From 3f5fce18055acc2b86f88c37d28e56ac8968c4f6 Mon Sep 17 00:00:00 2001
From: "Antoine R. Dumont (@ardumont)" <ardumont@softwareheritage.org>
Date: Wed, 13 Dec 2023 14:44:53 +0100
Subject: [PATCH] production: Deploy indexer-storage-rpc read-only

This also allows to not have any journal writer configuration (since we can use the
indexer storage as a read-only instance only).

Refs. swh/infra/sysadm-environment#5183
---
 .../indexer-storage/_helper_configmap.yaml    |  2 ++
 swh/values/minikube.yaml                      | 25 ++++++++++++++++---
 swh/values/production/default.yaml            |  3 +++
 swh/values/production/swh.yaml                | 22 ++++++++++++----
 4 files changed, 44 insertions(+), 8 deletions(-)

diff --git a/swh/templates/indexer-storage/_helper_configmap.yaml b/swh/templates/indexer-storage/_helper_configmap.yaml
index 8f6b68f72..d698c04c4 100644
--- a/swh/templates/indexer-storage/_helper_configmap.yaml
+++ b/swh/templates/indexer-storage/_helper_configmap.yaml
@@ -14,7 +14,9 @@ data:
                                        "configurationRef" .configuration.indexerStorageConfigurationRef
                                        "Values" .Values) | nindent 4 -}}
 
+    {{- if .configuration.journalWriterConfigurationRef }}
     {{- include "swh.journal.configuration" (dict "serviceType" "journal_writer"
                                                   "configurationRef" .configuration.journalWriterConfigurationRef
                                                   "Values" .Values) | nindent 4 -}}
+    {{ end }}
 {{- end -}}
diff --git a/swh/values/minikube.yaml b/swh/values/minikube.yaml
index b74eda04a..60c02f915 100644
--- a/swh/values/minikube.yaml
+++ b/swh/values/minikube.yaml
@@ -753,12 +753,31 @@ indexerStorage:
       indexerStorageConfigurationRef: fakePostgresqlIndexerStorageConfiguration
       journalWriterConfigurationRef: indexerJournalWriterConfiguration
       hosts:
-        - indexer-storage.i.s.s.n
+        - indexer-storage-read-write.i.s.s.n
       ingress:
         enabled: true
+        endpoints:
+          default:
+            paths:
+              - path: /
+      gunicorn:
+        threads: 1
+        workers: 2
+    read-only:
+      checkDbVersion: false
+      replicas: 1
+      indexerStorageConfigurationRef: fakePostgresqlIndexerStorageConfiguration
+      hosts:
+        - indexer-storage-read-only.i.s.s.n
+      ingress:
+        enabled: true
+        endpoints:
+          default:
+            paths:
+              - path: /
       gunicorn:
-        threads: 2
-        workers: 4
+        threads: 1
+        workers: 2
 
 defaultElasticsearchHosts:
   - host: search-esnode0.i.s.s.n
diff --git a/swh/values/production/default.yaml b/swh/values/production/default.yaml
index 08d140198..3581c29ac 100644
--- a/swh/values/production/default.yaml
+++ b/swh/values/production/default.yaml
@@ -384,3 +384,6 @@ externalServices:
     search:
       internalName: search-rpc-ingress
       target: archive-production-rke2-ingress-nginx-controller.ingress-nginx.svc.cluster.local
+    indexer-storage-read-only:
+      internalName: indexer-storage-read-only
+      target: archive-production-rke2-ingress-nginx-controller.ingress-nginx.svc.cluster.local
diff --git a/swh/values/production/swh.yaml b/swh/values/production/swh.yaml
index 09a05a03e..4221884ac 100644
--- a/swh/values/production/swh.yaml
+++ b/swh/values/production/swh.yaml
@@ -30,6 +30,18 @@ postgresqlROStorageConfiguration:
       secretKeyRef: swh-storage-postgresql-common-secret
       secretKeyName: postgres-guest-password
 
+postgresqlReadOnlyIndexerStorageConfiguration:
+  cls: postgresql
+  host: db.internal.softwareheritage.org
+  db: softwareheritage-indexer
+  port: 5432
+  user: guest
+  pass: ${POSTGRESQL_PASSWORD}
+  secrets:
+    POSTGRESQL_PASSWORD:
+      secretKeyRef: swh-indexer-storage-postgresql-secret
+      secretKeyName: postgres-guest-password
+
 readOnlyStorageConfiguration:
   pipelineStepsRef: readOnlyStoragePipelineSteps
   storageConfigurationRef: postgresqlROStorageConfiguration
@@ -687,9 +699,10 @@ toolbox:
       indexerDbConfigurationRef: postgresqlIndexerStorageConfiguration
 
 indexerStorage:
-  enabled: false
+  enabled: true
+  logLevel: INFO
   deployments:
-    read-write:
+    read-only:
       checkDbVersion: true
       autoScaling:
         minReplicaCount: 2
@@ -697,10 +710,9 @@ indexerStorage:
         cpuPercentageUsage: 90
       requestedCpu: 500m
       requestedMemory: 512Mi
-      indexerStorageConfigurationRef: postgresqlIndexerStorageConfiguration
-      journalWriterConfigurationRef: journalWriterConfiguration
+      indexerStorageConfigurationRef: postgresqlReadOnlyIndexerStorageConfiguration
       hosts:
-        - saam.internal.softwareheritage.org
+        - indexer-storage-read-only
       ingress:
         enabled: true
       gunicorn:
-- 
GitLab