From 6db42d9b6c66771a817f7a2b783321d12fc63ece Mon Sep 17 00:00:00 2001
From: Guillaume Samson <guillaume.samson@softwareheritage.org>
Date: Wed, 26 Apr 2023 15:23:22 +0200
Subject: [PATCH] swh/cassandra: update storage configuration
---
swh/templates/storage/configmap.yaml | 8 +++++++-
swh/templates/storage/deployment.yaml | 9 +++++++--
swh/values.yaml | 12 ++++++++++++
swh/values/production-cassandra.yaml | 9 ++-------
swh/values/staging-cassandra.yaml | 4 ++--
5 files changed, 30 insertions(+), 12 deletions(-)
diff --git a/swh/templates/storage/configmap.yaml b/swh/templates/storage/configmap.yaml
index 1c32e5440..feec9775c 100644
--- a/swh/templates/storage/configmap.yaml
+++ b/swh/templates/storage/configmap.yaml
@@ -25,5 +25,11 @@ data:
{{- end }}
{{- end }}
objstorage:
- {{- toYaml .Values.storage.objstorage | nindent 8 }}
+ cls: {{ .Values.storage.objstorageClass }}
+ {{- if eq .Values.storage.objstorageClass "filtered" }}
+ {{- toYaml .Values.storage.objstorageConfig | nindent 8 }}
+ {{- else if eq .Values.storage.objstorageClass "multiplexer" }}
+ objstorages:
+ {{ .Values.storage.objstorageConfig }}
+ {{- end }}
{{- end -}}
diff --git a/swh/templates/storage/deployment.yaml b/swh/templates/storage/deployment.yaml
index 7701ca9f3..4fca6f3e7 100644
--- a/swh/templates/storage/deployment.yaml
+++ b/swh/templates/storage/deployment.yaml
@@ -37,7 +37,7 @@ spec:
args:
- -c
- eval echo "\"$(</etc/swh/configuration-template/config.yml.template)\"" > /etc/swh/config.yml
- {{- if eq .Values.storage.storageClass "postgresql" }}
+ {{- if eq .Values.storage.storageClass "postgresql" }}
env:
- name: POSTGRESQL_PASSWORD
valueFrom:
@@ -46,7 +46,12 @@ spec:
key: {{ .Values.storage.postgresql.secretKeyName }}
# 'name' secret must exist & include that ^ key
optional: false
- {{- end }}
+ {{- end }}
+ {{- if eq .Values.storage.objstorageClass "multiplexer" }}
+ envFrom:
+ - secretRef:
+ name: swh-cassandra-objstorage-config
+ {{- end }}
volumeMounts:
- name: configuration
mountPath: /etc/swh
diff --git a/swh/values.yaml b/swh/values.yaml
index 36139cb99..aac6d1881 100644
--- a/swh/values.yaml
+++ b/swh/values.yaml
@@ -209,6 +209,18 @@ storage:
# secretKeyName: storage-postgresql-password
objstorage:
cls: noop
+ ## if objstorage configuration doesn't contains passwords or sensitive data
+ # objstorageClass: filtered
+ # objstorageConfig:
+ # storage_conf:
+ # cls: remote
+ # url: http://storage1.internal.staging.swh.network:5003/
+ # filters_conf:
+ # - type: readonly
+ ## if objstorage configuration contains passwords or sensitive data
+ ## /!\ the configmap indentation (10) had to be defined in the secret
+ # objstorageClass: multiplexer
+ # objstorageConfig: ${OBJSTORAGECONFIG}
# Deploy an ingress to access the storage
ingress:
diff --git a/swh/values/production-cassandra.yaml b/swh/values/production-cassandra.yaml
index 4ca770a93..62aff0ca7 100644
--- a/swh/values/production-cassandra.yaml
+++ b/swh/values/production-cassandra.yaml
@@ -197,13 +197,8 @@ storage:
- cassandra08.internal.softwareheritage.org
keySpace: swh
consistencyLevel: LOCAL_QUORUM
- objstorage:
- cls: filtered
- storage_conf:
- cls: remote
- url: http://objstorage.internal.softwareheritage.org:5003/
- filters_conf:
- - type: readonly
+ objstorageClass: multiplexer
+ objstorageConfig: ${OBJSTORAGECONFIG}
web:
enabled: true
diff --git a/swh/values/staging-cassandra.yaml b/swh/values/staging-cassandra.yaml
index 0f26e24ee..0985d192c 100644
--- a/swh/values/staging-cassandra.yaml
+++ b/swh/values/staging-cassandra.yaml
@@ -185,8 +185,8 @@ storage:
- cassandra3.internal.staging.swh.network
keySpace: swh
consistencyLevel: LOCAL_QUORUM
- objstorage:
- cls: filtered
+ objstorageClass: filtered
+ objstorageConfig:
storage_conf:
cls: remote
url: http://objstorage0.internal.staging.swh.network:5003/
--
GitLab