production: deploy a read-write indexer storage
The bulk of the diff is the new rw deployment. I checked that the postgres config is the one with the rw user, and the secret is already provisioned.
While doing that I noticed that the cassandra webapp was still using saam, so I fixed that.
The autoscaling template was eating too many spaces, so I fixed it as well.
Ref. swh/infra/sysadm-environment#5200 (closed).
helm-diff output
/swh/helm-diff.sh
[swh] Comparing changes between branches production and mr/prod-rw-indexer-storage (per environment)...
Switched to branch 'production'
Your branch is up to date with 'origin/production'.
[swh] Generate config in production branch for environment staging, namespace swh...
[swh] Generate config in production branch for environment staging, namespace swh-cassandra...
[swh] Generate config in production branch for environment staging, namespace swh-cassandra-next-version...
Switched to branch 'mr/prod-rw-indexer-storage'
[swh] Generate config in mr/prod-rw-indexer-storage branch for environment staging...
[swh] Generate config in mr/prod-rw-indexer-storage branch for environment staging...
[swh] Generate config in mr/prod-rw-indexer-storage branch for environment staging...
Switched to branch 'production'
Your branch is up to date with 'origin/production'.
[swh] Generate config in production branch for environment production, namespace swh...
[swh] Generate config in production branch for environment production, namespace swh-cassandra...
[swh] Generate config in production branch for environment production, namespace swh-cassandra-next-version...
Switched to branch 'mr/prod-rw-indexer-storage'
[swh] Generate config in mr/prod-rw-indexer-storage branch for environment production...
[swh] Generate config in mr/prod-rw-indexer-storage branch for environment production...
[swh] Generate config in mr/prod-rw-indexer-storage branch for environment production...
------------- diff for environment staging namespace swh -------------
No differences
------------- diff for environment staging namespace swh-cassandra -------------
No differences
------------- diff for environment staging namespace swh-cassandra-next-version -------------
No differences
------------- diff for environment production namespace swh -------------
--- /tmp/swh-chart.swh.dGIdBPqZ/production-swh.before 2024-01-12 19:19:05.728277341 +0100
+++ /tmp/swh-chart.swh.dGIdBPqZ/production-swh.after 2024-01-12 19:19:05.992280738 +0100
@@ -240,20 +240,32 @@
kind: ConfigMap
metadata:
namespace: swh
name: indexer-storage-read-only-configuration-template
data:
config.yml.template: |
indexer_storage:
cls: postgresql
db: host=db.internal.softwareheritage.org port=5432 user=guest dbname=softwareheritage-indexer password=${POSTGRESQL_PASSWORD}
---
+# Source: swh/templates/indexer-storage/configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ namespace: swh
+ name: indexer-storage-read-write-configuration-template
+data:
+ config.yml.template: |
+ indexer_storage:
+ cls: postgresql
+ db: host=db.internal.softwareheritage.org port=5432 user=swhstorage dbname=softwareheritage-indexer password=${POSTGRESQL_PASSWORD}
+---
# Source: swh/templates/listers/configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: lister-utils
namespace: swh
data:
pre-stop-idempotent.sh: |
#!/bin/bash
@@ -6450,20 +6462,35 @@
namespace: swh
spec:
type: ClusterIP
selector:
app: indexer-storage-read-only
ports:
- port: 5007
targetPort: 5007
name: rpc
---
+# Source: swh/templates/indexer-storage/service.yaml
+apiVersion: v1
+kind: Service
+metadata:
+ name: indexer-storage-read-write
+ namespace: swh
+spec:
+ type: ClusterIP
+ selector:
+ app: indexer-storage-read-write
+ ports:
+ - port: 5007
+ targetPort: 5007
+ name: rpc
+---
# Source: swh/templates/memcached/service.yaml
apiVersion: v1
kind: Service
metadata:
name: memcached
namespace: swh
labels:
app: memcached
chart: "swh-0.1.0"
spec:
@@ -7304,20 +7331,169 @@
path: "config.yml.template"
- name: database-utils
configMap:
name: database-utils
defaultMode: 0555
- name: config-utils
configMap:
name: config-utils
defaultMode: 0555
---
+# Source: swh/templates/indexer-storage/deployment.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ namespace: swh
+ name: indexer-storage-read-write
+ labels:
+ app: indexer-storage-read-write
+spec:
+ [...]
+---
# Source: swh/templates/listers/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: lister-bitbucket
namespace: swh
labels:
app: lister-bitbucket
spec:
revisionHistoryLimit: 2
@@ -19537,20 +19713,43 @@
minReplicas: 2
maxReplicas: 4
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 90
---
+# Source: swh/templates/indexer-storage/autoscaling.yaml
+apiVersion: autoscaling/v2
+kind: HorizontalPodAutoscaler
+metadata:
+ namespace: swh
+ name: indexer-storage-read-write
+ labels:
+ app: indexer-storage-read-write
+spec:
+ [...]
+---
# Source: swh/templates/search/rpc-autoscale.yaml
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
namespace: swh
name: search-rpc
labels:
app: search-rpc
spec:
scaleTargetRef:
@@ -20204,20 +20403,47 @@
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: indexer-storage-read-only
port:
number: 5007
---
+# Source: swh/templates/indexer-storage/ingress.yaml
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ namespace: swh
+ name: indexer-storage-read-write-ingress-default
+ [...]
+---
# Source: swh/templates/objstorage/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh
name: objstorage-read-only-ingress-default
annotations:
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,127.0.0.0/8,192.168.100.0/24,192.168.101.0/24,192.168.200.0/22
nginx.ingress.kubernetes.io/client-body-buffer-size: 128K
nginx.ingress.kubernetes.io/proxy-body-size: 4G
------------- diff for environment production namespace swh-cassandra -------------
--- /tmp/swh-chart.swh.dGIdBPqZ/production-swh-cassandra.before 2024-01-12 19:19:05.808278370 +0100
+++ /tmp/swh-chart.swh.dGIdBPqZ/production-swh-cassandra.after 2024-01-12 19:19:06.076281817 +0100
@@ -1424,21 +1424,21 @@
cls: remote
url: http://search-rpc-ingress
scheduler:
cls: remote
url: http://scheduler.internal.softwareheritage.org
vault:
cls: remote
url: http://vangogh.euwest.azure.internal.softwareheritage.org:5005/
indexer_storage:
cls: remote
- url: http://saam.internal.softwareheritage.org:5007/
+ url: http://indexer-storage-read-only-rpc-ingress
counters_backend: swh-counters
counters:
cls: remote
url: http://counters1.internal.softwareheritage.org:5011/
deposit:
private_api_url: https://deposit.softwareheritage.org/1/private/
private_api_user: ${DEPOSIT_USERNAME}
private_api_password: ${DEPOSIT_PASSWORD}
add_forge_now:
email_address: add-forge-now@archive.softwareheritage.org
@@ -4722,21 +4722,21 @@
app: web-cassandra
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 1
template:
metadata:
labels:
app: web-cassandra
annotations:
- checksum/config: 6a8a726556a51e14a94553e4bacc29eb9678155483f835fdf37e76dcbe101384
+ checksum/config: db61590218eda62741ceff615c94b360ed2bf5355b9654c238dc732503f154ce
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: swh/web
operator: In
values:
- "true"