Superset K8s Operator
The Charmed Superset K8s Operator delivers automated management on Superset data visulization software on top of a Kubernetes cluster. Apache SupersetTM is an open-source modern data exploration and visualization platform.
Superset UI, worker and beat deployment
The same Superset charm can act as either a web server, worker or beat-scheduler. This is determined by the configuration parameter charm-function, which can be any of app-gunicorn (web), app (web development), worker or beat. Each Superset application must be related to the same PostgreSQL and Redis clusters for communication. The default value of charm-function is app-gunicorn.
# deploy the web server
juju deploy superset-k8s
# deploy a worker
juju deploy superset-k8s --config charm-function=worker superset-k8s-worker
# deploy the beat scheduler
juju deploy superset-k8s --config charm-function=beat superset-k8s-beat
Note: while there can be multiple workers or web servers, there should only ever be 1 Superset beat deployment.
Authentication
Username/password authentication is enabled by default using the admin user and the password set via the Superset configuration value admin-password.
To enable Google Oauth, see more detailed instructions here
Relations
Redis
Redis acts as both a cache and message broker for Superset services. It’s a requirement to have a redis relation in order to start the Superset application.
# deploy redis charm
juju deploy redis-k8s --channel latest/edge
# relate redis charm
juju relate redis-k8s superset-k8s
PostgreSQL
PostgreSQL is used as the database that stores Superset metadata (slices, connections, tables, dashboards etc.). It’s a requirement to have a PostgreSQL relation to start the Superset application.
# deploy postgresql charm
juju deploy postgresql-k8s --trust
# relate postgresql charm
juju relate postgresql-k8s superset-k8s
Ingress
The Superset operator exposes its ports using the Nginx Ingress Integrator operator. You must first make sure to have an Nginx Ingress Controller deployed. To enable TLS connections, you must have a TLS certificate stored as a k8s secret (default name is “superset-tls”). A self-signed certificate for development purposes can be created as follows:
# Generate private key
openssl genrsa -out server.key 2048
# Generate a certificate signing request
openssl req -new -key server.key -out server.csr -subj "/CN=superset-k8s"
# Create self-signed certificate
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt -extfile <(printf "subjectAltName=DNS:superset-k8s")
# Create a k8s secret
kubectl create secret tls superset-tls --cert=server.crt --key=server.key
This operator can then be deployed and connected to the Superset operator using the Juju command line as follows:
# Deploy ingress controller.
microk8s enable ingress:default-ssl-certificate=superset-k8s/superset-tls
juju deploy nginx-ingress-integrator --channel edge --revision 71
juju relate superset-k8s nginx-ingress-integrator
Once deployed, the hostname will default to the name of the application (superset-k8s), and can be configured using the external-hostname configuration on the Superset operator.
Contributing
Please see the Juju SDK documentation for more information about developing and improving charms and Contributing for developer guidance.
License
The Charmed Superset K8s Operator is free software, distributed under the Apache Software License, version 2.0. See License for more details.