production/vault: Deploy cookers in dynamic infrastructure
This deploys extra cookers instance in the dynamic infrastructure. Next will be to migrate those cookers to use the new vault instance introduced in the previous mr [1]
More cookers of type cook-vault-bundle since only this instance ran last year [2] I've kept the other one with lower configuration in case it's triggered somehow.
Another commit extract an helper function to simplify celery autoscaler configuration (and drop duplication between templates). This aligns the behavior of the loader to not downscale to 0 if the autoScaling.stopWhenNoActivity is set to false. Which fixes the staging cookers instance (according to its current setup, it was not yet effective).
make swh-helm-diff
[swh] Comparing changes between branches production and deploy-vault-workload (per environment)...
Your branch is up to date with 'origin/production'.
[swh] Generate config in production branch for environment staging, namespace swh...
[swh] Generate config in production branch for environment staging, namespace swh-cassandra...
[swh] Generate config in production branch for environment staging, namespace swh-cassandra-next-version...
[swh] Generate config in deploy-vault-workload branch for environment staging...
[swh] Generate config in deploy-vault-workload branch for environment staging...
[swh] Generate config in deploy-vault-workload branch for environment staging...
Your branch is up to date with 'origin/production'.
[swh] Generate config in production branch for environment production, namespace swh...
[swh] Generate config in production branch for environment production, namespace swh-cassandra...
[swh] Generate config in production branch for environment production, namespace swh-cassandra-next-version...
[swh] Generate config in deploy-vault-workload branch for environment production...
[swh] Generate config in deploy-vault-workload branch for environment production...
[swh] Generate config in deploy-vault-workload branch for environment production...
------------- diff for environment staging namespace swh -------------
No differences
------------- diff for environment staging namespace swh-cassandra -------------
--- /tmp/swh-chart.swh.8UmZiMKX/staging-swh-cassandra.before 2024-01-17 12:21:05.526845252 +0100
+++ /tmp/swh-chart.swh.8UmZiMKX/staging-swh-cassandra.after 2024-01-17 12:21:06.166844627 +0100
@@ -14821,20 +14821,21 @@
values:
- "true"
priorityClassName: swh-cassandra-normal-workload
terminationGracePeriodSeconds: 3600
initContainers:
- name: prepare-configuration
image: debian:bullseye
imagePullPolicy: IfNotPresent
env:
+
- name: AMQP_PASSWORD
valueFrom:
secretKeyRef:
name: amqp-secrets
key: swhconsumer-password
# 'name' secret must exist & include that ^ key
optional: false
command:
- /entrypoint.sh
@@ -14964,20 +14965,21 @@
values:
- "true"
priorityClassName: swh-cassandra-normal-workload
terminationGracePeriodSeconds: 3600
initContainers:
- name: prepare-configuration
image: debian:bullseye
imagePullPolicy: IfNotPresent
env:
+
- name: AMQP_PASSWORD
valueFrom:
secretKeyRef:
name: amqp-secrets
key: swhconsumer-password
# 'name' secret must exist & include that ^ key
optional: false
command:
- /entrypoint.sh
@@ -24036,22 +24038,20 @@
spec:
scaleTargetRef:
apiVersion: apps/v1 # Optional. Default: apps/v1
kind: Deployment # Optional. Default: Deployment
# Mandatory. Must be in same namespace as ScaledObject
name: cooker-batch
# envSourceContainerName: {container-name} # Optional. Default:
# .spec.template.spec.containers[0]
pollingInterval: 30 # Optional. Default: 30 seconds
cooldownPeriod: 3600 # Optional. Default: 300 seconds
- idleReplicaCount: 0 # Optional. Must be less than
- # minReplicaCount
minReplicaCount: 1
maxReplicaCount: 2
triggers:
- type: rabbitmq
authenticationRef:
name: amqp-authentication-cooker-batch
metadata:
protocol: auto # Optional. Specifies protocol to use,
# either amqp or http, or auto to
# autodetect based on the `host` value.
@@ -24076,22 +24076,20 @@
spec:
scaleTargetRef:
apiVersion: apps/v1 # Optional. Default: apps/v1
kind: Deployment # Optional. Default: Deployment
# Mandatory. Must be in same namespace as ScaledObject
name: cooker-simple
# envSourceContainerName: {container-name} # Optional. Default:
# .spec.template.spec.containers[0]
pollingInterval: 30 # Optional. Default: 30 seconds
cooldownPeriod: 3600 # Optional. Default: 300 seconds
- idleReplicaCount: 0 # Optional. Must be less than
- # minReplicaCount
minReplicaCount: 1
maxReplicaCount: 2
triggers:
- type: rabbitmq
authenticationRef:
name: amqp-authentication-cooker-simple
metadata:
protocol: auto # Optional. Specifies protocol to use,
# either amqp or http, or auto to
# autodetect based on the `host` value.
------------- diff for environment staging namespace swh-cassandra-next-version -------------
--- /tmp/swh-chart.swh.8UmZiMKX/staging-swh-cassandra-next-version.before 2024-01-17 12:21:05.722845061 +0100
+++ /tmp/swh-chart.swh.8UmZiMKX/staging-swh-cassandra-next-version.after 2024-01-17 12:21:06.362844435 +0100
@@ -14287,20 +14287,21 @@
values:
- "true"
priorityClassName: swh-cassandra-next-version-normal-workload
terminationGracePeriodSeconds: 3600
initContainers:
- name: prepare-configuration
image: debian:bullseye
imagePullPolicy: IfNotPresent
env:
+
- name: AMQP_PASSWORD
valueFrom:
secretKeyRef:
name: amqp-secrets
key: swhconsumer-password
# 'name' secret must exist & include that ^ key
optional: false
command:
- /entrypoint.sh
@@ -14430,20 +14431,21 @@
values:
- "true"
priorityClassName: swh-cassandra-next-version-normal-workload
terminationGracePeriodSeconds: 3600
initContainers:
- name: prepare-configuration
image: debian:bullseye
imagePullPolicy: IfNotPresent
env:
+
- name: AMQP_PASSWORD
valueFrom:
secretKeyRef:
name: amqp-secrets
key: swhconsumer-password
# 'name' secret must exist & include that ^ key
optional: false
command:
- /entrypoint.sh
@@ -21790,22 +21792,20 @@
spec:
scaleTargetRef:
apiVersion: apps/v1 # Optional. Default: apps/v1
kind: Deployment # Optional. Default: Deployment
# Mandatory. Must be in same namespace as ScaledObject
name: cooker-batch
# envSourceContainerName: {container-name} # Optional. Default:
# .spec.template.spec.containers[0]
pollingInterval: 30 # Optional. Default: 30 seconds
cooldownPeriod: 3600 # Optional. Default: 300 seconds
- idleReplicaCount: 0 # Optional. Must be less than
- # minReplicaCount
minReplicaCount: 1
maxReplicaCount: 2
triggers:
- type: rabbitmq
authenticationRef:
name: amqp-authentication-cooker-batch
metadata:
protocol: auto # Optional. Specifies protocol to use,
# either amqp or http, or auto to
# autodetect based on the `host` value.
@@ -21830,22 +21830,20 @@
spec:
scaleTargetRef:
apiVersion: apps/v1 # Optional. Default: apps/v1
kind: Deployment # Optional. Default: Deployment
# Mandatory. Must be in same namespace as ScaledObject
name: cooker-simple
# envSourceContainerName: {container-name} # Optional. Default:
# .spec.template.spec.containers[0]
pollingInterval: 30 # Optional. Default: 30 seconds
cooldownPeriod: 3600 # Optional. Default: 300 seconds
- idleReplicaCount: 0 # Optional. Must be less than
- # minReplicaCount
minReplicaCount: 1
maxReplicaCount: 2
triggers:
- type: rabbitmq
authenticationRef:
name: amqp-authentication-cooker-simple
metadata:
protocol: auto # Optional. Specifies protocol to use,
# either amqp or http, or auto to
# autodetect based on the `host` value.
------------- diff for environment production namespace swh -------------
--- /tmp/swh-chart.swh.8UmZiMKX/production-swh.before 2024-01-17 12:21:06.642844162 +0100
+++ /tmp/swh-chart.swh.8UmZiMKX/production-swh.after 2024-01-17 12:21:07.102843711 +0100
@@ -233,20 +233,213 @@
swh:
level: "INFO"
celery.task:
level: "INFO"
root:
level: "INFO"
handlers:
- console
---
+# Source: swh/templates/cookers/configmap-utils.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: cookers-utils
+ namespace: swh
+data:
+ pre-stop-idempotent.sh: |
+ #!/bin/bash
+
+ # pre-stop hook can be triggered multiple times but we want it to be applied only
+ # once so container can warm-shutdown properly.
+
+ # When celery receives multiple times the sigterm signal, this ends up doing an
+ # immediate shutdown which prevents long-standing tasks to finish properly.
+
+ set -ex
+
+ WITNESS_FILE=/tmp/already-stopped
+
+ # Seed awk with the number of nanoseconds since epoch
+ # and have it generate a number between 0 and 1
+ sleep $(date +%s%N | awk '{srand($1); print rand()}')
+
+ if [ ! -e $WITNESS_FILE ]; then
+ touch $WITNESS_FILE
+ kill 1
+ fi
+---
+# Source: swh/templates/cookers/configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: cooker-batch-template
+ namespace: swh
+data:
+ config.yml.template: |
+ storage:
+ cls: pipeline
+ steps:
+ - cls: retry
+ - cls: remote
+ url: http://storage-azure-read-only-rpc-ingress
+ vault:
+ cls: remote
+ url: http://vangogh.euwest.azure.internal.softwareheritage.org:5005/
+ max_bundle_size: 1073741824
+ celery:
+ task_broker: amqp://swhconsumer:${AMQP_PASSWORD}@rabbitmq.internal.softwareheritage.org:5672/%2f
+ task_modules:
+ - swh.vault.cooking_tasks
+ task_queues:
+ - swh.vault.cooking_tasks.SWHBatchCookingTask
+
+ sentry_settings_for_celery_tasks:
+ __sentry-settings-for-celery-tasks__
+ init-container-entrypoint.sh: |
+ #!/bin/bash
+
+ set -e
+
+ CONFIG_FILE=/etc/swh/config.yml
+ CONFIG_FILE_WIP=/tmp/wip-config.yml
+
+ # substitute environment variables when creating the default config.yml
+ eval echo \""$(</etc/swh/configuration-template/config.yml.template)"\" \
+ > $CONFIG_FILE
+ SENTRY_SETTINGS_PATH=/etc/credentials/sentry-settings/sentry_settings_for_celery_tasks
+ if [ -f $SENTRY_SETTINGS_PATH ]; then
+ awk "/__sentry-settings-for-celery-tasks__/{system(\"sed 's/^/ /g' $SENTRY_SETTINGS_PATH\");next}1" $CONFIG_FILE > $CONFIG_FILE_WIP
+ mv $CONFIG_FILE_WIP $CONFIG_FILE
+ else
+ sed -i 's/__sentry-settings-for-celery-tasks__//g' $CONFIG_FILE
+ fi
+
+ exit 0
+
+ logging-configuration.yml: |
+ version: 1
+
+ handlers:
+ console:
+ class: logging.StreamHandler
+ formatter: json
+ stream: ext://sys.stdout
+
+ formatters:
+ json:
+ class: pythonjsonlogger.jsonlogger.JsonFormatter
+ # python-json-logger parses the format argument to get the variables it actually expands into the json
+ format: "%(asctime)s:%(threadName)s:%(pathname)s:%(lineno)s:%(funcName)s:%(task_name)s:%(task_id)s:%(name)s:%(levelname)s:%(message)s"
+
+ loggers:
+ celery:
+ level: "INFO"
+ amqp:
+ level: WARNING
+ urllib3:
+ level: WARNING
+ azure.core.pipeline.policies.http_logging_policy:
+ level: WARNING
+ swh:
+ level: "INFO"
+ celery.task:
+ level: "INFO"
+
+ root:
+ level: "INFO"
+ handlers:
+ - console
+---
+# Source: swh/templates/cookers/configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: cooker-simple-template
+ namespace: swh
+data:
+ config.yml.template: |
+ storage:
+ cls: pipeline
+ steps:
+ - cls: retry
+ - cls: remote
+ url: http://storage-azure-read-only-rpc-ingress
+ vault:
+ cls: remote
+ url: http://vangogh.euwest.azure.internal.softwareheritage.org:5005/
+ max_bundle_size: 1073741824
+ celery:
+ task_broker: amqp://swhconsumer:${AMQP_PASSWORD}@rabbitmq.internal.softwareheritage.org:5672/%2f
+ task_modules:
+ - swh.vault.cooking_tasks
+ task_queues:
+ - swh.vault.cooking_tasks.SWHCookingTask
+
+ sentry_settings_for_celery_tasks:
+ __sentry-settings-for-celery-tasks__
+ init-container-entrypoint.sh: |
+ #!/bin/bash
+
+ set -e
+
+ CONFIG_FILE=/etc/swh/config.yml
+ CONFIG_FILE_WIP=/tmp/wip-config.yml
+
+ # substitute environment variables when creating the default config.yml
+ eval echo \""$(</etc/swh/configuration-template/config.yml.template)"\" \
+ > $CONFIG_FILE
+ SENTRY_SETTINGS_PATH=/etc/credentials/sentry-settings/sentry_settings_for_celery_tasks
+ if [ -f $SENTRY_SETTINGS_PATH ]; then
+ awk "/__sentry-settings-for-celery-tasks__/{system(\"sed 's/^/ /g' $SENTRY_SETTINGS_PATH\");next}1" $CONFIG_FILE > $CONFIG_FILE_WIP
+ mv $CONFIG_FILE_WIP $CONFIG_FILE
+ else
+ sed -i 's/__sentry-settings-for-celery-tasks__//g' $CONFIG_FILE
+ fi
+
+ exit 0
+
+ logging-configuration.yml: |
+ version: 1
+
+ handlers:
+ console:
+ class: logging.StreamHandler
+ formatter: json
+ stream: ext://sys.stdout
+
+ formatters:
+ json:
+ class: pythonjsonlogger.jsonlogger.JsonFormatter
+ # python-json-logger parses the format argument to get the variables it actually expands into the json
+ format: "%(asctime)s:%(threadName)s:%(pathname)s:%(lineno)s:%(funcName)s:%(task_name)s:%(task_id)s:%(name)s:%(levelname)s:%(message)s"
+
+ loggers:
+ celery:
+ level: "INFO"
+ amqp:
+ level: WARNING
+ urllib3:
+ level: WARNING
+ azure.core.pipeline.policies.http_logging_policy:
+ level: WARNING
+ swh:
+ level: "INFO"
+ celery.task:
+ level: "INFO"
+
+ root:
+ level: "INFO"
+ handlers:
+ - console
+---
# Source: swh/templates/deposit/configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
namespace: swh
name: deposit-configuration-template
data:
config.yml.template: |
instance_name: deposit-rpc-ingress
allowed_hosts:
@@ -16942,20 +17135,307 @@
path: "logging-configuration.yml"
- name: checker-deposit-utils
configMap:
name: checker-deposit-utils
defaultMode: 0777
items:
- key: "pre-stop-idempotent.sh"
path: "pre-stop.sh"
---
+# Source: swh/templates/cookers/deployment.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: cooker-batch
+ namespace: swh
+ labels:
+ app: cooker-batch
+spec:
+ revisionHistoryLimit: 2
+ selector:
+ matchLabels:
+ app: cooker-batch
+ strategy:
+ type: RollingUpdate
+ rollingUpdate:
+ maxSurge: 1
+ template:
+ metadata:
+ labels:
+ app: cooker-batch
+ annotations:
+ # Force a rollout upgrade if the configuration changes
+ checksum/config: d4587cc9602558a8fc33e6a261b4053b6688bab3c3bf097b501fece8f5d15dc7
+ spec:
+ affinity:
+
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ - key: swh/cooker
+ operator: In
+ values:
+ - "true"
+ priorityClassName: swh-normal-workload
+
+ terminationGracePeriodSeconds: 3600
+ initContainers:
+ - name: prepare-configuration
+ image: debian:bullseye
+ imagePullPolicy: IfNotPresent
+ env:
+
+
+ - name: AMQP_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: amqp-secrets
+ key: swhconsumer-password
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ command:
+ - /entrypoint.sh
+ volumeMounts:
+ - name: configuration-template
+ mountPath: /entrypoint.sh
+ subPath: "init-container-entrypoint.sh"
+ readOnly: true
+ - name: configuration
+ mountPath: /etc/swh
+ - name: configuration-template
+ mountPath: /etc/swh/configuration-template
+
+ - name: sentry-settings-for-celery-tasks
+ mountPath: /etc/credentials/sentry-settings
+ readOnly: true
+ containers:
+ - name: cookers
+ resources:
+ requests:
+ memory: 512Mi
+ cpu: 500m
+ image: container-registry.softwareheritage.org/swh/infra/swh-apps/vault_cookers:20240108.1
+ imagePullPolicy: IfNotPresent
+ command:
+ - /bin/bash
+ args:
+ - -c
+ - /opt/swh/entrypoint.sh
+ lifecycle:
+ preStop:
+ exec:
+ command: ["/pre-stop.sh"]
+ env:
+ - name: STATSD_HOST
+ value: prometheus-statsd-exporter
+ - name: STATSD_PORT
+ value: "9125"
+ - name: MAX_TASKS_PER_CHILD
+ value: "1"
+ - name: LOGLEVEL
+ value: "INFO"
+ - name: SWH_CONFIG_FILENAME
+ value: /etc/swh/config.yml
+
+ - name: SWH_LOG_CONFIG
+ value: /etc/swh/logging-configuration.yml
+
+
+ - name: SWH_SENTRY_ENVIRONMENT
+ value: production
+ volumeMounts:
+ - name: cookers-utils
+ mountPath: /pre-stop.sh
+ subPath: "pre-stop.sh"
+ - name: configuration
+ mountPath: /etc/swh
+
+ - name: configuration-template
+ mountPath: /etc/swh/logging-configuration.yml
+ subPath: "logging-configuration.yml"
+ readOnly: true
+
+ volumes:
+ - name: configuration
+ emptyDir: {}
+ - name: configuration-template
+ configMap:
+ name: cooker-batch-template
+ defaultMode: 0777
+ items:
+ - key: "config.yml.template"
+ path: "config.yml.template"
+ - key: "init-container-entrypoint.sh"
+ path: "init-container-entrypoint.sh"
+
+ - key: "logging-configuration.yml"
+ path: "logging-configuration.yml"
+
+ - name: cookers-utils
+ configMap:
+ name: cookers-utils
+ defaultMode: 0777
+ items:
+ - key: "pre-stop-idempotent.sh"
+ path: "pre-stop.sh"
+
+ - name: sentry-settings-for-celery-tasks
+ secret:
+ secretName: sentry-settings-for-celery-tasks
+ optional: true
+# Set useJsonLogger to false to let the logs be plain text
+---
+# Source: swh/templates/cookers/deployment.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: cooker-simple
+ namespace: swh
+ labels:
+ app: cooker-simple
+spec:
+ revisionHistoryLimit: 2
+ selector:
+ matchLabels:
+ app: cooker-simple
+ strategy:
+ type: RollingUpdate
+ rollingUpdate:
+ maxSurge: 1
+ template:
+ metadata:
+ labels:
+ app: cooker-simple
+ annotations:
+ # Force a rollout upgrade if the configuration changes
+ checksum/config: d4587cc9602558a8fc33e6a261b4053b6688bab3c3bf097b501fece8f5d15dc7
+ spec:
+ affinity:
+
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ - key: swh/cooker
+ operator: In
+ values:
+ - "true"
+ priorityClassName: swh-normal-workload
+
+ terminationGracePeriodSeconds: 3600
+ initContainers:
+ - name: prepare-configuration
+ image: debian:bullseye
+ imagePullPolicy: IfNotPresent
+ env:
+
+
+ - name: AMQP_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: amqp-secrets
+ key: swhconsumer-password
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ command:
+ - /entrypoint.sh
+ volumeMounts:
+ - name: configuration-template
+ mountPath: /entrypoint.sh
+ subPath: "init-container-entrypoint.sh"
+ readOnly: true
+ - name: configuration
+ mountPath: /etc/swh
+ - name: configuration-template
+ mountPath: /etc/swh/configuration-template
+
+ - name: sentry-settings-for-celery-tasks
+ mountPath: /etc/credentials/sentry-settings
+ readOnly: true
+ containers:
+ - name: cookers
+ resources:
+ requests:
+ memory: 512Mi
+ cpu: 500m
+ image: container-registry.softwareheritage.org/swh/infra/swh-apps/vault_cookers:20240108.1
+ imagePullPolicy: IfNotPresent
+ command:
+ - /bin/bash
+ args:
+ - -c
+ - /opt/swh/entrypoint.sh
+ lifecycle:
+ preStop:
+ exec:
+ command: ["/pre-stop.sh"]
+ env:
+ - name: STATSD_HOST
+ value: prometheus-statsd-exporter
+ - name: STATSD_PORT
+ value: "9125"
+ - name: MAX_TASKS_PER_CHILD
+ value: "1"
+ - name: LOGLEVEL
+ value: "INFO"
+ - name: SWH_CONFIG_FILENAME
+ value: /etc/swh/config.yml
+
+ - name: SWH_LOG_CONFIG
+ value: /etc/swh/logging-configuration.yml
+
+
+ - name: SWH_SENTRY_ENVIRONMENT
+ value: production
+ volumeMounts:
+ - name: cookers-utils
+ mountPath: /pre-stop.sh
+ subPath: "pre-stop.sh"
+ - name: configuration
+ mountPath: /etc/swh
+
+ - name: configuration-template
+ mountPath: /etc/swh/logging-configuration.yml
+ subPath: "logging-configuration.yml"
+ readOnly: true
+
+ volumes:
+ - name: configuration
+ emptyDir: {}
+ - name: configuration-template
+ configMap:
+ name: cooker-simple-template
+ defaultMode: 0777
+ items:
+ - key: "config.yml.template"
+ path: "config.yml.template"
+ - key: "init-container-entrypoint.sh"
+ path: "init-container-entrypoint.sh"
+
+ - key: "logging-configuration.yml"
+ path: "logging-configuration.yml"
+
+ - name: cookers-utils
+ configMap:
+ name: cookers-utils
+ defaultMode: 0777
+ items:
+ - key: "pre-stop-idempotent.sh"
+ path: "pre-stop.sh"
+
+ - name: sentry-settings-for-celery-tasks
+ secret:
+ secretName: sentry-settings-for-celery-tasks
+ optional: true
+---
# Source: swh/templates/deposit/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: swh
name: deposit
labels:
app: deposit
spec:
revisionHistoryLimit: 2
@@ -31501,20 +31981,23 @@
spec:
service:
name: keda-operator-metrics-apiserver
namespace: default
port: 443
group: external.metrics.k8s.io
version: v1beta1
groupPriorityMinimum: 100
versionPriority: 100
---
+# Source: swh/templates/cookers/deployment.yaml
+# Set useJsonLogger to false to let the logs be plain text
+---
# Source: swh/templates/listers/deployment.yaml
# Set useJsonLogger to false to let the logs be plain text
---
# Source: swh/templates/loaders/deployment.yaml
# if defined at the "typed" loader level
# otherwise use the global image is defined First this needs to replace - in
# $loader_type with "" to find the proper image name.
---
# Source: swh/templates/checker-deposit/keda-autoscaling.yaml
apiVersion: keda.sh/v1alpha1
@@ -31547,20 +32030,98 @@
excludeUnacknowledged: "false" # QueueLength should include unacked messages
# Implies "http" protocol is used
value: "1"
queueName: swh.deposit.loader.tasks.ChecksDepositTsk
vhostName: / # Optional. If not specified, use the vhost in the
# `host` connection string. Alternatively, you can
# use existing environment variables to read
# configuration from: See details in "Parameter
# list" section hostFromEnv: RABBITMQ_HOST%
---
+# Source: swh/templates/cookers/keda-autoscaling.yaml
+apiVersion: keda.sh/v1alpha1
+kind: ScaledObject
+metadata:
+ name: cooker-batch-operators
+ namespace: swh
+spec:
+ scaleTargetRef:
+ apiVersion: apps/v1 # Optional. Default: apps/v1
+ kind: Deployment # Optional. Default: Deployment
+ # Mandatory. Must be in same namespace as ScaledObject
+ name: cooker-batch
+ # envSourceContainerName: {container-name} # Optional. Default:
+ # .spec.template.spec.containers[0]
+ pollingInterval: 30 # Optional. Default: 30 seconds
+ cooldownPeriod: 3600 # Optional. Default: 300 seconds
+ idleReplicaCount: 0 # Set to 0 to stop all the workers when
+ # there is no activity on the queue
+ minReplicaCount: 1
+ maxReplicaCount: 2
+ triggers:
+ - type: rabbitmq
+ authenticationRef:
+ name: amqp-authentication-cooker-batch
+ metadata:
+ protocol: auto # Optional. Specifies protocol to use,
+ # either amqp or http, or auto to
+ # autodetect based on the `host` value.
+ # Default value is auto.
+ mode: QueueLength # QueueLength to trigger on number of msgs in queue
+ excludeUnacknowledged: "false" # QueueLength should include unacked messages
+ # Implies "http" protocol is used
+ value: "1"
+ queueName: swh.vault.cooking_tasks.SWHBatchCookingTask
+ vhostName: / # Optional. If not specified, use the vhost in the
+ # `host` connection string. Alternatively, you can
+ # use existing environment variables to read
+ # configuration from: See details in "Parameter
+ # list" section hostFromEnv: RABBITMQ_HOST%
+---
+# Source: swh/templates/cookers/keda-autoscaling.yaml
+apiVersion: keda.sh/v1alpha1
+kind: ScaledObject
+metadata:
+ name: cooker-simple-operators
+ namespace: swh
+spec:
+ scaleTargetRef:
+ apiVersion: apps/v1 # Optional. Default: apps/v1
+ kind: Deployment # Optional. Default: Deployment
+ # Mandatory. Must be in same namespace as ScaledObject
+ name: cooker-simple
+ # envSourceContainerName: {container-name} # Optional. Default:
+ # .spec.template.spec.containers[0]
+ pollingInterval: 30 # Optional. Default: 30 seconds
+ cooldownPeriod: 3600 # Optional. Default: 300 seconds
+ minReplicaCount: 10
+ maxReplicaCount: 10
+ triggers:
+ - type: rabbitmq
+ authenticationRef:
+ name: amqp-authentication-cooker-simple
+ metadata:
+ protocol: auto # Optional. Specifies protocol to use,
+ # either amqp or http, or auto to
+ # autodetect based on the `host` value.
+ # Default value is auto.
+ mode: QueueLength # QueueLength to trigger on number of msgs in queue
+ excludeUnacknowledged: "false" # QueueLength should include unacked messages
+ # Implies "http" protocol is used
+ value: "1"
+ queueName: swh.vault.cooking_tasks.SWHCookingTask
+ vhostName: / # Optional. If not specified, use the vhost in the
+ # `host` connection string. Alternatively, you can
+ # use existing environment variables to read
+ # configuration from: See details in "Parameter
+ # list" section hostFromEnv: RABBITMQ_HOST%
+---
# Source: swh/templates/listers/keda-autoscaling.yaml
apiVersion: keda.sh/v1alpha1
kind: ScaledObject
metadata:
name: lister-bitbucket-operators
namespace: swh
spec:
scaleTargetRef:
apiVersion: apps/v1 # Optional. Default: apps/v1
kind: Deployment # Optional. Default: Deployment
@@ -33765,20 +34326,44 @@
kind: TriggerAuthentication
metadata:
name: amqp-authentication-checker-deposit
namespace: swh
spec:
secretTargetRef:
- parameter: host # "host" is required by the scalerObject trigger metadata
name: common-secrets
key: rabbitmq-http-host
---
+# Source: swh/templates/cookers/keda-autoscaling.yaml
+apiVersion: keda.sh/v1alpha1
+kind: TriggerAuthentication
+metadata:
+ name: amqp-authentication-cooker-batch
+ namespace: swh
+spec:
+ secretTargetRef:
+ - parameter: host # "host" is required by the scalerObject trigger metadata
+ name: common-secrets
+ key: rabbitmq-http-host
+---
+# Source: swh/templates/cookers/keda-autoscaling.yaml
+apiVersion: keda.sh/v1alpha1
+kind: TriggerAuthentication
+metadata:
+ name: amqp-authentication-cooker-simple
+ namespace: swh
+spec:
+ secretTargetRef:
+ - parameter: host # "host" is required by the scalerObject trigger metadata
+ name: common-secrets
+ key: rabbitmq-http-host
+---
# Source: swh/templates/listers/keda-autoscaling.yaml
apiVersion: keda.sh/v1alpha1
kind: TriggerAuthentication
metadata:
name: amqp-authentication-lister-bitbucket
namespace: swh
spec:
secretTargetRef:
- parameter: host # "host" is required by the scalerObject trigger metadata
name: common-secrets
------------- diff for environment production namespace swh-cassandra -------------
No differences
[1] !300 (merged)
[2]
2024-01-16 15:51:13 softwareheritage-scheduler@belvedere:5432 λ select * from task_type where type = 'cook-vault-bundle';
+-[ RECORD 1 ]-----+----------------------------------------+
| type | cook-vault-bundle |
| description | Cook a Vault bundle |
| backend_name | swh.vault.cooking_tasks.SWHCookingTask |
| default_interval | 1 day |
| min_interval | 1 day |
| max_interval | 1 day |
| backoff_factor | 1 |
| max_queue_length | 5000 |
| num_retries | 3 |
| retry_delay | (null) |
+------------------+----------------------------------------+
Time: 3.704 ms
2024-01-16 15:51:28 softwareheritage-scheduler@belvedere:5432 λ select count(*), type from task where '2023-01-01' <= next_run and next_run <= '2024-01-01' and priority is null and type in ('cook-vault-bundle-batch', 'cook-vault-bundle') group by type;
+-------+-------------------+
| count | type |
+-------+-------------------+
| 86007 | cook-vault-bundle |
+-------+-------------------+
(1 row)
Time: 1101.998 ms (00:01.102)
Edited by Antoine R. Dumont