Skip to content
Snippets Groups Projects
Verified Commit 4feaf744 authored by Antoine R. Dumont's avatar Antoine R. Dumont
Browse files

swh: Add provenance template 

Refs. swh/infra/sysadm-environment#5398
parent 8643afe9
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 320 additions and 0 deletions
swh/templates/provenance/_helper-config.yaml 0 → 100644
+ 32
0
View file @ 4feaf744
{{/*
* Create a provenance configmap for service .serviceType
*/}}
{{ define "swh.provenance.configmap" }}
{{- $graphConfigurationRef := required (print "<.configuration.graphConfigurationRef> key is mandatory" ) .configuration.graphConfigurationRef -}}
{{- $graphConfiguration := get .Values $graphConfigurationRef -}}
---
apiVersion: v1
kind: ConfigMap
metadata:
namespace: {{ .Values.namespace }}
name: {{ .serviceType }}-configuration-template
data:
config.yml.template: |
provenance:
{{- toYaml $graphConfiguration | nindent 6 -}}
{{- end -}}
{{/*
* Create a provenance gunicorn logging json config file for service
* .serviceType
*/}}
{{ define "swh.provenance.gunicorn.logging" }}
{{- $defaultLoggingConfig := .configuration.defaultLoggingConfig | default .Values.provenance.defaultLoggingConfig -}}
{{- $rpcGunicornLoggingConfig := .configuration.rpcGunicornLoggingConfig | default .Values.provenance.rpcGunicornLoggingConfig -}}
{{- include "swh.gunicorn.logging"
(dict "serviceType" .serviceType
"defaultLoggingConfig" $defaultLoggingConfig
"rpcGunicornLoggingConfig" $rpcGunicornLoggingConfig
"Values" .Values) -}}
{{- end }}
swh/templates/provenance/autoscaling.yaml 0 → 100644
+ 15
0
View file @ 4feaf744
{{ if .Values.provenance.enabled -}}
{{ range $provenanceType, $deploymentConfig := .Values.provenance.deployments }}
{{- if and (or (not (hasKey $deploymentConfig "enabled")) (get $deploymentConfig "enabled")) -}}
{{- $autoScaling := get $deploymentConfig "autoScaling" | default $.Values.provenance.autoScaling -}}
{{- if $autoScaling -}}
{{- $autoScalingType := get $autoScaling "type" | default "horizontal" -}}
{{- $autoScalerFn := eq $autoScalingType "horizontal" | ternary "swh.autoscale" "swh.keda.gunicornAutoscaler" -}}
{{- include $autoScalerFn
(dict "serviceType" ( print "provenance-" $provenanceType )
"configuration" $autoScaling
"Values" $.Values) -}}
{{ end }}
{{ end }}
{{ end }}
{{- end -}}
swh/templates/provenance/configmap.yaml 0 → 100644
+ 11
0
View file @ 4feaf744
{{ if .Values.provenance.enabled -}}
{{ range $provenanceType, $deploymentConfig := .Values.provenance.deployments }}
{{- if or (not (hasKey $deploymentConfig "enabled")) (get $deploymentConfig "enabled") -}}
{{- $argsDict := dict "serviceType" (print "provenance-" $provenanceType)
"configuration" $deploymentConfig
"Values" $.Values -}}
{{ include "swh.provenance.configmap" $argsDict }}
{{ include "swh.provenance.gunicorn.logging" $argsDict }}
{{- end -}}
{{ end -}}
{{- end -}}
swh/templates/provenance/deployment.yaml 0 → 100644
+ 186
0
View file @ 4feaf744
{{ if .Values.provenance.enabled -}}
{{- $configUtilsChecksum := include (print $.Template.BasePath "/utils/config-utils.yaml") . | sha256sum -}}
{{ range $provenanceType, $provenanceConfig := .Values.provenance.deployments }}
{{- if or (not (hasKey $provenanceConfig "enabled")) (get $provenanceConfig "enabled") -}}
{{- $serviceType := ( print "provenance-" $provenanceType ) -}}
{{- $configArgsDict := dict "serviceType" $serviceType
"configuration" $provenanceConfig
"Values" $.Values -}}
{{- $configChecksum := include "swh.provenance.configmap" $configArgsDict | sha256sum -}}
{{- $configLoggingChecksum := include "swh.provenance.gunicorn.logging" $configArgsDict | sha256sum -}}
{{- $securityContext := $provenanceConfig.securityContext | default $.Values.provenance.securityContext -}}
{{ $gunicornConfig := $provenanceConfig.gunicorn | default $.Values.provenance.gunicorn | default
(dict "workers" 2 "threads" 5 "timeout" 60 ) -}}
---
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: {{ $.Values.namespace }}
name: {{ $serviceType }}
labels:
app: {{ $serviceType }}
spec:
revisionHistoryLimit: 2
{{ if $provenanceConfig.replicas -}}
replicas: {{ $provenanceConfig.replicas }}
{{ end -}}
selector:
matchLabels:
app: {{ $serviceType }}
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 1
template:
metadata:
labels:
app: {{ $serviceType }}
annotations:
checksum/config: {{ $configChecksum }}
checksum/config-logging: {{ $configLoggingChecksum }}
checksum/config-utils: {{ $configUtilsChecksum }}
spec:
{{- if $securityContext }}
securityContext:
{{- toYaml $securityContext | nindent 8 }}
{{- end }}
{{- $nodeSelector := $provenanceConfig.nodeSelector | default $.Values.provenance.nodeSelector | default dict -}}
{{- if $nodeSelector }}
nodeSelector:
{{- toYaml $nodeSelector | nindent 8 }}
{{- end }}
{{- $affinity := $provenanceConfig.affinity | default $.Values.provenance.affinity | default dict -}}
{{- if $affinity }}
affinity:
{{- toYaml $affinity | nindent 8 }}
{{- end }}
{{- if and $.Values.podPriority.enabled $.Values.provenance.priorityClassName }}
priorityClassName: {{ $.Values.namespace }}-{{ $.Values.provenance.priorityClassName }}
{{- end }}
initContainers:
- name: prepare-configuration
image: {{ $.Values.swh_utils_image }}:{{ $.Values.swh_utils_image_version }}
imagePullPolicy: IfNotPresent
command:
- /entrypoints/prepare-configuration.sh
env: {{ include "swh.secrets.envFromDeploymentConfig" (dict "deploymentConfig" $provenanceConfig
"Values" $.Values) | nindent 10 }}
volumeMounts:
- name: configuration
mountPath: /etc/swh
- name: configuration-template
mountPath: /etc/swh/configuration-template
- name: config-utils
mountPath: /entrypoints
readOnly: true
containers:
- name: {{ $serviceType }}
resources:
requests:
memory: {{ $provenanceConfig.requestedMemory | default "512Mi" }}
cpu: {{ $provenanceConfig.requestedCpu | default "500m" }}
{{- if or $provenanceConfig.limitedMemory $provenanceConfig.limitedCpu }}
limits:
{{- if $provenanceConfig.limitedMemory }}
memory: {{ $provenanceConfig.limitedMemory }}
{{- end }}
{{- if $provenanceConfig.limitedCpu }}
cpu: {{ $provenanceConfig.limitedCpu }}
{{- end }}
{{- end }}
image: {{ $.Values.swh_provenance_image }}:{{ $.Values.swh_provenance_image_version }}
imagePullPolicy: IfNotPresent
ports:
- containerPort: {{ $provenanceConfig.port | default $.Values.provenance.port }}
name: rpc
readinessProbe:
httpGet:
path: /
port: rpc
initialDelaySeconds: 15
failureThreshold: 30
periodSeconds: 5
livenessProbe:
tcpSocket:
port: rpc
initialDelaySeconds: 10
periodSeconds: 5
command:
- /bin/bash
args:
- -c
- /opt/swh/entrypoint.sh
env:
{{ if $gunicornConfig -}}
- name: WORKERS
value: {{ $gunicornConfig.workers | quote }}
- name: THREADS
value: {{ $gunicornConfig.threads | quote }}
- name: TIMEOUT
value: {{ $gunicornConfig.timeout | quote }}
{{ end -}}
- name: STATSD_HOST
value: {{ $.Values.statsdExternalHost | default "prometheus-statsd-exporter" }}
- name: STATSD_PORT
value: {{ $.Values.statsdPort | default "9125" | quote }}
- name: STATSD_TAGS
value: deployment:{{ $serviceType }}
- name: STATSD_SERVICE_TYPE
value: {{ $serviceType }}
- name: SWH_LOG_LEVEL
value: {{ $provenanceConfig.logLevel | default $.Values.provenance.logLevel | default "INFO" | quote }}
- name: SWH_LOG_CONFIG_JSON
value: /etc/swh/logging/logging-gunicorn.json
{{- if $.Values.provenance.sentry.enabled }}
- name: SWH_SENTRY_ENVIRONMENT
value: {{ $.Values.sentry.environment }}
- name: SWH_MAIN_PACKAGE
value: swh.provenance
- name: SWH_SENTRY_DSN
valueFrom:
secretKeyRef:
name: {{ $.Values.provenance.sentry.secretKeyRef }}
key: {{ $.Values.provenance.sentry.secretKeyName }}
# 'name' secret should exist & include key
# if the setting doesn't exist, sentry pushes will be disabled
optional: true
- name: SWH_SENTRY_DISABLE_LOGGING_EVENTS
value: "true"
{{- end }}
volumeMounts:
- name: configuration
mountPath: /etc/swh
- name: configuration-logging
mountPath: /etc/swh/logging
{{- range $volumeName, $volumeConfig := $provenanceConfig.extraVolumes }}
- name: {{ $volumeName }}
mountPath: {{ $volumeConfig.mountPath }}
readOnly: {{ $volumeConfig.readOnly | default "false" }}
{{ end }}
volumes:
- name: configuration
emptyDir: {}
- name: configuration-template
configMap:
name: {{ $serviceType }}-configuration-template
items:
- key: "config.yml.template"
path: "config.yml.template"
- name: configuration-logging
configMap:
name: {{ $serviceType }}-configuration-logging
items:
- key: "logging-gunicorn.json"
path: "logging-gunicorn.json"
- name: config-utils
configMap:
name: config-utils
defaultMode: 0555
{{- range $volumeName, $volumeConfig := $provenanceConfig.extraVolumes }}
- name: {{ $volumeName }}
{{- toYaml $volumeConfig.volumeDefinition | nindent 8 }}
{{ end }}
{{ end }}
{{ end -}}
{{- end -}}
swh/templates/provenance/ingress.yaml 0 → 100644
+ 12
0
View file @ 4feaf744
{{ if .Values.provenance.enabled -}}
{{ range $provenanceType, $deploymentConfig := .Values.provenance.deployments }}
{{- if or (not (hasKey $deploymentConfig "enabled")) (get $deploymentConfig "enabled") }}
{{- if and (hasKey $deploymentConfig "ingress") $deploymentConfig.ingress.enabled -}}
{{- include "swh.ingress" (dict "serviceType" ( print "provenance-" $provenanceType )
"configuration" $deploymentConfig
"Values" $.Values) -}}
{{- end -}}
{{ end -}}
{{- end -}}
{{- end -}}
swh/templates/provenance/service.yaml 0 → 100644
+ 12
0
View file @ 4feaf744
{{ if .Values.provenance.enabled -}}
{{ range $provenanceType, $deploymentConfig := .Values.provenance.deployments }}
{{- if or (not (hasKey $deploymentConfig "enabled")) (get $deploymentConfig "enabled") -}}
{{- if not (hasKey $deploymentConfig "port") }}
{{- $deploymentConfig := set $deploymentConfig "port" $.Values.provenance.port -}}
{{- end -}}
{{- include "swh.service" (dict "serviceType" ( print "provenance-" $provenanceType )
"configuration" $deploymentConfig
"Values" $.Values) -}}
{{- end -}}
{{ end -}}
{{- end -}}
swh/values.yaml
+ 21
0
View file @ 4feaf744
......@@ -1848,3 +1848,24 @@ storage_backfiller:
# prefix: swh:1:cnt
# requestedCpu: 450m
# requestedMemory: 1200Mi
# graphConfiguration:
# graph:
# url: http://<graph-service-url>
provenance:
enabled: false
port: 5014
priorityClassName: frontend-rpc
sentry:
enabled: false
secretKeyRef: common-secrets
secretKeyName: provenance-sentry-dsn
deployments: {}
# instance:
# enabled: false
# graphConfigurationRef: graphConfiguration
# hosts: []
# ingress:
# enabled: true
# endpoints: []
swh/values/default.yaml
+ 13
0
View file @ 4feaf744
......@@ -444,3 +444,16 @@ alter:
operator: In
values:
- "true"
provenance:
sentry:
enabled: true
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: "swh/rpc"
operator: In
values:
- "true"
swh/values/local-cluster.yaml
+ 16
0
View file @ 4feaf744
......@@ -1413,3 +1413,19 @@ objstorageReplayer:
journalClientOverrides:
auto_offset_reset: earliest
batch_size: 10
fakeGraphConfiguration:
cls: graph
url: graph.i.s.o:50091
provenance:
enabled: false
deployments:
test:
enabled: true
graphConfigurationRef: fakeGraphConfiguration
replicas: 1
# gunicorn:
# workers: 4
# threads: 1
# timeout: 60
values-swh-application-versions.yaml
+ 2
0
View file @ 4feaf744
......@@ -38,6 +38,8 @@ swh_objstorage_image: container-registry.softwareheritage.org/swh/infra/swh-apps
swh_objstorage_image_version: '20240813.2'
swh_objstorage_replayer_image: container-registry.softwareheritage.org/swh/infra/swh-apps/objstorage_replayer
swh_objstorage_replayer_image_version: '20240812.3'
swh_provenance_image: container-registry.softwareheritage.org/swh/infra/swh-apps/provenance
swh_provenance_image_version: '20240830.1'
swh_scheduler_image: container-registry.softwareheritage.org/swh/infra/swh-apps/scheduler
swh_scheduler_image_version: '20240814.1'
swh_scrubber_image: container-registry.softwareheritage.org/swh/infra/swh-apps/scrubber
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment