Deploy a read-only cassandra RPC in staging
This deploys a new cassandra read-only rpc service in staging (in preparation for the addition of the masking proxy).
- deploy the new instance of the storage rpc
Click to expand
--- 0.yaml 2024-04-03 10:35:26.572104381 +0200
+++ 1.yaml 2024-04-03 10:35:26.784107090 +0200
@@ -5276,6 +5276,30 @@
cls: remote
url: http://objstorage-multiplexer-read-write-rpc-ingress
---
+# Source: swh/templates/storage/configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ namespace: swh-cassandra
+ name: storage-cassandra-read-only-configuration-template
+data:
+ config.yml.template: |
+ storage:
+ auth_provider:
+ cls: cassandra.auth.PlainTextAuthProvider
+ password: ${CASSANDRA_PASSWORD}
+ username: swh-ro
+ cls: cassandra
+ consistency_level: LOCAL_QUORUM
+ hosts:
+ - cassandra1.internal.staging.swh.network
+ - cassandra2.internal.staging.swh.network
+ - cassandra3.internal.staging.swh.network
+ keyspace: swh
+ objstorage:
+ cls: remote
+ url: http://objstorage-read-only-rpc-ingress
+---
# Source: swh/templates/toolbox/configmap.yaml
apiVersion: v1
kind: ConfigMap
@@ -6023,6 +6047,16 @@
apiVersion: v1
kind: Service
metadata:
+ name: storage-cassandra-read-only-ingress
+ namespace: swh-cassandra
+spec:
+ type: ExternalName
+ externalName: archive-staging-rke2-ingress-nginx-controller.ingress-nginx.svc.cluster.local
+---
+# Source: swh/templates/external-services/cname.yaml
+apiVersion: v1
+kind: Service
+metadata:
name: storage-postgresql-read-only-rpc-ingress
namespace: swh-cassandra
spec:
@@ -6261,6 +6295,23 @@
targetPort: 5002
name: rpc
---
+# Source: swh/templates/storage/service.yaml
+apiVersion: v1
+kind: Service
+metadata:
+ name: storage-cassandra-read-only
+ namespace: swh-cassandra
+ labels:
+ app: storage-cassandra-read-only
+spec:
+ type: ClusterIP
+ selector:
+ app: storage-cassandra-read-only
+ ports:
+ - port: 5002
+ targetPort: 5002
+ name: rpc
+---
# Source: swh/templates/vault/rpc-service.yaml
apiVersion: v1
kind: Service
@@ -18157,6 +18208,159 @@
name: config-utils
defaultMode: 0555
---
+# Source: swh/templates/storage/deployment.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ namespace: swh-cassandra
+ name: storage-cassandra-read-only
+ labels:
+ app: storage-cassandra-read-only
+spec:
+ revisionHistoryLimit: 2
+ selector:
+ matchLabels:
+ app: storage-cassandra-read-only
+ strategy:
+ type: RollingUpdate
+ rollingUpdate:
+ maxSurge: 1
+ template:
+ metadata:
+ labels:
+ app: storage-cassandra-read-only
+ annotations:
+ checksum/config: 065711e0d402a3a6c03ab4b9a955f75069b7cb6d4dd6db54ba500cc81fd5c062
+ checksum/database-utils: 367f28d8854b3b188d7a45015752b10be8e691f0c3b2a21db02501e655b932f0
+ checksum/config-utils: 13a26f6add17e96ce01550153c77dcd48de60241a3f4db3c93d5467234be2a7f
+ spec:
+ affinity:
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ - key: swh/storage
+ operator: In
+ values:
+ - "true"
+ priorityClassName: swh-cassandra-frontend-rpc
+ initContainers:
+ - name: prepare-configuration
+ image: container-registry.softwareheritage.org/swh/infra/swh-apps/utils:20231211.1
+ imagePullPolicy: IfNotPresent
+ command:
+ - /entrypoints/prepare-configuration.sh
+ env:
+
+
+ - name: CASSANDRA_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: common-secrets
+ key: cassandra-swh-ro-password
+ # 'name' secret must exist & include that ^ key
+ optional: false
+ volumeMounts:
+ - name: configuration
+ mountPath: /etc/swh
+ - name: configuration-template
+ mountPath: /etc/swh/configuration-template
+ - name: config-utils
+ mountPath: /entrypoints
+ readOnly: true
+
+ - name: init-database
+ image: container-registry.softwareheritage.org/swh/infra/swh-apps/storage:20240329.2
+ imagePullPolicy: IfNotPresent
+ command:
+ - /usr/local/bin/python3
+ args:
+ - /entrypoints/init-keyspace.py
+ volumeMounts:
+ - name: configuration
+ mountPath: /etc/swh
+ readOnly: true
+ - name: database-utils
+ mountPath: /entrypoints
+ readOnly: true
+ containers:
+ - name: storage-cassandra-read-only
+ resources:
+ requests:
+ memory: 500Mi
+ cpu: 250m
+ image: container-registry.softwareheritage.org/swh/infra/swh-apps/storage:20240329.2
+ imagePullPolicy: IfNotPresent
+ ports:
+ - containerPort: 5002
+ name: rpc
+ readinessProbe:
+ httpGet:
+ path: /
+ port: rpc
+ initialDelaySeconds: 15
+ failureThreshold: 30
+ periodSeconds: 5
+ livenessProbe:
+ tcpSocket:
+ port: rpc
+ initialDelaySeconds: 10
+ periodSeconds: 5
+ command:
+ - /bin/bash
+ args:
+ - -c
+ - /opt/swh/entrypoint.sh
+ env:
+ - name: THREADS
+ value: "4"
+ - name: WORKERS
+ value: "8"
+ - name: TIMEOUT
+ value: "60"
+ - name: STATSD_HOST
+ value: prometheus-statsd-exporter
+ - name: STATSD_PORT
+ value: "9125"
+ - name: STATSD_TAGS
+ value: deployment:storage-cassandra-read-only
+ - name: LOG_LEVEL
+ value: "INFO"
+ - name: SWH_SENTRY_ENVIRONMENT
+ value: staging
+ - name: SWH_MAIN_PACKAGE
+ value: swh.storage
+ - name: SWH_SENTRY_DSN
+ valueFrom:
+ secretKeyRef:
+ name: common-secrets
+ key: storage-sentry-dsn
+ # 'name' secret should exist & include key
+ # if the setting doesn't exist, sentry pushes will be disabled
+ optional: true
+ - name: SWH_SENTRY_DISABLE_LOGGING_EVENTS
+ value: "true"
+ volumeMounts:
+ - name: configuration
+ mountPath: /etc/swh
+ volumes:
+ - name: configuration
+ emptyDir: {}
+ - name: configuration-template
+ configMap:
+ name: storage-cassandra-read-only-configuration-template
+ items:
+ - key: "config.yml.template"
+ path: "config.yml.template"
+ - name: database-utils
+ configMap:
+ name: database-utils
+ defaultMode: 0555
+ - name: config-utils
+ configMap:
+ name: config-utils
+ defaultMode: 0555
+---
# Source: swh/templates/toolbox/deployment.yaml
apiVersion: apps/v1
kind: Deployment
@@ -19026,6 +19230,29 @@
metrics:
- type: Resource
resource:
+ name: cpu
+ target:
+ type: Utilization
+ averageUtilization: 150
+---
+# Source: swh/templates/storage/autoscaling.yaml
+apiVersion: autoscaling/v2
+kind: HorizontalPodAutoscaler
+metadata:
+ namespace: swh-cassandra
+ name: storage-cassandra-read-only
+ labels:
+ app: storage-cassandra-read-only
+spec:
+ scaleTargetRef:
+ apiVersion: apps/v1
+ kind: Deployment
+ name: storage-cassandra-read-only
+ minReplicas: 1
+ maxReplicas: 6
+ metrics:
+ - type: Resource
+ resource:
name: cpu
target:
type: Utilization
- migrate read-only users to it (from either the r/w cassandra rpc, or the r/o postgresql one ??)
Click to expand
--- 1.yaml 2024-04-03 10:35:26.784107090 +0200
+++ 2.yaml 2024-04-03 10:35:27.004109902 +0200
@@ -428,7 +428,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
celery:
task_broker: amqp://swhconsumer:${AMQP_PASSWORD}@scheduler0.internal.staging.swh.network:5672/%2f
task_acks_late: true
@@ -531,7 +531,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
vault:
cls: remote
url: http://vault-rpc-ingress
@@ -614,7 +614,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
vault:
cls: remote
url: http://vault-rpc-ingress
@@ -802,7 +802,7 @@
swh_authority_url: deposit-rpc-ingress
storage:
cls: remote
- url: http://storage-cassandra.internal.staging.swh.network
+ url: http://storage-cassandra-read-only-ingress
storage_metadata:
cls: remote
url: http://storage-cassandra.internal.staging.swh.network
@@ -842,8 +842,11 @@
# TODO: rename to not have a dot in the name to allow testing
config.yml: |
storage:
- cls: remote
- url: http://storage-cassandra.internal.staging.swh.network
+ cls: pipeline
+ steps:
+ - cls: retry
+ - cls: remote
+ url: http://storage-cassandra-read-only-ingress
search:
cls: remote
@@ -923,7 +926,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -962,7 +965,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -1030,7 +1033,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -1123,7 +1126,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -1216,7 +1219,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -1310,7 +1313,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -1404,7 +1407,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -1497,7 +1500,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -1590,7 +1593,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -1683,7 +1686,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -1776,7 +1779,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -1869,7 +1872,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -1964,7 +1967,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -2057,7 +2060,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -2152,7 +2155,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -2245,7 +2248,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -2338,7 +2341,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -2431,7 +2434,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -2525,7 +2528,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -2619,7 +2622,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -2713,7 +2716,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -2808,7 +2811,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -2901,7 +2904,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -2994,7 +2997,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -3087,7 +3090,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -3180,7 +3183,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -3273,7 +3276,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -3366,7 +3369,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -3459,7 +3462,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -3553,7 +3556,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -3647,7 +3650,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -4583,7 +4586,7 @@
url: http://search-rpc-ingress
storage:
cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
journal:
brokers:
- journal2.internal.staging.swh.network
@@ -4606,7 +4609,7 @@
url: http://search-rpc-ingress
storage:
cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
journal:
brokers:
- journal2.internal.staging.swh.network
@@ -5747,7 +5750,7 @@
steps:
- cls: retry
- cls: remote
- url: http://storage-postgresql-read-only-rpc-ingress
+ url: http://storage-cassandra-read-only-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -5796,7 +5799,7 @@
- ${POD_IP}
storage:
cls: remote
- url: http://storage-cassandra.internal.staging.swh.network
+ url: http://storage-cassandra-read-only-ingress
search:
cls: remote
url: http://search-rpc-ingress
@@ -7318,7 +7321,7 @@
app: checker-deposit
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: e7766991791ade56814dfc3ef783f70bd10c62fd1f49c615fe9421fc873bbdbd
+ checksum/config: 93fabd4de07834089d192d92f83dfd8db53087d2ad3de28c66af34fca5e7e018
spec:
affinity:
@@ -7480,7 +7483,7 @@
app: cooker-batch
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: 1884bbfd471bbfbab50610296902f3a364bd1bea984860e97cf6be922357c448
+ checksum/config: 19bb1599f4da8128c59788ac66d901602e3dd358c8f55557d3dd6b5d1fd30d3d
spec:
affinity:
@@ -7624,7 +7627,7 @@
app: cooker-simple
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: 1884bbfd471bbfbab50610296902f3a364bd1bea984860e97cf6be922357c448
+ checksum/config: 19bb1599f4da8128c59788ac66d901602e3dd358c8f55557d3dd6b5d1fd30d3d
spec:
affinity:
@@ -8002,7 +8005,7 @@
labels:
app: deposit
annotations:
- checksum/config: 4a58e5b338dba2d3d4bcc63585514d806c4ad5afeac88180ca340a2199294819
+ checksum/config: 28f824c95a76bc291f0fbabc618cb9a94cb33148c3a8f3cc7f7a28d71684d415
spec:
affinity:
nodeAffinity:
@@ -8210,7 +8213,7 @@
app: graphql-cassandra
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: 379218053e0246515928b5d143e582a6a4295c69c004c1775ac7cf911bf444e3
+ checksum/config: 6ced43f7bd3add93bef0ece9df68888adb671c86b559bb2caeff983eb5973332
spec:
affinity:
nodeAffinity:
@@ -8458,7 +8461,7 @@
app: indexer-extrinsic
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: 5fc3ede05aa0c961e31992c9351c2ed78ce96041c4725d75d532ac4d4e1c6017
+ checksum/config: 20341f793046dae862b234ba7a9029b1645b6e8122a73a0a1b00d67e3d9698e4
checksum/config-utils: 13a26f6add17e96ce01550153c77dcd48de60241a3f4db3c93d5467234be2a7f
spec:
affinity:
@@ -8596,7 +8599,7 @@
app: indexer-origin-intrinsic
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: d62c7b2dd6f7389327509d8997ef0604398a372f66d6aa7f5cadbcce6aa3eca0
+ checksum/config: 8c0b3fdb451484013fa8b652c4768f2d958bbfabc3a67a261297d28b9384e0f8
checksum/config-utils: 13a26f6add17e96ce01550153c77dcd48de60241a3f4db3c93d5467234be2a7f
spec:
affinity:
@@ -8750,7 +8753,7 @@
app: lister-arch
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: b20379a9964fb20e2988e6d52f7d38cfcf187b9bc441eb33f755ef9ca73de0fc
+ checksum/config: 8d561bdea25ac280f800afa57b41a5993e1a2008aafc1ac1d49200f8a977b466
spec:
affinity:
@@ -8915,7 +8918,7 @@
app: lister-aur
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: 2217d67643ee6223a0a989290c8618fd9948fa4c40fbb2884eefd4ad3eddf27f
+ checksum/config: 49d7b24ae74cbc8a9b81358eb8e7ce17adbe066ffb419d7185e2f8062f5c825d
spec:
affinity:
@@ -9080,7 +9083,7 @@
app: lister-bioconductor
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: 42d2c8e10390e988cd3128f579ffd430c9532db77455758c32266d79018b3d4c
+ checksum/config: 5d7336893a2cacca7721e912a8dbf3b4936201c5ba7be8d6d0ab5f5566eb0e78
spec:
affinity:
@@ -9245,7 +9248,7 @@
app: lister-bitbucket
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: 20c22d0729de10bb8c3e76b76b9b511cb9ef509a0692a57e9a0f1ae04387332b
+ checksum/config: 90afbbe464ffd4db7f96cee4f35d7e598ef1366c192a725be61985528422ab40
spec:
affinity:
@@ -9410,7 +9413,7 @@
app: lister-bower
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: b086f627f239b35e5e7e57f064ddb3e9781775d38b2ef090afbd03fcd4607c27
+ checksum/config: a7cd426f0d04dc10308bf7de96150e370369076b402ebc1200adde0c7b088c83
spec:
affinity:
@@ -9575,7 +9578,7 @@
app: lister-cgit
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: 0f7d82ddbb5e6d9c363b31872b2bb2923c00d45ffa7fe16c5282e0016dbb55c1
+ checksum/config: bcf3cbc1213e9dfd00da31f46b3e89b544f86826c5dea25b86eb7e96543decb0
spec:
affinity:
@@ -9740,7 +9743,7 @@
app: lister-cran
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: df49eb664d97ee93faf2bf6a8cf04e324262e355abf8dffb6ab439d4dadcf8c5
+ checksum/config: 047a9003b24cd4d3140b8e5f38e2b7362582b566f89860ce02f8ffd989903cd7
spec:
affinity:
@@ -9905,7 +9908,7 @@
app: lister-debian
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: f291de90da65057722da016666efd683faf3f6f46bf221590e6d7cc9c4762169
+ checksum/config: d6c7f5609927314a12404e02dd2f4ad95a110f8f8241888e426a1ae7fbcea6fc
spec:
affinity:
@@ -10070,7 +10073,7 @@
app: lister-dlang
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: 9d5cb90f280f01872f54133aa9f8c69e223939e04d41ade0eddae560470b8d13
+ checksum/config: c6c9949d051872613665a3620bd9b3869fc51220557ffa1c3ee55ba909c9c2ef
spec:
affinity:
@@ -10235,7 +10238,7 @@
app: lister-gitea
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: e2fc62dd8b1ac766f8ebdd2376b430d435c172c83e124cddc402f19ab1def00d
+ checksum/config: e92488f0ff776a67bd6bc4e88b41d47fc4e5c6f22e2240398aa62cb67695c063
spec:
affinity:
@@ -10400,7 +10403,7 @@
app: lister-gitiles
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: ffbc6bb4e344a1457d563f682cab102a37df521e753f10b0b74111bf32a4c61e
+ checksum/config: d391a4d10ec9bc8b63a16da8753b5d1b27fa2401e2a10a99748a8ce555100db4
spec:
affinity:
@@ -10565,7 +10568,7 @@
app: lister-gitlab
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: 280b55836b939b3d53d72c324b589ab2d4954e6bbae35a6f7e96616109c78c79
+ checksum/config: b19d1eab286c451b306dd99f68ea99a0a1dea702205f936f8f3f26e7c6447cd3
spec:
affinity:
@@ -10730,7 +10733,7 @@
app: lister-gitweb
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: c4a3a6d2961d0cfcf5ccb5ef14e13fff2271106a53effc57c313aaf7beb7dcce
+ checksum/config: c48d9a899049e6c6eb82e98d379047e681d15086b4a320a899b74c18b88e8f25
spec:
affinity:
@@ -10895,7 +10898,7 @@
app: lister-gnu-full
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: fa719bc9451738064c431720ac8312a1fe4f1e058333168c88ee13b8e44b27ca
+ checksum/config: ca4848e424dd5facd307d432edf45ff1d9af243d33c50603d80396af247b86bf
spec:
affinity:
@@ -11060,7 +11063,7 @@
app: lister-gogs-full
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: 35a27175165247f94ba2cdc980cd6f30e724b7014e604ac86f9f5c3d1b8deee6
+ checksum/config: 3644194162e641cba9d5444c6f9e7d27b7190af61a7d81899522c3717a6c5012
spec:
affinity:
@@ -11225,7 +11228,7 @@
app: lister-golang
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: 49eaebfb23fce650a450c0c938ea6569d596a18874221c5045ceee75aa2ac0de
+ checksum/config: 2ad5e90c0d1d5dcf470d92e4aebfa63499eeccb6c70a28d3d6c9518473eaac83
spec:
affinity:
@@ -11390,7 +11393,7 @@
app: lister-launchpad
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: b8ba51abb8d8972c7a137193aebaf15a86dcc4b48b4f2d1a7463e535eacf3bdf
+ checksum/config: c1df655f407c6c0085ad8a7cd53a9050c1ee1b36a3b411fdf76ddce656cbeb7a
spec:
affinity:
@@ -11555,7 +11558,7 @@
app: lister-maven
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: 548286d68ee18db27b8e18304af0bc39485095aaf6107f66ecb662a126bf31e1
+ checksum/config: 0484f41c731377e79a7904ca8ef885e52d2c9f1c69bf92085bdf3de6a8532f07
spec:
affinity:
@@ -11720,7 +11723,7 @@
app: lister-nixguix
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: 83d69e15dbe397a5ce2343dd600a219d408de05a304bcf71c393fc0ed93f60f8
+ checksum/config: 4333abc8a4d703250091e773b183720aba8b33058cc9d738b9711ec5f1525583
spec:
affinity:
@@ -11885,7 +11888,7 @@
app: lister-npm
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: 2e81c79a148dbcad8fc6e5e27caf43bad4eb2c6c07a941ca10a6d308d7572eee
+ checksum/config: f5e17658cf8a9678e6b962c3bdef9da62634a9702933e417f37236af29151529
spec:
affinity:
@@ -12050,7 +12053,7 @@
app: lister-opam
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: ac2b83a3a2d4899b5c9bbef96c3c6047f8399239b396fbeed1a9bb897820cca2
+ checksum/config: 79f5b96b28fc04ddc0b1fa10bdeddc908f605d3f3df496dfe1dd2432db4b8556
spec:
affinity:
@@ -12215,7 +12218,7 @@
app: lister-packagist
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: dbf978185050d56fc7ed560a5889dcbe669617f423bcd4a804e2f673f023a581
+ checksum/config: 96944da81b0d89c6c4984f4a32660f915665ae141adcb6b0e7eef71cef66fa58
spec:
affinity:
@@ -12380,7 +12383,7 @@
app: lister-pagure
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: 5e20df7a3649f02f635fe9b12fda3cc3ab0af961b75d5c8d4d4866c5b7558728
+ checksum/config: a7428760e991b64fa4d6ea08ef0d8cf9936f21c78ddd202a4fa767a42c5f524d
spec:
affinity:
@@ -12545,7 +12548,7 @@
app: lister-phabricator
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: a274baa0336e7730fa75252cf813e744c64d7bab22577fcee5d3a43f4eb118ee
+ checksum/config: 737bc01c41fde600d14d2ac184daca03732f5eb0dba6a9b57f3d35208c92ab4b
spec:
affinity:
@@ -12710,7 +12713,7 @@
app: lister-pubdev
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: 660b78d2f671ad6caa59f8e5ccb0998521fc5b9ac1320091d2b526c7899be10e
+ checksum/config: b7286c72bca916d7b0f5355abbbe111fa9fe40ff0405837c3e828748640b5ea2
spec:
affinity:
@@ -12875,7 +12878,7 @@
app: lister-pypi
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: e83d5581f35c7b3c87db8ad3eda921f3feb8603030cce12401bc276aa6696ef6
+ checksum/config: 1be11411a1d9fdf5836787ed69e3b86040dd9bedc31f824e81535854f716b727
spec:
affinity:
@@ -13040,7 +13043,7 @@
app: lister-rpm
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: 21fe4e4230ed2b8525fe90f1a3db2249de27096227feafd59bcf57ec93abdafb
+ checksum/config: 4d0829b9720b7bb4b5552bc21f3d7ca217c35f635423550f91493f2f34757e9e
spec:
affinity:
@@ -13205,7 +13208,7 @@
app: lister-sourceforge
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: eb5e8883a8e7c9269043a679d32b92d8c62fd9c2d089e7138d34b4a9345463a7
+ checksum/config: 72ae011232180644e578a35301cde02419556d5fa92b0612adebc89c1f63ae37
spec:
affinity:
@@ -13370,7 +13373,7 @@
app: lister-stagit
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: ac365f78c0512a89e89eebd10ae8033eb22c01751f8f481ee4473a158f83d306
+ checksum/config: cbd585b753452d208c0e22f4241b26d568f50e041e57940dcc35c4f8255a24d8
spec:
affinity:
@@ -16151,7 +16154,7 @@
labels:
app: search-journal-client-indexed
annotations:
- checksum/config: 30623fbb42dde067ff9532c74b5aed1c57bbca8151469d5baebe876e813f3d61
+ checksum/config: 19a9443089f203125b3d137ea408f0faf67791e65c75f26e022567e7b7a66c8d
spec:
affinity:
nodeAffinity:
@@ -16256,7 +16259,7 @@
labels:
app: search-journal-client-objects
annotations:
- checksum/config: 55ba67297353284b44358982c499b2c16c2746b9068b1304e134ad9659de3b1d
+ checksum/config: ae95733d374f1d6872a8f163fda36f7f3c4023cbbe9a9d10e6070492741f45ee
spec:
affinity:
nodeAffinity:
@@ -18649,7 +18652,7 @@
labels:
app: vault-rpc
annotations:
- checksum/config: e896fe6cbe9d38d03b6f487df1d81f73953e7398cc2bf2ce008877f4ebfa4eb4
+ checksum/config: 181ded3f298c1f97383fcf002527824f828495a0604aa7485be72640589b5785
spec:
affinity:
nodeAffinity:
@@ -18792,7 +18795,7 @@
labels:
app: web-cassandra
annotations:
- checksum/config: e1f571382d526d91f549dc2fe4f3c289e9452aaeafda99e3a549a3575a4afb71
+ checksum/config: c09230d43d9072479beaedf24887ee24d519fd0b2b00aebe68e4bc6c698ebed0
checksum/config-utils: 13a26f6add17e96ce01550153c77dcd48de60241a3f4db3c93d5467234be2a7f
spec:
affinity:- move the read-write accesses to an internal ingress
Click to expand
--- 2.yaml 2024-04-03 10:35:27.004109902 +0200
+++ 3.yaml 2024-04-03 10:35:27.220112662 +0200
@@ -805,7 +805,7 @@
url: http://storage-cassandra-read-only-ingress
storage_metadata:
cls: remote
- url: http://storage-cassandra.internal.staging.swh.network
+ url: http://storage-cassandra-read-write-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -3786,7 +3786,7 @@
- cls: filter
- cls: retry
- cls: remote
- url: http://storage-cassandra.internal.staging.swh.network
+ url: http://storage-cassandra-read-write-ingress
scheduler:
cls: remote
url: http://scheduler.internal.staging.swh.network
@@ -3876,7 +3876,7 @@
- cls: filter
- cls: retry
- cls: remote
- url: http://storage-cassandra.internal.staging.swh.network
+ url: http://storage-cassandra-read-write-ingress
celery:
task_broker: amqp://swhconsumer:${AMQP_PASSWORD}@scheduler0.internal.staging.swh.network:5672/%2f
task_acks_late: true
@@ -3979,7 +3979,7 @@
- cls: filter
- cls: retry
- cls: remote
- url: http://storage-cassandra.internal.staging.swh.network
+ url: http://storage-cassandra-read-write-ingress
celery:
task_broker: amqp://swhconsumer:${AMQP_PASSWORD}@scheduler0.internal.staging.swh.network:5672/%2f
task_acks_late: true
@@ -4082,7 +4082,7 @@
- cls: filter
- cls: retry
- cls: remote
- url: http://storage-cassandra.internal.staging.swh.network
+ url: http://storage-cassandra-read-write-ingress
default_filename:
archive.tar
deposit:
@@ -4192,7 +4192,7 @@
- cls: filter
- cls: retry
- cls: remote
- url: http://storage-cassandra.internal.staging.swh.network
+ url: http://storage-cassandra-read-write-ingress
celery:
task_broker: amqp://swhconsumer:${AMQP_PASSWORD}@scheduler0.internal.staging.swh.network:5672/%2f
task_acks_late: false
@@ -4297,7 +4297,7 @@
- cls: filter
- cls: retry
- cls: remote
- url: http://storage-cassandra.internal.staging.swh.network
+ url: http://storage-cassandra-read-write-ingress
celery:
task_broker: amqp://swhconsumer:${AMQP_PASSWORD}@scheduler0.internal.staging.swh.network:5672/%2f
task_acks_late: true
@@ -6060,6 +6060,16 @@
apiVersion: v1
kind: Service
metadata:
+ name: storage-cassandra-read-write-ingress
+ namespace: swh-cassandra
+spec:
+ type: ExternalName
+ externalName: archive-staging-rke2-ingress-nginx-controller.ingress-nginx.svc.cluster.local
+---
+# Source: swh/templates/external-services/cname.yaml
+apiVersion: v1
+kind: Service
+metadata:
name: storage-postgresql-read-only-rpc-ingress
namespace: swh-cassandra
spec:
@@ -8005,7 +8015,7 @@
labels:
app: deposit
annotations:
- checksum/config: 28f824c95a76bc291f0fbabc618cb9a94cb33148c3a8f3cc7f7a28d71684d415
+ checksum/config: acccd24f13acc02c138f04dd68e3719867d64370a24f8f8157b5812260a592ff
spec:
affinity:
nodeAffinity:
@@ -13537,7 +13547,7 @@
app: loader-metadata
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: 829422baa64cf06ca82ce8e4280f5e9357e9c657420db6e067078d1071012f7f
+ checksum/config: 040a3a1edbc3216f0c8ef272db4611b71de630cc70484b9a15a50e25dbc2f360
spec:
affinity:
@@ -13666,7 +13676,7 @@
app: loader-add-forge-now
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: d4d6494886a65b5d4f072fa44a50e708f164aa5e70363b632e453ab2e61f643d
+ checksum/config: 4320081e2e646638089630da4a681804f18389d331c164c563e73d0d98164856
spec:
affinity:
nodeAffinity:
@@ -13834,7 +13844,7 @@
app: loader-add-forge-now-slow
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: 732e8870f8e01a7ea3e0ae8cc1bac88a411cd2fa4a0739d187c2b554395d6fe5
+ checksum/config: e00db0bbcbb649afe0ae612fbd6ad1861fade93e84b089b7cdf403cdc86ee3db
spec:
affinity:
nodeAffinity:
@@ -14002,7 +14012,7 @@
app: loader-deposit
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: f7bf17fea6b4d89a0fac40ba698d8558a504573c2d9dc0049aeb96fceaab38c6
+ checksum/config: d6b3b404d0395e457242e7b7879001a1a231585c2dacaa9a34d9806fc512c9f6
spec:
affinity:
nodeAffinity:
@@ -14184,7 +14194,7 @@
app: loader-git
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: 9286c3238caa37fd117b56032794a334a2bfcdd04f0b3140d6a85d70af82818e
+ checksum/config: 4d442138a3ec84bb9f360411dc1a69b511dd9f576e10f39f4e32160f1a23f859
spec:
affinity:
nodeAffinity:
@@ -14351,7 +14361,7 @@
app: loader-save-code-now
annotations:
# Force a rollout upgrade if the configuration changes
- checksum/config: 3be70aafbc070945968b7585f43883401731b116e634db7e27f580c225f4f351
+ checksum/config: c1cb1079fb10c9edc55df7f821eec99b7bfc298248677d1eefc90586283478d1
spec:
affinity:
nodeAffinity:
@@ -20325,6 +20335,17 @@
spec:
rules:
+ - host: storage-cassandra-read-write-ingress
+ http:
+ paths:
+ - path: /
+ pathType: Prefix
+ backend:
+ service:
+ name: storage-cassandra
+ port:
+ number: 5002
+
- host: storage-cassandra.internal.staging.swh.network
http:
paths:- move the external ingress (cassandra-storage.internal.staging.swh.network) to the read-only instance
Click to expand
--- 3.yaml 2024-04-03 10:35:27.220112662 +0200
+++ 4.yaml 2024-04-03 10:35:27.436115422 +0200
@@ -20322,9 +20322,9 @@
kind: Ingress
metadata:
namespace: swh-cassandra
- name: storage-cassandra-ingress-default
+ name: storage-cassandra-read-only-ingress-default
labels:
- app: storage-cassandra
+ app: storage-cassandra-read-only
endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
@@ -20335,14 +20335,14 @@
spec:
rules:
- - host: storage-cassandra-read-write-ingress
+ - host: storage-cassandra-read-only-ingress
http:
paths:
- path: /
pathType: Prefix
backend:
service:
- name: storage-cassandra
+ name: storage-cassandra-read-only
port:
number: 5002
@@ -20353,7 +20353,7 @@
pathType: Prefix
backend:
service:
- name: storage-cassandra
+ name: storage-cassandra-read-only
port:
number: 5002
---