusion file system in Nextflow pipelines. See [Wave Lite](../wave-lite.md) for more information. -:::info -Wave's full build capabilities require specific integrations with Kubernetes and AWS EFS Storage, making EKS and AWS a hard dependency for fully-featured deployments. After you have configured a base Wave Lite installation on AWS with this guide, see [Configure Wave Build](./configure-wave-build.md) to extend your installation to support build capabilities. -::: - -## Prerequisites +This page describes how to run Wave Lite on Kubernetes. It includes: -**Required infrastructure:** -- **Kubernetes cluster** - Version 1.31 or higher (any distribution) -- **PostgreSQL instance** - Version 12 or higher (managed externally) -- **Redis instance** - Version 6.0 or higher (managed externally) +- Database configuration +- Namespace creation +- Wave configuration +- Wave deployment +- Service creation +- Advanced configuration +- Next steps -## System requirements +Wave's full build capabilities require specific integrations on Kubernetes and AWS EFS Storage, making EKS and AWS a hard dependency for fully-featured deployments. After you configure a base Wave Lite installation on AWS with this guide, see [Configure Wave Build](./configure-wave-build.md) to optionally extend your installation to support build capabilities. -The minimum system requirements for a Wave Kubernetes installation are: +:::info[**Prerequisites**] +You will need the following to get started: -- **Memory**: Minimum 4GB RAM per Wave pod -- **CPU**: Minimum 1 CPU core per pod -- **Network**: Connectivity to your external PostgreSQL and Redis instances -- **Storage**: Sufficient storage for your container images and temporary files - -:::info -See [Configure Wave](./configure-wave.md) for detailed scaling and performance tuning guidance. +- A Kubernetes cluster (version 1.31 or higher) +- An externally managed PostgreSQL instance (version 12 or higher) +- An externally managed Redis instance (version 6.0 or higher) +- A Kubernetes cluster with at least: + - **Memory**: 4 GB RAM per Wave pod + - **CPU**: 1 CPU core per pod + - **Network**: Connectivity to your external PostgreSQL and Redis instances + - **Storage**: Sufficient storage for your container images and temporary files ::: -## Assumptions - +:::info[**Assumptions**] This guide assumes: + - You have already deployed Seqera Platform Enterprise - You will deploy Wave into the `wave` namespace - You have appropriate cluster permissions to create namespaces, deployments, and services - Your PostgreSQL and Redis instances are accessible from the Kubernetes cluster +::: ## Database configuration Wave requires a PostgreSQL database to operate. -Create a dedicated `wave` database and user account with the appropriate privileges: +To create your `wave` PostgreSQL database and user account with appropriate privileges: -```sql --- Create a dedicated user for Wave -CREATE ROLE wave_user LOGIN PASSWORD 'your_secure_password'; +1. Connect to PostgreSQL. +1. Create a dedicated user for Wave: --- Create the Wave database -CREATE DATABASE wave; + ```sql + CREATE ROLE wave_user LOGIN PASSWORD ''; + ``` --- Connect to the wave database -\c wave; + Replace `` with a secure password for the database user. --- Grant basic schema access -GRANT USAGE, CREATE ON SCHEMA public TO wave_user; +1. Create the Wave database: --- Grant privileges on existing tables and sequences -GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA public TO wave_user; -GRANT USAGE, SELECT, UPDATE ON ALL SEQUENCES IN SCHEMA public TO wave_user; + ```sql + CREATE DATABASE wave; + ``` --- Grant privileges on future tables and sequences -ALTER DEFAULT PRIVILEGES IN SCHEMA public -GRANT SELECT, INSERT, UPDATE, DELETE ON TABLES TO wave_user; +1. Connect to the wave database: -ALTER DEFAULT PRIVILEGES IN SCHEMA public -GRANT USAGE, SELECT, UPDATE ON SEQUENCES TO wave_user; -``` + ```sql + \c wave; + ``` -## Create namespace +1. Grant basic schema access: -```yaml ---- -apiVersion: v1 -kind: Namespace -metadata: - name: "wave" - labels: - app: wave-app -``` + ```sql + GRANT USAGE, CREATE ON SCHEMA public TO wave_user; + ``` -## Configure Wave +1. Grant privileges on existing tables and sequences: -Create a ConfigMap containing Wave's configuration. Update the following values to match your environment: + ```sql + GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA public TO wave_user; + GRANT USAGE, SELECT, UPDATE ON ALL SEQUENCES IN SCHEMA public TO wave_user; + ``` -- Database connection details (`uri`, `user`, `password`) -- Redis connection string -- Seqera Platform API endpoint +1. Grant privileges on future tables and sequences: -:::warning -This configuration contains sensitive values. It is recommended to use Kubernetes Secrets for sensitive data, instead of embedding them directly in the ConfigMap. See the [Kubernetes Secrets documentation](https://kubernetes.io/docs/concepts/configuration/secret/) for more details. + ```sql + ALTER DEFAULT PRIVILEGES IN SCHEMA public + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLES TO wave_user; -Example using environment variables with secrets: + ALTER DEFAULT PRIVILEGES IN SCHEMA public + GRANT USAGE, SELECT, UPDATE ON SEQUENCES TO wave_user; + ``` -```yaml -env: - - name: WAVE_DB_PASSWORD - valueFrom: - secretKeyRef: - name: wave-secrets - key: db-password -``` -::: +## Namespace creation -```yaml -kind: ConfigMap -apiVersion: v1 -metadata: - name: wave-cfg - namespace: "wave" - labels: - app: wave-cfg -data: - config.yml: | - wave: - # Build service configuration - disabled for Wave base installation - build: - enabled: false - # Mirror service configuration - disabled for Wave base installation - mirror: - enabled: false - # Security scanning configuration - disabled for Wave base installation - scan: - enabled: false - # Blob caching configuration - disabled for Wave base installation - blobCache: - enabled: false - # Database connection settings - db: - uri: "jdbc:postgresql://your-postgres-host:5432/wave" - user: "wave_user" - password: "your_secure_password" - - # Redis configuration for caching and session management - redis: - uri: "rediss://your-redis-host:6379" - - # Platform integration (optional) - tower: - endpoint: - url: "https://your-platform-server.com" - - # Micronaut framework configuration - micronaut: - # Executor configuration for handling concurrent requests - executors: - stream-executor: - type: FIXED - number-of-threads: 16 - # Netty HTTP server configuration - netty: - event-loops: - default: - num-threads: 64 - stream-pool: - executor: stream-executor - # HTTP client configuration - http: - services: - stream-client: - read-timeout: 30s - read-idle-timeout: 5m - event-loop-group: stream-pool - - # Management endpoints configuration - loggers: - # Enable metrics for monitoring - metrics: - enabled: true - # Enable health checks - health: - enabled: true - disk-space: - enabled: false - jdbc: - enabled: false -``` +A Kubernetes namespace provides logical isolation for cluster resources, allowing you to organize all Wave components together with proper resource limits and access controls. -## Create deployment +To create a `wave` namespace: -Deploy Wave using the following Deployment manifest: +1. Create `namespace.yaml` with the following configuration: -```yaml ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wave - namespace: "wave" - labels: - app: wave-app -spec: - replicas: 1 - selector: - matchLabels: - app: wave-app - template: + ```yaml + --- + apiVersion: v1 + kind: Namespace + metadata: + name: "wave" + labels: + app: wave-app + ``` + +2. Deploy the `wave` namespace: + + ```bash + kubectl apply -f namespace.yaml + ``` + +## Wave configuration + +Wave requires configuration for database connections, Redis caching, and server settings. + +1. Create `wave-config.yaml` with the following configuration: + + ```yaml + --- + apiVersion: v1 + kind: ConfigMap metadata: + name: wave-cfg + namespace: "wave" + data: + config.yml: | + wave: + # Build service configuration - disabled for Wave base installation + build: + enabled: false + # Mirror service configuration - disabled for Wave base installation + mirror: + enabled: false + # Security scanning configuration - disabled for Wave base installation + scan: + enabled: false + # Blob caching configuration - disabled for Wave base installation + blobCache: + enabled: false + # Database connection settings + db: + uri: "jdbc:postgresql://:5432/wave" + user: "wave_user" + password: "" + + # Redis configuration for caching and session management + redis: + uri: "rediss://:6379" + + # Platform integration (optional) + tower: + endpoint: + url: "" + + # Micronaut framework configuration + micronaut: + # Executor configuration for handling concurrent requests + executors: + stream-executor: + type: FIXED + number-of-threads: 16 + # Netty HTTP server configuration + netty: + event-loops: + default: + num-threads: 64 + stream-pool: + executor: stream-executor + # HTTP client configuration + http: + services: + stream-client: + read-timeout: 30s + read-idle-timeout: 5m + event-loop-group: stream-pool + + # Management endpoints configuration + loggers: + # Enable metrics for monitoring + metrics: + enabled: true + # Enable health checks + health: + enabled: true + disk-space: + enabled: false + jdbc: + enabled: false + ``` + + Replace the following: + + - ``: your Postgres service endpoint + - ``: your Redis service endpoint + - ``: your secure password for the database user + - ``: your Platform endpoint URL (_optional_) + + :::tip + It is recommended to use Kubernetes Secrets for sensitive data instead of embedding them in the ConfigMap. For example, by adding environment variables with secrets to your Wave deployment manifest: + + ```yaml + env: + - name: WAVE_DB_PASSWORD + valueFrom: + secretKeyRef: + name: wave-secrets + key: db-password + ``` + + See the Kubernetes [Secrets](https://kubernetes.io/docs/concepts/configuration/secret/) for more details. + ::: + + 2. Deploy the ConfigMap to the `wave` namespace: + + ```bash + kubectl apply -f wave-config.yaml + ``` + +## Wave deployment + +Deploy Wave using the following deployment manifest: + +1. Create `wave-deployment.yaml` with the following configuration: + + ```yaml + --- + apiVersion: apps/v1 + kind: Deployment + metadata: + name: wave + namespace: "wave" labels: app: wave-app spec: - containers: - - image: REPLACE_ME_AWS_ACCOUNT.dkr.ecr.us-east-1.amazonaws.com/nf-tower-enterprise/wave:REPLACE_ME_WAVE_IMAGE_TAG - name: wave-app - ports: - - containerPort: 9090 - env: - - name: MICRONAUT_ENVIRONMENTS - value: "postgres,redis,lite" - resources: - requests: - memory: "4000Mi" - limits: - memory: "4000Mi" - workingDir: "/work" - volumeMounts: + replicas: 1 + selector: + matchLabels: + app: wave-app + template: + metadata: + labels: + app: wave-app + spec: + containers: + - image: .dkr.ecr.us-east-1.amazonaws.com/nf-tower-enterprise/wave: + name: wave-app + ports: + - containerPort: 9090 + env: + - name: MICRONAUT_ENVIRONMENTS + value: "postgres,redis,lite" + resources: + requests: + memory: "4000Mi" + limits: + memory: "4000Mi" + workingDir: "/work" + volumeMounts: + - name: wave-cfg + mountPath: /work/config.yml + subPath: "config.yml" + readinessProbe: + httpGet: + path: /health + port: 9090 + initialDelaySeconds: 5 + timeoutSeconds: 3 + livenessProbe: + httpGet: + path: /health + port: 9090 + initialDelaySeconds: 5 + timeoutSeconds: 3 + failureThreshold: 10 + volumes: - name: wave-cfg - mountPath: /work/config.yml - subPath: "config.yml" - readinessProbe: - httpGet: - path: /health - port: 9090 - initialDelaySeconds: 5 - timeoutSeconds: 3 - livenessProbe: - httpGet: - path: /health - port: 9090 - initialDelaySeconds: 5 - timeoutSeconds: 3 - failureThreshold: 10 - volumes: - - name: wave-cfg - configMap: - name: wave-cfg - restartPolicy: Always -``` + configMap: + name: wave-cfg + restartPolicy: Always + ``` -## Create Service + Replace the following: -Expose Wave within the cluster using a Service: + - ``: your AWS account ID + - ``: your Wave image tag version -```yaml ---- -apiVersion: v1 -kind: Service -metadata: - name: wave-service - namespace: "wave" - labels: - app: wave-app -spec: - selector: - app: wave-app - ports: - - name: http - port: 9090 - targetPort: 9090 - protocol: TCP - type: ClusterIP -``` +2. Deploy Wave to the `wave` namespace: + + ```bash + kubectl apply -f wave-deployment.yaml + ``` + +## Service creation +To expose Wave within the cluster using a Service: + +1. Create `wave-service.yaml` with the following configuration: + + ```yaml + --- + apiVersion: v1 + kind: Service + metadata: + name: wave-service + namespace: "wave" + labels: + app: wave-app + spec: + selector: + app: wave-app + ports: + - name: http + port: 9090 + targetPort: 9090 + protocol: TCP + type: ClusterIP + ``` + +2. Deploy the service to the `wave` namespace: + + ```bash + kubectl apply -f wave-service.yaml + ``` ## Next steps @@ -320,35 +385,39 @@ Consider implementing the following for production deployments: - Resource quotas and limit ranges for the Wave namespace ### AWS credentials to access ECR + Wave requires access to AWS ECR for container image management. Create an IAM role with the following permissions: ```json "Statement": [ - { - "Action": [ - "ecr:BatchCheckLayerAvailability", - "ecr:GetDownloadUrlForLayer", - "ecr:GetRepositoryPolicy", - "ecr:DescribeRepositories", - "ecr:ListImages", - "ecr:DescribeImages", - "ecr:BatchGetImage", - "ecr:GetLifecyclePolicy", - "ecr:GetLifecyclePolicyPreview", - "ecr:ListTagsForResource", - "ecr:DescribeImageScanFindings", - "ecr:CompleteLayerUpload", - "ecr:UploadLayerPart", - "ecr:InitiateLayerUpload", - "ecr:PutImage" - ], - "Effect": "Allow", - "Resource": [ - "/wave/*" - ] - } - ``` - -### Advanced configuration + { + "Action": [ + "ecr:BatchCheckLayerAvailability", + "ecr:GetDownloadUrlForLayer", + "ecr:GetRepositoryPolicy", + "ecr:DescribeRepositories", + "ecr:ListImages", + "ecr:DescribeImages", + "ecr:BatchGetImage", + "ecr:GetLifecyclePolicy", + "ecr:GetLifecyclePolicyPreview", + "ecr:ListTagsForResource", + "ecr:DescribeImageScanFindings", + "ecr:CompleteLayerUpload", + "ecr:UploadLayerPart", + "ecr:InitiateLayerUpload", + "ecr:PutImage" + ], + "Effect": "Allow", + "Resource": [ + "/wave/*" + ] + } +] +``` + +Replace `` with your ECR repository Amazon Resource Name (ARN). + +## Advanced configuration See [Configuring Wave](./configure-wave.md) for advanced Wave features, scaling guidance, and integration options. From 75bb599e31df53568cc66d23aeecb0c5d26fce1c Mon Sep 17 00:00:00 2001 From: Christopher Hakkaart Date: Tue, 26 Aug 2025 14:08:46 +1200 Subject: [PATCH 5/8] Add index page and steps to guides Signed-off-by: Christopher Hakkaart --- docs/cli/index.md | 2 +- docs/cli/installation.mdx | 16 +++---- docs/cli/reference.md | 24 +++++----- docs/install/docker-compose.md | 88 ++++++++++++++++------------------ docs/install/index.md | 41 ++++++++++++++++ docs/install/kubernetes.md | 17 +++---- 6 files changed, 110 insertions(+), 78 deletions(-) create mode 100644 docs/install/index.md diff --git a/docs/cli/index.md b/docs/cli/index.md index 6a9ea390a..2923bfb4f 100644 --- a/docs/cli/index.md +++ b/docs/cli/index.md @@ -6,7 +6,7 @@ The Wave CLI is a convenient wrapper around the Wave API. You can compose Wave CLI with other commands. The CLI returns the URL of the container build on `stdout` in the following format: -``` +```console wave.seqera.io/wt/xxxxxxxxxxxx/wave/build:xxxxxxxxxxxxxxxx ``` diff --git a/docs/cli/installation.mdx b/docs/cli/installation.mdx index f119301e9..146c71444 100644 --- a/docs/cli/installation.mdx +++ b/docs/cli/installation.mdx @@ -16,13 +16,13 @@ To self-install the latest Wave release from GitHub: 1. Move the executable from your downloads folder to a location in your `PATH`, such as `~/bin`. For example: - ``` + ```bash mv wave-cli-0.8.0-macos-x86_64 ~/bin/wave ``` 1. Ensure that the executable permission is set. For example: - ``` + ```bash chmod u+x ~/bin/wave ``` @@ -30,7 +30,7 @@ To self-install the latest Wave release from GitHub: 1. Create a basic `Dockerfile`: - ``` + ```Dockerfile cat << EOF > ./Dockerfile FROM busybox:latest EOF @@ -38,13 +38,13 @@ To self-install the latest Wave release from GitHub: 1. Use the CLI to build the container: - ``` + ```bash wave -f Dockerfile ``` Example output: - ``` + ```console wave.seqera.io/wt/xxxxxxxxxxxx/wave/build:xxxxxxxxxxxxxxxx ``` @@ -62,7 +62,7 @@ To install the latest version with [Homebrew]: 1. Create a basic `Dockerfile`: - ``` + ```Dockerfile cat << EOF > ./Dockerfile FROM busybox:latest EOF @@ -70,13 +70,13 @@ To install the latest version with [Homebrew]: 1. Use the CLI to build the container: - ``` + ```bash wave -f Dockerfile ``` Example output: - ``` + ```console wave.seqera.io/wt/xxxxxxxxxxxx/wave/build:xxxxxxxxxxxxxxxx ``` diff --git a/docs/cli/reference.md b/docs/cli/reference.md index ceed9758d..ef1b79d00 100644 --- a/docs/cli/reference.md +++ b/docs/cli/reference.md @@ -30,7 +30,7 @@ The following arguments are used for a directory build: Create a new context directory: -``` +```bash mkdir -p new-layer/usr/local/bin printf 'echo Hello world!' > new-layer/usr/local/bin/hello.sh chmod +x new-layer/usr/local/bin/hello.sh @@ -38,7 +38,7 @@ chmod +x new-layer/usr/local/bin/hello.sh Use the CLI to build the image and run the result with Docker: -``` +```bash docker run $(wave -i alpine --layer new-layer) sh -c hello.sh ``` @@ -64,7 +64,7 @@ Conda builds support the following arguments: In the following example, a container with the `samtools` and `bamtools` packages is built: -``` +```bash wave \ --conda-package bamtools=2.5.2 \ --conda-package samtools=1.17 @@ -92,7 +92,7 @@ Building a Dockerfile that requires `--build-arg` for build time variables isn't In the following example `Dockerfile`, several packages are installed: -``` +```Dockerfile cat << EOF > ./Dockerfile FROM alpine @@ -106,14 +106,14 @@ EOF Build and run the container based on the Dockerfile in the previous example by running the following command: -``` +```bash container=$(wave --containerfile ./Dockerfile) docker run --rm $container cowsay "Hello world" ``` In the following example `Dockerfile`, a local context is used: -``` +```Dockerfile cat << EOF > ./Dockerfile FROM alpine ADD hello.sh /usr/local/bin/ @@ -122,7 +122,7 @@ EOF Create the shell script referenced in the previous example by running the following commands in your terminal: -``` +```bash mkdir -p build-context/ printf 'echo Hello world!' > build-context/hello.sh chmod +x build-context/hello.sh @@ -130,7 +130,7 @@ chmod +x build-context/hello.sh Build and run the container based on the Dockerfile in the previous example by running the following command: -``` +```bash docker run $(wave -f Dockerfile --context build-context) sh -c hello.sh ``` @@ -164,19 +164,19 @@ The following arguments are used to build a Singularity container: In the following example, a Docker base image is augmented: -``` +```bash wave -i alpine --layer context-dir/ --build-repo docker.io/user/repo ``` In the following example, a SingularityCE def file is specified: -``` +```bash wave -f hello-world.def --singularity --freeze --build-repo docker.io/user/repo ``` In the following example, two Conda packages are specified: -``` +```bash wave --conda-package bamtools=2.5.2 --conda-package samtools=1.17 --freeze --singularity --build-repo docker.io/user/repo ``` @@ -208,7 +208,7 @@ The following arguments are used to freeze a container build: In the following example, the `alpine` container image is frozen to a private DockerHub image registry. The `--tower-token` argument is not required if the `TOWER_ACCESS_TOKEN` environment variable is defined. -``` +```bash wave -i alpine --freeze \ --build-repo docker.io/user/repo --tower-token ``` diff --git a/docs/install/docker-compose.md b/docs/install/docker-compose.md index 266660826..200fc7054 100644 --- a/docs/install/docker-compose.md +++ b/docs/install/docker-compose.md @@ -1,14 +1,14 @@ --- title: Docker Compose -description: Run Wave in Docker Compose +description: Run Wave List on Docker Compose tags: [docker compose, install, wave] --- -Wave enables you to provision container images on demand, removing the need to build and upload them manually to a container registry. Wave can provision both ephemeral and regular registry-persisted container images. +Docker Compose provides a straightforward deployment method suitable for development, testing, and production environments by packaging Wave services and dependencies into a coordinated container stack. This approach handles service orchestration automatically, coordinating startup and networking of Wave components, with updates performed by downloading new container versions and restarting the application stack. -Docker Compose installations support Wave Lite, a configuration mode for Wave that includes only container augmentation and inspection capabilities, and enables the use of Fusion file system in Nextflow pipelines. See [Wave Lite](../wave-lite.md) for more information. +Docker Compose installations support [Wave Lite](../wave-lite.md), a configuration mode for Wave that includes only container augmentation and inspection capabilities, and enables the use of Fusion file system in Nextflow pipelines. -This page describes how to run Wave on Docker Compose. It includes: +This page describes how to run Wave Lite on Docker Compose. It includes: - Database configuration - Wave configuration @@ -31,8 +31,6 @@ You will need the following to get started: ## Database configuration -PostgreSQL is a relational database that stores and manages data using SQL queries. Wave requires a PostgreSQL database to operate. - To create your `wave` PostgreSQL database and user account with appropriate privileges: 1. Connect to PostgreSQL. @@ -85,9 +83,7 @@ Wave will automatically handle schema migrations and create the required databas ## Wave configuration -Wave requires configuration for database connections, Redis caching, and server settings. - -To configure Wave, create a `config/wave-config.yml` file with the following configuration in your Docker Compose directory: +To configure Wave, create a `config/wave-config.yml` file in your Docker Compose directory with the following configuration: ```yaml wave: @@ -109,31 +105,31 @@ wave: user: "wave_user" password: "" - # Redis configuration for caching and session management - redis: - uri: "redis://:6379" - - # Platform integration (optional) - tower: - endpoint: - url: "" - - # Micronaut framework configuration - micronaut: - # Netty HTTP server configuration - netty: - event-loops: - default: - num-threads: 64 + # Redis configuration for caching and session management +redis: + uri: "redis://:6379" + +# Platform integration (optional) +tower: + endpoint: + url: "" + +# Micronaut framework configuration +micronaut: + # Netty HTTP server configuration + netty: + event-loops: + default: + num-threads: 64 stream-pool: - executor: stream-executor - # HTTP client configuration - http: - services: - stream-client: - read-timeout: 30s - read-idle-timeout: 5m - event-loop-group: stream-pool + executor: stream-executor + # HTTP client configuration + http: + services: + stream-client: + read-timeout: 30s + read-idle-timeout: 5m + event-loop-group: stream-pool # Management endpoints configuration loggers: @@ -149,16 +145,16 @@ loggers: enabled: false info: enabled: false -# Enable metrics for monitoring -metrics: - enabled: true -# Enable health checks -health: - enabled: true - disk-space: - enabled: false - jdbc: - enabled: false + # Enable metrics for monitoring + metrics: + enabled: true + # Enable health checks + health: + enabled: true + disk-space: + enabled: false + jdbc: + enabled: false ``` Replace the following: @@ -175,9 +171,7 @@ Adjust the following values based on your CPU cores: ## Docker Compose -Docker Compose is a tool for defining and running multi-container Docker applications. It requires configuration to work with Wave. - -To configure Docker Compose, add the following to your `docker-compose.yml`: +To configure Docker Compose, create a `docker-compose.yml` file with the following configuration: ```yaml services: @@ -214,6 +208,8 @@ services: ## Wave deployment +To deploy Wave Lite using Docker Swarm: + 1. Download and populate the [wave.env](./_templates/wave.env) file with the settings corresponding to your system. 1. Use Docker Swarm to deploy Wave Lite. See [Create a swarm](https://docs.docker.com/engine/swarm/swarm-tutorial/create-swarm/) for detailed setup instructions. diff --git a/docs/install/index.md b/docs/install/index.md new file mode 100644 index 000000000..c4cea0a75 --- /dev/null +++ b/docs/install/index.md @@ -0,0 +1,41 @@ +--- +title: Installation +description: Install self-hosted Wave +tags: [docker compose, kubernetes, install, wave, wave lite] +--- + +import DocCardList from "@theme/DocCardList"; + +Wave provides multiple installation and deployment options to accommodate different organizational needs and infrastructure requirements. + +## Hosted service + +The simplest way to get started with Wave is through the hosted service at [Seqera containers](https://seqera.io/containers/). This cloud-based option requires no local infrastructure setup and provides immediate access to Wave's container provisioning capabilities. Seqera containers is ideal for users who want to start using Wave quickly with minimal configuration overhead. + +When using the Seqera containers service, you can add a simple configuration block to your `nextflow.config` file to integrate Wave with your Nextflow pipelines: + +```groovy +wave { + enabled = true +} +``` + +For access to other public or private container repositories, you can add container registry credentials to your `nextflow.config` file. See the [Nextflow and Wave](../tutorials/nextflow-wave) tutorial to get started. + +You can also integrate your registry with Seqera Platform's credential management system. See [Credentials overview](https://docs.seqera.io/platform-cloud/credentials/overview) for more information. + +## Self-hosted deployment + +For organizations that require greater control over their container infrastructure or those with specific security and compliance requirements, Wave offers self-hosted deployment options. + +### Docker Compose + +Docker Compose provides a straightforward deployment method suitable for development environments, testing, and production deployments. This method packages Wave services and dependencies into a coordinated set of containers that can be managed as a single application stack. + +The Docker Compose deployment handles service orchestration automatically, coordinating the startup and networking of Wave components. Updates can be performed by downloading new container versions and restarting the application stack. To install with Docker Compose, see [Docker Compose installation](./docker-compose.md). + +### Kubernetes + +Kubernetes deployment offers enterprise-grade scalability and high availability for production environments. Wave can also use the k8s pod to delegate the transfer task for scalability and includes comprehensive configuration options for build processes. + + diff --git a/docs/install/kubernetes.md b/docs/install/kubernetes.md index 353cdee4f..3ef0ce25b 100644 --- a/docs/install/kubernetes.md +++ b/docs/install/kubernetes.md @@ -4,9 +4,7 @@ description: Run Wave Lite on Kubernetes tags: [kubernetes, install, wave, wave lite] --- -Wave enables you to provision container images on-demand, removing the need to build and upload them manually to a container registry. Wave can provision both disposable containers that are only accessible for a short period, and regular registry-persisted container images. - -Kubernetes installations support Wave Lite, a configuration mode for Wave that supports container augmentation and inspection on AWS, Azure, and GCP deployments, and enables the use of Fusion file system in Nextflow pipelines. See [Wave Lite](../wave-lite.md) for more information. +Kubernetes installations support [Wave Lite](../wave-lite.md), a configuration mode for Wave that supports container augmentation and inspection on AWS, Azure, and GCP deployments, and enables the use of Fusion file system in Nextflow pipelines. This page describes how to run Wave Lite on Kubernetes. It includes: @@ -33,7 +31,7 @@ You will need the following to get started: - **Storage**: Sufficient storage for your container images and temporary files ::: -:::info[**Assumptions**] +:::warning[**Assumptions**] This guide assumes: - You have already deployed Seqera Platform Enterprise @@ -44,8 +42,6 @@ This guide assumes: ## Database configuration -Wave requires a PostgreSQL database to operate. - To create your `wave` PostgreSQL database and user account with appropriate privileges: 1. Connect to PostgreSQL. @@ -94,9 +90,7 @@ To create your `wave` PostgreSQL database and user account with appropriate priv ## Namespace creation -A Kubernetes namespace provides logical isolation for cluster resources, allowing you to organize all Wave components together with proper resource limits and access controls. - -To create a `wave` namespace: +To create a Kubernetes `wave` namespace: 1. Create `namespace.yaml` with the following configuration: @@ -118,7 +112,7 @@ To create a `wave` namespace: ## Wave configuration -Wave requires configuration for database connections, Redis caching, and server settings. +To configure database connections, Redis caching, and server settings: 1. Create `wave-config.yaml` with the following configuration: @@ -206,6 +200,7 @@ Wave requires configuration for database connections, Redis caching, and server It is recommended to use Kubernetes Secrets for sensitive data instead of embedding them in the ConfigMap. For example, by adding environment variables with secrets to your Wave deployment manifest: ```yaml + --- env: - name: WAVE_DB_PASSWORD valueFrom: @@ -225,7 +220,7 @@ Wave requires configuration for database connections, Redis caching, and server ## Wave deployment -Deploy Wave using the following deployment manifest: +To deploy Wave using the deployment manifest: 1. Create `wave-deployment.yaml` with the following configuration: From 515674757434806bbeb3b8a89dae4a7bb7437c5b Mon Sep 17 00:00:00 2001 From: Christopher Hakkaart Date: Thu, 28 Aug 2025 16:23:17 +1200 Subject: [PATCH 6/8] Revise configure Wave build Signed-off-by: Christopher Hakkaart --- docs/install/configure-wave-build.md | 676 +++++++++++++++------------ docs/install/docker-compose.md | 294 ++++++------ docs/install/index.md | 38 +- docs/install/kubernetes.md | 249 +++++----- docs/tutorials/index.md | 8 + 5 files changed, 696 insertions(+), 569 deletions(-) diff --git a/docs/install/configure-wave-build.md b/docs/install/configure-wave-build.md index b1a727360..dd8bf43fe 100644 --- a/docs/install/configure-wave-build.md +++ b/docs/install/configure-wave-build.md @@ -1,343 +1,413 @@ --- title: Configure Wave build +description: Enable Wave build on Kubernetes and AWS EFS storage +tags: [kubernetes, install, wave, wave build] --- -This guide covers extending your existing Wave installation on Kubernetes to support container build capabilities. This enables Wave's full feature set including container building, freezing, and advanced caching. +Wave's full build capabilities require specific integrations with Kubernetes and AWS Elastic File System (EFS) Storage, making Amazon Elastic Kubernetes Service (EKS) and AWS hard dependencies for full-featured deployments that support container build capabilities. -## Prerequisites +This page describes how to extend your [Kubernetes installation](./kubernetes) to support container build capabilities. It includes: -Before extending Wave for build support, ensure you have: +- Configure Kubernetes service account and RBAC policies +- Configure EFS storage +- Update Wave configuration +- Update Wave deployments +- Deploy updates +- Verify build functionality +- Configure production enhancements +- Optimize for production environments +- Configure advanced options -- **Existing Wave installation** - Basic Wave deployment already running in augmentation-only mode -- **AWS EKS cluster** - Build capabilities require AWS-specific integrations -- **EFS filesystem** - Configured and accessible from your EKS cluster for shared build storage -- **Cluster admin permissions** - Required to create RBAC policies and storage resources +:::info[**Prerequisites**] +You will need the following to get started: -## Create Kubernetes Service Account & RBAC Policies +- An existing [Wave Lite Kubernetes installation](./kubernetes.md) +- An AWS EKS cluster +- An EFS filesystem configured and accessible from your EKS cluster +- Cluster admin permissions to create RBAC policies and storage resources +::: -Wave's build service needs permissions to create and manage build pods. Create the necessary RBAC configuration: +## Configure Kubernetes service account and RBAC policies -```yaml ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: wave-sa - namespace: wave ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: wave-role -rules: - - apiGroups: [""] - resources: [pods, pods/status, pods/log, pods/exec] - verbs: [get, list, watch, create, delete] - - apiGroups: ["batch"] - resources: [jobs, jobs/status] - verbs: [get, list, watch, create, delete] - - apiGroups: [""] - resources: [configmaps, secrets] - verbs: [get, list] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: wave-rolebind -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: wave-role -subjects: - - kind: ServiceAccount +To configure your Kubernetes service account and RBAC policies: + +1. Create `wave-rbac.yaml` with the following configuration: + + ```yaml + --- + apiVersion: v1 + kind: ServiceAccount + metadata: name: wave-sa namespace: wave -``` - -## Configure EFS Storage - -Wave builds require shared storage accessible across multiple pods. Configure EFS with the AWS EFS CSI driver: - -### Storage Class - -```yaml -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: efs-wave-sc -provisioner: efs.csi.aws.com -parameters: - provisioningMode: efs-ap - fileSystemId: "REPLACE_ME_EFS_ID" - directoryPerms: "0755" -``` - -### Persistent Volume - -```yaml -apiVersion: v1 -kind: PersistentVolume -metadata: - name: wave-build-pv -spec: - capacity: - storage: 500Gi - volumeMode: Filesystem - accessModes: - - ReadWriteMany - persistentVolumeReclaimPolicy: Retain - storageClassName: efs-wave-sc - csi: - driver: efs.csi.aws.com - volumeHandle: "REPLACE_ME_EFS_ID" -``` - -### Persistent Volume Claim - -```yaml -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - namespace: wave - name: wave-build-pvc - labels: - app: wave-app -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: 500Gi - storageClassName: efs-wave-sc -``` - -**Configuration Notes:** -- Replace `REPLACE_ME_EFS_ID` with your actual EFS filesystem ID -- EFS must be in the same VPC as your EKS cluster -- Ensure EFS security groups allow NFS traffic from EKS worker nodes - -## Update Wave Configuration + --- + apiVersion: rbac.authorization.k8s.io/v1 + kind: ClusterRole + metadata: + name: wave-role + rules: + - apiGroups: [""] + resources: [pods, pods/status, pods/log, pods/exec] + verbs: [get, list, watch, create, delete] + - apiGroups: ["batch"] + resources: [jobs, jobs/status] + verbs: [get, list, watch, create, delete] + - apiGroups: [""] + resources: [configmaps, secrets] + verbs: [get, list] + --- + apiVersion: rbac.authorization.k8s.io/v1 + kind: ClusterRoleBinding + metadata: + name: wave-rolebind + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: wave-role + subjects: + - kind: ServiceAccount + name: wave-sa + namespace: wave + ``` + +1. Apply the RBAC configuration: + + ```bash + kubectl apply -f wave-rbac.yaml + ``` + +## Configure EFS storage + +Wave builds require shared storage accessible across multiple pods. Configure EFS with the AWS EFS CSI driver to provide persistent, shared storage for build artifacts and caching. + +:::note +EFS must be in the same Virtual Private Cloud (VPC) as your EKS cluster. Ensure EFS security groups allow NFS traffic from EKS worker nodes. +::: + +### Storage class + +To configure your EFS storage class: + +1. Create `wave-storage.yaml` with the following configuration: + + ```yaml + --- + apiVersion: storage.k8s.io/v1 + kind: StorageClass + metadata: + name: efs-wave-sc + provisioner: efs.csi.aws.com + parameters: + provisioningMode: efs-ap + fileSystemId: "" + directoryPerms: "0755" + ``` + + Replace `` with your Amazon EFS File System ID. + +1. Apply the storage configuration: + + ```bash + kubectl apply -f wave-storage.yaml + ``` + +### Persistent volume + +To configure your persistent volume: + +1. Create `wave-persistent.yaml` with the following configuration: + + ```yaml + apiVersion: v1 + kind: PersistentVolume + metadata: + name: wave-build-pv + spec: + capacity: + storage: 500Gi + volumeMode: Filesystem + accessModes: + - ReadWriteMany + persistentVolumeReclaimPolicy: Retain + storageClassName: efs-wave-sc + csi: + driver: efs.csi.aws.com + volumeHandle: "" + ``` + + Replace `` with your Amazon EFS File System ID. + +1. Apply the persistent volume: + + ```bash + kubectl apply -f wave-persistent.yaml + ``` + +### Persistent volume claim + +To configure your persistent volume claim: + +1. Create `wave-persistent-claim.yaml` with the following configuration: + + ```yaml + apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + namespace: wave + name: wave-build-pvc + labels: + app: wave-app + spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: 500Gi + storageClassName: efs-wave-sc + ``` + +1. Apply the persistent volume claim: + + ```bash + kubectl apply -f wave-persistent-claim.yaml + ``` + +## Update Wave configuration Update your existing Wave ConfigMap to enable build features and configure storage paths: -```yaml -kind: ConfigMap -apiVersion: v1 -metadata: - name: wave-cfg - namespace: wave - labels: - app: wave-cfg -data: - config.yml: | - wave: - # Enable build service - build: - enabled: true - workspace: '/build/work' - # Optional: Configure build timeouts - timeout: '1h' - # Optional: Configure resource limits for build pods - resources: - requests: - memory: '1Gi' - cpu: '500m' - limits: - memory: '4Gi' - cpu: '2000m' - - # Enable other build-dependent features - mirror: - enabled: true - scan: - enabled: true - blobCache: - enabled: true - - # Existing database, redis, and platform configuration... - db: - uri: "jdbc:postgresql://your-postgres-host:5432/wave" - user: "wave_user" - password: "your_secure_password_here" - - redis: - uri: "redis://your-redis-host:6379" - - tower: - endpoint: - url: "https://your-platform-instance.com/api" - - # Kubernetes-specific configuration for builds - k8s: - namespace: wave - serviceAccount: wave-sa - # Optional: Configure build pod settings - buildPod: - image: 'quay.io/buildah/stable:latest' - nodeSelector: - wave-builds: "true" -``` - -## Update Wave Deployment - -Modify your existing Wave deployment to include the service account and EFS storage: - -```yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wave - namespace: wave - labels: - app: wave-app -spec: - replicas: 1 - selector: - matchLabels: - app: wave-app - template: +1. Open `wave-config.yaml` and update the configuration with the following: + + ```yaml + kind: ConfigMap + apiVersion: v1 metadata: + name: wave-cfg + namespace: wave + labels: + app: wave-cfg + data: + config.yml: | + wave: + # Enable build service + build: + enabled: true + workspace: '/build/work' + # Optional: Configure build timeouts + timeout: '1h' + # Optional: Configure resource limits for build pods + resources: + requests: + memory: '1Gi' + cpu: '500m' + limits: + memory: '4Gi' + cpu: '2000m' + + # Enable other build-dependent features + mirror: + enabled: true + scan: + enabled: true + blobCache: + enabled: true + + # Existing database, redis, and platform configuration... + db: + uri: "jdbc:postgresql://:5432/wave" + user: "wave_user" + password: "" + + redis: + uri: "rediss://:6379" + + # Platform integration (optional) + tower: + endpoint: + url: "" + + # Kubernetes-specific configuration for builds + k8s: + namespace: wave + serviceAccount: wave-sa + # Optional: Configure build pod settings + buildPod: + image: 'quay.io/buildah/stable:latest' + nodeSelector: + wave-builds: "true" + ``` + + Replace the following: + + - ``: your Postgres service endpoint + - ``: your Redis service endpoint + - ``: your secure password for the database user + - ``: your Platform endpoint URL (_optional_) + +1. Apply the Wave configuration: + + ```bash + kubectl apply -f wave-config.yaml + ``` + +## Update Wave deployments + +To update your Wave deployment, follow these steps: + +1. Modify your existing `wave-deployment.yaml` to include the service account and EFS storage: + + ```yaml + apiVersion: apps/v1 + kind: Deployment + metadata: + name: wave + namespace: wave labels: app: wave-app spec: - serviceAccountName: wave-sa # Add service account - containers: - - image: your-registry.com/wave:latest - name: wave-app - ports: - - containerPort: 9090 - name: http - env: - - name: MICRONAUT_ENVIRONMENTS - value: "postgres,redis,k8s" # Add k8s environment - - name: WAVE_JVM_OPTS - value: "-Xmx3g -Xms1g -XX:+UseG1GC" - resources: - requests: - memory: "4Gi" - cpu: "1000m" - limits: - memory: "4Gi" - cpu: "2000m" - workingDir: "/work" - volumeMounts: + replicas: 1 + selector: + matchLabels: + app: wave-app + template: + metadata: + labels: + app: wave-app + spec: + serviceAccountName: wave-sa # Add service account + containers: + - image: /wave: + name: wave-app + ports: + - containerPort: 9090 + name: http + env: + - name: MICRONAUT_ENVIRONMENTS + value: "postgres,redis,k8s" # Add k8s environment + - name: WAVE_JVM_OPTS + value: "-Xmx3g -Xms1g -XX:+UseG1GC" + resources: + requests: + memory: "4Gi" + cpu: "1000m" + limits: + memory: "4Gi" + cpu: "2000m" + workingDir: "/work" + volumeMounts: + - name: wave-cfg + mountPath: /work/config.yml + subPath: "config.yml" + - name: build-storage # Add EFS mount + mountPath: /build + readinessProbe: + httpGet: + path: /health + port: 9090 + initialDelaySeconds: 30 + timeoutSeconds: 10 + livenessProbe: + httpGet: + path: /health + port: 9090 + initialDelaySeconds: 60 + timeoutSeconds: 10 + volumes: - name: wave-cfg - mountPath: /work/config.yml - subPath: "config.yml" - - name: build-storage # Add EFS mount - mountPath: /build - readinessProbe: - httpGet: - path: /health - port: 9090 - initialDelaySeconds: 30 - timeoutSeconds: 10 - livenessProbe: - httpGet: - path: /health - port: 9090 - initialDelaySeconds: 60 - timeoutSeconds: 10 - volumes: - - name: wave-cfg - configMap: - name: wave-cfg - - name: build-storage # Add EFS volume - persistentVolumeClaim: - claimName: wave-build-pvc - restartPolicy: Always -``` - -## Deploy the Updates - -Apply the configuration changes to enable build support: - -```bash -# Apply RBAC configuration -kubectl apply -f wave-rbac.yaml - -# Apply storage configuration -kubectl apply -f wave-storage.yaml - -# Update the ConfigMap -kubectl apply -f wave-configmap.yaml - -# Update the deployment -kubectl apply -f wave-deployment.yaml - -# Verify the deployment -kubectl get pods -n wave -kubectl logs -f deployment/wave -n wave - -# Check that EFS is mounted correctly -kubectl exec -it deployment/wave -n wave -- df -h /build -``` - -## Verify Build Functionality + configMap: + name: wave-cfg + - name: build-storage # Add EFS volume + persistentVolumeClaim: + claimName: wave-build-pvc + restartPolicy: Always + ``` -Test that Wave build capabilities are working: + Replace the following: + + - ``: your registry image address + - ``: your Wave image tag version + +1. Apply the updated deployment: + + ``` + kubectl apply -f wave-deployment.yaml + ``` + +## Verify the deployment -1. **Check Wave health endpoint** for build service status -2. **Monitor logs** for build service initialization messages -3. **Test a simple build** through the Wave API or Platform integration +To verify your deployment, follow these steps: -```bash -curl http://wave-service.wave.svc.cluster.local:9090/health +1. Check the Wave pods and logs:: -kubectl logs -f deployment/wave -n wave | grep -i build -``` + ```bash + kubectl get pods -n wave + kubectl logs -f deployment/wave -n wave + ``` -## Recommended Production Enhancements +1. Check that EFS is mounted correctly: -### Dedicated Node Pools + ```bash + kubectl exec -it deployment/wave -n wave -- df -h /build + ``` -Create dedicated node pools for Wave build workloads to isolate build processes and optimize resource allocation: +## Verify build functionality +Test that Wave build capabilities are working: + +1. Check Wave health endpoint for build service status +1. Monitor logs for build service initialization messages +1. **Test a simple build** through the Wave API or Platform integration + + ```bash + curl http://wave-service.wave.svc.cluster.local:9090/health + kubectl logs -f deployment/wave -n wave | grep -i build + ``` + +## Configure production enhancements -### Build Pod Resource Management +The following sections describe recommended enhancements for production deployments: -Configure resource quotas and limits for build pods: +### Dedicated node pools -```yaml -apiVersion: v1 -kind: ResourceQuota -metadata: - name: wave-build-quota - namespace: wave -spec: - hard: - requests.cpu: "10" - requests.memory: 20Gi - limits.cpu: "20" - limits.memory: 40Gi - pods: "10" -``` +Create dedicated node pools for Wave build workloads to isolate build processes and optimize resource allocation. -### Monitoring and Alerting +### Build pod resource management -Set up monitoring for build operations: +Control resource usage and prevent build pods from overwhelming your cluster: -- **Build success/failure rates** -- **Build duration metrics** -- **EFS storage usage** -- **Node resource utilization** -- **Build queue length** +- Configure resource quotas and limits for build pods. + + ```yaml + apiVersion: v1 + kind: ResourceQuota + metadata: + name: wave-build-quota + namespace: wave + spec: + hard: + requests.cpu: "10" + requests.memory: 20Gi + limits.cpu: "20" + limits.memory: 40Gi + pods: "10" + ``` -## Security Considerations +### Monitoring and alerting -- **EFS Access Points** - Use EFS access points to isolate build workspaces -- **Network Policies** - Restrict network access for build pods -- **Pod Security Standards** - Apply appropriate security contexts to build pods -- **Image Scanning** - Enable security scanning for built images -- **RBAC Minimization** - Regularly review and minimize Wave's cluster permissions +Set up monitoring for build operations to track performance and identify issues: -## Troubleshooting +- Build success/failure rates +- Build duration metrics +- EFS storage usage +- Node resource utilization +- Build queue length -**Common issues and solutions:** +## Security considerations -- **EFS mount failures** - Check security groups and VPC configuration -- **Build pod creation failures** - Verify RBAC permissions and node selectors -- **Storage access issues** - Ensure EFS access points are configured correctly -- **Build timeouts** - Adjust build timeout settings based on workload requirements +Implement these security measures to protect your Wave deployment and build environment: -For additional configuration options and advanced features, see [Configuring Wave](./configure-wave.md). +- Use EFS access points to isolate build workspaces +- Restrict network access for build pods +- Apply appropriate security contexts to build pods +- Enable security scanning for built images +- Regularly review and minimize Wave's cluster permissions diff --git a/docs/install/docker-compose.md b/docs/install/docker-compose.md index 200fc7054..a35e7741a 100644 --- a/docs/install/docker-compose.md +++ b/docs/install/docker-compose.md @@ -1,20 +1,20 @@ --- -title: Docker Compose -description: Run Wave List on Docker Compose +title: Install Wave Lite with Docker Compose +description: Install Wave Lite with Docker Compose tags: [docker compose, install, wave] --- -Docker Compose provides a straightforward deployment method suitable for development, testing, and production environments by packaging Wave services and dependencies into a coordinated container stack. This approach handles service orchestration automatically, coordinating startup and networking of Wave components, with updates performed by downloading new container versions and restarting the application stack. +Docker Compose provides a straightforward deployment method for deploying Wave. It packages Wave services and dependencies into a coordinated container stack. This approach handles service orchestration automatically, coordinating startup and networking of Wave components. -Docker Compose installations support [Wave Lite](../wave-lite.md), a configuration mode for Wave that includes only container augmentation and inspection capabilities, and enables the use of Fusion file system in Nextflow pipelines. +Docker Compose installations support [Wave Lite](../wave-lite.md), a configuration mode for Wave that includes container augmentation and inspection capabilities, and enables the use of Fusion file system in Nextflow pipelines. -This page describes how to run Wave Lite on Docker Compose. It includes: +This page describes how to run Wave Lite with Docker Compose. It includes steps to: -- Database configuration -- Wave configuration -- Docker Compose -- Wave deployment -- Advanced configuration +- Configure a database +- Configure Wave +- Set up Docker Compose +- Deploy Wave +- Configure advanced options :::info[**Prerequisites**] You will need the following to get started: @@ -29,12 +29,12 @@ You will need the following to get started: - **Network**: Connectivity to your PostgreSQL and Redis instances ::: -## Database configuration +## Configure a database -To create your `wave` PostgreSQL database and user account with appropriate privileges: +To create a PostgreSQL database and user account, follow these steps: 1. Connect to PostgreSQL. -1. Create a dedicated user for Wave: +1. Create a dedicated user: ```sql CREATE ROLE wave_user LOGIN PASSWORD ''; @@ -42,13 +42,13 @@ To create your `wave` PostgreSQL database and user account with appropriate priv Replace `` with a secure password for the database user. -1. Create the Wave database: +1. Create the `wave` database: ```sql CREATE DATABASE wave; ``` -1. Connect to the wave database: +1. Connect to the `wave` database: ```sql \c wave; @@ -81,138 +81,144 @@ To create your `wave` PostgreSQL database and user account with appropriate priv Wave will automatically handle schema migrations and create the required database objects on startup. ::: -## Wave configuration - -To configure Wave, create a `config/wave-config.yml` file in your Docker Compose directory with the following configuration: - -```yaml -wave: - # Build service configuration - disabled for Docker Compose - build: - enabled: false - # Mirror service configuration - disabled for Docker Compose - mirror: - enabled: false - # Security scanning configuration - disabled for Docker Compose - scan: - enabled: false - # Blob caching configuration - disabled for Docker Compose - blobCache: - enabled: false - # Database connection settings - db: - uri: "jdbc:postgresql://:5432/wave" - user: "wave_user" - password: "" +## Configure Wave + +To configure Wave's behavior and integrations: + +- Create `config/wave-config.yml` with the following configuration: + + ```yaml + wave: + # Build service configuration - disabled for Docker Compose + build: + enabled: false + # Mirror service configuration - disabled for Docker Compose + mirror: + enabled: false + # Security scanning configuration - disabled for Docker Compose + scan: + enabled: false + # Blob caching configuration - disabled for Docker Compose + blobCache: + enabled: false + # Database connection settings + db: + uri: "jdbc:postgresql://:5432/wave" + user: "wave_user" + password: "" # Redis configuration for caching and session management -redis: - uri: "redis://:6379" - -# Platform integration (optional) -tower: - endpoint: - url: "" - -# Micronaut framework configuration -micronaut: - # Netty HTTP server configuration - netty: - event-loops: - default: - num-threads: 64 - stream-pool: - executor: stream-executor - # HTTP client configuration - http: + redis: + uri: "redis://:6379" + + # Platform integration (optional) + tower: + endpoint: + url: "" + + # Micronaut framework configuration + micronaut: + # Netty HTTP server configuration + netty: + event-loops: + default: + num-threads: 64 + stream-pool: + executor: stream-executor + # HTTP client configuration + http: + services: + stream-client: + read-timeout: 30s + read-idle-timeout: 5m + event-loop-group: stream-pool + + # Management endpoints configuration + loggers: + env: + enabled: false + bean: + enabled: false + caches: + enabled: false + refresh: + enabled: false + loggers: + enabled: false + info: + enabled: false + # Enable metrics for monitoring + metrics: + enabled: true + # Enable health checks + health: + enabled: true + disk-space: + enabled: false + jdbc: + enabled: false + ``` + + Replace the following: + + - ``: your Postgres service endpoint + - ``: your Redis service endpoint + - ``: your secure password for the database user + - ``: your Platform endpoint URL (_optional_) + + Adjust the following values based on your CPU cores: + + - `number-of-threads`: Set between 2x and 4x your CPU core count (default: 16) + - `num-threads`: Set between 2x and 4x your CPU core count (default: 64) + +## Configure Docker Compose + +To configure Waves Docker Compose deploy: + +- Create `docker-compose.yml` with the following configuration: + + ```yaml services: - stream-client: - read-timeout: 30s - read-idle-timeout: 5m - event-loop-group: stream-pool - -# Management endpoints configuration -loggers: - env: - enabled: false - bean: - enabled: false - caches: - enabled: false - refresh: - enabled: false - loggers: - enabled: false - info: - enabled: false - # Enable metrics for monitoring - metrics: - enabled: true - # Enable health checks - health: - enabled: true - disk-space: - enabled: false - jdbc: - enabled: false -``` - -Replace the following: - -- ``: your Postgres service endpoint -- ``: your Redis service endpoint -- ``: your secure password for the database user -- ``: your Platform endpoint URL (_optional_) - -Adjust the following values based on your CPU cores: - -- `number-of-threads`: Set between 2x and 4x your CPU core count (default: 16) -- `num-threads`: Set between 2x and 4x your CPU core count (default: 64) - -## Docker Compose - -To configure Docker Compose, create a `docker-compose.yml` file with the following configuration: - -```yaml -services: - wave-app: - image: your-registry.com/wave:latest - container_name: wave-app - ports: - # Bind to the host on 9100 vs 9090 - - "9100:9090" - environment: - - MICRONAUT_ENVIRONMENTS=lite,redis,postgres - volumes: - - ./config/wave-config.yml:/work/config.yml:ro - deploy: - mode: replicated - replicas: 2 - resources: - limits: - memory: 4G - cpus: '1.0' - reservations: - memory: 4G - cpus: '1' - # Health check configuration - healthcheck: - test: ["CMD", "curl", "-f", "http://localhost:9090/health"] - interval: 30s - timeout: 10s - retries: 3 - start_period: 60s - # Restart policy - restart: unless-stopped -``` - -## Wave deployment - -To deploy Wave Lite using Docker Swarm: + wave-app: + image: /wave:latest + container_name: wave-app + ports: + # Bind to the host on 9100 vs 9090 + - "9100:9090" + environment: + - MICRONAUT_ENVIRONMENTS=lite,redis,postgres + volumes: + - ./config/wave-config.yml:/work/config.yml:ro + deploy: + mode: replicated + replicas: 2 + resources: + limits: + memory: 4G + cpus: '1.0' + reservations: + memory: 4G + cpus: '1' + # Health check configuration + healthcheck: + test: ["CMD", "curl", "-f", "http://localhost:9090/health"] + interval: 30s + timeout: 10s + retries: 3 + start_period: 60s + # Restart policy + restart: unless-stopped + ``` + + Replace `` with your registry image. + +## Deploy Wave + +To deploy Wave using Docker Swarm, follow these steps: 1. Download and populate the [wave.env](./_templates/wave.env) file with the settings corresponding to your system. -1. Use Docker Swarm to deploy Wave Lite. See [Create a swarm](https://docs.docker.com/engine/swarm/swarm-tutorial/create-swarm/) for detailed setup instructions. +1. Use Docker Swarm to deploy Wave. For detailed setup instructions, see [Create a swarm](https://docs.docker.com/engine/swarm/swarm-tutorial/create-swarm/). 1. Deploy the Wave service, running two replicas: @@ -243,9 +249,9 @@ To deploy Wave Lite using Docker Swarm: ``` :::warning - If Wave Lite is running in the same container as Platform Connect for [Studios](https://docs.seqera.io/platform-enterprise/25.2/enterprise/studios#docker-compose), tearing down the service will also interrupt Connect services. + If Wave is running in the same container as Platform Connect for [Studios](https://docs.seqera.io/platform-enterprise/25.2/enterprise/studios#docker-compose), tearing down the service will also interrupt Connect services. ::: -## Advanced configuration +## Configure advanced options -See [Configuring Wave](./configure-wave.md) for advanced Wave features, scaling guidance, and integration options. +For advanced Wave features, scaling guidance, and integration options, see [Configuring Wave](./configure-wave.md). diff --git a/docs/install/index.md b/docs/install/index.md index c4cea0a75..19dfe3add 100644 --- a/docs/install/index.md +++ b/docs/install/index.md @@ -1,28 +1,33 @@ --- title: Installation -description: Install self-hosted Wave +description: Install Wave tags: [docker compose, kubernetes, install, wave, wave lite] --- -import DocCardList from "@theme/DocCardList"; - Wave provides multiple installation and deployment options to accommodate different organizational needs and infrastructure requirements. -## Hosted service +## Wave service by Seqera -The simplest way to get started with Wave is through the hosted service at [Seqera containers](https://seqera.io/containers/). This cloud-based option requires no local infrastructure setup and provides immediate access to Wave's container provisioning capabilities. Seqera containers is ideal for users who want to start using Wave quickly with minimal configuration overhead. +Wave is Seqera's container provisioning service that streamlines container management for Nextflow data analysis pipelines. The simplest way to get started with Wave is +through the hosted Wave service at https://wave.seqera.io. This cloud-based option requires no local infrastructure setup and provides immediate access to Wave's container +provisioning capabilities. The hosted service is ideal for users who want to start using Wave quickly with minimal configuration overhead. -When using the Seqera containers service, you can add a simple configuration block to your `nextflow.config` file to integrate Wave with your Nextflow pipelines: +When using the hosted Wave service, you can add a simple configuration block to your `nextflow.config` file to integrate Wave with your Nextflow pipelines: ```groovy wave { enabled = true } + +tower { + accessToken = '' +} ``` -For access to other public or private container repositories, you can add container registry credentials to your `nextflow.config` file. See the [Nextflow and Wave](../tutorials/nextflow-wave) tutorial to get started. +You don't need a Seqera access token for basic Wave functionality. However, providing one grants you additional capabilities including access to private container +repositories, container freezing to your own registry, and bypassing rate limits on public registries. Container registry credentials should be configured using the [credentials manager](https://docs.seqera.io/platform-cloud/credentials/overview) in Seqera Platform. -You can also integrate your registry with Seqera Platform's credential management system. See [Credentials overview](https://docs.seqera.io/platform-cloud/credentials/overview) for more information. +If you're a Seqera Platform Enterprise customer, integrate Wave by adding the `TOWER_ENABLE_WAVE=true` and `WAVE_SERVER_URL="https://wave.seqera.io"` environment variables to your Seqera configuration environment. You must configure container registry credentials in the Platform UI to enable access to private repositories, and ensure the Wave service is accessible from your network infrastructure. For more information, see [Wave containers](https://docs.seqera.io/platform-enterprise/enterprise/configuration/wave). ## Self-hosted deployment @@ -30,12 +35,23 @@ For organizations that require greater control over their container infrastructu ### Docker Compose -Docker Compose provides a straightforward deployment method suitable for development environments, testing, and production deployments. This method packages Wave services and dependencies into a coordinated set of containers that can be managed as a single application stack. +Docker Compose provides a straightforward method for deploying Wave. Docker Compose packages Wave services and dependencies into a coordinated container stack and handles service orchestration automatically, managing startup and networking of Wave components. -The Docker Compose deployment handles service orchestration automatically, coordinating the startup and networking of Wave components. Updates can be performed by downloading new container versions and restarting the application stack. To install with Docker Compose, see [Docker Compose installation](./docker-compose.md). +Docker Compose installations support [Wave Lite](../wave-lite.md), a configuration mode for Wave that includes container augmentation and inspection capabilities, and enables the use of the Fusion file system in Nextflow pipelines. See [Install Wave Lite with Docker Compose](./docker-compose.md) for detailed configuration instructions. ### Kubernetes -Kubernetes deployment offers enterprise-grade scalability and high availability for production environments. Wave can also use the k8s pod to delegate the transfer task for scalability and includes comprehensive configuration options for build processes. +Kubernetes is the preferred choice for deploying Wave in production environments that require scalability, high availability, and resilience. A Kubernetes installation involves setting up a cluster, configuring various components, and managing networking, storage, and resource allocation. + +Kubernetes installations support [Wave Lite](../wave-lite.md), a configuration mode for Wave that supports container augmentation and inspection on AWS, Azure, and GCP deployments, and enables the use of Fusion file system in Nextflow pipelines. See [Install Wave Lite with Kubernetes](./kubernetes.md) for detailed configuration instructions. + +If your organization requires full build capabilities, you can extend Wave beyond the base Wave Lite installation. This advanced configuration enables container +building functionality through specific integrations on Kubernetes and AWS EFS storage. See [Configure Wave build](./configure-wave-build.md) for detailed instructions. + + diff --git a/docs/install/kubernetes.md b/docs/install/kubernetes.md index 3ef0ce25b..67feffff1 100644 --- a/docs/install/kubernetes.md +++ b/docs/install/kubernetes.md @@ -1,22 +1,23 @@ --- -title: Kubernetes -description: Run Wave Lite on Kubernetes +title: Install Wave Lite with Kubernetes +description: Install Wave Lite on Kubernetes tags: [kubernetes, install, wave, wave lite] --- +Kubernetes is the preferred choice for deploying Wave in production environments that require scalability, high availability, and resilience. Its installation involves setting up a cluster, configuring various components, and managing networking, storage, and resource allocation. + Kubernetes installations support [Wave Lite](../wave-lite.md), a configuration mode for Wave that supports container augmentation and inspection on AWS, Azure, and GCP deployments, and enables the use of Fusion file system in Nextflow pipelines. -This page describes how to run Wave Lite on Kubernetes. It includes: +This page describes how to run Wave Lite on Kubernetes. It includes steps to: -- Database configuration -- Namespace creation -- Wave configuration -- Wave deployment -- Service creation -- Advanced configuration -- Next steps +- Configure a database +- Create a namespace +- Configure Wave +- Deploy Wave +- Create a service +- Configure Wave connectivity -Wave's full build capabilities require specific integrations on Kubernetes and AWS EFS Storage, making EKS and AWS a hard dependency for fully-featured deployments. After you configure a base Wave Lite installation on AWS with this guide, see [Configure Wave Build](./configure-wave-build.md) to optionally extend your installation to support build capabilities. +Wave's full build capabilities require specific integrations with Kubernetes and AWS Elastic File System (EFS) Storage, making Amazon Elastic Kubernetes Service (EKS) and AWS hard dependencies for full-featured deployments. If you require build capabilities, see [Configure Wave build](./configure-wave-build.md) to extend your installation. :::info[**Prerequisites**] You will need the following to get started: @@ -40,12 +41,12 @@ This guide assumes: - Your PostgreSQL and Redis instances are accessible from the Kubernetes cluster ::: -## Database configuration +## Configure a database -To create your `wave` PostgreSQL database and user account with appropriate privileges: +To create a PostgreSQL database and user account, follow these steps: 1. Connect to PostgreSQL. -1. Create a dedicated user for Wave: +1. Create a dedicated user: ```sql CREATE ROLE wave_user LOGIN PASSWORD ''; @@ -88,9 +89,9 @@ To create your `wave` PostgreSQL database and user account with appropriate priv GRANT USAGE, SELECT, UPDATE ON SEQUENCES TO wave_user; ``` -## Namespace creation +## Create a namespace -To create a Kubernetes `wave` namespace: +To create a Kubernetes `wave` namespace, follow these steps: 1. Create `namespace.yaml` with the following configuration: @@ -104,15 +105,15 @@ To create a Kubernetes `wave` namespace: app: wave-app ``` -2. Deploy the `wave` namespace: +1. Apply the `wave` namespace configuration: ```bash kubectl apply -f namespace.yaml ``` -## Wave configuration +## Configure Wave -To configure database connections, Redis caching, and server settings: +To configure database connections, Redis caching, and server settings, follow these steps: 1. Create `wave-config.yaml` with the following configuration: @@ -209,18 +210,18 @@ To configure database connections, Redis caching, and server settings: key: db-password ``` - See the Kubernetes [Secrets](https://kubernetes.io/docs/concepts/configuration/secret/) for more details. + For more information, see Kubernetes [Secrets](https://kubernetes.io/docs/concepts/configuration/secret/). ::: - 2. Deploy the ConfigMap to the `wave` namespace: +1. Apply the ConfigMap: ```bash kubectl apply -f wave-config.yaml ``` -## Wave deployment +## Deploy Wave -To deploy Wave using the deployment manifest: +To deploy Wave using the deployment manifest, follow these steps: 1. Create `wave-deployment.yaml` with the following configuration: @@ -286,15 +287,15 @@ To deploy Wave using the deployment manifest: - ``: your AWS account ID - ``: your Wave image tag version -2. Deploy Wave to the `wave` namespace: +2. Apply the Wave configuration: ```bash kubectl apply -f wave-deployment.yaml ``` -## Service creation +## Create a service -To expose Wave within the cluster using a Service: +To expose Wave within the cluster using a Service, follow these steps: 1. Create `wave-service.yaml` with the following configuration: @@ -318,101 +319,127 @@ To expose Wave within the cluster using a Service: type: ClusterIP ``` -2. Deploy the service to the `wave` namespace: +1. Apply the service to the namespace: ```bash kubectl apply -f wave-service.yaml ``` -## Next steps - -### Configure Seqera Platform to integrate with Wave +## Configure Wave connectivity -Configure your Seqera Platform Enterprise deployment to integrate with Wave by setting the Wave server endpoint in your `tower.yml` [configuration](https://docs.seqera.io/platform-enterprise/latest/enterprise/configuration/wave). +After deploying Wave Lite, configure networking and integrate with Seqera Platform to make Wave accessible and functional. -### Networking +### Set up networking Wave must be accessible from: - Seqera Platform services - Compute environments (for container image access) -Configure external access using a Kubernetes ingress. - -Update the following example ingress with your provider-specific annotations: - -```yaml -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: wave-ingress - namespace: wave -spec: - rules: - - host: wave.your-domain.com - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: wave-service - port: - number: 9090 -``` - -### TLS - -Wave does not handle TLS termination directly. Configure TLS at your ingress controller or load balancer level. Most ingress controllers support automatic certificate provisioning through provider integrations. - - -### Production environments - -Consider implementing the following for production deployments: - -**Reliability:** -- Pod Disruption Budgets, for availability during cluster maintenance -- Horizontal Pod Autoscaler, for automatic scaling based on load -- Multiple replicas with anti-affinity rules, for high availability - -**Resource management:** -- Node selectors or affinity rules for optimal pod placement -- Resource quotas and limit ranges for the Wave namespace - -### AWS credentials to access ECR - -Wave requires access to AWS ECR for container image management. Create an IAM role with the following permissions: - -```json -"Statement": [ - { - "Action": [ - "ecr:BatchCheckLayerAvailability", - "ecr:GetDownloadUrlForLayer", - "ecr:GetRepositoryPolicy", - "ecr:DescribeRepositories", - "ecr:ListImages", - "ecr:DescribeImages", - "ecr:BatchGetImage", - "ecr:GetLifecyclePolicy", - "ecr:GetLifecyclePolicyPreview", - "ecr:ListTagsForResource", - "ecr:DescribeImageScanFindings", - "ecr:CompleteLayerUpload", - "ecr:UploadLayerPart", - "ecr:InitiateLayerUpload", - "ecr:PutImage" - ], - "Effect": "Allow", - "Resource": [ - "/wave/*" - ] - } -] -``` - -Replace `` with your ECR repository Amazon Resource Name (ARN). - -## Advanced configuration - -See [Configuring Wave](./configure-wave.md) for advanced Wave features, scaling guidance, and integration options. +Use a Kubernetes ingress to configure external access. + +To set up an ingress, follow these steps: + +1. Create `wave-ingress.yaml` with the following configuration: + + ```yaml + apiVersion: networking.k8s.io/v1 + kind: Ingress + metadata: + name: wave-ingress + namespace: wave + # Add your ingress controller annotations here + spec: + rules: + - host: + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: wave-service + port: + number: 9090 + ``` + + Replace `` with your provider-specific domain. + +2. Apply the ingress: + + ```bash + kubectl apply -f wave-ingress.yaml + ``` + +### Configure TLS + +Wave does not handle TLS termination directly. +Configure it at your ingress controller or load balancer level. +Most ingress controllers support automatic certificate provisioning. + +### Connect to Seqera Platform + +Configure your Seqera Platform deployment to use Wave by setting the Wave server endpoint in your `tower.yml` configuration. For more information, see [Pair your Seqera instance with Wave](https://docs.seqera.io/platform-enterprise/enterprise/configuration/wave#pair-your-seqera-instance-with-wave). + +### Configure AWS ECR access + +Wave needs specific permissions to manage container images. + +To configure AWS ECR access: + +- Create an IAM role with the following permissions: + + ```json + "Statement": [ + { + "Action": [ + "ecr:BatchCheckLayerAvailability", + "ecr:GetDownloadUrlForLayer", + "ecr:GetRepositoryPolicy", + "ecr:DescribeRepositories", + "ecr:ListImages", + "ecr:DescribeImages", + "ecr:BatchGetImage", + "ecr:GetLifecyclePolicy", + "ecr:GetLifecyclePolicyPreview", + "ecr:ListTagsForResource", + "ecr:DescribeImageScanFindings", + "ecr:CompleteLayerUpload", + "ecr:UploadLayerPart", + "ecr:InitiateLayerUpload", + "ecr:PutImage" + ], + "Effect": "Allow", + "Resource": [ + "/wave/*" + ] + } + ] + ``` + + Replace `` with your ECR repository Amazon Resource Name (ARN). + +## Optimize for production environments + +For production deployments, implement these reliability and performance improvements: + +**High availability:** + +- Set `replicas: 3` or higher in your deployment +- Add pod anti-affinity rules to distribute replicas across nodes +- Configure Pod Disruption Budgets for maintenance windows + +**Auto-scaling:** + +- Set up Horizontal Pod Autoscaler based on CPU/memory usage +- Configure resource quotas and limits for the Wave namespace + +**Monitoring:** + +- Set up monitoring for Wave pods and services +- Configure alerting for health check failures +- Monitor database and Redis connection health + +## Configure advanced options + +For advanced Wave features, scaling guidance, and integration options, see [Configure Wave](./configure-wave.md). diff --git a/docs/tutorials/index.md b/docs/tutorials/index.md index 25ec0338c..1aaa6eaf1 100644 --- a/docs/tutorials/index.md +++ b/docs/tutorials/index.md @@ -4,11 +4,19 @@ description: Guides to get started with Wave. tags: [containers, nextflow, seqera containers, wave, wave cli] --- +Wave is versatile and you can leverage it in your Nextflow pipelines in several ways. The following guides describe how to quickly get started with Wave: + +- [Nextflow and Seqera Containers][seqera-containers-page] - Add community-built containers in your pipelines +- [Nextflow and Wave][nextflow-wave-page] - Build and provision containers on-demand with Wave integration +- [Wave CLI][wave-cli-page] - Build, test, and manage containers from the command line + + [seqera-containers-page]: /wave_docs/wave_repo/docs/tutorials/nextflow-seqera-containers.mdx [nextflow-wave-page]: /wave_docs/wave_repo/docs/tutorials/nextflow-wave.mdx From b86ea96011b4a9aefb1ff01b329ea1e5db9a03f0 Mon Sep 17 00:00:00 2001 From: Christopher Hakkaart Date: Fri, 29 Aug 2025 09:22:04 +1200 Subject: [PATCH 7/8] Fix wave build steps Signed-off-by: Christopher Hakkaart --- docs/install/configure-wave-build.md | 51 ++++++++++++++-------------- 1 file changed, 26 insertions(+), 25 deletions(-) diff --git a/docs/install/configure-wave-build.md b/docs/install/configure-wave-build.md index dd8bf43fe..5998f66fe 100644 --- a/docs/install/configure-wave-build.md +++ b/docs/install/configure-wave-build.md @@ -192,18 +192,30 @@ Update your existing Wave ConfigMap to enable build features and configure stora # Enable build service build: enabled: true - workspace: '/build/work' + workspace: '/build/workspace' + # Optional: Retain failed builds to gather logs & inspect + cleanup: "OnSuccess" # Optional: Configure build timeouts - timeout: '1h' - # Optional: Configure resource limits for build pods - resources: - requests: - memory: '1Gi' - cpu: '500m' - limits: - memory: '4Gi' - cpu: '2000m' - + timeout: '15m' + # Example additional kubernetes configuration for wave-build + k8s: + dns: + servers: + - "1.1.1.1" + - "8.8.8.8" + namespace: "wave-build" + storage: + mountPath: "/build" + # Relevant volume claim name should match the + claimName: "wave-build-pvc" + serviceAccount: "wave-build-sa" + resources: + requests: + memory: '1800Mi' + nodeSelector: + # This node selector binds the build pods to a separate cluster node group + linux/amd64: 'service=wave-build' + linux/arm64: 'service=wave-build-arm64' # Enable other build-dependent features mirror: enabled: true @@ -219,29 +231,18 @@ Update your existing Wave ConfigMap to enable build features and configure stora password: "" redis: - uri: "rediss://:6379" + uri: "redis://:6379" - # Platform integration (optional) tower: endpoint: url: "" - - # Kubernetes-specific configuration for builds - k8s: - namespace: wave - serviceAccount: wave-sa - # Optional: Configure build pod settings - buildPod: - image: 'quay.io/buildah/stable:latest' - nodeSelector: - wave-builds: "true" ``` Replace the following: - ``: your Postgres service endpoint - - ``: your Redis service endpoint - ``: your secure password for the database user + - ``: your Redis service endpoint - ``: your Platform endpoint URL (_optional_) 1. Apply the Wave configuration: @@ -298,7 +299,7 @@ To update your Wave deployment, follow these steps: - name: wave-cfg mountPath: /work/config.yml subPath: "config.yml" - - name: build-storage # Add EFS mount + - name: build-storage mountPath: /build readinessProbe: httpGet: From 8f187995d6e6e663478e8d43093edfb9dfc8574f Mon Sep 17 00:00:00 2001 From: Christopher Hakkaart Date: Fri, 29 Aug 2025 14:03:07 +1200 Subject: [PATCH 8/8] Review changes --- docs/install/configure-wave-build.md | 2 +- docs/install/docker-compose.md | 30 +++++----------------------- docs/install/kubernetes.md | 26 +++--------------------- 3 files changed, 9 insertions(+), 49 deletions(-) diff --git a/docs/install/configure-wave-build.md b/docs/install/configure-wave-build.md index 5998f66fe..8b62fc540 100644 --- a/docs/install/configure-wave-build.md +++ b/docs/install/configure-wave-build.md @@ -4,7 +4,7 @@ description: Enable Wave build on Kubernetes and AWS EFS storage tags: [kubernetes, install, wave, wave build] --- -Wave's full build capabilities require specific integrations with Kubernetes and AWS Elastic File System (EFS) Storage, making Amazon Elastic Kubernetes Service (EKS) and AWS hard dependencies for full-featured deployments that support container build capabilities. +Wave's full build capabilities require specific integrations with Kubernetes and AWS Elastic File System (EFS) Storage. Amazon Elastic Kubernetes Service (EKS) and AWS hard dependencies for full-featured deployments that support container build capabilities. This page describes how to extend your [Kubernetes installation](./kubernetes) to support container build capabilities. It includes: diff --git a/docs/install/docker-compose.md b/docs/install/docker-compose.md index a35e7741a..8229ba17e 100644 --- a/docs/install/docker-compose.md +++ b/docs/install/docker-compose.md @@ -31,45 +31,23 @@ You will need the following to get started: ## Configure a database -To create a PostgreSQL database and user account, follow these steps: +To configure a PostgreSQL database, follow these steps: 1. Connect to PostgreSQL. -1. Create a dedicated user: +1. Create a dedicated `wave` database and user account with the appropriate privileges: ```sql CREATE ROLE wave_user LOGIN PASSWORD ''; - ``` - - Replace `` with a secure password for the database user. -1. Create the `wave` database: - - ```sql CREATE DATABASE wave; - ``` -1. Connect to the `wave` database: - - ```sql \c wave; - ``` -1. Grant basic schema access: - - ```sql GRANT USAGE, CREATE ON SCHEMA public TO wave_user; - ``` - -1. Grant privileges on existing tables and sequences: - ```sql GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA public TO wave_user; GRANT USAGE, SELECT, UPDATE ON ALL SEQUENCES IN SCHEMA public TO wave_user; - ``` - -1. Grant privileges on future tables and sequences: - ```sql ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT, INSERT, UPDATE, DELETE ON TABLES TO wave_user; @@ -77,6 +55,8 @@ To create a PostgreSQL database and user account, follow these steps: GRANT USAGE, SELECT, UPDATE ON SEQUENCES TO wave_user; ``` + Replace `` with a secure password for the database user. + :::note Wave will automatically handle schema migrations and create the required database objects on startup. ::: @@ -162,8 +142,8 @@ To configure Wave's behavior and integrations: Replace the following: - ``: your Postgres service endpoint - - ``: your Redis service endpoint - ``: your secure password for the database user + - ``: your Redis service endpoint - ``: your Platform endpoint URL (_optional_) Adjust the following values based on your CPU cores: diff --git a/docs/install/kubernetes.md b/docs/install/kubernetes.md index 67feffff1..802a63fd2 100644 --- a/docs/install/kubernetes.md +++ b/docs/install/kubernetes.md @@ -46,42 +46,20 @@ This guide assumes: To create a PostgreSQL database and user account, follow these steps: 1. Connect to PostgreSQL. -1. Create a dedicated user: +1. Create a dedicated `wave` database and user account with the appropriate privileges: ```sql CREATE ROLE wave_user LOGIN PASSWORD ''; - ``` - - Replace `` with a secure password for the database user. -1. Create the Wave database: - - ```sql CREATE DATABASE wave; - ``` - -1. Connect to the wave database: - ```sql \c wave; - ``` - -1. Grant basic schema access: - ```sql GRANT USAGE, CREATE ON SCHEMA public TO wave_user; - ``` - -1. Grant privileges on existing tables and sequences: - ```sql GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA public TO wave_user; GRANT USAGE, SELECT, UPDATE ON ALL SEQUENCES IN SCHEMA public TO wave_user; - ``` -1. Grant privileges on future tables and sequences: - - ```sql ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT, INSERT, UPDATE, DELETE ON TABLES TO wave_user; @@ -89,6 +67,8 @@ To create a PostgreSQL database and user account, follow these steps: GRANT USAGE, SELECT, UPDATE ON SEQUENCES TO wave_user; ``` + Replace `` with a secure password for the database user. + ## Create a namespace To create a Kubernetes `wave` namespace, follow these steps: