├── .github └── workflows │ └── helm-chart.yml ├── LICENSE.md ├── README.md ├── SECURITY.md ├── releases ├── R2022b │ └── matlab-prodserver │ │ ├── Chart.yaml │ │ ├── templates │ │ ├── mps-1-service-ingress.yaml │ │ ├── mps-2-configmap.yaml │ │ └── mps-3-deployment.yaml │ │ └── values.yaml ├── R2023a │ └── matlab-prodserver │ │ ├── Chart.yaml │ │ ├── templates │ │ ├── mps-1-service-ingress.yaml │ │ ├── mps-2-configmap.yaml │ │ └── mps-3-deployment.yaml │ │ └── values.yaml ├── R2023b │ └── matlab-prodserver │ │ ├── Chart.yaml │ │ ├── templates │ │ ├── mps-1-service-ingress.yaml │ │ ├── mps-2-configmap.yaml │ │ └── mps-3-deployment.yaml │ │ └── values.yaml ├── R2024a │ └── matlab-prodserver │ │ ├── Chart.yaml │ │ ├── templates │ │ ├── mps-1-service-ingress.yaml │ │ ├── mps-2-configmap.yaml │ │ └── mps-3-deployment.yaml │ │ └── values.yaml ├── R2024b │ └── matlab-prodserver │ │ ├── Chart.yaml │ │ ├── templates │ │ ├── mps-1-service-ingress.yaml │ │ ├── mps-2-configmap.yaml │ │ └── mps-3-deployment.yaml │ │ └── values.yaml └── R2025a │ └── matlab-prodserver │ ├── Chart.yaml │ ├── templates │ ├── _helpers.tpl │ ├── mps-1-service-ingress.yaml │ ├── mps-2-configmap.yaml │ ├── mps-3-deployment.yaml │ └── mps-4-persistent-volume-claim.yaml │ └── values.yaml └── values-overrides.yaml /.github/workflows/helm-chart.yml: -------------------------------------------------------------------------------- 1 | name: Prerelease Helm Chart 2 | 3 | on: 4 | workflow_dispatch: 5 | push: 6 | branches: 7 | - Helm_artifacts 8 | 9 | env: 10 | HELM_CHART_VERSION: 1.2.0 11 | MATLAB_APP_VERSION: "R2025a" 12 | 13 | jobs: 14 | release-helm-chart: 15 | runs-on: ubuntu-latest 16 | permissions: 17 | contents: read 18 | packages: write 19 | 20 | steps: 21 | - name: Check out the repo 22 | uses: actions/checkout@v4 23 | 24 | - name: Install Helm 25 | uses: azure/setup-helm@v4 26 | 27 | - name: Check that chart exists 28 | run: | 29 | CHART_DIR="releases/${{ env.MATLAB_APP_VERSION }}/matlab-prodserver" && cat ${CHART_DIR}/Chart.yaml 30 | echo "CHART_DIR=${CHART_DIR}" >> $GITHUB_ENV # Add to env if exists 31 | 32 | - name: Check chart versions 33 | run: | 34 | grep 'version: ${{ env.HELM_CHART_VERSION }}' ${CHART_DIR}/Chart.yaml && grep 'appVersion: "${{ env.MATLAB_APP_VERSION }}"' ${CHART_DIR}/Chart.yaml 35 | 36 | - name: Package the chart 37 | run: helm package ${CHART_DIR} --version ${{ env.HELM_CHART_VERSION }} --app-version ${{ env.MATLAB_APP_VERSION }} 38 | 39 | - name: Login to GitHub Container Registry 40 | run: echo ${{ secrets.CR_TOKEN }} | helm registry login ${{ secrets.MATHWORKS_REGISTRY }} --username ${{ secrets.CR_USER }} --password-stdin 41 | 42 | - name: Deploy the chart 43 | run: helm push matlab-prodserver-k8s-${{ env.HELM_CHART_VERSION }}.tgz oci://${{ secrets.MATHWORKS_REGISTRY }} 44 | 45 | -------------------------------------------------------------------------------- /LICENSE.md: -------------------------------------------------------------------------------- 1 | MATHWORKS CLOUD REFERENCE ARCHITECTURE LICENSE 2 | 3 | The files in this GitHub repository refer to commercial software products and services, virtual machine images, and related materials of The MathWorks, Inc. (“MathWorks Programs”). MathWorks Programs are separately licensed under the MathWorks Software License Agreement, available in the desktop installation of the MathWorks Programs or in the virtual machine image. The files in this GitHub repository may also refer to third-party software licensed under separate terms provided by such third parties. 4 | 5 | The following license terms apply only to the files in this GitHub repository, including files in this folder and its subfolders, and do not apply to MathWorks Programs. References to “software” and “code” in the following license terms refer to the files in this GitHub repository. 6 | 7 | Copyright (c) 2025, The MathWorks, Inc. 8 | 9 | All rights reserved. 10 | 11 | Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 12 | 13 | 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 14 | 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 15 | 3. In all cases, the software is, and all modifications and derivatives of the software shall be, licensed to you solely for use in conjunction with MathWorks products and service offerings. 16 | 17 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 18 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # MATLAB Production Server in Kubernetes 2 | 3 | The ```matlab-production-server-on-kubernetes``` repository contains utilities for using MATLAB® Production Server™ in a Kubernetes® cluster. 4 | 5 | ## Introduction 6 | 7 | This guide helps you automate the process of running MATLAB 8 | Production Server in a Kubernetes cluster by using a Helm® chart. The chart is a collection of YAML 9 | files that define the resources you need to deploy MATLAB Production 10 | Server in Kubernetes. Once you deploy the server, you can manage it using the 11 | `kubectl` command-line tool. 12 | 13 | For more information about MATLAB Production Server, see the [MATLAB Production Server documentation](https://www.mathworks.com/help/mps/index.html). 14 | 15 | For more information about Kubernetes, see the [Kubernetes documentation](https://kubernetes.io/docs/home/). 16 | 17 | ## Requirements 18 | Before starting, you need the following: 19 | 20 | * MATLAB Production Server license that meets the following conditions: 21 | * Linked to a [MathWorks Account](https://www.mathworks.com/mwaccount/). 22 | * Concurrent license type. To check your license type, see [MathWorks License Center](https://www.mathworks.com/licensecenter/). 23 | * Configured to use a network license manager. The license manager must be accessible from the Kubernetes cluster where you deploy MATLAB Production Server but must not be installed in the cluster. 24 | * Network access to the MathWorks container registry, containers.mathworks.com 25 | * [Git™](https://git-scm.com/) 26 | * [Docker®](https://www.docker.com/) 27 | * Running [Kubernetes](https://kubernetes.io/) cluster that meets the following conditions: 28 | * Uses Kubernetes version 1.29 or later. 29 | * Each MATLAB Production Server container in the Kubernetes cluster requires at least 1 CPU core and 2 GiB RAM. 30 | * [kubectl](https://kubernetes.io/docs/reference/kubectl/overview/) command-line tool that can access your Kubernetes cluster 31 | * [Helm](https://helm.sh/) package manager to install Helm charts that contain preconfigured Kubernetes resources for MATLAB Production Server 32 | * Uses Helm version v3.14 or later. 33 | 34 | If you do not have a license, please contact your MathWorks representative [here](https://www.mathworks.com/company/aboutus/contact_us/contact_sales.html) or [request a trial license](https://www.mathworks.com/campaigns/products/trials.html?prodcode=PR). 35 | 36 | ## Quick Start 37 | The Quick Start option is recommended for the following cases: 38 | * You are deploying MATLAB Production Server R2024b or newer. 39 | * You don't require significant changes to the Helm chart. 40 | * For CI/CD workflows, we recommend that you retag and cache docker images in your private container registry. 41 | 42 | The Quick Start option only requires you to download a single file, rather than cloning the full GitHub repository. For more complex workflows, use the [Deployment Steps](#Deployment-Steps) 43 | 44 | 1. Download the `values-overrides.yaml` file containing configuration options that apply across all release deployments from the MATLAB Production Server on Kubernetes GitHub repository. You can use the cURL command below or click the "Download Raw File" icon. 45 | ``` 46 | curl -O https://raw.githubusercontent.com/mathworks-ref-arch/matlab-production-server-on-kubernetes/main/values-overrides.yaml 47 | ``` 48 | 49 | 2. Complete the steps in [Provide Mapping for Deployable Archives](#Provide-Mapping-for-Deployable-Archives). 50 | 51 | 3. Before installing the chart, first set parameters that state your agreement to the MathWorks cloud reference architecture license and specify the address of the network license manager. In the top-level values-overrides.yaml file, set these parameters: 52 | 53 | To accept the license terms, set global > agreeToLicense to "yes". 54 | To specify the address of the license server, set global > licenseServer using the format port_number@host. 55 | 56 | Next, install the Helm chart for MATLAB Production Server R2025a by using the following `helm install` command: 57 | 58 | ``` 59 | helm install -f [-n ] --generate-name oci://containers.mathworks.com/matlab-prodserver-k8s --version 1.2.0 60 | ``` 61 | 4. After the deployment is complete, upload the MATLAB Production Server deployable archive to your network file server or Azure file share. All users must have read permission to the deployable archive. 62 | 63 | ## Deployment Steps 64 | ### Clone GitHub® Repository that Contains Helm Chart 65 | The MATLAB Production Server on Kubernetes GitHub repository contains Helm charts that reference Ubuntu-based Docker container images for MATLAB Production Server deployment. 66 | 67 | 1. Clone the MATLAB Production Server on Kubernetes GitHub repository to your machine. 68 | ``` 69 | git clone https://github.com/mathworks-ref-arch/matlab-production-server-on-kubernetes.git 70 | ``` 71 | This repository includes Helm chart folders for each supported MATLAB Production Server release and a `values-overrides.yaml` file containing configuration options that apply across all release deployments. 72 | 73 | 2. Navigate to the Helm chart folder for the release you want to use. Replace `` with the release version, for example, `R2025a`. 74 | ``` 75 | cd matlab-production-server-on-kubernetes/releases//matlab-prodserver 76 | ``` 77 | This folder contains two files that together define the Helm chart used to deploy MATLAB Production Server. 78 | * `Chart.yaml` — Contains metadata about the Helm chart. 79 | * `values.yaml` — Contains release-specific configuration options for the deployment. 80 | 81 | ### Pull Container Images for MATLAB Production Server and MATLAB Runtime 82 | 83 | 1. Pull the container image for MATLAB Production Server to your machine. 84 | 85 | ``` 86 | docker pull containers.mathworks.com/matlab-production-server: 87 | ``` 88 | * `containers.mathworks.com` is the name of the container registry. 89 | * `matlab-production-server` is the name of the repository. 90 | * `` is the tag name of the MATLAB Production Server release, for example, `r2025a`. 91 | 92 | The `values.yaml` file specifies these values in the `productionServer` section, in the `registry`, `repository`, and `tag` variables, respectively. 93 | 94 | 2. Pull the container image for MATLAB Runtime to your machine. 95 | 96 | ``` 97 | docker pull containers.mathworks.com/matlab-runtime: 98 | ``` 99 | * `containers.mathworks.com` is the name of the container registry. 100 | * `matlab-runtime` is the name of the repository. 101 | * `` is the tag name of the MATLAB Runtime release. Update this value to the release version of the MATLAB Runtime you are using, for example, `r2025a`. MATLAB Production Server supports MATLAB Runtime versions up to six releases back from the MATLAB Production Server version you are using. 102 | 103 | The `values.yaml` file specifies these values in the `matlabRuntime` section, in the `registry`, `repository`, and `tag` variables, respectively. 104 | 105 | ### Upload Container Images to Private Registry 106 | After you pull the MATLAB Production Server and MATLAB Runtime container images to your system, upload them to a private container registry that your Kubernetes cluster can access. 107 | 108 | 1. Tag the images with information about your private registry by using [docker tag](https://docs.docker.com/engine/reference/commandline/tag/). 109 | 110 | 2. Push the images to your private registry by using [docker push](https://docs.docker.com/engine/reference/commandline/push/). 111 | 112 | 3. In the `values-overrides.yaml` file, set the `global` > `images` > `registry` variable to the name of your private registry. 113 | 114 | 4. If your private registry requires authentication, create a Kubernetes Secret that your pod can use to pull the image from the private registry. For more information, see [Pull an Image from a Private Registry](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/) in the Kubernetes documentation. 115 | 116 | 5. In the `values-overrides.yaml` file, set the `global` > `images` > `pullSecret` variable to the name of the Kubernetes Secret you created. 117 | 118 | ### Provide Mapping for Deployable Archives 119 | Deploying MATLAB Production Server requires a running Kubernetes cluster. From the Kubernetes cluster that you use for MATLAB Production Server, provide a mapping from the storage location where you want to store MATLAB Production Server deployable archives (CTF files) to a storage resource in your cluster. You can store the deployable archives on the network file system or on the cloud. After the MATLAB Production Server deployment is complete, the deployable archives that you store in the mapped location are automatically deployed to the server. 120 | 121 | To specify mapping, in the top-level `values-overrides.yaml` file, under `matlabProductionServerSettings`, set values for the variables under `autoDeploy`. 122 | 123 | To specify the storage location for storing deployable archives, under `autoDeploy`, set `volumeType` to one of the following: 124 | 125 | * `"nfs"` — Store archives to a location on the network file system. Specify values for the `server` and `path` variables. Specify the hostname of your NFS server in the `server` variable and the location of your deployable archives in the `path` variable. For more information about the `nfs` option, see [Volumes](https://kubernetes.io/docs/concepts/storage/volumes/) in the Kubernetes documentation. 126 | * `"pvc"` — Store archives to a persistent volume by using a Persistent Volume Claim. Specify a value for the `claimName` variable. To use this option, you must have an existing Persistent Volume Claim that is already bound to its underlying storage volume. 127 | * `"azurefileshare"` — Store archives to a file share using Azure™ Files. Specify values for `shareName` and `secretName` variables. To use this option, you must have an existing file share and Kubernetes secret used to access the file share. For details about Azure file shares, see [Create and use a volume with Azure Files in Azure Kubernetes Service (AKS)](https://learn.microsoft.com/en-us/azure/aks/azure-csi-files-storage-provision) in the Azure documentation. 128 | 129 | The default value for `volumeType` is `"empty"`. However, to access deployable archives, you must set `volumeType` to one of the previously described options. 130 | 131 | ### Install Helm Chart 132 | The Helm chart for MATLAB Production Server is located in the repository in `/releases//matlab-prodserver`. To install the Helm chart for the MATLAB Production Server release that you want to deploy, use the [helm install](https://helm.sh/docs/helm/helm_install/) command. Install the chart in a separate Kubernetes namespace. For more information about Kubernetes namespaces, see [Share a Cluster with Namespaces](https://kubernetes.io/docs/tasks/administer-cluster/namespaces/) in the Kubernetes documentation. 133 | 134 | Before installing the chart, first set parameters that state your agreement to the MathWorks cloud reference architecture license and specify the address of the network license manager. In the top-level `values-overrides.yaml` file, set these parameters: 135 | 136 | - To accept the license terms, set `global` > `agreeToLicense` to `"yes"`. 137 | - To specify the address of the license server, set `global` > `licenseServer` using the format `port_number@host`. 138 | 139 | Then, install the Helm chart for MATLAB Production Server by using the `helm install` command: 140 | 141 | ``` 142 | helm install -f [-n ] --generate-name 143 | ``` 144 | 145 | After you install the chart, the pod takes a few minutes to initialize because the installation consists of approximately 10 GB of container images. 146 | 147 | The deployment name is `deployment.apps/matlab-production-server`. You can use the [kubectl get](https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#get) command to confirm that MATLAB Production Server is running. The name of the service that enables network access to the pod is `service/matlab-production-server`. 148 | 149 | ### Upload Deployable Archive 150 | After the deployment is complete, upload the MATLAB Production Server deployable archive to your network file server or Azure file share. All users must have read permission to the deployable archive. 151 | 152 | 153 | ### Manage External Access Using Ingress 154 | You can manage access to MATLAB Production Server by specifying an [Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) controller. The Ingress controller also acts as a load balancer and is the preferred way to expose MATLAB Production Server services in production. This reference architecture assumes that you have an existing Ingress controller already running on the Kubernetes cluster. Specify controller options in the `ingressController` variable of the `values-overrides.yaml` file or use the default values. 155 | You can enable inbound HTTPS connections by using an Ingress controller TLS termination. 156 | 157 | ### Test Client Access Using Port Forwarding 158 | To test that the deployment was successful, first, use *port forwarding* to map the port that is running MATLAB Production Server inside the cluster (default = 9910) to a port that is available outside the cluster. 159 | 160 | To add port forwarding, use the [kubectl port-forward](https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#port-forward) command. This example maps the default internal port 9910 to port 19910. Clients from any IP address can then access the `svc/matlab-production-server` service from outside the cluster by connecting to port 19910. 161 | ``` 162 | kubectl port-forward --address 0.0.0.0 --namespace= svc/matlab-production-server 19910:9910 & 163 | ``` 164 | 165 | Then, test the server connection by using a `curl` command. This example tests the connection to the health check API by accessing the mapped port (19910) on the localhost. If `curl` is installed on a different machine, replace `localhost` with the hostname for that machine. 166 | ``` 167 | curl localhost:19910/api/health 168 | ``` 169 | Sample JSON output for a successful connection: `{"status": "ok"}` 170 | 171 | ### Update Server Configuration Properties 172 | The default server configuration properties are stored in a [ConfigMap](https://kubernetes.io/docs/concepts/configuration/configmap/) located at `/releases//matlab-prodserver/templates/mps-2-configmap.yaml`. To update server properties, you can update `mps-2-configmap.yaml` or `values.yaml`. To apply the updated server properties to the deployment, see [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) and [kubectl scale](https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#scale). 173 | 174 | 175 | ## Execute Deployed Functions 176 | To evaluate MATLAB functions deployed on the server, see [Client Programming](https://www.mathworks.com/help/mps/client-programming.html). Both synchronous and asynchronous request execution are supported. 177 | 178 | ## Request Enhancements 179 | 180 | To suggest additional features or capabilities, see 181 | [Request Reference Architectures](https://www.mathworks.com/products/reference-architectures/request-new-reference-architectures.html). 182 | 183 | ## Get Technical Support 184 | 185 | If you require assistance, contact [MathWorks Technical Support](https://www.mathworks.com/support/contact_us.html). 186 | 187 | ## License 188 | 189 | MATHWORKS CLOUD REFERENCE ARCHITECTURE LICENSE © 2025 The MathWorks, Inc. 190 | 191 | -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- 1 | # Reporting Security Vulnerabilities 2 | 3 | If you believe you have discovered a security vulnerability, please report it to 4 | [security@mathworks.com](mailto:security@mathworks.com). Please see 5 | [MathWorks Vulnerability Disclosure Policy for Security Researchers](https://www.mathworks.com/company/aboutus/policies_statements/vulnerability-disclosure-policy.html) 6 | for additional information. 7 | -------------------------------------------------------------------------------- /releases/R2022b/matlab-prodserver/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | appVersion: "R2022b" 3 | description: MATLAB Production Server Helm chart for Kubernetes 4 | name: matlab-prodserver-k8s 5 | version: 0.1.2 6 | -------------------------------------------------------------------------------- /releases/R2022b/matlab-prodserver/templates/mps-1-service-ingress.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Expose MATLAB Production Server internal endpoint 3 | # 4 | kind: Service 5 | apiVersion: v1 6 | metadata: 7 | name: matlab-production-server 8 | namespace: {{ .Release.Namespace }} 9 | labels: 10 | app: mps 11 | release: {{ .Release.Name }} 12 | spec: 13 | selector: 14 | app: mps 15 | ports: 16 | - name: mps-port 17 | port: 9910 18 | targetPort: 9910 19 | type: ClusterIP 20 | 21 | --- 22 | apiVersion: networking.k8s.io/v1 23 | kind: Ingress 24 | metadata: 25 | name: matlab-production-server-ingress 26 | namespace: {{ .Release.Namespace }} 27 | labels: 28 | release: {{ .Release.Name }} 29 | annotations: 30 | {{ if .Values.global.ingressController }} 31 | ## set ingress-conroller vendor-specific annotations: 32 | {{- range $key, $value := .Values.global.ingressController.annotations }} 33 | {{ $key }}: {{ quote $value }} 34 | {{- end }} 35 | {{ end }} 36 | spec: 37 | ingressClassName: {{ .Values.global.ingressController.name }} 38 | rules: 39 | - host: {{ .Values.global.ingressController.domainBase }} 40 | http: 41 | paths: 42 | - path: / 43 | pathType: Prefix 44 | backend: 45 | service: 46 | name: matlab-production-server 47 | port: 48 | number: 9910 49 | 50 | --- 51 | {{ if and (.Values.optionalSettings.Prometheus.enabled) (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/ServiceMonitor") }} 52 | apiVersion: monitoring.coreos.com/v1 53 | kind: ServiceMonitor 54 | metadata: 55 | name: matlab-production-server-monitor 56 | labels: 57 | app: mps 58 | app.kubernetes.io/part-of: {{ .Values.optionalSettings.Prometheus.matchOn }} 59 | release: {{ .Values.optionalSettings.Prometheus.matchOn }} 60 | spec: 61 | selector: 62 | matchLabels: 63 | app: mps 64 | release: {{ .Release.Name }} 65 | namespaceSelector: 66 | matchNames: 67 | - {{ .Release.Namespace }} 68 | endpoints: 69 | - port: mps-port 70 | path: /api/metrics 71 | {{ end }} 72 | 73 | -------------------------------------------------------------------------------- /releases/R2022b/matlab-prodserver/templates/mps-2-configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: matlab-production-server-config 5 | namespace: {{ .Release.Namespace }} 6 | labels: 7 | release: {{ .Release.Name }} 8 | data: 9 | main_config: | 10 | --http 9910 11 | --ssl-verify-peer-mode no-verify-peer 12 | --ssl-protocols TLSv1.1,TLSv1.2 13 | --ssl-ciphers ALL 14 | --mcr-root /opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }} 15 | --num-workers {{ .Values.matlabProductionServerSettings.numWorkers | default 1 }} 16 | --worker-restart-interval 12:00:00 17 | --worker-memory-check-interval 0:00:30 18 | --queue-time-trigger 0:00:00.25 19 | --queue-time-target 0:00:00.25 20 | --num-threads 1 21 | --auto-deploy-root ./auto_deploy 22 | --request-size-limit 64MB 23 | --log-severity information 24 | --log-rotation-size 100MB 25 | --log-archive-root ./old_logs 26 | --log-archive-max-size 1GB 27 | --log-root ./log 28 | --log-stdout 29 | --license {{ .Values.global.licenseServer | default "27000@hostname" }} 30 | --license-grace-period 2:30 31 | --license-poll-interval 0:10 32 | --pid-root ./pid 33 | --endpoint-root ./endpoint 34 | --extract-root . 35 | --socket-root ./.mps_socket 36 | --main-log-format text/plain 37 | --disable-control-c 38 | --enable-graceful-shutdown 39 | --no-display 40 | --enable-http-pipelining 41 | --server-memory-threshold 2GB 42 | --server-memory-threshold-overflow-action purge_responses 43 | --enable-discovery 44 | --enable-metrics 45 | --routes-file ./config/routes.json 46 | 47 | {{- if .Values.optionalSettings.Redis.host }} 48 | mps_cache_config: | 49 | {"Connections": 50 | {"{{ .Values.optionalSettings.Redis.name }}": 51 | {"Provider":"Redis", 52 | "Host":{{ .Values.optionalSettings.Redis.host | quote }}, 53 | "Port":{{ .Values.optionalSettings.Redis.port | default 6379 }} 54 | {{- if .Values.optionalSettings.Redis.auth }} 55 | ,"Key":{{ .Values.optionalSettings.Redis.auth | quote }} 56 | {{- end }} 57 | } 58 | } 59 | } 60 | {{- end }} 61 | 62 | routes.json: | 63 | { 64 | "version": "1.0.0", 65 | "pathmap": [] 66 | } 67 | 68 | -------------------------------------------------------------------------------- /releases/R2022b/matlab-prodserver/templates/mps-3-deployment.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # MATLAB Production Server instance 3 | # 4 | apiVersion: apps/v1 5 | kind: Deployment 6 | metadata: 7 | name: matlab-production-server 8 | namespace: {{ .Release.Namespace }} 9 | labels: 10 | app: mps 11 | release: {{ .Release.Name }} 12 | spec: 13 | replicas: {{ .Values.deploymentSettings.replicaCount }} 14 | selector: 15 | matchLabels: 16 | app: mps 17 | template: 18 | metadata: 19 | labels: 20 | app: mps 21 | annotations: 22 | {{ if not .Values.optionalSettings.Prometheus.enabled }} 23 | prometheus.io/scrape: 'true' 24 | prometheus.io/path: '/api/metrics' 25 | prometheus.io/port: '9910' 26 | {{ end }} 27 | spec: 28 | securityContext: 29 | runAsNonRoot: true 30 | runAsUser: 1000 31 | runAsGroup: 1000 32 | 33 | containers: 34 | - name: mps 35 | image: {{ .Values.images.productionServer.registry }}/{{ .Values.images.productionServer.repository }}:{{ .Values.images.productionServer.tag }} 36 | env: 37 | - name: AGREE_TO_MATHWORKS_SOFTWARE_LICENSE 38 | value: {{ .Values.global.agreeToLicense | default "no" | lower | quote }} 39 | - name: AGREE_TO_MATLAB_RUNTIME_LICENSE 40 | value: {{ .Values.global.agreeToLicense | default "no" | lower | quote }} 41 | - name: LD_LIBRARY_PATH 42 | value: "/opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/runtime/glnxa64:/opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/bin/glnxa64:/opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/sys/os/glnxa64:/opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/extern/bin/glnxa64:/opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/sys/opengl/lib/glnxa64" 43 | 44 | ports: 45 | - containerPort: 9910 46 | 47 | resources: 48 | requests: 49 | cpu: {{ .Values.deploymentSettings.cpuRequest | default "1" | quote }} 50 | memory: {{ .Values.deploymentSettings.memoryRequest | default "2Gi" | quote }} 51 | limits: 52 | cpu: {{ .Values.matlabProductionServerSettings.numWorkers | default "1" | quote }} 53 | memory: "8Gi" 54 | 55 | volumeMounts: 56 | - name: auto-deploy 57 | mountPath: "/opt/mpsinstance/auto_deploy" 58 | - name: mcr-root 59 | mountPath: "/opt/matlabruntime" 60 | - name: mps-config 61 | mountPath: "/opt/mpsinstance/config" 62 | 63 | startupProbe: 64 | exec: 65 | command: 66 | - ls 67 | - /opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/matlabruntime_license_agreement.pdf 68 | initialDelaySeconds: 30 69 | periodSeconds: 30 70 | 71 | livenessProbe: 72 | httpGet: 73 | path: /api/health 74 | port: 9910 75 | initialDelaySeconds: 10 76 | periodSeconds: 10 77 | 78 | lifecycle: 79 | preStop: 80 | exec: 81 | command: ["sh", "/opt/mpsinstance/stopmps.sh"] 82 | 83 | imagePullPolicy: {{ .Values.images.productionServer.pullPolicy }} 84 | 85 | initContainers: 86 | - name: matlab-runtime 87 | image: {{ .Values.images.matlabRuntime.registry }}/{{ .Values.images.matlabRuntime.repository }}:{{ .Values.images.matlabRuntime.tag }} 88 | 89 | command: 90 | - /bin/sh 91 | - -c 92 | - "cp -r /opt/matlabruntime/* /mnt/" 93 | 94 | volumeMounts: 95 | - name: mcr-root 96 | mountPath: "/mnt" 97 | 98 | imagePullPolicy: {{ .Values.images.matlabRuntime.pullPolicy }} 99 | 100 | restartPolicy: {{ .Values.deploymentSettings.restartPolicy }} 101 | imagePullSecrets: 102 | {{- if .Values.images.productionServer.pullSecret }} 103 | - name: {{ .Values.images.productionServer.pullSecret }} 104 | {{- end }} 105 | {{- if .Values.images.matlabRuntime.pullSecret }} 106 | - name: {{ .Values.images.matlabRuntime.pullSecret }} 107 | {{- end }} 108 | 109 | volumes: 110 | - name: mcr-root 111 | emptyDir: {} 112 | - name: mps-config 113 | configMap: 114 | name: matlab-production-server-config 115 | - name: auto-deploy 116 | {{- if eq .Values.matlabProductionServerSettings.autoDeploy.volumeType "hostpath" }} 117 | hostPath: 118 | path: {{ .Values.matlabProductionServerSettings.autoDeploy.hostpath }} 119 | type: Directory 120 | {{- else if eq .Values.matlabProductionServerSettings.autoDeploy.volumeType "nfs" }} 121 | nfs: 122 | server: {{ .Values.matlabProductionServerSettings.autoDeploy.server }} 123 | path: {{ .Values.matlabProductionServerSettings.autoDeploy.path }} 124 | readOnly: true 125 | {{- else if eq .Values.matlabProductionServerSettings.autoDeploy.volumeType "azurefileshare" }} 126 | azureFile: 127 | shareName: {{ .Values.matlabProductionServerSettings.autoDeploy.shareName }} 128 | secretName: {{ .Values.matlabProductionServerSettings.autoDeploy.secretName }} 129 | readOnly: true 130 | {{ else }} 131 | emptyDir: {} 132 | {{- end }} 133 | 134 | -------------------------------------------------------------------------------- /releases/R2022b/matlab-prodserver/values.yaml: -------------------------------------------------------------------------------- 1 | # Values for MATLAB Production Server Helm Chart 2 | 3 | global: 4 | # MathWorks Cloud Reference Architecture License, example: "yes" (in quotes) 5 | agreeToLicense: "" 6 | # Network License Manager: server host and port number, example: 27000@hostname 7 | licenseServer: 27000@hostname 8 | ingressController: 9 | # Nginx settings (optional) 10 | name: nginx 11 | annotations: 12 | nginx.ingress.kubernetes.io/affinity: "cookie" 13 | nginx.ingress.kubernetes.io/load-balance: "round_robin" 14 | nginx.ingress.kubernetes.io/proxy-read-timeout: "300" 15 | domainBase: matlabprodserver.mwcloudtest.com 16 | 17 | matlabProductionServerSettings: 18 | # CTF files are placed here for automatic deployment. 19 | autoDeploy: 20 | # Inline mount options: hostpath, nfs, azurefileshare, empty (default) 21 | volumeType: "empty" 22 | # Node mount dir, example: /mnt/share/autodeploy 23 | hostpath: "" 24 | # ================================================================= 25 | # NFS server, example: server-sb08-nfs 26 | server: "" 27 | # NFS subpath, example: /vmgr/sandbox/share/autodeploy 28 | path: "" 29 | # ================================================================= 30 | # Azure storage account file share name, example: auto-deploy-share 31 | shareName: "" 32 | # Azure storage account key secret name, example: azure-file-secret 33 | secretName: "" 34 | # ================================================================= 35 | # Maximum number of worker processes (per pod). 36 | numWorkers: 2 37 | 38 | images: 39 | productionServer: 40 | registry: containers.mathworks.com 41 | repository: matlab-production-server 42 | tag: r2022b 43 | variant: R2022b 44 | pullPolicy: IfNotPresent 45 | pullSecret: "" 46 | 47 | matlabRuntime: 48 | registry: containers.mathworks.com 49 | repository: matlab-runtime 50 | tag: r2022b 51 | variant: R2022b 52 | pullPolicy: IfNotPresent 53 | pullSecret: "" 54 | 55 | deploymentSettings: 56 | cpuRequest: "1" 57 | memoryRequest: "2Gi" 58 | replicaCount: 1 59 | restartPolicy: Always 60 | 61 | optionalSettings: 62 | Redis: 63 | # Redis service fully qualified name, example: redis.namespace.svc.cluster.local 64 | host: {} 65 | auth: "" 66 | name: myRedis 67 | # port: 6379 68 | 69 | Prometheus: 70 | # Create a ServiceMonitor [monitoring.coreos.com/v1] for metrics discovery. 71 | # Requires Prometheus and Prometheus Operator (CRDs) to be pre-installed. 72 | enabled: false 73 | # Helm release name or app.kubernetes.io/part-of label of Prometheus stack. 74 | # ServiceMonitor needs to match on this value (if Prometheus is enabled). 75 | matchOn: prometheus 76 | -------------------------------------------------------------------------------- /releases/R2023a/matlab-prodserver/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | appVersion: "R2023a" 3 | description: MATLAB Production Server Helm chart for Kubernetes 4 | name: matlab-prodserver-k8s 5 | version: 0.1.3 6 | -------------------------------------------------------------------------------- /releases/R2023a/matlab-prodserver/templates/mps-1-service-ingress.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Expose MATLAB Production Server internal endpoint 3 | # 4 | kind: Service 5 | apiVersion: v1 6 | metadata: 7 | name: matlab-production-server 8 | namespace: {{ .Release.Namespace }} 9 | labels: 10 | app: mps 11 | release: {{ .Release.Name }} 12 | spec: 13 | selector: 14 | app: mps 15 | ports: 16 | - name: mps-port 17 | port: 9910 18 | targetPort: 9910 19 | type: ClusterIP 20 | 21 | --- 22 | apiVersion: networking.k8s.io/v1 23 | kind: Ingress 24 | metadata: 25 | name: matlab-production-server-ingress 26 | namespace: {{ .Release.Namespace }} 27 | labels: 28 | release: {{ .Release.Name }} 29 | annotations: 30 | {{ if .Values.global.ingressController }} 31 | ## set ingress-conroller vendor-specific annotations: 32 | {{- range $key, $value := .Values.global.ingressController.annotations }} 33 | {{ $key }}: {{ quote $value }} 34 | {{- end }} 35 | {{ end }} 36 | spec: 37 | ingressClassName: {{ .Values.global.ingressController.name }} 38 | rules: 39 | - host: {{ .Values.global.ingressController.domainBase }} 40 | http: 41 | paths: 42 | - path: / 43 | pathType: Prefix 44 | backend: 45 | service: 46 | name: matlab-production-server 47 | port: 48 | number: 9910 49 | 50 | --- 51 | {{ if and (.Values.optionalSettings.Prometheus.enabled) (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/ServiceMonitor") }} 52 | apiVersion: monitoring.coreos.com/v1 53 | kind: ServiceMonitor 54 | metadata: 55 | name: matlab-production-server-monitor 56 | labels: 57 | app: mps 58 | app.kubernetes.io/part-of: {{ .Values.optionalSettings.Prometheus.matchOn }} 59 | release: {{ .Values.optionalSettings.Prometheus.matchOn }} 60 | spec: 61 | selector: 62 | matchLabels: 63 | app: mps 64 | release: {{ .Release.Name }} 65 | namespaceSelector: 66 | matchNames: 67 | - {{ .Release.Namespace }} 68 | endpoints: 69 | - port: mps-port 70 | path: /api/metrics 71 | {{ end }} 72 | 73 | -------------------------------------------------------------------------------- /releases/R2023a/matlab-prodserver/templates/mps-2-configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: matlab-production-server-config 5 | namespace: {{ .Release.Namespace }} 6 | labels: 7 | release: {{ .Release.Name }} 8 | data: 9 | main_config: | 10 | --http 9910 11 | --ssl-verify-peer-mode no-verify-peer 12 | --ssl-protocols TLSv1.1,TLSv1.2 13 | --ssl-ciphers ALL 14 | --mcr-root /opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }} 15 | --num-workers {{ .Values.matlabProductionServerSettings.numWorkers | default 1 }} 16 | --worker-restart-interval 12:00:00 17 | --worker-memory-check-interval 0:00:30 18 | --queue-time-trigger 0:00:00.25 19 | --queue-time-target 0:00:00.25 20 | --num-threads 1 21 | --auto-deploy-root ./auto_deploy 22 | --request-size-limit 64MB 23 | --log-severity information 24 | --log-rotation-size 100MB 25 | --log-archive-root ./old_logs 26 | --log-archive-max-size 1GB 27 | --log-root ./log 28 | --log-stdout 29 | --license {{ .Values.global.licenseServer | default "27000@hostname" }} 30 | --license-grace-period 2:30 31 | --license-poll-interval 0:10 32 | --pid-root ./pid 33 | --endpoint-root ./endpoint 34 | --extract-root . 35 | --socket-root ./.mps_socket 36 | --main-log-format text/plain 37 | --disable-control-c 38 | --enable-graceful-shutdown 39 | --no-display 40 | --enable-http-pipelining 41 | --server-memory-threshold 2GB 42 | --server-memory-threshold-overflow-action purge_responses 43 | --enable-discovery 44 | --enable-metrics 45 | --routes-file ./config/routes.json 46 | 47 | {{- if .Values.optionalSettings.Redis.host }} 48 | mps_cache_config: | 49 | {"Connections": 50 | {"{{ .Values.optionalSettings.Redis.name }}": 51 | {"Provider":"Redis", 52 | "Host":{{ .Values.optionalSettings.Redis.host | quote }}, 53 | "Port":{{ .Values.optionalSettings.Redis.port | default 6379 }} 54 | {{- if .Values.optionalSettings.Redis.auth }} 55 | ,"Key":{{ .Values.optionalSettings.Redis.auth | quote }} 56 | {{- end }} 57 | } 58 | } 59 | } 60 | {{- end }} 61 | 62 | routes.json: | 63 | { 64 | "version": "1.0.0", 65 | "pathmap": [] 66 | } 67 | 68 | -------------------------------------------------------------------------------- /releases/R2023a/matlab-prodserver/templates/mps-3-deployment.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # MATLAB Production Server instance 3 | # 4 | apiVersion: apps/v1 5 | kind: Deployment 6 | metadata: 7 | name: matlab-production-server 8 | namespace: {{ .Release.Namespace }} 9 | labels: 10 | app: mps 11 | release: {{ .Release.Name }} 12 | spec: 13 | replicas: {{ .Values.deploymentSettings.replicaCount }} 14 | selector: 15 | matchLabels: 16 | app: mps 17 | template: 18 | metadata: 19 | labels: 20 | app: mps 21 | annotations: 22 | {{ if not .Values.optionalSettings.Prometheus.enabled }} 23 | prometheus.io/scrape: 'true' 24 | prometheus.io/path: '/api/metrics' 25 | prometheus.io/port: '9910' 26 | {{ end }} 27 | spec: 28 | securityContext: 29 | runAsNonRoot: true 30 | runAsUser: 1000 31 | runAsGroup: 1000 32 | 33 | containers: 34 | - name: mps 35 | image: {{ .Values.global.images.registry | default .Values.images.productionServer.registry }}/{{ .Values.images.productionServer.repository }}:{{ .Values.images.productionServer.tag }} 36 | env: 37 | - name: AGREE_TO_MATHWORKS_SOFTWARE_LICENSE 38 | value: {{ required "agreeToLicense must be set to \"yes\"." .Values.global.agreeToLicense | default "no" | lower | quote }} 39 | - name: AGREE_TO_MATLAB_RUNTIME_LICENSE 40 | value: {{ required "agreeToLicense must be set to \"yes\"." .Values.global.agreeToLicense | default "no" | lower | quote }} 41 | - name: LD_LIBRARY_PATH 42 | value: "/opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/runtime/glnxa64:/opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/bin/glnxa64:/opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/sys/os/glnxa64:/opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/extern/bin/glnxa64:/opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/sys/opengl/lib/glnxa64" 43 | 44 | ports: 45 | - containerPort: 9910 46 | 47 | resources: 48 | requests: 49 | cpu: {{ .Values.deploymentSettings.cpuRequest | default "1" | quote }} 50 | memory: {{ .Values.deploymentSettings.memoryRequest | default "2Gi" | quote }} 51 | limits: 52 | cpu: {{ .Values.matlabProductionServerSettings.numWorkers | default "1" | quote }} 53 | memory: "8Gi" 54 | 55 | volumeMounts: 56 | - name: auto-deploy 57 | mountPath: "/opt/mpsinstance/auto_deploy" 58 | - name: mcr-root 59 | mountPath: "/opt/matlabruntime" 60 | - name: mps-config 61 | mountPath: "/opt/mpsinstance/config" 62 | 63 | startupProbe: 64 | exec: 65 | command: 66 | - ls 67 | - /opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/matlabruntime_license_agreement.pdf 68 | initialDelaySeconds: 10 69 | periodSeconds: 30 70 | 71 | livenessProbe: 72 | httpGet: 73 | path: /api/health 74 | port: 9910 75 | initialDelaySeconds: 10 76 | periodSeconds: 10 77 | 78 | lifecycle: 79 | preStop: 80 | exec: 81 | command: ["sh", "/opt/mpsinstance/stopmps.sh"] 82 | 83 | imagePullPolicy: {{ .Values.images.productionServer.pullPolicy }} 84 | 85 | initContainers: 86 | - name: matlab-runtime 87 | image: {{ .Values.global.images.registry | default .Values.images.matlabRuntime.registry }}/{{ .Values.images.matlabRuntime.repository }}:{{ .Values.images.matlabRuntime.tag }} 88 | 89 | command: 90 | - /bin/sh 91 | - -c 92 | - "cp -r /opt/matlabruntime/* /mnt/" 93 | 94 | volumeMounts: 95 | - name: mcr-root 96 | mountPath: "/mnt" 97 | 98 | imagePullPolicy: {{ .Values.images.matlabRuntime.pullPolicy }} 99 | 100 | restartPolicy: {{ .Values.deploymentSettings.restartPolicy }} 101 | imagePullSecrets: 102 | {{- if .Values.global.images.pullSecret }} 103 | - name: {{ .Values.global.images.pullSecret }} 104 | {{- end }} 105 | {{- if .Values.images.productionServer.pullSecret }} 106 | - name: {{ .Values.images.productionServer.pullSecret }} 107 | {{- end }} 108 | {{- if and .Values.images.matlabRuntime.pullSecret (ne .Values.images.matlabRuntime.pullSecret .Values.images.productionServer.pullSecret) }} 109 | - name: {{ .Values.images.matlabRuntime.pullSecret }} 110 | {{- end }} 111 | 112 | volumes: 113 | - name: mcr-root 114 | emptyDir: {} 115 | - name: mps-config 116 | configMap: 117 | name: matlab-production-server-config 118 | - name: auto-deploy 119 | {{- if eq .Values.matlabProductionServerSettings.autoDeploy.volumeType "hostpath" }} 120 | hostPath: 121 | path: {{ .Values.matlabProductionServerSettings.autoDeploy.hostpath }} 122 | type: Directory 123 | {{- else if eq .Values.matlabProductionServerSettings.autoDeploy.volumeType "nfs" }} 124 | nfs: 125 | server: {{ .Values.matlabProductionServerSettings.autoDeploy.server }} 126 | path: {{ .Values.matlabProductionServerSettings.autoDeploy.path }} 127 | readOnly: true 128 | {{- else if eq .Values.matlabProductionServerSettings.autoDeploy.volumeType "pvc" }} 129 | persistentVolumeClaim: 130 | claimName: {{ .Values.matlabProductionServerSettings.autoDeploy.claimName }} 131 | {{- else if eq .Values.matlabProductionServerSettings.autoDeploy.volumeType "azurefileshare" }} 132 | azureFile: 133 | shareName: {{ .Values.matlabProductionServerSettings.autoDeploy.shareName }} 134 | secretName: {{ .Values.matlabProductionServerSettings.autoDeploy.secretName }} 135 | readOnly: true 136 | {{ else }} 137 | emptyDir: {} 138 | {{- end }} 139 | 140 | -------------------------------------------------------------------------------- /releases/R2023a/matlab-prodserver/values.yaml: -------------------------------------------------------------------------------- 1 | # Values for MATLAB Production Server Helm Chart 2 | 3 | global: 4 | # MathWorks Cloud Reference Architecture License, example: "yes" (in quotes) 5 | agreeToLicense: "" 6 | # Network License Manager: server host and port number, example: 27000@hostname 7 | licenseServer: 27000@hostname 8 | # Override for a private container registry, example: cr.example.com, cr-secret 9 | images: 10 | registry: "" 11 | pullSecret: "" 12 | ingressController: 13 | # Nginx settings (optional) 14 | name: nginx 15 | annotations: 16 | nginx.ingress.kubernetes.io/affinity: "cookie" 17 | nginx.ingress.kubernetes.io/load-balance: "round_robin" 18 | nginx.ingress.kubernetes.io/proxy-read-timeout: "300" 19 | domainBase: matlabprodserver.mwcloudtest.com 20 | 21 | matlabProductionServerSettings: 22 | # CTF files are placed here for automatic deployment. 23 | autoDeploy: 24 | # Inline mount options: hostpath, nfs, pvc, azurefileshare, empty (default) 25 | volumeType: "empty" 26 | # Node mount dir, example: /mnt/share/autodeploy 27 | hostpath: "" 28 | # ================================================================= 29 | # NFS server, example: server-sb08-nfs 30 | server: "" 31 | # NFS subpath, example: /vmgr/sandbox/share/autodeploy 32 | path: "" 33 | # ================================================================= 34 | # Persistent-Volume-Claim name, example: autodeploy-pv-claim 35 | claimName: "" 36 | # ================================================================= 37 | # Azure storage account file share name, example: auto-deploy-share 38 | shareName: "" 39 | # Azure storage account key secret name, example: azure-file-secret 40 | secretName: "" 41 | # ================================================================= 42 | # Maximum number of worker processes (per pod). 43 | numWorkers: 2 44 | 45 | images: 46 | productionServer: 47 | registry: containers.mathworks.com 48 | repository: matlab-production-server 49 | tag: r2023a 50 | variant: R2023a 51 | pullPolicy: IfNotPresent 52 | pullSecret: "" 53 | 54 | matlabRuntime: 55 | registry: containers.mathworks.com 56 | repository: matlab-runtime 57 | tag: r2023a 58 | variant: R2023a 59 | pullPolicy: IfNotPresent 60 | pullSecret: "" 61 | 62 | deploymentSettings: 63 | cpuRequest: "1" 64 | memoryRequest: "2Gi" 65 | replicaCount: 1 66 | restartPolicy: Always 67 | 68 | optionalSettings: 69 | Redis: 70 | # Redis service fully qualified name, example: redis.namespace.svc.cluster.local 71 | host: "" 72 | auth: "" 73 | name: myRedis 74 | # port: 6379 75 | 76 | Prometheus: 77 | # Create a ServiceMonitor [monitoring.coreos.com/v1] for metrics discovery. 78 | # Requires Prometheus and Prometheus Operator (CRDs) to be pre-installed. 79 | enabled: false 80 | # Helm release name or app.kubernetes.io/part-of label of Prometheus stack. 81 | # ServiceMonitor needs to match on this value (if Prometheus is enabled). 82 | matchOn: prometheus 83 | -------------------------------------------------------------------------------- /releases/R2023b/matlab-prodserver/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | appVersion: "R2023b" 3 | description: MATLAB Production Server Helm chart for Kubernetes 4 | name: matlab-prodserver-k8s 5 | version: 1.0.1 6 | -------------------------------------------------------------------------------- /releases/R2023b/matlab-prodserver/templates/mps-1-service-ingress.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Expose MATLAB Production Server internal endpoint 3 | # 4 | kind: Service 5 | apiVersion: v1 6 | metadata: 7 | name: matlab-production-server 8 | namespace: {{ .Release.Namespace }} 9 | labels: 10 | app: mps 11 | release: {{ .Release.Name }} 12 | spec: 13 | selector: 14 | app: mps 15 | ports: 16 | - name: mps-port 17 | port: 9910 18 | targetPort: 9910 19 | type: ClusterIP 20 | 21 | --- 22 | apiVersion: networking.k8s.io/v1 23 | kind: Ingress 24 | metadata: 25 | name: matlab-production-server-ingress 26 | namespace: {{ .Release.Namespace }} 27 | labels: 28 | release: {{ .Release.Name }} 29 | annotations: 30 | {{ if .Values.global.ingressController }} 31 | ## set ingress-conroller vendor-specific annotations: 32 | {{- range $key, $value := .Values.global.ingressController.annotations }} 33 | {{ $key }}: {{ quote $value }} 34 | {{- end }} 35 | {{ end }} 36 | spec: 37 | ingressClassName: {{ .Values.global.ingressController.name }} 38 | {{ if .Values.global.ingressController.tls.enabled }} 39 | tls: 40 | - hosts: 41 | - {{ .Values.global.ingressController.domainBase }} 42 | {{- if .Values.global.ingressController.tls.secretName }} 43 | secretName: {{ .Values.global.ingressController.tls.secretName }} 44 | {{- end }} 45 | {{ end }} 46 | 47 | rules: 48 | - host: {{ .Values.global.ingressController.domainBase }} 49 | http: 50 | paths: 51 | - path: / 52 | pathType: Prefix 53 | backend: 54 | service: 55 | name: matlab-production-server 56 | port: 57 | number: 9910 58 | 59 | --- 60 | {{ if and (.Values.optionalSettings.Prometheus.enabled) (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/ServiceMonitor") }} 61 | apiVersion: monitoring.coreos.com/v1 62 | kind: ServiceMonitor 63 | metadata: 64 | name: matlab-production-server-monitor 65 | labels: 66 | app: mps 67 | app.kubernetes.io/part-of: {{ .Values.optionalSettings.Prometheus.matchOn }} 68 | release: {{ .Values.optionalSettings.Prometheus.matchOn }} 69 | spec: 70 | selector: 71 | matchLabels: 72 | app: mps 73 | release: {{ .Release.Name }} 74 | namespaceSelector: 75 | matchNames: 76 | - {{ .Release.Namespace }} 77 | endpoints: 78 | - port: mps-port 79 | path: /api/metrics 80 | {{ end }} 81 | 82 | -------------------------------------------------------------------------------- /releases/R2023b/matlab-prodserver/templates/mps-2-configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: matlab-production-server-config 5 | namespace: {{ .Release.Namespace }} 6 | labels: 7 | release: {{ .Release.Name }} 8 | data: 9 | main_config: | 10 | --http 9910 11 | --ssl-verify-peer-mode no-verify-peer 12 | --ssl-protocols TLSv1.2 13 | --ssl-ciphers ALL 14 | --mcr-root /opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }} 15 | --num-workers {{ .Values.matlabProductionServerSettings.numWorkers | default 1 }} 16 | --worker-restart-interval 12:00:00 17 | --worker-memory-check-interval 0:00:30 18 | --queue-time-trigger 0:00:00.25 19 | --queue-time-target 0:00:00.25 20 | --num-threads 1 21 | --auto-deploy-root ./auto_deploy 22 | --request-size-limit 64MB 23 | --log-severity information 24 | --log-rotation-size 100MB 25 | --log-archive-root ./old_logs 26 | --log-archive-max-size 1GB 27 | --log-root ./log 28 | --log-stdout 29 | --license {{ .Values.global.licenseServer | default "27000@hostname" }} 30 | --license-grace-period 2:30 31 | --license-poll-interval 0:10 32 | --pid-root ./pid 33 | --endpoint-root ./endpoint 34 | --extract-root . 35 | --socket-root ./.mps_socket 36 | --main-log-format text/plain 37 | --disable-control-c 38 | --enable-graceful-shutdown 39 | --no-display 40 | --enable-http-pipelining 41 | --server-memory-threshold 2GB 42 | --server-memory-threshold-overflow-action purge_responses 43 | --enable-discovery 44 | --enable-metrics 45 | --routes-file ./config/routes.json 46 | 47 | {{- if .Values.optionalSettings.Redis.host }} 48 | mps_cache_config: | 49 | {"Connections": 50 | {"{{ .Values.optionalSettings.Redis.name }}": 51 | {"Provider":"Redis", 52 | "Host":{{ .Values.optionalSettings.Redis.host | quote }}, 53 | "Port":{{ .Values.optionalSettings.Redis.port | default 6379 }} 54 | {{- if .Values.optionalSettings.Redis.auth }} 55 | ,"Key":{{ .Values.optionalSettings.Redis.auth | quote }} 56 | {{- end }} 57 | } 58 | } 59 | } 60 | {{- end }} 61 | 62 | routes.json: | 63 | { 64 | "version": "1.0.0", 65 | "pathmap": [] 66 | } 67 | 68 | -------------------------------------------------------------------------------- /releases/R2023b/matlab-prodserver/templates/mps-3-deployment.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # MATLAB Production Server instance 3 | # 4 | apiVersion: apps/v1 5 | kind: Deployment 6 | metadata: 7 | name: matlab-production-server 8 | namespace: {{ .Release.Namespace }} 9 | labels: 10 | app: mps 11 | release: {{ .Release.Name }} 12 | spec: 13 | replicas: {{ .Values.deploymentSettings.replicaCount }} 14 | selector: 15 | matchLabels: 16 | app: mps 17 | template: 18 | metadata: 19 | labels: 20 | app: mps 21 | annotations: 22 | {{ if not .Values.optionalSettings.Prometheus.enabled }} 23 | prometheus.io/scrape: 'true' 24 | prometheus.io/path: '/api/metrics' 25 | prometheus.io/port: '9910' 26 | {{ end }} 27 | spec: 28 | securityContext: 29 | runAsNonRoot: true 30 | runAsUser: 1000 31 | runAsGroup: 1000 32 | 33 | containers: 34 | - name: mps 35 | image: {{ .Values.global.images.registry | default .Values.images.productionServer.registry }}/{{ .Values.images.productionServer.repository }}:{{ .Values.images.productionServer.tag }} 36 | env: 37 | - name: AGREE_TO_MATHWORKS_SOFTWARE_LICENSE 38 | value: {{ required "agreeToLicense must be set to \"yes\"." .Values.global.agreeToLicense | default "no" | lower | quote }} 39 | - name: AGREE_TO_MATLAB_RUNTIME_LICENSE 40 | value: {{ required "agreeToLicense must be set to \"yes\"." .Values.global.agreeToLicense | default "no" | lower | quote }} 41 | - name: LD_LIBRARY_PATH 42 | value: "/opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/runtime/glnxa64:/opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/bin/glnxa64:/opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/sys/os/glnxa64:/opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/extern/bin/glnxa64:/opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/sys/opengl/lib/glnxa64" 43 | {{ if .Values.optionalSettings.Redis.secretName }} 44 | - name: MPS_REDIS_PASSWORD 45 | valueFrom: 46 | secretKeyRef: 47 | name: {{ .Values.optionalSettings.Redis.secretName }} 48 | key: {{ .Values.optionalSettings.Redis.secretKey | default "redis-password" }} 49 | {{ end }} 50 | 51 | ports: 52 | - containerPort: 9910 53 | 54 | resources: 55 | requests: 56 | cpu: {{ .Values.deploymentSettings.cpuRequest | default "1" | quote }} 57 | memory: {{ .Values.deploymentSettings.memoryRequest | default "2Gi" | quote }} 58 | limits: 59 | cpu: {{ .Values.matlabProductionServerSettings.numWorkers | default "1" | quote }} 60 | memory: "8Gi" 61 | 62 | volumeMounts: 63 | - name: auto-deploy 64 | mountPath: "/opt/mpsinstance/auto_deploy" 65 | - name: mcr-root 66 | mountPath: "/opt/matlabruntime" 67 | - name: mps-config 68 | mountPath: "/opt/mpsinstance/config" 69 | 70 | startupProbe: 71 | exec: 72 | command: 73 | - ls 74 | - /opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/matlabruntime_license_agreement.pdf 75 | initialDelaySeconds: 10 76 | periodSeconds: 30 77 | 78 | livenessProbe: 79 | httpGet: 80 | path: /api/health 81 | port: 9910 82 | initialDelaySeconds: 10 83 | periodSeconds: 10 84 | 85 | lifecycle: 86 | preStop: 87 | exec: 88 | command: ["sh", "/opt/mpsinstance/stopmps.sh"] 89 | 90 | imagePullPolicy: {{ .Values.images.productionServer.pullPolicy }} 91 | 92 | initContainers: 93 | - name: matlab-runtime 94 | image: {{ .Values.global.images.registry | default .Values.images.matlabRuntime.registry }}/{{ .Values.images.matlabRuntime.repository }}:{{ .Values.images.matlabRuntime.tag }} 95 | 96 | command: 97 | - /bin/sh 98 | - -c 99 | - "cp -r /opt/matlabruntime/* /mnt/" 100 | 101 | volumeMounts: 102 | - name: mcr-root 103 | mountPath: "/mnt" 104 | 105 | imagePullPolicy: {{ .Values.images.matlabRuntime.pullPolicy }} 106 | 107 | restartPolicy: {{ .Values.deploymentSettings.restartPolicy }} 108 | imagePullSecrets: 109 | {{- if .Values.global.images.pullSecret }} 110 | - name: {{ .Values.global.images.pullSecret }} 111 | {{- end }} 112 | {{- if .Values.images.productionServer.pullSecret }} 113 | - name: {{ .Values.images.productionServer.pullSecret }} 114 | {{- end }} 115 | {{- if and .Values.images.matlabRuntime.pullSecret (ne .Values.images.matlabRuntime.pullSecret .Values.images.productionServer.pullSecret) }} 116 | - name: {{ .Values.images.matlabRuntime.pullSecret }} 117 | {{- end }} 118 | 119 | volumes: 120 | - name: mcr-root 121 | emptyDir: {} 122 | - name: mps-config 123 | configMap: 124 | name: matlab-production-server-config 125 | - name: auto-deploy 126 | {{- if eq .Values.matlabProductionServerSettings.autoDeploy.volumeType "hostpath" }} 127 | hostPath: 128 | path: {{ .Values.matlabProductionServerSettings.autoDeploy.hostpath }} 129 | type: Directory 130 | {{- else if eq .Values.matlabProductionServerSettings.autoDeploy.volumeType "nfs" }} 131 | nfs: 132 | server: {{ .Values.matlabProductionServerSettings.autoDeploy.server }} 133 | path: {{ .Values.matlabProductionServerSettings.autoDeploy.path }} 134 | readOnly: true 135 | {{- else if eq .Values.matlabProductionServerSettings.autoDeploy.volumeType "pvc" }} 136 | persistentVolumeClaim: 137 | claimName: {{ .Values.matlabProductionServerSettings.autoDeploy.claimName }} 138 | {{- else if eq .Values.matlabProductionServerSettings.autoDeploy.volumeType "azurefileshare" }} 139 | azureFile: 140 | shareName: {{ .Values.matlabProductionServerSettings.autoDeploy.shareName }} 141 | secretName: {{ .Values.matlabProductionServerSettings.autoDeploy.secretName }} 142 | readOnly: true 143 | {{ else }} 144 | emptyDir: {} 145 | {{- end }} 146 | 147 | -------------------------------------------------------------------------------- /releases/R2023b/matlab-prodserver/values.yaml: -------------------------------------------------------------------------------- 1 | # Values for MATLAB Production Server Helm Chart 2 | 3 | global: 4 | # MathWorks Cloud Reference Architecture License, example: "yes" (in quotes) 5 | agreeToLicense: "" 6 | # Network License Manager: server host and port number, example: 27000@hostname 7 | licenseServer: 27000@hostname 8 | # Override for a private container registry, example: cr.example.com, cr-secret 9 | images: 10 | registry: "" 11 | pullSecret: "" 12 | ingressController: 13 | # Nginx settings (optional) 14 | name: nginx 15 | annotations: {} 16 | 17 | # Ingress host 18 | domainBase: matlabprodserver.mwcloudtest.com 19 | # Ingress https (tls termination) 20 | tls: 21 | enabled: false 22 | # Name of kubernetes.io/tls secret with certificate data 23 | secretName: "" 24 | 25 | matlabProductionServerSettings: 26 | # CTF files are placed here for automatic deployment. 27 | autoDeploy: 28 | # Inline mount options: hostpath, nfs, pvc, azurefileshare, empty (default) 29 | volumeType: "empty" 30 | # Node mount dir, example: /mnt/share/autodeploy 31 | hostpath: "" 32 | # ================================================================= 33 | # NFS server, example: server-sb08-nfs 34 | server: "" 35 | # NFS subpath, example: /vmgr/sandbox/share/autodeploy 36 | path: "" 37 | # ================================================================= 38 | # Persistent-Volume-Claim name, example: autodeploy-pv-claim 39 | claimName: "" 40 | # ================================================================= 41 | # Azure storage account file share name, example: auto-deploy-share 42 | shareName: "" 43 | # Azure storage account key secret name, example: azure-file-secret 44 | secretName: "" 45 | # ================================================================= 46 | # Maximum number of worker processes (per pod). 47 | numWorkers: 2 48 | 49 | images: 50 | productionServer: 51 | registry: containers.mathworks.com 52 | repository: matlab-production-server 53 | tag: r2023b 54 | variant: R2023b 55 | pullPolicy: IfNotPresent 56 | pullSecret: "" 57 | 58 | matlabRuntime: 59 | registry: containers.mathworks.com 60 | repository: matlab-runtime 61 | tag: r2023b 62 | variant: R2023b 63 | pullPolicy: IfNotPresent 64 | pullSecret: "" 65 | 66 | deploymentSettings: 67 | cpuRequest: "1" 68 | memoryRequest: "2Gi" 69 | replicaCount: 1 70 | restartPolicy: Always 71 | 72 | optionalSettings: 73 | Redis: 74 | # Redis service fully qualified name, example: redis.namespace.svc.cluster.local 75 | host: "" 76 | auth: "" 77 | name: myRedis 78 | port: 6379 79 | secretName: "" 80 | secretKey: "" 81 | 82 | Prometheus: 83 | # Create a ServiceMonitor [monitoring.coreos.com/v1] for metrics discovery. 84 | # Requires Prometheus and Prometheus Operator (CRDs) to be pre-installed. 85 | enabled: false 86 | # Helm release name or app.kubernetes.io/part-of label of Prometheus stack. 87 | # ServiceMonitor needs to match on this value (if Prometheus is enabled). 88 | matchOn: prometheus 89 | -------------------------------------------------------------------------------- /releases/R2024a/matlab-prodserver/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | appVersion: "R2024a" 3 | description: MATLAB Production Server Helm chart for Kubernetes 4 | name: matlab-prodserver-k8s 5 | version: 1.0.3 6 | -------------------------------------------------------------------------------- /releases/R2024a/matlab-prodserver/templates/mps-1-service-ingress.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Expose MATLAB Production Server internal endpoint 3 | # 4 | kind: Service 5 | apiVersion: v1 6 | metadata: 7 | name: matlab-production-server 8 | namespace: {{ .Release.Namespace }} 9 | labels: 10 | app: mps 11 | release: {{ .Release.Name }} 12 | spec: 13 | selector: 14 | app: mps 15 | ports: 16 | - name: mps-port 17 | port: 9910 18 | targetPort: 9910 19 | type: ClusterIP 20 | 21 | --- 22 | {{- if .Values.global.ingressController.enabled }} 23 | apiVersion: networking.k8s.io/v1 24 | kind: Ingress 25 | metadata: 26 | name: matlab-production-server-ingress 27 | namespace: {{ .Release.Namespace }} 28 | labels: 29 | release: {{ .Release.Name }} 30 | annotations: 31 | {{ if .Values.global.ingressController }} 32 | ## set ingress-conroller vendor-specific annotations: 33 | {{- range $key, $value := .Values.global.ingressController.annotations }} 34 | {{ $key }}: {{ quote $value }} 35 | {{- end }} 36 | {{ end }} 37 | spec: 38 | ingressClassName: {{ .Values.global.ingressController.name }} 39 | {{ if .Values.global.ingressController.tls.enabled }} 40 | tls: 41 | - hosts: 42 | - {{ .Values.global.ingressController.domainBase }} 43 | {{- if .Values.global.ingressController.tls.secretName }} 44 | secretName: {{ .Values.global.ingressController.tls.secretName }} 45 | {{- end }} 46 | {{ end }} 47 | 48 | rules: 49 | - host: {{ .Values.global.ingressController.domainBase }} 50 | http: 51 | paths: 52 | - path: / 53 | pathType: Prefix 54 | backend: 55 | service: 56 | name: matlab-production-server 57 | port: 58 | number: 9910 59 | {{- end }} 60 | 61 | --- 62 | {{ if and (.Values.optionalSettings.Prometheus.enabled) (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/ServiceMonitor") }} 63 | apiVersion: monitoring.coreos.com/v1 64 | kind: ServiceMonitor 65 | metadata: 66 | name: matlab-production-server-monitor 67 | labels: 68 | app: mps 69 | app.kubernetes.io/part-of: {{ .Values.optionalSettings.Prometheus.matchOn }} 70 | release: {{ .Values.optionalSettings.Prometheus.matchOn }} 71 | spec: 72 | selector: 73 | matchLabels: 74 | app: mps 75 | release: {{ .Release.Name }} 76 | namespaceSelector: 77 | matchNames: 78 | - {{ .Release.Namespace }} 79 | endpoints: 80 | - port: mps-port 81 | path: /api/metrics 82 | {{ end }} 83 | 84 | -------------------------------------------------------------------------------- /releases/R2024a/matlab-prodserver/templates/mps-2-configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: matlab-production-server-config 5 | namespace: {{ .Release.Namespace }} 6 | labels: 7 | release: {{ .Release.Name }} 8 | data: 9 | main_config: | 10 | --http 9910 11 | --ssl-verify-peer-mode no-verify-peer 12 | --ssl-protocols TLSv1.2 13 | --ssl-ciphers ALL 14 | --mcr-root /opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }} 15 | --num-workers {{ .Values.matlabProductionServerSettings.numWorkers | default 1 }} 16 | --worker-restart-interval 12:00:00 17 | --worker-memory-check-interval 0:00:30 18 | --queue-time-trigger 0:00:00.25 19 | --queue-time-target 0:00:00.25 20 | --num-threads 1 21 | --auto-deploy-root ./auto_deploy 22 | --request-size-limit 64MB 23 | --log-severity information 24 | --log-rotation-size 100MB 25 | --log-archive-root ./old_logs 26 | --log-archive-max-size 1GB 27 | --log-root ./log 28 | --log-stdout 29 | --license {{ .Values.global.licenseServer | default "27000@hostname" }} 30 | --license-grace-period 2:30 31 | --license-poll-interval 0:10 32 | --pid-root ./pid 33 | --endpoint-root ./endpoint 34 | --extract-root . 35 | --socket-root ./.mps_socket 36 | --main-log-format text/plain 37 | --disable-control-c 38 | --enable-graceful-shutdown 39 | --no-display 40 | --enable-http-pipelining 41 | --server-memory-threshold 2GB 42 | --server-memory-threshold-overflow-action purge_responses 43 | --enable-discovery 44 | --enable-metrics 45 | --routes-file ./config/routes.json 46 | 47 | {{- if .Values.optionalSettings.Redis.host }} 48 | mps_cache_config: | 49 | {"Connections": 50 | {"{{ .Values.optionalSettings.Redis.name }}": 51 | {"Provider":"Redis", 52 | "Host":{{ .Values.optionalSettings.Redis.host | quote }}, 53 | "Port":{{ .Values.optionalSettings.Redis.port | default 6379 }} 54 | {{- if .Values.optionalSettings.Redis.auth }} 55 | ,"Key":{{ .Values.optionalSettings.Redis.auth | quote }} 56 | {{- end }} 57 | } 58 | } 59 | } 60 | {{- end }} 61 | 62 | routes.json: | 63 | { 64 | "version": "1.0.0", 65 | "pathmap": [] 66 | } 67 | 68 | -------------------------------------------------------------------------------- /releases/R2024a/matlab-prodserver/templates/mps-3-deployment.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # MATLAB Production Server instance 3 | # 4 | apiVersion: apps/v1 5 | kind: Deployment 6 | metadata: 7 | name: matlab-production-server 8 | namespace: {{ .Release.Namespace }} 9 | labels: 10 | app: mps 11 | release: {{ .Release.Name }} 12 | spec: 13 | replicas: {{ .Values.deploymentSettings.replicaCount }} 14 | selector: 15 | matchLabels: 16 | app: mps 17 | template: 18 | metadata: 19 | labels: 20 | app: mps 21 | annotations: 22 | {{ if not .Values.optionalSettings.Prometheus.enabled }} 23 | prometheus.io/scrape: 'true' 24 | prometheus.io/path: '/api/metrics' 25 | prometheus.io/port: '9910' 26 | {{ end }} 27 | spec: 28 | securityContext: 29 | runAsNonRoot: true 30 | runAsUser: 1000 31 | runAsGroup: 1000 32 | 33 | containers: 34 | - name: mps 35 | image: {{ .Values.global.images.registry | default .Values.images.productionServer.registry }}/{{ .Values.images.productionServer.repository }}:{{ .Values.images.productionServer.tag }} 36 | env: 37 | - name: AGREE_TO_MATHWORKS_SOFTWARE_LICENSE 38 | value: {{ required "agreeToLicense must be set to \"yes\"." .Values.global.agreeToLicense | default "no" | lower | quote }} 39 | - name: AGREE_TO_MATLAB_RUNTIME_LICENSE 40 | value: {{ required "agreeToLicense must be set to \"yes\"." .Values.global.agreeToLicense | default "no" | lower | quote }} 41 | - name: LD_LIBRARY_PATH 42 | value: "/opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/runtime/glnxa64:/opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/bin/glnxa64:/opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/sys/os/glnxa64:/opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/extern/bin/glnxa64:/opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/sys/opengl/lib/glnxa64" 43 | {{ if .Values.optionalSettings.Redis.secretName }} 44 | - name: MPS_REDIS_PASSWORD 45 | valueFrom: 46 | secretKeyRef: 47 | name: {{ .Values.optionalSettings.Redis.secretName }} 48 | key: {{ .Values.optionalSettings.Redis.secretKey | default "redis-password" }} 49 | {{ end }} 50 | 51 | ports: 52 | - containerPort: 9910 53 | 54 | resources: 55 | requests: 56 | cpu: {{ .Values.deploymentSettings.cpuRequest | default "1" | quote }} 57 | memory: {{ .Values.deploymentSettings.memoryRequest | default "2Gi" | quote }} 58 | limits: 59 | cpu: {{ .Values.matlabProductionServerSettings.numWorkers | default "1" | quote }} 60 | memory: "8Gi" 61 | 62 | volumeMounts: 63 | - name: auto-deploy 64 | mountPath: "/opt/mpsinstance/auto_deploy" 65 | - name: mcr-root 66 | mountPath: "/opt/matlabruntime" 67 | - name: mps-config 68 | mountPath: "/opt/mpsinstance/config" 69 | 70 | startupProbe: 71 | exec: 72 | command: 73 | - ls 74 | - /opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/matlabruntime_license_agreement.pdf 75 | initialDelaySeconds: 10 76 | periodSeconds: 30 77 | 78 | livenessProbe: 79 | httpGet: 80 | path: /api/health 81 | port: 9910 82 | initialDelaySeconds: 10 83 | periodSeconds: 10 84 | 85 | lifecycle: 86 | preStop: 87 | exec: 88 | command: ["sh", "/opt/mpsinstance/stopmps.sh"] 89 | 90 | imagePullPolicy: {{ .Values.images.productionServer.pullPolicy }} 91 | 92 | initContainers: 93 | - name: matlab-runtime 94 | image: {{ .Values.global.images.registry | default .Values.images.matlabRuntime.registry }}/{{ .Values.images.matlabRuntime.repository }}:{{ .Values.images.matlabRuntime.tag }} 95 | 96 | command: 97 | - /bin/sh 98 | - -c 99 | - "cp -r /opt/matlabruntime/* /mnt/" 100 | 101 | volumeMounts: 102 | - name: mcr-root 103 | mountPath: "/mnt" 104 | 105 | imagePullPolicy: {{ .Values.images.matlabRuntime.pullPolicy }} 106 | 107 | restartPolicy: {{ .Values.deploymentSettings.restartPolicy }} 108 | imagePullSecrets: 109 | {{- if .Values.global.images.pullSecret }} 110 | - name: {{ .Values.global.images.pullSecret }} 111 | {{- end }} 112 | {{- if .Values.images.productionServer.pullSecret }} 113 | - name: {{ .Values.images.productionServer.pullSecret }} 114 | {{- end }} 115 | {{- if and .Values.images.matlabRuntime.pullSecret (ne .Values.images.matlabRuntime.pullSecret .Values.images.productionServer.pullSecret) }} 116 | - name: {{ .Values.images.matlabRuntime.pullSecret }} 117 | {{- end }} 118 | 119 | volumes: 120 | - name: mcr-root 121 | emptyDir: {} 122 | - name: mps-config 123 | configMap: 124 | name: matlab-production-server-config 125 | - name: auto-deploy 126 | {{- if eq .Values.matlabProductionServerSettings.autoDeploy.volumeType "hostpath" }} 127 | hostPath: 128 | path: {{ .Values.matlabProductionServerSettings.autoDeploy.hostpath }} 129 | type: Directory 130 | {{- else if eq .Values.matlabProductionServerSettings.autoDeploy.volumeType "nfs" }} 131 | nfs: 132 | server: {{ .Values.matlabProductionServerSettings.autoDeploy.server }} 133 | path: {{ .Values.matlabProductionServerSettings.autoDeploy.path }} 134 | readOnly: true 135 | {{- else if eq .Values.matlabProductionServerSettings.autoDeploy.volumeType "pvc" }} 136 | persistentVolumeClaim: 137 | claimName: {{ .Values.matlabProductionServerSettings.autoDeploy.claimName }} 138 | {{- else if eq .Values.matlabProductionServerSettings.autoDeploy.volumeType "azurefileshare" }} 139 | azureFile: 140 | shareName: {{ .Values.matlabProductionServerSettings.autoDeploy.shareName }} 141 | secretName: {{ .Values.matlabProductionServerSettings.autoDeploy.secretName }} 142 | readOnly: true 143 | {{ else }} 144 | emptyDir: {} 145 | {{- end }} 146 | 147 | -------------------------------------------------------------------------------- /releases/R2024a/matlab-prodserver/values.yaml: -------------------------------------------------------------------------------- 1 | # Values for MATLAB Production Server Helm Chart 2 | 3 | global: 4 | # MathWorks Cloud Reference Architecture License, example: "yes" (in quotes) 5 | agreeToLicense: "" 6 | # Network License Manager: server host and port number, example: 27000@hostname 7 | licenseServer: 27000@hostname 8 | # Override for a private container registry, example: cr.example.com, cr-secret 9 | images: 10 | registry: "" 11 | pullSecret: "" 12 | ingressController: 13 | enabled: true # Create 'Ingress' API object 14 | # Nginx settings (optional) 15 | name: nginx 16 | annotations: {} 17 | 18 | # Ingress host 19 | domainBase: matlabprodserver.mwcloudtest.com 20 | # Ingress https (tls termination) 21 | tls: 22 | enabled: false 23 | # Name of kubernetes.io/tls secret with certificate data 24 | secretName: "" 25 | 26 | matlabProductionServerSettings: 27 | # CTF files are placed here for automatic deployment. 28 | autoDeploy: 29 | # Inline mount options: hostpath, nfs, pvc, azurefileshare, empty (default) 30 | volumeType: "empty" 31 | # Node mount dir, example: /mnt/share/autodeploy 32 | hostpath: "" 33 | # ================================================================= 34 | # NFS server, example: server-sb08-nfs 35 | server: "" 36 | # NFS subpath, example: /vmgr/sandbox/share/autodeploy 37 | path: "" 38 | # ================================================================= 39 | # Persistent-Volume-Claim name, example: autodeploy-pv-claim 40 | claimName: "" 41 | # ================================================================= 42 | # Azure storage account file share name, example: auto-deploy-share 43 | shareName: "" 44 | # Azure storage account key secret name, example: azure-file-secret 45 | secretName: "" 46 | # ================================================================= 47 | # Maximum number of worker processes (per pod). 48 | numWorkers: 2 49 | 50 | images: 51 | productionServer: 52 | registry: containers.mathworks.com 53 | repository: matlab-production-server 54 | tag: r2024a 55 | variant: R2024a 56 | pullPolicy: IfNotPresent 57 | pullSecret: "" 58 | 59 | matlabRuntime: 60 | registry: containers.mathworks.com 61 | repository: matlab-runtime 62 | tag: r2024a 63 | variant: R2024a 64 | pullPolicy: IfNotPresent 65 | pullSecret: "" 66 | 67 | deploymentSettings: 68 | cpuRequest: "1" 69 | memoryRequest: "2Gi" 70 | replicaCount: 1 71 | restartPolicy: Always 72 | 73 | optionalSettings: 74 | Redis: 75 | # Redis service fully qualified name, example: redis.namespace.svc.cluster.local 76 | host: "" 77 | auth: "" 78 | name: myRedis 79 | port: 6379 80 | secretName: "" 81 | secretKey: "" 82 | 83 | Prometheus: 84 | # Create a ServiceMonitor [monitoring.coreos.com/v1] for metrics discovery. 85 | # Requires Prometheus and Prometheus Operator (CRDs) to be pre-installed. 86 | enabled: false 87 | # Helm release name or app.kubernetes.io/part-of label of Prometheus stack. 88 | # ServiceMonitor needs to match on this value (if Prometheus is enabled). 89 | matchOn: prometheus 90 | -------------------------------------------------------------------------------- /releases/R2024b/matlab-prodserver/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | appVersion: "R2024b" 3 | description: MATLAB Production Server Helm chart for Kubernetes 4 | name: matlab-prodserver-k8s 5 | version: 1.1.0 6 | -------------------------------------------------------------------------------- /releases/R2024b/matlab-prodserver/templates/mps-1-service-ingress.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Expose MATLAB Production Server internal endpoint 3 | # 4 | kind: Service 5 | apiVersion: v1 6 | metadata: 7 | name: matlab-production-server 8 | namespace: {{ .Release.Namespace }} 9 | labels: 10 | app: mps 11 | release: {{ .Release.Name }} 12 | spec: 13 | selector: 14 | app: mps 15 | ports: 16 | - name: mps-port 17 | port: 9910 18 | targetPort: 9910 19 | type: ClusterIP 20 | 21 | --- 22 | {{- if .Values.global.ingressController.enabled }} 23 | apiVersion: networking.k8s.io/v1 24 | kind: Ingress 25 | metadata: 26 | name: matlab-production-server-ingress 27 | namespace: {{ .Release.Namespace }} 28 | labels: 29 | release: {{ .Release.Name }} 30 | annotations: 31 | {{ if .Values.global.ingressController }} 32 | ## set ingress-conroller vendor-specific annotations: 33 | {{- range $key, $value := .Values.global.ingressController.annotations }} 34 | {{ $key }}: {{ quote $value }} 35 | {{- end }} 36 | {{ end }} 37 | spec: 38 | ingressClassName: {{ .Values.global.ingressController.name }} 39 | {{ if .Values.global.ingressController.tls.enabled }} 40 | tls: 41 | - hosts: 42 | - {{ .Values.global.ingressController.domainBase }} 43 | {{- if .Values.global.ingressController.tls.secretName }} 44 | secretName: {{ .Values.global.ingressController.tls.secretName }} 45 | {{- end }} 46 | {{ end }} 47 | 48 | rules: 49 | - host: {{ .Values.global.ingressController.domainBase }} 50 | http: 51 | paths: 52 | - path: / 53 | pathType: Prefix 54 | backend: 55 | service: 56 | name: matlab-production-server 57 | port: 58 | number: 9910 59 | {{- end }} 60 | 61 | --- 62 | {{ if and (.Values.optionalSettings.Prometheus.enabled) (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/ServiceMonitor") }} 63 | apiVersion: monitoring.coreos.com/v1 64 | kind: ServiceMonitor 65 | metadata: 66 | name: matlab-production-server-monitor 67 | labels: 68 | app: mps 69 | app.kubernetes.io/part-of: {{ .Values.optionalSettings.Prometheus.matchOn }} 70 | release: {{ .Values.optionalSettings.Prometheus.matchOn }} 71 | spec: 72 | selector: 73 | matchLabels: 74 | app: mps 75 | release: {{ .Release.Name }} 76 | namespaceSelector: 77 | matchNames: 78 | - {{ .Release.Namespace }} 79 | endpoints: 80 | - port: mps-port 81 | path: /api/metrics 82 | {{ end }} 83 | 84 | -------------------------------------------------------------------------------- /releases/R2024b/matlab-prodserver/templates/mps-2-configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: matlab-production-server-config 5 | namespace: {{ .Release.Namespace }} 6 | labels: 7 | release: {{ .Release.Name }} 8 | data: 9 | main_config: | 10 | --http 9910 11 | --ssl-verify-peer-mode no-verify-peer 12 | --ssl-protocols TLSv1.2 13 | --ssl-ciphers ALL 14 | --mcr-root /opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }} 15 | --num-workers {{ .Values.matlabProductionServerSettings.numWorkers | default 1 }} 16 | --worker-restart-interval 12:00:00 17 | --worker-memory-check-interval 0:00:30 18 | --queue-time-trigger 0:00:00.25 19 | --queue-time-target 0:00:00.25 20 | --num-threads 1 21 | --auto-deploy-root ./auto_deploy 22 | --request-size-limit 64MB 23 | --log-severity information 24 | --log-rotation-size 100MB 25 | --log-archive-root ./old_logs 26 | --log-archive-max-size 1GB 27 | --log-root ./log 28 | --log-stdout 29 | --license {{ .Values.global.licenseServer | default "27000@hostname" }} 30 | --license-grace-period 2:30 31 | --license-poll-interval 0:10 32 | --pid-root ./pid 33 | --endpoint-root ./endpoint 34 | --extract-root . 35 | --socket-root ./.mps_socket 36 | --main-log-format text/plain 37 | --disable-control-c 38 | --enable-graceful-shutdown 39 | --no-display 40 | --enable-http-pipelining 41 | --server-memory-threshold 2GB 42 | --server-memory-threshold-overflow-action purge_responses 43 | --enable-discovery 44 | --enable-metrics 45 | --routes-file ./config/routes.json 46 | 47 | {{- if .Values.optionalSettings.Redis.host }} 48 | mps_cache_config: | 49 | {"Connections": 50 | {"{{ .Values.optionalSettings.Redis.name }}": 51 | {"Provider":"Redis", 52 | "Host":{{ .Values.optionalSettings.Redis.host | quote }}, 53 | "Port":{{ .Values.optionalSettings.Redis.port | default 6379 }} 54 | {{- if .Values.optionalSettings.Redis.auth }} 55 | ,"Key":{{ .Values.optionalSettings.Redis.auth | quote }} 56 | {{- end }} 57 | } 58 | } 59 | } 60 | {{- end }} 61 | 62 | routes.json: | 63 | { 64 | "version": "1.0.0", 65 | "pathmap": [] 66 | } 67 | 68 | -------------------------------------------------------------------------------- /releases/R2024b/matlab-prodserver/templates/mps-3-deployment.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # MATLAB Production Server instance 3 | # 4 | apiVersion: apps/v1 5 | kind: Deployment 6 | metadata: 7 | name: matlab-production-server 8 | namespace: {{ .Release.Namespace }} 9 | labels: 10 | app: mps 11 | release: {{ .Release.Name }} 12 | spec: 13 | replicas: {{ .Values.deploymentSettings.replicaCount }} 14 | selector: 15 | matchLabels: 16 | app: mps 17 | template: 18 | metadata: 19 | labels: 20 | app: mps 21 | annotations: 22 | {{ if not .Values.optionalSettings.Prometheus.enabled }} 23 | prometheus.io/scrape: 'true' 24 | prometheus.io/path: '/api/metrics' 25 | prometheus.io/port: '9910' 26 | {{ end }} 27 | spec: 28 | securityContext: 29 | runAsNonRoot: true 30 | runAsUser: 1001 31 | runAsGroup: 1001 32 | 33 | containers: 34 | - name: mps 35 | image: {{ .Values.global.images.registry | default .Values.images.productionServer.registry }}/{{ .Values.images.productionServer.repository }}:{{ .Values.images.productionServer.tag }} 36 | env: 37 | - name: AGREE_TO_MATHWORKS_SOFTWARE_LICENSE 38 | value: {{ required "agreeToLicense must be set to \"yes\"." .Values.global.agreeToLicense | default "no" | lower | quote }} 39 | - name: AGREE_TO_MATLAB_RUNTIME_LICENSE 40 | value: {{ required "agreeToLicense must be set to \"yes\"." .Values.global.agreeToLicense | default "no" | lower | quote }} 41 | - name: LD_LIBRARY_PATH 42 | value: "/opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/runtime/glnxa64:/opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/bin/glnxa64:/opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/sys/os/glnxa64:/opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/extern/bin/glnxa64:/opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/sys/opengl/lib/glnxa64" 43 | {{ if .Values.optionalSettings.Redis.secretName }} 44 | - name: MPS_REDIS_PASSWORD 45 | valueFrom: 46 | secretKeyRef: 47 | name: {{ .Values.optionalSettings.Redis.secretName }} 48 | key: {{ .Values.optionalSettings.Redis.secretKey | default "redis-password" }} 49 | {{ end }} 50 | 51 | ports: 52 | - containerPort: 9910 53 | 54 | resources: 55 | requests: 56 | cpu: {{ .Values.deploymentSettings.cpuRequest | default "1" | quote }} 57 | memory: {{ .Values.deploymentSettings.memoryRequest | default "2Gi" | quote }} 58 | limits: 59 | cpu: {{ .Values.matlabProductionServerSettings.numWorkers | default "1" | quote }} 60 | memory: "8Gi" 61 | 62 | volumeMounts: 63 | - name: auto-deploy 64 | mountPath: "/opt/mpsinstance/auto_deploy" 65 | - name: mcr-root 66 | mountPath: "/opt/matlabruntime" 67 | - name: mps-config 68 | mountPath: "/opt/mpsinstance/config" 69 | 70 | startupProbe: 71 | exec: 72 | command: 73 | - ls 74 | - /opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/matlabruntime_license_agreement.pdf 75 | initialDelaySeconds: 10 76 | periodSeconds: 30 77 | 78 | livenessProbe: 79 | httpGet: 80 | path: /api/health 81 | port: 9910 82 | initialDelaySeconds: 10 83 | periodSeconds: 10 84 | 85 | lifecycle: 86 | preStop: 87 | exec: 88 | command: ["sh", "/opt/mpsinstance/stopmps.sh"] 89 | 90 | imagePullPolicy: {{ .Values.images.productionServer.pullPolicy }} 91 | 92 | initContainers: 93 | - name: matlab-runtime 94 | image: {{ .Values.global.images.registry | default .Values.images.matlabRuntime.registry }}/{{ .Values.images.matlabRuntime.repository }}:{{ .Values.images.matlabRuntime.tag }} 95 | 96 | command: 97 | - /bin/sh 98 | - -c 99 | - "cp -r /opt/matlabruntime/* /mnt/" 100 | 101 | volumeMounts: 102 | - name: mcr-root 103 | mountPath: "/mnt" 104 | 105 | imagePullPolicy: {{ .Values.images.matlabRuntime.pullPolicy }} 106 | 107 | restartPolicy: {{ .Values.deploymentSettings.restartPolicy }} 108 | imagePullSecrets: 109 | {{- if .Values.global.images.pullSecret }} 110 | - name: {{ .Values.global.images.pullSecret }} 111 | {{- end }} 112 | {{- if .Values.images.productionServer.pullSecret }} 113 | - name: {{ .Values.images.productionServer.pullSecret }} 114 | {{- end }} 115 | {{- if and .Values.images.matlabRuntime.pullSecret (ne .Values.images.matlabRuntime.pullSecret .Values.images.productionServer.pullSecret) }} 116 | - name: {{ .Values.images.matlabRuntime.pullSecret }} 117 | {{- end }} 118 | 119 | volumes: 120 | - name: mcr-root 121 | emptyDir: {} 122 | - name: mps-config 123 | configMap: 124 | name: matlab-production-server-config 125 | - name: auto-deploy 126 | {{- if eq .Values.matlabProductionServerSettings.autoDeploy.volumeType "hostpath" }} 127 | hostPath: 128 | path: {{ .Values.matlabProductionServerSettings.autoDeploy.hostpath }} 129 | type: Directory 130 | {{- else if eq .Values.matlabProductionServerSettings.autoDeploy.volumeType "nfs" }} 131 | nfs: 132 | server: {{ .Values.matlabProductionServerSettings.autoDeploy.server }} 133 | path: {{ .Values.matlabProductionServerSettings.autoDeploy.path }} 134 | readOnly: true 135 | {{- else if eq .Values.matlabProductionServerSettings.autoDeploy.volumeType "pvc" }} 136 | persistentVolumeClaim: 137 | claimName: {{ .Values.matlabProductionServerSettings.autoDeploy.claimName }} 138 | {{- else if eq .Values.matlabProductionServerSettings.autoDeploy.volumeType "azurefileshare" }} 139 | azureFile: 140 | shareName: {{ .Values.matlabProductionServerSettings.autoDeploy.shareName }} 141 | secretName: {{ .Values.matlabProductionServerSettings.autoDeploy.secretName }} 142 | readOnly: true 143 | {{ else }} 144 | emptyDir: {} 145 | {{- end }} 146 | 147 | -------------------------------------------------------------------------------- /releases/R2024b/matlab-prodserver/values.yaml: -------------------------------------------------------------------------------- 1 | # Values for MATLAB Production Server Helm Chart 2 | 3 | global: 4 | # MathWorks Cloud Reference Architecture License, example: "yes" (in quotes) 5 | agreeToLicense: "" 6 | # Network License Manager: server host and port number, example: 27000@hostname 7 | licenseServer: 27000@hostname 8 | # Override for a private container registry, example: cr.example.com, cr-secret 9 | images: 10 | registry: "" 11 | pullSecret: "" 12 | ingressController: 13 | enabled: false # Create 'Ingress' API object 14 | # Nginx settings (optional) 15 | name: nginx 16 | annotations: {} 17 | 18 | # Ingress host 19 | domainBase: matlabprodserver.mwcloudtest.com 20 | # Ingress https (tls termination) 21 | tls: 22 | enabled: false 23 | # Name of kubernetes.io/tls secret with certificate data 24 | secretName: "" 25 | 26 | matlabProductionServerSettings: 27 | # CTF files are placed here for automatic deployment. 28 | autoDeploy: 29 | # Inline mount options: hostpath, nfs, pvc, azurefileshare, empty (default) 30 | volumeType: "empty" 31 | # Node mount dir, example: /mnt/share/autodeploy 32 | hostpath: "" 33 | # ================================================================= 34 | # NFS server, example: server-sb08-nfs 35 | server: "" 36 | # NFS subpath, example: /vmgr/sandbox/share/autodeploy 37 | path: "" 38 | # ================================================================= 39 | # Persistent-Volume-Claim name, example: autodeploy-pv-claim 40 | claimName: "" 41 | # ================================================================= 42 | # Azure storage account file share name, example: auto-deploy-share 43 | shareName: "" 44 | # Azure storage account key secret name, example: azure-file-secret 45 | secretName: "" 46 | # ================================================================= 47 | # Maximum number of worker processes (per pod). 48 | numWorkers: 2 49 | 50 | images: 51 | productionServer: 52 | registry: containers.mathworks.com 53 | repository: matlab-production-server 54 | tag: r2024b 55 | variant: R2024b 56 | pullPolicy: IfNotPresent 57 | pullSecret: "" 58 | 59 | matlabRuntime: 60 | registry: containers.mathworks.com 61 | repository: matlab-runtime 62 | tag: r2024b 63 | variant: R2024b 64 | pullPolicy: IfNotPresent 65 | pullSecret: "" 66 | 67 | deploymentSettings: 68 | cpuRequest: "1" 69 | memoryRequest: "2Gi" 70 | replicaCount: 1 71 | restartPolicy: Always 72 | 73 | optionalSettings: 74 | Redis: 75 | # Redis service fully qualified name, example: redis.namespace.svc.cluster.local 76 | host: "" 77 | auth: "" 78 | name: myRedis 79 | port: 6379 80 | secretName: "" 81 | secretKey: "" 82 | 83 | Prometheus: 84 | # Create a ServiceMonitor [monitoring.coreos.com/v1] for metrics discovery. 85 | # Requires Prometheus and Prometheus Operator (CRDs) to be pre-installed. 86 | enabled: false 87 | # Helm release name or app.kubernetes.io/part-of label of Prometheus stack. 88 | # ServiceMonitor needs to match on this value (if Prometheus is enabled). 89 | matchOn: prometheus 90 | -------------------------------------------------------------------------------- /releases/R2025a/matlab-prodserver/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | appVersion: "R2025a" 3 | description: MATLAB Production Server Helm chart for Kubernetes 4 | name: matlab-prodserver-k8s 5 | version: 1.2.0 6 | -------------------------------------------------------------------------------- /releases/R2025a/matlab-prodserver/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | # Chart validation checks: 2 | 3 | {{- define "checkConditionReplicaCount" -}} 4 | {{- if and (gt (int .Values.deploymentSettings.replicaCount) 1) .Values.matlabProductionServerSettings.autoDeploy.archivesApi.createPVC }} 5 | {{- if ne .Values.matlabProductionServerSettings.autoDeploy.archivesApi.accessMode "ReadWriteMany" }} 6 | {{- fail "Configuring multiple replicas requires PVC with ReadWriteMany Access-Mode." }} 7 | {{- end }} 8 | {{- end }} 9 | {{- end }} 10 | 11 | {{- define "checkConditionVolumeType" -}} 12 | {{- if .Values.matlabProductionServerSettings.autoDeploy.archivesApi.enabled }} 13 | {{- $volumeType := .Values.matlabProductionServerSettings.autoDeploy.volumeType }} 14 | {{- if and (ne $volumeType "pvc") (ne $volumeType "empty") }} 15 | {{- fail "Configuring archives API is only supported with pvc or empty volume types." }} 16 | {{- end }} 17 | {{- end }} 18 | {{- end }} 19 | -------------------------------------------------------------------------------- /releases/R2025a/matlab-prodserver/templates/mps-1-service-ingress.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Expose MATLAB Production Server internal endpoint 3 | # 4 | kind: Service 5 | apiVersion: v1 6 | metadata: 7 | name: matlab-production-server 8 | namespace: {{ .Release.Namespace }} 9 | labels: 10 | app: mps 11 | release: {{ .Release.Name }} 12 | spec: 13 | selector: 14 | app: mps 15 | ports: 16 | - name: mps-port 17 | port: 9910 18 | targetPort: 9910 19 | type: ClusterIP 20 | 21 | --- 22 | {{- if .Values.global.ingressController.enabled }} 23 | apiVersion: networking.k8s.io/v1 24 | kind: Ingress 25 | metadata: 26 | name: matlab-production-server-ingress 27 | namespace: {{ .Release.Namespace }} 28 | labels: 29 | release: {{ .Release.Name }} 30 | annotations: 31 | {{ if .Values.global.ingressController }} 32 | ## set ingress-conroller vendor-specific annotations: 33 | {{- range $key, $value := .Values.global.ingressController.annotations }} 34 | {{ $key }}: {{ quote $value }} 35 | {{- end }} 36 | {{ end }} 37 | spec: 38 | ingressClassName: {{ .Values.global.ingressController.name }} 39 | {{ if .Values.global.ingressController.tls.enabled }} 40 | tls: 41 | - hosts: 42 | - {{ .Values.global.ingressController.domainBase }} 43 | {{- if .Values.global.ingressController.tls.secretName }} 44 | secretName: {{ .Values.global.ingressController.tls.secretName }} 45 | {{- end }} 46 | {{ end }} 47 | 48 | rules: 49 | - host: {{ .Values.global.ingressController.domainBase }} 50 | http: 51 | paths: 52 | - path: / 53 | pathType: Prefix 54 | backend: 55 | service: 56 | name: matlab-production-server 57 | port: 58 | number: 9910 59 | {{- end }} 60 | 61 | --- 62 | {{ if and (.Values.optionalSettings.Prometheus.enabled) (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/ServiceMonitor") }} 63 | apiVersion: monitoring.coreos.com/v1 64 | kind: ServiceMonitor 65 | metadata: 66 | name: matlab-production-server-monitor 67 | labels: 68 | app: mps 69 | app.kubernetes.io/part-of: {{ .Values.optionalSettings.Prometheus.matchOn }} 70 | release: {{ .Values.optionalSettings.Prometheus.matchOn }} 71 | spec: 72 | selector: 73 | matchLabels: 74 | app: mps 75 | release: {{ .Release.Name }} 76 | namespaceSelector: 77 | matchNames: 78 | - {{ .Release.Namespace }} 79 | endpoints: 80 | - port: mps-port 81 | path: /api/metrics 82 | {{ end }} 83 | 84 | -------------------------------------------------------------------------------- /releases/R2025a/matlab-prodserver/templates/mps-2-configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: matlab-production-server-config 5 | namespace: {{ .Release.Namespace }} 6 | labels: 7 | release: {{ .Release.Name }} 8 | data: 9 | main_config: | 10 | --http 9910 11 | --ssl-verify-peer-mode no-verify-peer 12 | --ssl-protocols TLSv1.2 13 | --ssl-ciphers ALL 14 | --mcr-root /opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }} 15 | --num-workers {{ .Values.matlabProductionServerSettings.numWorkers | default 1 }} 16 | --worker-restart-interval 12:00:00 17 | --worker-memory-check-interval 0:00:30 18 | --queue-time-trigger 0:00:00.25 19 | --queue-time-target 0:00:00.25 20 | --num-threads 1 21 | --auto-deploy-root ./auto_deploy 22 | --request-size-limit 64MB 23 | --log-severity information 24 | --log-rotation-size 100MB 25 | --log-archive-root ./old_logs 26 | --log-archive-max-size 1GB 27 | {{ ternary "--log-root ./log" "" .Values.matlabProductionServerSettings.localFileLogging }} 28 | --log-stdout 29 | --license {{ .Values.global.licenseServer | default "27000@hostname" }} 30 | --license-grace-period 2:30 31 | --license-poll-interval 0:10 32 | --pid-root ./pid 33 | --endpoint-root ./endpoint 34 | --extract-root . 35 | --socket-root ./.mps_socket 36 | --main-log-format text/plain 37 | --disable-control-c 38 | --enable-graceful-shutdown 39 | --no-display 40 | --enable-http-pipelining 41 | --server-memory-threshold 2GB 42 | --server-memory-threshold-overflow-action purge_responses 43 | --enable-discovery 44 | --enable-metrics 45 | {{ ternary "--enable-archive-management" "" .Values.matlabProductionServerSettings.autoDeploy.archivesApi.enabled }} 46 | --routes-file ./config/routes.json 47 | {{- if .Values.matlabProductionServerSettings.accessControl.enabled }} 48 | --access-control-provider OAuth2 49 | --access-control-config ./config/jwt_idp.json 50 | --access-control-policy ./config/ac_policy.json 51 | 52 | jwt_idp.json: {{ .Values.matlabProductionServerSettings.accessControl.identityProvider | quote }} 53 | 54 | ac_policy.json: {{ .Values.matlabProductionServerSettings.accessControl.policyRules | quote }} 55 | {{- end }} 56 | 57 | {{- if .Values.optionalSettings.Redis.host }} 58 | mps_cache_config: | 59 | {"Connections": 60 | {"{{ .Values.optionalSettings.Redis.name }}": 61 | {"Provider":"Redis", 62 | "Host":{{ .Values.optionalSettings.Redis.host | quote }}, 63 | "Port":{{ .Values.optionalSettings.Redis.port | default 6379 }} 64 | {{- if .Values.optionalSettings.Redis.auth }} 65 | ,"Key":{{ .Values.optionalSettings.Redis.auth | quote }} 66 | {{- end }} 67 | } 68 | } 69 | } 70 | {{- end }} 71 | 72 | routes.json: | 73 | { 74 | "version": "1.0.0", 75 | "pathmap": [] 76 | } 77 | 78 | -------------------------------------------------------------------------------- /releases/R2025a/matlab-prodserver/templates/mps-3-deployment.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # MATLAB Production Server instance 3 | # 4 | {{- include "checkConditionVolumeType" . }} 5 | {{- include "checkConditionReplicaCount" . }} 6 | 7 | apiVersion: apps/v1 8 | kind: Deployment 9 | metadata: 10 | name: matlab-production-server 11 | namespace: {{ .Release.Namespace }} 12 | labels: 13 | app: mps 14 | release: {{ .Release.Name }} 15 | spec: 16 | replicas: {{ .Values.deploymentSettings.replicaCount }} 17 | selector: 18 | matchLabels: 19 | app: mps 20 | template: 21 | metadata: 22 | labels: 23 | app: mps 24 | annotations: 25 | checksum/config: {{ include (print $.Template.BasePath "/mps-2-configmap.yaml") . | sha256sum }} 26 | {{ if not .Values.optionalSettings.Prometheus.enabled }} 27 | prometheus.io/scrape: 'true' 28 | prometheus.io/path: '/api/metrics' 29 | prometheus.io/port: '9910' 30 | {{ end }} 31 | spec: 32 | securityContext: 33 | runAsNonRoot: true 34 | runAsUser: 1001 35 | runAsGroup: 1001 36 | {{- if .Values.matlabProductionServerSettings.autoDeploy.archivesApi.createPVC }} 37 | fsGroup: 1001 38 | {{- end }} 39 | 40 | containers: 41 | - name: mps 42 | image: {{ .Values.global.images.registry | default .Values.images.productionServer.registry }}/{{ .Values.images.productionServer.repository }}:{{ .Values.images.productionServer.tag }} 43 | env: 44 | - name: AGREE_TO_MATHWORKS_SOFTWARE_LICENSE 45 | value: {{ required "agreeToLicense must be set to \"yes\"." .Values.global.agreeToLicense | default "no" | lower | quote }} 46 | - name: AGREE_TO_MATLAB_RUNTIME_LICENSE 47 | value: {{ required "agreeToLicense must be set to \"yes\"." .Values.global.agreeToLicense | default "no" | lower | quote }} 48 | - name: LD_LIBRARY_PATH 49 | value: "/opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/runtime/glnxa64:/opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/bin/glnxa64:/opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/sys/os/glnxa64:/opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/extern/bin/glnxa64:/opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/sys/opengl/lib/glnxa64" 50 | {{ if .Values.optionalSettings.Redis.secretName }} 51 | - name: MPS_REDIS_PASSWORD 52 | valueFrom: 53 | secretKeyRef: 54 | name: {{ .Values.optionalSettings.Redis.secretName }} 55 | key: {{ .Values.optionalSettings.Redis.secretKey | default "redis-password" }} 56 | {{ end }} 57 | 58 | ports: 59 | - containerPort: 9910 60 | 61 | resources: 62 | requests: 63 | cpu: {{ .Values.deploymentSettings.cpuRequest | default "1" | quote }} 64 | memory: {{ .Values.deploymentSettings.memoryRequest | default "2Gi" | quote }} 65 | limits: 66 | cpu: {{ .Values.matlabProductionServerSettings.numWorkers | default "1" | quote }} 67 | memory: "8Gi" 68 | 69 | volumeMounts: 70 | - name: auto-deploy 71 | mountPath: "/opt/mpsinstance/auto_deploy" 72 | - name: mcr-root 73 | mountPath: "/opt/matlabruntime" 74 | - name: mps-config 75 | mountPath: "/opt/mpsinstance/config" 76 | 77 | startupProbe: 78 | exec: 79 | command: 80 | - ls 81 | - /opt/matlabruntime/{{ .Values.images.matlabRuntime.variant }}/matlabruntime_license_agreement.pdf 82 | initialDelaySeconds: 10 83 | periodSeconds: 30 84 | 85 | livenessProbe: 86 | httpGet: 87 | path: /api/health 88 | port: 9910 89 | initialDelaySeconds: 10 90 | periodSeconds: 10 91 | 92 | lifecycle: 93 | preStop: 94 | exec: 95 | command: ["sh", "/opt/mpsinstance/stopmps.sh"] 96 | 97 | imagePullPolicy: {{ .Values.images.productionServer.pullPolicy }} 98 | 99 | initContainers: 100 | - name: matlab-runtime 101 | image: {{ .Values.global.images.registry | default .Values.images.matlabRuntime.registry }}/{{ .Values.images.matlabRuntime.repository }}:{{ .Values.images.matlabRuntime.tag }} 102 | 103 | command: 104 | - /bin/sh 105 | - -c 106 | - "cp -r /opt/matlabruntime/* /mnt/" 107 | 108 | resources: 109 | limits: 110 | cpu: "1" 111 | memory: "4Gi" 112 | 113 | volumeMounts: 114 | - name: mcr-root 115 | mountPath: "/mnt" 116 | 117 | imagePullPolicy: {{ .Values.images.matlabRuntime.pullPolicy }} 118 | 119 | restartPolicy: {{ .Values.deploymentSettings.restartPolicy }} 120 | imagePullSecrets: 121 | {{- if .Values.global.images.pullSecret }} 122 | - name: {{ .Values.global.images.pullSecret }} 123 | {{- end }} 124 | {{- if .Values.images.productionServer.pullSecret }} 125 | - name: {{ .Values.images.productionServer.pullSecret }} 126 | {{- end }} 127 | {{- if and .Values.images.matlabRuntime.pullSecret (ne .Values.images.matlabRuntime.pullSecret .Values.images.productionServer.pullSecret) }} 128 | - name: {{ .Values.images.matlabRuntime.pullSecret }} 129 | {{- end }} 130 | 131 | volumes: 132 | - name: mcr-root 133 | emptyDir: {} 134 | - name: mps-config 135 | configMap: 136 | name: matlab-production-server-config 137 | - name: auto-deploy 138 | {{- if .Values.matlabProductionServerSettings.autoDeploy.archivesApi.enabled }} 139 | # Valid options when archives API is enabled: createPVC: true / volumeType: pvc / empty 140 | {{- if .Values.matlabProductionServerSettings.autoDeploy.archivesApi.createPVC }} 141 | persistentVolumeClaim: 142 | claimName: dynamic-auto-deploy 143 | {{- else if eq .Values.matlabProductionServerSettings.autoDeploy.volumeType "pvc" }} 144 | persistentVolumeClaim: 145 | claimName: {{ .Values.matlabProductionServerSettings.autoDeploy.claimName }} 146 | {{ else }} 147 | emptyDir: {} 148 | {{- end }} 149 | # Valid options for predef static volume: hostpath / nfs / pvc / azurefileshare / empty 150 | {{- else if eq .Values.matlabProductionServerSettings.autoDeploy.volumeType "hostpath" }} 151 | hostPath: 152 | path: {{ .Values.matlabProductionServerSettings.autoDeploy.hostpath }} 153 | type: Directory 154 | {{- else if eq .Values.matlabProductionServerSettings.autoDeploy.volumeType "nfs" }} 155 | nfs: 156 | server: {{ .Values.matlabProductionServerSettings.autoDeploy.server }} 157 | path: {{ .Values.matlabProductionServerSettings.autoDeploy.path }} 158 | readOnly: true 159 | {{- else if eq .Values.matlabProductionServerSettings.autoDeploy.volumeType "pvc" }} 160 | persistentVolumeClaim: 161 | claimName: {{ .Values.matlabProductionServerSettings.autoDeploy.claimName }} 162 | {{- else if eq .Values.matlabProductionServerSettings.autoDeploy.volumeType "azurefileshare" }} 163 | azureFile: 164 | shareName: {{ .Values.matlabProductionServerSettings.autoDeploy.shareName }} 165 | secretName: {{ .Values.matlabProductionServerSettings.autoDeploy.secretName }} 166 | readOnly: true 167 | {{ else }} 168 | emptyDir: {} 169 | {{- end }} 170 | 171 | -------------------------------------------------------------------------------- /releases/R2025a/matlab-prodserver/templates/mps-4-persistent-volume-claim.yaml: -------------------------------------------------------------------------------- 1 | {{ if .Values.matlabProductionServerSettings.autoDeploy.archivesApi.createPVC }} 2 | apiVersion: v1 3 | kind: PersistentVolumeClaim 4 | metadata: 5 | name: dynamic-auto-deploy 6 | namespace: {{ .Release.Namespace }} 7 | labels: 8 | app: mps 9 | release: {{ .Release.Name }} 10 | spec: 11 | accessModes: 12 | - {{ .Values.matlabProductionServerSettings.autoDeploy.archivesApi.accessMode | default "ReadWriteOnce" }} 13 | volumeMode: Filesystem 14 | storageClassName: {{ .Values.matlabProductionServerSettings.autoDeploy.archivesApi.storageClassName | default "" }} 15 | resources: 16 | requests: 17 | storage: {{ .Values.matlabProductionServerSettings.autoDeploy.archivesApi.size | default "4Gi" | quote }} 18 | {{ end }} 19 | -------------------------------------------------------------------------------- /releases/R2025a/matlab-prodserver/values.yaml: -------------------------------------------------------------------------------- 1 | # Values for MATLAB Production Server Helm Chart 2 | 3 | global: 4 | # MathWorks Cloud Reference Architecture License, example: "yes" (in quotes) 5 | agreeToLicense: "" 6 | # Network License Manager: server host and port number, example: 27000@hostname 7 | licenseServer: 27000@hostname 8 | # Override for a private container registry, example: cr.example.com, cr-secret 9 | images: 10 | registry: "" 11 | pullSecret: "" 12 | ingressController: 13 | enabled: false # Create 'Ingress' API object 14 | # Nginx settings (optional) 15 | name: nginx 16 | annotations: {} 17 | 18 | # Ingress host 19 | domainBase: matlabprodserver.mwcloudtest.com 20 | # Ingress https (tls termination) 21 | tls: 22 | enabled: false 23 | # Name of kubernetes.io/tls secret with certificate data 24 | secretName: "" 25 | 26 | matlabProductionServerSettings: 27 | # CTF files are placed here for automatic deployment. 28 | autoDeploy: 29 | # Enable RESTful API for management of CTF 'Deployable Archives' 30 | archivesApi: 31 | enabled: false 32 | createPVC: false 33 | storageClassName: "" 34 | accessMode: ReadWriteOnce 35 | size: "4Gi" 36 | # _OR_ 37 | # Inline mount options: hostpath, nfs, pvc, azurefileshare, empty (default) 38 | volumeType: "empty" 39 | # Node mount dir, example: /mnt/share/autodeploy 40 | hostpath: "" 41 | # ================================================================= 42 | # NFS server, example: server-sb08-nfs 43 | server: "" 44 | # NFS subpath, example: /vmgr/sandbox/share/autodeploy 45 | path: "" 46 | # ================================================================= 47 | # Persistent-Volume-Claim name, example: autodeploy-pv-claim 48 | claimName: "" 49 | # ================================================================= 50 | # Azure storage account file share name, example: auto-deploy-share 51 | shareName: "" 52 | # Azure storage account key secret name, example: azure-file-secret 53 | secretName: "" 54 | # ================================================================= 55 | # Maximum number of worker processes (per pod). 56 | numWorkers: 2 57 | # 58 | # CTF Access Control (OAuth2) 59 | # https://www.mathworks.com/help/mps/server/access_control.html 60 | # ------------------------------------------------------------- 61 | accessControl: 62 | enabled: false 63 | identityProvider: |- 64 | { 65 | "version": "1.0.0", 66 | "jwtIssuer": "URL of the authorization server that issued the JWT", 67 | "appId": "String representing the application ID of the client", 68 | "jwksUri": "URL of the authorization server public keys", 69 | "jwksStrictSSL": false, 70 | "jwksTimeOut": 120, 71 | "userAttributeName": "email", 72 | "groupAttributeName": "groups" 73 | } 74 | policyRules: |- 75 | { 76 | "version": "1.0.0", 77 | "policy" : [ 78 | { 79 | "id": "policy1", 80 | "description": "Access Control policy for MATLAB Production Server", 81 | "rule": [ 82 | { 83 | "id": "rule1", 84 | "description": "Users that can execute/modify any deployable archive", 85 | "subject": { "users": ["user1@example.com", "user2@example.com"] }, 86 | "resource": { "ctf": ["*"] }, 87 | "action": ["execute", "modify"] 88 | }, 89 | { 90 | "id": "rule2", 91 | "description": "Groups that can execute a specific deployable archive", 92 | "subject": { "groups": ["aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa"] }, 93 | "resource": { "ctf": ["myModel"] }, 94 | "action": ["execute"] 95 | } 96 | ] 97 | } 98 | ] 99 | } 100 | # ---------------------------------------------------- 101 | # Log to pod-local file-system (in addition to stdout) 102 | localFileLogging: false 103 | 104 | images: 105 | productionServer: 106 | registry: containers.mathworks.com 107 | repository: matlab-production-server 108 | tag: r2025a 109 | variant: R2025a 110 | pullPolicy: IfNotPresent 111 | pullSecret: "" 112 | 113 | matlabRuntime: 114 | registry: containers.mathworks.com 115 | repository: matlab-runtime 116 | tag: r2025a 117 | variant: R2025a 118 | pullPolicy: IfNotPresent 119 | pullSecret: "" 120 | 121 | deploymentSettings: 122 | cpuRequest: "1" 123 | memoryRequest: "2Gi" 124 | replicaCount: 1 125 | restartPolicy: Always 126 | 127 | optionalSettings: 128 | Redis: 129 | # Redis service fully qualified name, example: redis.namespace.svc.cluster.local 130 | host: "" 131 | auth: "" 132 | name: myRedis 133 | port: 6379 134 | secretName: "" 135 | secretKey: "" 136 | 137 | Prometheus: 138 | # Create a ServiceMonitor [monitoring.coreos.com/v1] for metrics discovery. 139 | # Requires Prometheus and Prometheus Operator (CRDs) to be pre-installed. 140 | enabled: false 141 | # Helm release name or app.kubernetes.io/part-of label of Prometheus stack. 142 | # ServiceMonitor needs to match on this value (if Prometheus is enabled). 143 | matchOn: prometheus 144 | -------------------------------------------------------------------------------- /values-overrides.yaml: -------------------------------------------------------------------------------- 1 | # Override Values for MATLAB Production Server Helm Chart 2 | 3 | global: 4 | # MathWorks Cloud Reference Architecture License, example: "yes" (in quotes) 5 | agreeToLicense: "" 6 | # Network License Manager: server host and port number, example: 27000@hostname 7 | licenseServer: 27000@hostname 8 | # Override for private container registry, example: my-registry.example.com 9 | images: 10 | registry: "" 11 | pullSecret: "" 12 | 13 | # Ingress settings (optional) 14 | ingressController: 15 | enabled: false # Create 'Ingress' API object 16 | name: nginx 17 | annotations: 18 | nginx.ingress.kubernetes.io/affinity: "cookie" 19 | nginx.ingress.kubernetes.io/load-balance: "round_robin" 20 | nginx.ingress.kubernetes.io/proxy-read-timeout: "300" 21 | 22 | # Ingress host 23 | domainBase: matlabprodserver.mwcloudtest.com 24 | # Ingress https (tls termination) 25 | tls: 26 | enabled: false 27 | # Name of kubernetes.io/tls secret with certificate data 28 | secretName: "" 29 | 30 | matlabProductionServerSettings: 31 | # CTF files are placed in this volume for automatic deployment. 32 | autoDeploy: 33 | # Enable RESTful API for management of CTF 'Deployable Archives' 34 | archivesApi: # Since R2025a 35 | enabled: false 36 | createPVC: false # Enable when archivesApi is enabled and dynamic 37 | # volume provisioning in enabled on K8s cluster. 38 | storageClassName: "" 39 | accessMode: ReadWriteOnce # ReadWriteMany when replicaCount > 1 40 | size: "4Gi" 41 | # _OR_ 42 | # Inline mount options: hostpath, nfs, pvc, azurefileshare, empty (default) 43 | # Note: archives API is supported with pvc and empty volume types. 44 | volumeType: "empty" 45 | # Node mount dir, example: /mnt/share/autodeploy 46 | hostpath: "" 47 | # ================================================================= 48 | # NFS server, example: server-sb08-nfs 49 | server: "" 50 | # NFS subpath, example: /vmgr/sandbox/share/autodeploy 51 | path: "" 52 | # ================================================================= 53 | # Persistent-Volume-Claim name, example: autodeploy-pv-claim 54 | # If archives API is enabled, PVC Access-Mode should be RWO or RWX. 55 | claimName: "" 56 | # ================================================================= 57 | # Azure storage account file share name, example: auto-deploy-share 58 | shareName: "" 59 | # Azure storage account key secret name, example: azure-file-secret 60 | secretName: "" 61 | # ================================================================= 62 | 63 | # CTF Access Control (OAuth2) 64 | # https://www.mathworks.com/help/mps/server/access_control.html 65 | # ------------------------------------------------------------- 66 | accessControl: # Since R2025a 67 | enabled: false 68 | # ------------------------------------------------------------- 69 | identityProvider: |- 70 | { 71 | "version": "1.0.0", 72 | "jwtIssuer": "URL of the authorization server that issued the JWT", 73 | "appId": "String representing the application ID of the client", 74 | "jwksUri": "URL of the authorization server public keys", 75 | "jwksStrictSSL": false, 76 | "jwksTimeOut": 120, 77 | "userAttributeName": "email", 78 | "groupAttributeName": "groups" 79 | } 80 | # Note: FQDNs configured in 'jwtIssuer' and 'jwksUri' above 81 | # MUST be reachable from within the K8s cluster network. 82 | # ------------------------------------------------------------- 83 | policyRules: |- 84 | { 85 | "version": "1.0.0", 86 | "policy" : [ 87 | { 88 | "id": "policy1", 89 | "description": "Access Control policy for MATLAB Production Server", 90 | "rule": [ 91 | { 92 | "id": "rule1", 93 | "description": "Users that can execute/modify any deployable archive", 94 | "subject": { "users": ["user1@example.com", "user2@example.com"] }, 95 | "resource": { "ctf": ["*"] }, 96 | "action": ["execute", "modify"] 97 | }, 98 | { 99 | "id": "rule2", 100 | "description": "Groups that can execute a specific deployable archive", 101 | "subject": { "groups": ["aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa"] }, 102 | "resource": { "ctf": ["myModel"] }, 103 | "action": ["execute"] 104 | } 105 | ] 106 | } 107 | ] 108 | } 109 | # ------------------------------------------------------------- 110 | 111 | deploymentSettings: 112 | replicaCount: 1 113 | restartPolicy: Always 114 | 115 | optionalSettings: 116 | Redis: 117 | # Redis service fully qualified name, example: redis.namespace.svc.cluster.local 118 | host: "" 119 | name: myRedis 120 | secretName: "" 121 | 122 | Prometheus: 123 | # Create a ServiceMonitor [monitoring.coreos.com/v1] for metrics discovery. 124 | # Requires Prometheus and Prometheus Operator (CRDs) to be pre-installed. 125 | enabled: false 126 | # Helm release name or app.kubernetes.io/part-of label of Prometheus stack. 127 | # ServiceMonitor needs to match on this value (if Prometheus is enabled). 128 | matchOn: prometheus 129 | --------------------------------------------------------------------------------