Skip to content

web: Make template multi-instance

Antoine R. Dumont requested to merge make-web-template-multi-instance into production

This makes it possible to deploy multiple webapp instances within the same namespace (using distinct backends).

It's the same configuration as before but it's declared per web instance.

This will redeploy punctually all webapps instances (rolling upgrade) as the configuration is slightly impacted due to the name changes.

make swh-helm-diff
[swh] Comparing changes between branches production and make-web-template-multi-instance (per environment)...
Your branch is ahead of 'origin/production' by 4 commits.
  (use "git push" to publish your local commits)
[swh] Generate config in production branch for environment staging, namespace swh...
[swh] Generate config in production branch for environment staging, namespace swh-cassandra...
[swh] Generate config in production branch for environment staging, namespace swh-cassandra-next-version...
[swh] Generate config in make-web-template-multi-instance branch for environment staging...
[swh] Generate config in make-web-template-multi-instance branch for environment staging...
[swh] Generate config in make-web-template-multi-instance branch for environment staging...
Your branch is ahead of 'origin/production' by 4 commits.
  (use "git push" to publish your local commits)
[swh] Generate config in production branch for environment production, namespace swh...
[swh] Generate config in production branch for environment production, namespace swh-cassandra...
[swh] Generate config in production branch for environment production, namespace swh-cassandra-next-version...
[swh] Generate config in make-web-template-multi-instance branch for environment production...
[swh] Generate config in make-web-template-multi-instance branch for environment production...
[swh] Generate config in make-web-template-multi-instance branch for environment production...


------------- diff for environment staging namespace swh -------------

--- /tmp/swh-chart.swh.kjG4RXDV/staging-swh.before      2023-12-19 16:49:50.485430285 +0100
+++ /tmp/swh-chart.swh.kjG4RXDV/staging-swh.after       2023-12-19 16:49:51.213430324 +0100
@@ -4576,21 +4576,21 @@
     if [ "$DB_VERSION" -ne "$CODE_VERSION" ]; then
       echo "code and DB versions are different. Blocking the deployment"
       exit 1
     fi
 ---
 # Source: swh/templates/web/configmap.yaml
 apiVersion: v1
 kind: ConfigMap
 metadata:
   namespace: swh
-  name: web-configuration-template
+  name: web-postgresql-configuration-template
 data:
   config.yml.template: |
     instance_name: webapp-postgresql.internal.staging.swh.network
     allowed_hosts:
       - webapp-postgresql.internal.staging.swh.network
     storage:
       cls: remote
       url: http://storage-postgresql-read-only-rpc-ingress
     search:
       cls: remote
@@ -14465,26 +14465,26 @@
     app: storage-postgresql-read-write
   ports:
     - port: 5002
       targetPort: 5002
       name: rpc
 ---
 # Source: swh/templates/web/service.yaml
 apiVersion: v1
 kind: Service
 metadata:
-  name: web
+  name: web-postgresql
   namespace: swh
 spec:
   type: ClusterIP
   selector:
-    app: web
+    app: web-postgresql
   ports:
     - port: 5004
       targetPort: 5004
       name: rpc

     - port: 80
       targetPort: 80
       name: webstatic
 ---
 # Source: swh/charts/keda/templates/manager/deployment.yaml
@@ -24232,39 +24232,39 @@
       - name: toolbox-script-utils
         configMap:
           name: toolbox-script-utils
           defaultMode: 0555
 ---
 # Source: swh/templates/web/deployment.yaml
 apiVersion: apps/v1
 kind: Deployment
 metadata:
   namespace: swh
-  name: web
+  name: web-postgresql
   labels:
-    app: web
+    app: web-postgresql
 spec:
   revisionHistoryLimit: 2
   replicas: 1
   selector:
     matchLabels:
-      app: web
+      app: web-postgresql
   strategy:
     type: RollingUpdate
     rollingUpdate:
       maxSurge: 1
   template:
     metadata:
       labels:
-        app: web
+        app: web-postgresql
       annotations:
-        checksum/config: a59de8d2746e93c1b89ec4c6e62d78db404fcb11b9d1ddf9fd6f60d7b4e72074
+        checksum/config: 175d51236f66e48fd72bc36970742b60ba02ef4ab908f0f067bcabfa126cc166
     spec:
       affinity:
         nodeAffinity:
           requiredDuringSchedulingIgnoredDuringExecution:
             nodeSelectorTerms:
             - matchExpressions:
               - key: swh/web
                 operator: In
                 values:
                 - "true"
@@ -24371,21 +24371,21 @@
           imagePullPolicy: IfNotPresent
           command:
             - /bin/bash
           args:
             - -c
             - cp -r $PWD/.local/share/swh/web/static/ /usr/share/swh/web/static/
           volumeMounts:
           - name: static
             mountPath: /usr/share/swh/web/static
       containers:
-        - name: web
+        - name: web-postgresql
           resources:
             requests:
               memory: 250Mi
               cpu: 50m
           image: container-registry.softwareheritage.org/swh/infra/swh-apps/web:20231219.2
           imagePullPolicy: IfNotPresent
           ports:
             - containerPort: 5004
               name: webapp
           readinessProbe:
@@ -24474,21 +24474,21 @@
             initialDelaySeconds: 3
             periodSeconds: 10
           volumeMounts:
             - name: static
               mountPath: /usr/share/nginx/html
       volumes:
       - name: configuration
         emptyDir: {}
       - name: configuration-template
         configMap:
-         name: web-configuration-template
+         name: web-postgresql-configuration-template
          items:
          - key: "config.yml.template"
            path: "config.yml.template"
       - name: static
         emptyDir: {}
 ---
 # Source: swh/templates/indexer-storage/autoscaling.yaml
 apiVersion: autoscaling/v2
 kind: HorizontalPodAutoscaler
 metadata:
@@ -24968,21 +24968,21 @@
           service:
             name: storage-postgresql-read-write
             port:
               number: 5002
 ---
 # Source: swh/templates/web/ingress.yaml
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   namespace: swh
-  name: web-ingress-authenticated
+  name: web-postgresql-ingress-authenticated
   annotations:
     cert-manager.io/cluster-issuer: letsencrypt-production-gandi
     kubernetes.io/ingress.class: nginx
     kubernetes.io/tls-acme: "true"
     nginx.ingress.kubernetes.io/ssl-redirect: "true"
     # type of authentication
     nginx.ingress.kubernetes.io/auth-type: basic
     # an htpasswd file in the key auth within the secret
     nginx.ingress.kubernetes.io/auth-secret-type: auth-file
     # name of the secret that contains the user/password definitions
@@ -24992,106 +24992,106 @@

 spec:
   rules:
   - host: webapp-postgresql.internal.staging.swh.network
     http:
       paths:
       - path: /api/1/provenance/
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-postgresql
             port:
               number: 5004

       - path: /api/1/entity/
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-postgresql
             port:
               number: 5004

       - path: /api/1/content/[^/]+/symbol/
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-postgresql
             port:
               number: 5004

   tls:
   - hosts:
     - webapp-postgresql.internal.staging.swh.network
     secretName: swh-web-crt
 ---
 # Source: swh/templates/web/ingress.yaml
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   namespace: swh
-  name: web-ingress-default
+  name: web-postgresql-ingress-default
   annotations:
     cert-manager.io/cluster-issuer: letsencrypt-production-gandi
     kubernetes.io/ingress.class: nginx
     kubernetes.io/tls-acme: "true"
     nginx.ingress.kubernetes.io/ssl-redirect: "true"

 spec:
   rules:
   - host: webapp-postgresql.internal.staging.swh.network
     http:
       paths:
       - path: /
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-postgresql
             port:
               number: 5004

       - path: /static
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-postgresql
             port:
               number: 80

   tls:
   - hosts:
     - webapp-postgresql.internal.staging.swh.network
     secretName: swh-web-crt
 ---
 # Source: swh/templates/web/ingress.yaml
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   namespace: swh
-  name: web-ingress-webhooks
+  name: web-postgresql-ingress-webhooks
   annotations:
     nginx.ingress.kubernetes.io/whitelist-source-range: 192.168.130.1,192.168.130.2
     cert-manager.io/cluster-issuer: letsencrypt-production-gandi
     kubernetes.io/ingress.class: nginx
     kubernetes.io/tls-acme: "true"
     nginx.ingress.kubernetes.io/ssl-redirect: "true"

 spec:
   rules:
   - host: webapp-postgresql.internal.staging.swh.network
     http:
       paths:
       - path: /save/origin/visit/webhook
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-postgresql
             port:
               number: 5004

   tls:
   - hosts:
     - webapp-postgresql.internal.staging.swh.network
     secretName: swh-web-crt
 ---
 # Source: swh/charts/keda/templates/metrics-server/apiservice.yaml
 apiVersion: apiregistration.k8s.io/v1


------------- diff for environment staging namespace swh-cassandra -------------

--- /tmp/swh-chart.swh.kjG4RXDV/staging-swh-cassandra.before    2023-12-19 16:49:50.729430298 +0100
+++ /tmp/swh-chart.swh.kjG4RXDV/staging-swh-cassandra.after     2023-12-19 16:49:51.445430337 +0100
@@ -4501,36 +4501,36 @@
       connection_string: DefaultEndpointsProtocol=https;AccountName=swhvaultstoragestaging;AccountKey=${ACCOUNT_KEY};EndpointSuffix=core.windows.net
       container_name: contents-uncompressed
     smtp:
       host: smtp.inria.fr
       port: 25
 ---
 # Source: swh/templates/web/configmap-pgservice.yaml
 apiVersion: v1
 kind: ConfigMap
 metadata:
+  name: pgservice-cassandra-configuration-template
   namespace: swh-cassandra
-  name: pgservice-configuration-template
 data:
   pg-service-conf: |
     [syncmailmaps]
     dbname=swh
     host=db1.internal.staging.swh.network
     port=5432
     user=swhmailmap
 ---
 # Source: swh/templates/web/configmap.yaml
 apiVersion: v1
 kind: ConfigMap
 metadata:
   namespace: swh-cassandra
-  name: web-configuration-template
+  name: web-cassandra-configuration-template
 data:
   config.yml.template: |
     instance_name: webapp.staging.swh.network
     allowed_hosts:
       - webapp.staging.swh.network
       - webapp-cassandra.internal.staging.swh.network
     storage:
       cls: remote
       url: http://storage-cassandra:5002
     search:
@@ -14448,26 +14448,26 @@
     app: vault-rpc
   ports:
     - port: 5005
       targetPort: 5005
       name: rpc
 ---
 # Source: swh/templates/web/service.yaml
 apiVersion: v1
 kind: Service
 metadata:
-  name: web
+  name: web-cassandra
   namespace: swh-cassandra
 spec:
   type: ClusterIP
   selector:
-    app: web
+    app: web-cassandra
   ports:
     - port: 5004
       targetPort: 5004
       name: rpc

     - port: 80
       targetPort: 80
       name: webstatic
 ---
 # Source: swh/charts/keda/templates/manager/deployment.yaml
@@ -22903,38 +22903,38 @@
           name: vault-rpc-configuration-template
           items:
           - key: "config.yml.template"
             path: "config.yml.template"
 ---
 # Source: swh/templates/web/deployment.yaml
 apiVersion: apps/v1
 kind: Deployment
 metadata:
   namespace: swh-cassandra
-  name: web
+  name: web-cassandra
   labels:
-    app: web
+    app: web-cassandra
 spec:
   revisionHistoryLimit: 2
   selector:
     matchLabels:
-      app: web
+      app: web-cassandra
   strategy:
     type: RollingUpdate
     rollingUpdate:
       maxSurge: 1
   template:
     metadata:
       labels:
-        app: web
+        app: web-cassandra
       annotations:
-        checksum/config: ac673a4a5fdd310be2aa60f8d95f8c80c68a04225dfa0a1d93f479ae3939ea56
+        checksum/config: 7a3556ea61b9d8354c27414c7bf61109f19f0de6b8bf9e240b06ff7c0707570f
     spec:
       affinity:
         nodeAffinity:
           requiredDuringSchedulingIgnoredDuringExecution:
             nodeSelectorTerms:
             - matchExpressions:
               - key: swh/web
                 operator: In
                 values:
                 - "true"
@@ -23049,21 +23049,21 @@
           imagePullPolicy: IfNotPresent
           command:
             - /bin/bash
           args:
             - -c
             - cp -r $PWD/.local/share/swh/web/static/ /usr/share/swh/web/static/
           volumeMounts:
           - name: static
             mountPath: /usr/share/swh/web/static
       containers:
-        - name: web
+        - name: web-cassandra
           resources:
             requests:
               memory: 300Mi
               cpu: 100m
           image: container-registry.softwareheritage.org/swh/infra/swh-apps/web:20231219.2
           imagePullPolicy: IfNotPresent
           ports:
             - containerPort: 5004
               name: webapp
           readinessProbe:
@@ -23152,21 +23152,21 @@
             initialDelaySeconds: 3
             periodSeconds: 10
           volumeMounts:
             - name: static
               mountPath: /usr/share/nginx/html
       volumes:
       - name: configuration
         emptyDir: {}
       - name: configuration-template
         configMap:
-         name: web-configuration-template
+         name: web-cassandra-configuration-template
          items:
          - key: "config.yml.template"
            path: "config.yml.template"
       - name: static
         emptyDir: {}
 ---
 # Source: swh/templates/webhooks/deployment.yaml
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -23386,28 +23386,28 @@
       name: cpu
       target:
         type: Utilization
         averageUtilization: 75
 ---
 # Source: swh/templates/web/autoscaling.yaml
 apiVersion: autoscaling/v2
 kind: HorizontalPodAutoscaler
 metadata:
   namespace: swh-cassandra
-  name: web
+  name: web-cassandra
   labels:
-    app: web
+    app: web-cassandra
 spec:
   scaleTargetRef:
     apiVersion: apps/v1
     kind: Deployment
-    name: web
+    name: web-cassandra
   minReplicas: 2
   maxReplicas: 4
   metrics:
   - type: Resource
     resource:
       name: cpu
       target:
         type: Utilization
         averageUtilization: 1000
 ---
@@ -23475,21 +23475,22 @@
               defaultMode: 0555
               items:
               - key: "refresh-counters-cache.sh"
                 path: "refresh-counters-cache.sh"
           restartPolicy: OnFailure
 ---
 # Source: swh/templates/web/sync-mailmaps-cronjob.yaml
 apiVersion: batch/v1
 kind: CronJob
 metadata:
-  name: sync-mailmaps-cronjob
+  name: web-cassandra-sync-mailmaps-cronjob
+  namespace: swh-cassandra
 spec:
   schedule: "15 * * * *"
   concurrencyPolicy: Forbid
   jobTemplate:
     spec:
       template:
         spec:
           affinity:
             nodeAffinity:
               requiredDuringSchedulingIgnoredDuringExecution:
@@ -23582,21 +23583,21 @@
                       # 'name' secret should exist & include key
                       # if the setting doesn't exist, sentry pushes will be disabled
                       optional: true

               volumeMounts:
               - name: configuration
                 mountPath: /etc/swh
               - name: web-configuration-template
                 mountPath: /etc/swh/configuration-template
           containers:
-            - name: sync-mailmaps
+            - name: web-cassandra-sync-mailmaps
               resources:
                 requests:
                   memory: 512Mi
                   cpu: 500m
               image: container-registry.softwareheritage.org/swh/infra/swh-apps/web:20231219.2
               command:
               - /opt/swh/entrypoint.sh
               args:
               - sync-mailmaps
               - service=syncmailmaps
@@ -23642,21 +23643,21 @@
           - name: configuration
             emptyDir: {}
           - name: web-configuration-template
             configMap:
               name: web-configuration-template
               items:
               - key: "config.yml.template"
                 path: "config.yml.template"
           - name: pgservice-configuration-template
             configMap:
-              name: pgservice-configuration-template
+              name: pgservice-cassandra-configuration-template
               items:
               - key: "pg-service-conf"
                 path: "pg_service.conf"

           restartPolicy: OnFailure
 ---
 # Source: swh/templates/counters/rpc-ingress.yaml
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
@@ -23944,21 +23945,21 @@
           service:
             name: vault-rpc
             port:
               number: 5005
 ---
 # Source: swh/templates/web/ingress.yaml
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   namespace: swh-cassandra
-  name: web-ingress-authenticated
+  name: web-cassandra-ingress-authenticated
   annotations:
     cert-manager.io/cluster-issuer: letsencrypt-production-gandi
     kubernetes.io/ingress.class: nginx
     kubernetes.io/tls-acme: "true"
     nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
     # type of authentication
     nginx.ingress.kubernetes.io/auth-type: basic
     # an htpasswd file in the key auth within the secret
     nginx.ingress.kubernetes.io/auth-secret-type: auth-file
     # name of the secret that contains the user/password definitions
@@ -23968,165 +23969,165 @@

 spec:
   rules:
   - host: webapp.staging.swh.network
     http:
       paths:
       - path: /api/1/provenance/
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-cassandra
             port:
               number: 5004

       - path: /api/1/entity/
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-cassandra
             port:
               number: 5004

       - path: /api/1/content/[^/]+/symbol/
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-cassandra
             port:
               number: 5004

   - host: webapp-cassandra.internal.staging.swh.network
     http:
       paths:
       - path: /api/1/provenance/
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-cassandra
             port:
               number: 5004

       - path: /api/1/entity/
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-cassandra
             port:
               number: 5004

       - path: /api/1/content/[^/]+/symbol/
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-cassandra
             port:
               number: 5004

   tls:
   - hosts:
     - webapp.staging.swh.network
     - webapp-cassandra.internal.staging.swh.network
     secretName: swh-web-crt
 ---
 # Source: swh/templates/web/ingress.yaml
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   namespace: swh-cassandra
-  name: web-ingress-default
+  name: web-cassandra-ingress-default
   annotations:
     cert-manager.io/cluster-issuer: letsencrypt-production-gandi
     kubernetes.io/ingress.class: nginx
     kubernetes.io/tls-acme: "true"
     nginx.ingress.kubernetes.io/force-ssl-redirect: "true"

 spec:
   rules:
   - host: webapp.staging.swh.network
     http:
       paths:
       - path: /
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-cassandra
             port:
               number: 5004

       - path: /static
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-cassandra
             port:
               number: 80

   - host: webapp-cassandra.internal.staging.swh.network
     http:
       paths:
       - path: /
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-cassandra
             port:
               number: 5004

       - path: /static
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-cassandra
             port:
               number: 80

   tls:
   - hosts:
     - webapp.staging.swh.network
     - webapp-cassandra.internal.staging.swh.network
     secretName: swh-web-crt
 ---
 # Source: swh/templates/web/ingress.yaml
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   namespace: swh-cassandra
-  name: web-ingress-webhooks
+  name: web-cassandra-ingress-webhooks
   annotations:
     nginx.ingress.kubernetes.io/whitelist-source-range: 192.168.130.1,192.168.130.2
     cert-manager.io/cluster-issuer: letsencrypt-production-gandi
     kubernetes.io/ingress.class: nginx
     kubernetes.io/tls-acme: "true"
     nginx.ingress.kubernetes.io/force-ssl-redirect: "true"

 spec:
   rules:
   - host: webapp.staging.swh.network
     http:
       paths:
       - path: /save/origin/visit/webhook
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-cassandra
             port:
               number: 5004

   - host: webapp-cassandra.internal.staging.swh.network
     http:
       paths:
       - path: /save/origin/visit/webhook
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-cassandra
             port:
               number: 5004

   tls:
   - hosts:
     - webapp.staging.swh.network
     - webapp-cassandra.internal.staging.swh.network
     secretName: swh-web-crt
 ---
 # Source: swh/charts/keda/templates/metrics-server/apiservice.yaml


------------- diff for environment staging namespace swh-cassandra-next-version -------------

--- /tmp/swh-chart.swh.kjG4RXDV/staging-swh-cassandra-next-version.before       2023-12-19 16:49:50.961430311 +0100
+++ /tmp/swh-chart.swh.kjG4RXDV/staging-swh-cassandra-next-version.after        2023-12-19 16:49:51.657430348 +0100
@@ -4029,21 +4029,21 @@
       container_name: contents-uncompressed
     smtp:
       host: smtp.inria.fr
       port: 25
 ---
 # Source: swh/templates/web/configmap.yaml
 apiVersion: v1
 kind: ConfigMap
 metadata:
   namespace: swh-cassandra-next-version
-  name: web-configuration-template
+  name: web-cassandra-configuration-template
 data:
   config.yml.template: |
     instance_name: webapp-cassandra-next-version.internal.staging.swh.network
     allowed_hosts:
       - webapp-cassandra-next-version.internal.staging.swh.network
     storage:
       cls: remote
       url: http://storage-cassandra:5002
     search:
       cls: remote
@@ -13889,26 +13889,26 @@
     app: vault-rpc
   ports:
     - port: 5005
       targetPort: 5005
       name: rpc
 ---
 # Source: swh/templates/web/service.yaml
 apiVersion: v1
 kind: Service
 metadata:
-  name: web
+  name: web-cassandra
   namespace: swh-cassandra-next-version
 spec:
   type: ClusterIP
   selector:
-    app: web
+    app: web-cassandra
   ports:
     - port: 5004
       targetPort: 5004
       name: rpc

     - port: 80
       targetPort: 80
       name: webstatic
 ---
 # Source: swh/charts/keda/templates/manager/deployment.yaml
@@ -21078,39 +21078,39 @@
           name: vault-rpc-configuration-template
           items:
           - key: "config.yml.template"
             path: "config.yml.template"
 ---
 # Source: swh/templates/web/deployment.yaml
 apiVersion: apps/v1
 kind: Deployment
 metadata:
   namespace: swh-cassandra-next-version
-  name: web
+  name: web-cassandra
   labels:
-    app: web
+    app: web-cassandra
 spec:
   revisionHistoryLimit: 2
   replicas: 1
   selector:
     matchLabels:
-      app: web
+      app: web-cassandra
   strategy:
     type: RollingUpdate
     rollingUpdate:
       maxSurge: 1
   template:
     metadata:
       labels:
-        app: web
+        app: web-cassandra
       annotations:
-        checksum/config: 1abcbbdf0d471db284dff6bef6b8999ab9a1f5ac88158401be759b6d0c2df0f0
+        checksum/config: e290ed2d3783ffd2d0d2074fde583aee97c4bf4500be3222c697c333220adef6
     spec:
       affinity:
         nodeAffinity:
           requiredDuringSchedulingIgnoredDuringExecution:
             nodeSelectorTerms:
             - matchExpressions:
               - key: swh/web
                 operator: In
                 values:
                 - "true"
@@ -21225,21 +21225,21 @@
           imagePullPolicy: IfNotPresent
           command:
             - /bin/bash
           args:
             - -c
             - cp -r $PWD/.local/share/swh/web/static/ /usr/share/swh/web/static/
           volumeMounts:
           - name: static
             mountPath: /usr/share/swh/web/static
       containers:
-        - name: web
+        - name: web-cassandra
           resources:
             requests:
               memory: 300Mi
               cpu: 100m
           image: container-registry.softwareheritage.org/swh/infra/swh-apps/web:20231219.2
           imagePullPolicy: IfNotPresent
           ports:
             - containerPort: 5004
               name: webapp
           readinessProbe:
@@ -21328,21 +21328,21 @@
             initialDelaySeconds: 3
             periodSeconds: 10
           volumeMounts:
             - name: static
               mountPath: /usr/share/nginx/html
       volumes:
       - name: configuration
         emptyDir: {}
       - name: configuration-template
         configMap:
-         name: web-configuration-template
+         name: web-cassandra-configuration-template
          items:
          - key: "config.yml.template"
            path: "config.yml.template"
       - name: static
         emptyDir: {}
 ---
 # Source: swh/templates/storage/autoscaling.yaml
 apiVersion: autoscaling/v2
 kind: HorizontalPodAutoscaler
 metadata:
@@ -21386,28 +21386,28 @@
       name: cpu
       target:
         type: Utilization
         averageUtilization: 75
 ---
 # Source: swh/templates/web/autoscaling.yaml
 apiVersion: autoscaling/v2
 kind: HorizontalPodAutoscaler
 metadata:
   namespace: swh-cassandra-next-version
-  name: web
+  name: web-cassandra
   labels:
-    app: web
+    app: web-cassandra
 spec:
   scaleTargetRef:
     apiVersion: apps/v1
     kind: Deployment
-    name: web
+    name: web-cassandra
   minReplicas: 1
   maxReplicas: 1
   metrics:
   - type: Resource
     resource:
       name: cpu
       target:
         type: Utilization
         averageUtilization: 1000
 ---
@@ -21576,21 +21576,21 @@
           service:
             name: vault-rpc
             port:
               number: 5005
 ---
 # Source: swh/templates/web/ingress.yaml
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   namespace: swh-cassandra-next-version
-  name: web-ingress-authenticated
+  name: web-cassandra-ingress-authenticated
   annotations:
     nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,192.168.101.0/24,192.168.130.0/24,192.168.50.0/24
     cert-manager.io/cluster-issuer: letsencrypt-production-gandi
     kubernetes.io/ingress.class: nginx
     kubernetes.io/tls-acme: "true"
     nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
     # type of authentication
     nginx.ingress.kubernetes.io/auth-type: basic
     # an htpasswd file in the key auth within the secret
     nginx.ingress.kubernetes.io/auth-secret-type: auth-file
@@ -21601,107 +21601,107 @@

 spec:
   rules:
   - host: webapp-cassandra-next-version.internal.staging.swh.network
     http:
       paths:
       - path: /api/1/provenance/
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-cassandra
             port:
               number: 5004

       - path: /api/1/entity/
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-cassandra
             port:
               number: 5004

       - path: /api/1/content/[^/]+/symbol/
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-cassandra
             port:
               number: 5004

   tls:
   - hosts:
     - webapp-cassandra-next-version.internal.staging.swh.network
     secretName: swh-web-crt
 ---
 # Source: swh/templates/web/ingress.yaml
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   namespace: swh-cassandra-next-version
-  name: web-ingress-default
+  name: web-cassandra-ingress-default
   annotations:
     nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,192.168.101.0/24,192.168.130.0/24,192.168.50.0/24
     cert-manager.io/cluster-issuer: letsencrypt-production-gandi
     kubernetes.io/ingress.class: nginx
     kubernetes.io/tls-acme: "true"
     nginx.ingress.kubernetes.io/force-ssl-redirect: "true"

 spec:
   rules:
   - host: webapp-cassandra-next-version.internal.staging.swh.network
     http:
       paths:
       - path: /
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-cassandra
             port:
               number: 5004

       - path: /static
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-cassandra
             port:
               number: 80

   tls:
   - hosts:
     - webapp-cassandra-next-version.internal.staging.swh.network
     secretName: swh-web-crt
 ---
 # Source: swh/templates/web/ingress.yaml
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   namespace: swh-cassandra-next-version
-  name: web-ingress-webhooks
+  name: web-cassandra-ingress-webhooks
   annotations:
     nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,192.168.130.0/24,192.168.130.1,192.168.130.2,192.168.50.0/24
     cert-manager.io/cluster-issuer: letsencrypt-production-gandi
     kubernetes.io/ingress.class: nginx
     kubernetes.io/tls-acme: "true"
     nginx.ingress.kubernetes.io/force-ssl-redirect: "true"

 spec:
   rules:
   - host: webapp-cassandra-next-version.internal.staging.swh.network
     http:
       paths:
       - path: /save/origin/visit/webhook
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-cassandra
             port:
               number: 5004

   tls:
   - hosts:
     - webapp-cassandra-next-version.internal.staging.swh.network
     secretName: swh-web-crt
 ---
 # Source: swh/charts/keda/templates/metrics-server/apiservice.yaml
 apiVersion: apiregistration.k8s.io/v1


------------- diff for environment production namespace swh -------------

--- /tmp/swh-chart.swh.kjG4RXDV/production-swh.before   2023-12-19 16:49:51.945430363 +0100
+++ /tmp/swh-chart.swh.kjG4RXDV/production-swh.after    2023-12-19 16:49:52.413430388 +0100
@@ -6021,36 +6021,36 @@

     if [ "$DB_VERSION" -ne "$CODE_VERSION" ]; then
       echo "code and DB versions are different. Blocking the deployment"
       exit 1
     fi
 ---
 # Source: swh/templates/web/configmap-pgservice.yaml
 apiVersion: v1
 kind: ConfigMap
 metadata:
+  name: pgservice-app1-configuration-template
   namespace: swh
-  name: pgservice-configuration-template
 data:
   pg-service-conf: |
     [syncmailmaps]
     dbname=softwareheritage
     host=db.internal.softwareheritage.org
     port=5432
     user=swhmailmap
 ---
 # Source: swh/templates/web/configmap.yaml
 apiVersion: v1
 kind: ConfigMap
 metadata:
   namespace: swh
-  name: web-configuration-template
+  name: web-app1-configuration-template
 data:
   config.yml.template: |
     instance_name: webapp1.internal.softwareheritage.org
     allowed_hosts:
       - webapp1.internal.softwareheritage.org
       - archive.softwareheritage.org
       - base.softwareheritage.org
       - archive.internal.softwareheritage.org
     production_server_names:
       - webapp1.internal.softwareheritage.org
@@ -15925,26 +15925,26 @@
     app: storage-postgresql-azure-readonly
   ports:
     - port: 5002
       targetPort: 5002
       name: rpc
 ---
 # Source: swh/templates/web/service.yaml
 apiVersion: v1
 kind: Service
 metadata:
-  name: web
+  name: web-app1
   namespace: swh
 spec:
   type: ClusterIP
   selector:
-    app: web
+    app: web-app1
   ports:
     - port: 5004
       targetPort: 5004
       name: rpc

     - port: 80
       targetPort: 80
       name: webstatic
 ---
 # Source: swh/charts/keda/templates/manager/deployment.yaml
@@ -28118,39 +28118,39 @@
       - name: toolbox-script-utils
         configMap:
           name: toolbox-script-utils
           defaultMode: 0555
 ---
 # Source: swh/templates/web/deployment.yaml
 apiVersion: apps/v1
 kind: Deployment
 metadata:
   namespace: swh
-  name: web
+  name: web-app1
   labels:
-    app: web
+    app: web-app1
 spec:
   revisionHistoryLimit: 2
   replicas: 2
   selector:
     matchLabels:
-      app: web
+      app: web-app1
   strategy:
     type: RollingUpdate
     rollingUpdate:
       maxSurge: 1
   template:
     metadata:
       labels:
-        app: web
+        app: web-app1
       annotations:
-        checksum/config: d4cf1f97c6c8a8c0d6c9089922dde9bbc2b41ca4deb3c8b78f3dfd9fdb06dc8a
+        checksum/config: 536bfaa6388bc4065404f754d9d4be653e9e4ea8972dc5485438352f950f481f
     spec:
       affinity:
         nodeAffinity:
           requiredDuringSchedulingIgnoredDuringExecution:
             nodeSelectorTerms:
             - matchExpressions:
               - key: swh/web
                 operator: In
                 values:
                 - "true"
@@ -28250,21 +28250,21 @@
           imagePullPolicy: IfNotPresent
           command:
             - /bin/bash
           args:
             - -c
             - cp -r $PWD/.local/share/swh/web/static/ /usr/share/swh/web/static/
           volumeMounts:
           - name: static
             mountPath: /usr/share/swh/web/static
       containers:
-        - name: web
+        - name: web-app1
           resources:
             requests:
               memory: 1024Mi
               cpu: 500m
           image: container-registry.softwareheritage.org/swh/infra/swh-apps/web:20231219.2
           imagePullPolicy: IfNotPresent
           ports:
             - containerPort: 5004
               name: webapp
           readinessProbe:
@@ -28325,21 +28325,21 @@
                   # 'name' secret must exist & include that ^ key
                   optional: false

           volumeMounts:
           - name: configuration
             mountPath: /etc/swh
             readOnly: true
         - name: nginx
           resources:
             requests:
-              memory: 90Mi
+              memory: 50Mi
               cpu: 10m
           image: nginx:bullseye
           imagePullPolicy: IfNotPresent
           ports:
             - containerPort: 80
               name: webstatic
           readinessProbe:
             httpGet:
               path: static/robots.txt
               port: webstatic
@@ -28353,21 +28353,21 @@
             initialDelaySeconds: 3
             periodSeconds: 10
           volumeMounts:
             - name: static
               mountPath: /usr/share/nginx/html
       volumes:
       - name: configuration
         emptyDir: {}
       - name: configuration-template
         configMap:
-         name: web-configuration-template
+         name: web-app1-configuration-template
          items:
          - key: "config.yml.template"
            path: "config.yml.template"
       - name: static
         emptyDir: {}
 ---
 # Source: swh/templates/indexer-storage/autoscaling.yaml
 apiVersion: autoscaling/v2
 kind: HorizontalPodAutoscaler
 metadata:
@@ -28538,21 +28538,22 @@
               name: scheduler-update-metrics-configuration-template
               items:
               - key: "config.yml.template"
                 path: "config.yml.template"
           restartPolicy: OnFailure
 ---
 # Source: swh/templates/web/refresh-savecodenow-statuses-cronjob.yaml
 apiVersion: batch/v1
 kind: CronJob
 metadata:
-  name: refresh-savecodenow-statuses-cronjob
+  name: web-app1-refresh-savecodenow-statuses-cronjob
+  namespace: swh
 spec:
   schedule: "*/2 * * * *"
   concurrencyPolicy: Forbid
   jobTemplate:
     spec:
       template:
         spec:
           affinity:
             nodeAffinity:
               requiredDuringSchedulingIgnoredDuringExecution:
@@ -28631,21 +28632,21 @@
                       # 'name' secret should exist & include key
                       # if the setting doesn't exist, sentry pushes will be disabled
                       optional: true

               volumeMounts:
               - name: configuration
                 mountPath: /etc/swh
               - name: web-configuration-template
                 mountPath: /etc/swh/configuration-template
           containers:
-            - name: refresh-savecodenow-statuses
+            - name: web-app1-refresh-savecodenow-statuses
               resources:
                 requests:
                   memory: 512Mi
                   cpu: 500m
               image: container-registry.softwareheritage.org/swh/infra/swh-apps/web:20231219.2
               command:
               - /opt/swh/entrypoint.sh
               args:
               - refresh
               env:
@@ -28682,21 +28683,22 @@
               name: web-configuration-template
               items:
               - key: "config.yml.template"
                 path: "config.yml.template"
           restartPolicy: OnFailure
 ---
 # Source: swh/templates/web/sync-mailmaps-cronjob.yaml
 apiVersion: batch/v1
 kind: CronJob
 metadata:
-  name: sync-mailmaps-cronjob
+  name: web-app1-sync-mailmaps-cronjob
+  namespace: swh
 spec:
   schedule: "15 * * * *"
   concurrencyPolicy: Forbid
   jobTemplate:
     spec:
       template:
         spec:
           affinity:
             nodeAffinity:
               requiredDuringSchedulingIgnoredDuringExecution:
@@ -28789,21 +28791,21 @@
                       # 'name' secret should exist & include key
                       # if the setting doesn't exist, sentry pushes will be disabled
                       optional: true

               volumeMounts:
               - name: configuration
                 mountPath: /etc/swh
               - name: web-configuration-template
                 mountPath: /etc/swh/configuration-template
           containers:
-            - name: sync-mailmaps
+            - name: web-app1-sync-mailmaps
               resources:
                 requests:
                   memory: 512Mi
                   cpu: 500m
               image: container-registry.softwareheritage.org/swh/infra/swh-apps/web:20231219.2
               command:
               - /opt/swh/entrypoint.sh
               args:
               - sync-mailmaps
               - service=syncmailmaps
@@ -28849,21 +28851,21 @@
           - name: configuration
             emptyDir: {}
           - name: web-configuration-template
             configMap:
               name: web-configuration-template
               items:
               - key: "config.yml.template"
                 path: "config.yml.template"
           - name: pgservice-configuration-template
             configMap:
-              name: pgservice-configuration-template
+              name: pgservice-app1-configuration-template
               items:
               - key: "pg-service-conf"
                 path: "pg_service.conf"

           restartPolicy: OnFailure
 ---
 # Source: swh/templates/graphql/ingress.yaml
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
@@ -29075,21 +29077,21 @@
           service:
             name: storage-postgresql-azure-readonly
             port:
               number: 5002
 ---
 # Source: swh/templates/web/ingress.yaml
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   namespace: swh
-  name: web-ingress-authenticated
+  name: web-app1-ingress-authenticated
   annotations:
     cert-manager.io/cluster-issuer: letsencrypt-production-gandi
     kubernetes.io/ingress.class: nginx
     kubernetes.io/tls-acme: "true"
     nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
     # type of authentication
     nginx.ingress.kubernetes.io/auth-type: basic
     # an htpasswd file in the key auth within the secret
     nginx.ingress.kubernetes.io/auth-secret-type: auth-file
     # name of the secret that contains the user/password definitions
@@ -29099,216 +29101,216 @@

 spec:
   rules:
   - host: webapp1.internal.softwareheritage.org
     http:
       paths:
       - path: /api/1/provenance/
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-app1
             port:
               number: 5004

       - path: /api/1/entity/
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-app1
             port:
               number: 5004

       - path: /api/1/content/[^/]+/symbol/
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-app1
             port:
               number: 5004

   - host: archive.softwareheritage.org
     http:
       paths:
       - path: /api/1/provenance/
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-app1
             port:
               number: 5004

       - path: /api/1/entity/
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-app1
             port:
               number: 5004

       - path: /api/1/content/[^/]+/symbol/
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-app1
             port:
               number: 5004

   - host: base.softwareheritage.org
     http:
       paths:
       - path: /api/1/provenance/
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-app1
             port:
               number: 5004

       - path: /api/1/entity/
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-app1
             port:
               number: 5004

       - path: /api/1/content/[^/]+/symbol/
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-app1
             port:
               number: 5004

   - host: archive.internal.softwareheritage.org
     http:
       paths:
       - path: /api/1/provenance/
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-app1
             port:
               number: 5004

       - path: /api/1/entity/
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-app1
             port:
               number: 5004

       - path: /api/1/content/[^/]+/symbol/
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-app1
             port:
               number: 5004

   tls:
   - hosts:
     - webapp1.internal.softwareheritage.org
     - archive.softwareheritage.org
     - base.softwareheritage.org
     - archive.internal.softwareheritage.org
     secretName: swh-web-crt
 ---
 # Source: swh/templates/web/ingress.yaml
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   namespace: swh
-  name: web-ingress-default
+  name: web-app1-ingress-default
   annotations:
     cert-manager.io/cluster-issuer: letsencrypt-production-gandi
     kubernetes.io/ingress.class: nginx
     kubernetes.io/tls-acme: "true"
     nginx.ingress.kubernetes.io/force-ssl-redirect: "true"

 spec:
   rules:
   - host: webapp1.internal.softwareheritage.org
     http:
       paths:
       - path: /
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-app1
             port:
               number: 5004

       - path: /static
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-app1
             port:
               number: 80

   - host: archive.softwareheritage.org
     http:
       paths:
       - path: /
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-app1
             port:
               number: 5004

       - path: /static
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-app1
             port:
               number: 80

   - host: base.softwareheritage.org
     http:
       paths:
       - path: /
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-app1
             port:
               number: 5004

       - path: /static
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-app1
             port:
               number: 80

   - host: archive.internal.softwareheritage.org
     http:
       paths:
       - path: /
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-app1
             port:
               number: 5004

       - path: /static
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-app1
             port:
               number: 80

   tls:
   - hosts:
     - webapp1.internal.softwareheritage.org
     - archive.softwareheritage.org
     - base.softwareheritage.org
     - archive.internal.softwareheritage.org
     secretName: swh-web-crt


------------- diff for environment production namespace swh-cassandra -------------

--- /tmp/swh-chart.swh.kjG4RXDV/production-swh-cassandra.before 2023-12-19 16:49:52.109430372 +0100
+++ /tmp/swh-chart.swh.kjG4RXDV/production-swh-cassandra.after  2023-12-19 16:49:52.585430397 +0100
@@ -1408,21 +1408,21 @@
     if [ "$DB_VERSION" -ne "$CODE_VERSION" ]; then
       echo "code and DB versions are different. Blocking the deployment"
       exit 1
     fi
 ---
 # Source: swh/templates/web/configmap.yaml
 apiVersion: v1
 kind: ConfigMap
 metadata:
   namespace: swh-cassandra
-  name: web-configuration-template
+  name: web-cassandra-configuration-template
 data:
   config.yml.template: |
     instance_name: webapp-cassandra.internal.softwareheritage.org
     allowed_hosts:
       - webapp-cassandra.internal.softwareheritage.org
     production_server_names:
       - webapp-cassandra.internal.softwareheritage.org
     storage:
       cls: remote
       url: http://storage-cassandra:5002
@@ -11213,26 +11213,26 @@
     app: storage-cassandra
   ports:
     - port: 5002
       targetPort: 5002
       name: rpc
 ---
 # Source: swh/templates/web/service.yaml
 apiVersion: v1
 kind: Service
 metadata:
-  name: web
+  name: web-cassandra
   namespace: swh-cassandra
 spec:
   type: ClusterIP
   selector:
-    app: web
+    app: web-cassandra
   ports:
     - port: 5004
       targetPort: 5004
       name: rpc

     - port: 80
       targetPort: 80
       name: webstatic
 ---
 # Source: swh/charts/keda/templates/manager/deployment.yaml
@@ -14224,38 +14224,38 @@
       - name: toolbox-script-utils
         configMap:
           name: toolbox-script-utils
           defaultMode: 0555
 ---
 # Source: swh/templates/web/deployment.yaml
 apiVersion: apps/v1
 kind: Deployment
 metadata:
   namespace: swh-cassandra
-  name: web
+  name: web-cassandra
   labels:
-    app: web
+    app: web-cassandra
 spec:
   revisionHistoryLimit: 2
   selector:
     matchLabels:
-      app: web
+      app: web-cassandra
   strategy:
     type: RollingUpdate
     rollingUpdate:
       maxSurge: 1
   template:
     metadata:
       labels:
-        app: web
+        app: web-cassandra
       annotations:
-        checksum/config: d2ed09bc34e02ac042227c2b6e99274ce60ddf21fc56f97625fc7c9bc89e6618
+        checksum/config: b9c1509e629cba96c7e50ba5361ebb165ef17eb0728fe31b4091c7048828e02f
     spec:
       affinity:
         nodeAffinity:
           requiredDuringSchedulingIgnoredDuringExecution:
             nodeSelectorTerms:
             - matchExpressions:
               - key: swh/web
                 operator: In
                 values:
                 - "true"
@@ -14355,21 +14355,21 @@
           imagePullPolicy: IfNotPresent
           command:
             - /bin/bash
           args:
             - -c
             - cp -r $PWD/.local/share/swh/web/static/ /usr/share/swh/web/static/
           volumeMounts:
           - name: static
             mountPath: /usr/share/swh/web/static
       containers:
-        - name: web
+        - name: web-cassandra
           resources:
             requests:
               memory: 500Mi
               cpu: 500m
           image: container-registry.softwareheritage.org/swh/infra/swh-apps/web:20231219.2
           imagePullPolicy: IfNotPresent
           ports:
             - containerPort: 5004
               name: webapp
           readinessProbe:
@@ -14430,21 +14430,21 @@
                   # 'name' secret must exist & include that ^ key
                   optional: false

           volumeMounts:
           - name: configuration
             mountPath: /etc/swh
             readOnly: true
         - name: nginx
           resources:
             requests:
-              memory: 90Mi
+              memory: 50Mi
               cpu: 10m
           image: nginx:bullseye
           imagePullPolicy: IfNotPresent
           ports:
             - containerPort: 80
               name: webstatic
           readinessProbe:
             httpGet:
               path: static/robots.txt
               port: webstatic
@@ -14458,40 +14458,40 @@
             initialDelaySeconds: 3
             periodSeconds: 10
           volumeMounts:
             - name: static
               mountPath: /usr/share/nginx/html
       volumes:
       - name: configuration
         emptyDir: {}
       - name: configuration-template
         configMap:
-         name: web-configuration-template
+         name: web-cassandra-configuration-template
          items:
          - key: "config.yml.template"
            path: "config.yml.template"
       - name: static
         emptyDir: {}
 ---
 # Source: swh/templates/web/autoscaling.yaml
 apiVersion: autoscaling/v2
 kind: HorizontalPodAutoscaler
 metadata:
   namespace: swh-cassandra
-  name: web
+  name: web-cassandra
   labels:
-    app: web
+    app: web-cassandra
 spec:
   scaleTargetRef:
     apiVersion: apps/v1
     kind: Deployment
-    name: web
+    name: web-cassandra
   minReplicas: 2
   maxReplicas: 4
   metrics:
   - type: Resource
     resource:
       name: cpu
       target:
         type: Utilization
         averageUtilization: 50
 ---
@@ -14516,46 +14516,46 @@
           service:
             name: graphql-cassandra
             port:
               number: 5013
 ---
 # Source: swh/templates/web/ingress.yaml
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   namespace: swh-cassandra
-  name: web-ingress-default
+  name: web-cassandra-ingress-default
   annotations:
     nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,127.0.0.0/8,192.168.100.0/24,192.168.101.0/24,192.168.200.0/22,192.168.50.0/24
     cert-manager.io/cluster-issuer: letsencrypt-production-gandi
     kubernetes.io/ingress.class: nginx
     kubernetes.io/tls-acme: "true"
     nginx.ingress.kubernetes.io/force-ssl-redirect: "true"

 spec:
   rules:
   - host: webapp-cassandra.internal.softwareheritage.org
     http:
       paths:
       - path: /
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-cassandra
             port:
               number: 5004

       - path: /static
         pathType: Prefix
         backend:
           service:
-            name: web
+            name: web-cassandra
             port:
               number: 80

   tls:
   - hosts:
     - webapp-cassandra.internal.softwareheritage.org
     secretName: swh-web-crt
 ---
 # Source: swh/charts/keda/templates/metrics-server/apiservice.yaml
 apiVersion: apiregistration.k8s.io/v1

Refs. swh/infra/sysadm-environment#5183 (closed)

Refs. swh/infra/sysadm-environment#5194 (closed)

Edited by Antoine R. Dumont

Merge request reports

Loading