Skip to content

swh/staging: Deploy objstorage checker

Guillaume Samson requested to merge staging_objstorage_checker into production

Related to product-management/core-platform#23

These modifications will create two objstorage scrubbers, one per backend, in the staging environment.

Helm diff
[swh] Comparing changes between branches production and staging_objstorage_checker (per environment)...
Your branch is up to date with 'origin/production'.
[swh] Generate config in production branch for environment staging, namespace swh...
[swh] Generate config in production branch for environment staging, namespace swh-cassandra...
[swh] Generate config in production branch for environment staging, namespace swh-cassandra-next-version...
Your branch is up to date with 'origin/staging_objstorage_checker'.
[swh] Generate config in staging_objstorage_checker branch for environment staging...
[swh] Generate config in staging_objstorage_checker branch for environment staging...
[swh] Generate config in staging_objstorage_checker branch for environment staging...
Your branch is up to date with 'origin/production'.
[swh] Generate config in production branch for environment production, namespace swh...
[swh] Generate config in production branch for environment production, namespace swh-cassandra...
[swh] Generate config in production branch for environment production, namespace swh-cassandra-next-version...
Your branch is up to date with 'origin/staging_objstorage_checker'.
[swh] Generate config in staging_objstorage_checker branch for environment production...
[swh] Generate config in staging_objstorage_checker branch for environment production...
[swh] Generate config in staging_objstorage_checker branch for environment production...


------------- diff for environment staging namespace swh -------------

     _        __  __
   _| |_   _ / _|/ _|  between /tmp/swh-chart.swh.OAIaX5xY/staging-swh.before, 113 documents
 / _' | | | | |_| |_       and /tmp/swh-chart.swh.OAIaX5xY/staging-swh.after, 113 documents
| (_| | |_| |  _|  _|
 \__,_|\__, |_| |_|   returned no differences
        |___/



------------- diff for environment staging namespace swh-cassandra -------------

     _        __  __
   _| |_   _ / _|/ _|  between /tmp/swh-chart.swh.OAIaX5xY/staging-swh-cassandra.before, 392 documents
 / _' | | | | |_| |_       and /tmp/swh-chart.swh.OAIaX5xY/staging-swh-cassandra.after, 396 documents
| (_| | |_| |  _|  _|
 \__,_|\__, |_| |_|   returned one difference
        |___/

(file level)
    ---
    # Source: swh/templates/scrubber/objstorage-checker-configmap.yaml
    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: scrubber-objstoragechecker-db1-template
      namespace: swh-cassandra
    data:
      config.yml.template: |
        scrubber:
          cls: postgresql
          db: host=db1.internal.staging.swh.network port=5432 user=swh-scrubber dbname=swh-scrubber
            password=${SCRUBBER_POSTGRESQL_PASSWORD}
        storage:
          auth_provider:
            cls: cassandra.auth.PlainTextAuthProvider
            password: ${CASSANDRA_PASSWORD}
            username: swh-ro
          cls: cassandra
          consistency_level: LOCAL_QUORUM
          hosts:
          - cassandra1.internal.staging.swh.network
          - cassandra2.internal.staging.swh.network
          - cassandra3.internal.staging.swh.network
          keyspace: swh
        journal:
          brokers:
            - journal2.internal.staging.swh.network:9094
          cls: kafka
          group_id: swh-archive-stg-objstorage
          message.max.bytes: 524288000
          on_eof: restart
          prefix: swh.journal.objects
          sasl.mechanism: SCRAM-SHA-512
          sasl.password: ${BROKER_USER_PASSWORD}
          sasl.username: swh-archive-stg
          security.protocol: SASL_SSL
        objstorage:
          cls: remote
          name: db1
          url: http://objstorage-db1-ro-rpc-ingress
        
    # Source: swh/templates/scrubber/objstorage-checker-configmap.yaml
    apiVersion: v1
    kind: ConfigMap
    metadata:
      namespace: swh-cassandra
      name: scrubber-objstoragechecker-storage1-template
    data:
      config.yml.template: |
        scrubber:
          cls: postgresql
          db: host=db1.internal.staging.swh.network port=5432 user=swh-scrubber dbname=swh-scrubber
            password=${SCRUBBER_POSTGRESQL_PASSWORD}
        storage:
          auth_provider:
            cls: cassandra.auth.PlainTextAuthProvider
            password: ${CASSANDRA_PASSWORD}
            username: swh-ro
          cls: cassandra
          consistency_level: LOCAL_QUORUM
          hosts:
          - cassandra1.internal.staging.swh.network
          - cassandra2.internal.staging.swh.network
          - cassandra3.internal.staging.swh.network
          keyspace: swh
        journal:
          brokers:
            - journal2.internal.staging.swh.network:9094
          cls: kafka
          group_id: swh-archive-stg-objstorage
          message.max.bytes: 524288000
          on_eof: restart
          prefix: swh.journal.objects
          sasl.mechanism: SCRAM-SHA-512
          sasl.password: ${BROKER_USER_PASSWORD}
          sasl.username: swh-archive-stg
          security.protocol: SASL_SSL
        objstorage:
          cls: remote
          name: storage1
          url: http://objstorage-storage1-ro-rpc-ingress
        
    # Source: swh/templates/scrubber/objstorage-checker-deployment.yaml
    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: scrubber-objstoragechecker-db1
      namespace: swh-cassandra
      labels:
        app: scrubber-objstoragechecker-db1
    spec:
      revisionHistoryLimit: 2
      replicas: 2
      selector:
        matchLabels:
          app: scrubber-objstoragechecker-db1
      strategy:
        type: RollingUpdate
        rollingUpdate:
          maxSurge: 1
      template:
        metadata:
          labels:
            app: scrubber-objstoragechecker-db1
          annotations:
            # Force a rollout upgrade if the configuration changes
    checksum/config: 1b464f6d8c2099b29ea746568d22eb430fefbe3077f9b7bfe3d3dc83c69343a9
        spec:
          affinity:
            nodeAffinity:
              requiredDuringSchedulingIgnoredDuringExecution:
                nodeSelectorTerms:
                - matchExpressions:
                  - key: swh/scrubber
                    operator: In
                    values:
                    - "true"
          priorityClassName: swh-cassandra-background-workload
          initContainers:
          - name: prepare-configuration
            image: "container-registry.softwareheritage.org/swh/infra/swh-apps/utils:20231211.1"
            imagePullPolicy: IfNotPresent
            env:
            - name: BROKER_USER_PASSWORD
              valueFrom:
                secretKeyRef:
                  key: BROKER_USER_PASSWORD
                  name: swh-archive-broker-secret
                  optional: false
            - name: CASSANDRA_PASSWORD
              valueFrom:
                secretKeyRef:
                  key: cassandra-swh-ro-password
                  name: common-secrets
                  optional: false
            - name: SCRUBBER_POSTGRESQL_PASSWORD
              valueFrom:
                secretKeyRef:
                  key: postgres-swh-scrubber-password
                  name: swh-scrubber-postgresql-common-secret
                  optional: false
            command:
            - /entrypoints/prepare-configuration.sh
            volumeMounts:
            - name: config-utils
              mountPath: /entrypoints
              readOnly: true
            - name: configuration
              mountPath: /etc/swh
            - name: configuration-template
              mountPath: /etc/swh/configuration-template
          - name: check-scrubber-migration
            image: "container-registry.softwareheritage.org/swh/infra/swh-apps/scrubber:20240604.3"
            command:
            - /entrypoints/check-scrubber-db-version.sh
            env:
            - name: MODULE
              value: scrubber
            volumeMounts:
            - name: configuration
              mountPath: /etc/swh
            - name: database-utils
              mountPath: /entrypoints
          - name: check-objstorage-migration
            image: "container-registry.softwareheritage.org/swh/infra/swh-apps/scrubber:20240604.3"
            command:
            - /entrypoints/check-objstorage-db-version.sh
            env:
            - name: MODULE
              value: objstorage
            volumeMounts:
            - name: configuration
              mountPath: /etc/swh
            - name: database-utils
              mountPath: /entrypoints
          containers:
          - name: storage-checker
            resources:
              requests:
                memory: 200Mi
                cpu: 400m
            image: "container-registry.softwareheritage.org/swh/infra/swh-apps/scrubber:20240604.3"
            imagePullPolicy: IfNotPresent
            command:
            - /opt/swh/entrypoint.sh
            args:
            - swh
            - scrubber
            - check
            - run
            - objstorage-db1-content
            env:
            - name: STATSD_HOST
              value: prometheus-statsd-exporter
            - name: STATSD_PORT
              value: 9125
            - name: STATSD_TAGS
              value: "deployment:scrubber-objstoragechecker-db1"
            - name: MAX_TASKS_PER_CHILD
              value: 1
            - name: SWH_LOG_LEVEL
              value: INFO
            - name: SWH_CONFIG_FILENAME
              value: /etc/swh/config.yml
            - name: SWH_SENTRY_ENVIRONMENT
              value: staging
            - name: SWH_MAIN_PACKAGE
              value: swh.scrubber
            - name: SWH_SENTRY_DSN
              valueFrom:
                secretKeyRef:
                  name: common-secrets
                  key: scrubber-sentry-dsn
                  # 'name' secret must exist & include key "host"
    optional: false
            volumeMounts:
            - name: configuration
              mountPath: /etc/swh
          volumes:
          - name: configuration
            emptyDir: {}
          - name: configuration-template
            configMap:
              name: scrubber-objstoragechecker-db1-template
              defaultMode: 0777
              items:
              - key: config.yml.template
                path: config.yml.template
          - name: database-utils
            configMap:
              name: database-utils
              defaultMode: 0555
          - name: config-utils
            configMap:
              name: config-utils
              defaultMode: 0555
    # Source: swh/templates/scrubber/objstorage-checker-deployment.yaml
    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: scrubber-objstoragechecker-storage1
      namespace: swh-cassandra
      labels:
        app: scrubber-objstoragechecker-storage1
    spec:
      revisionHistoryLimit: 2
      replicas: 2
      selector:
        matchLabels:
          app: scrubber-objstoragechecker-storage1
      strategy:
        type: RollingUpdate
        rollingUpdate:
          maxSurge: 1
      template:
        metadata:
          labels:
            app: scrubber-objstoragechecker-storage1
          annotations:
            # Force a rollout upgrade if the configuration changes
    checksum/config: eba91a89735c415c184d1008178446de2068abddc1fa28f1db2b3120d60ced9f
        spec:
          affinity:
            nodeAffinity:
              requiredDuringSchedulingIgnoredDuringExecution:
                nodeSelectorTerms:
                - matchExpressions:
                  - key: swh/scrubber
                    operator: In
                    values:
                    - "true"
          priorityClassName: swh-cassandra-background-workload
          initContainers:
          - name: prepare-configuration
            image: "container-registry.softwareheritage.org/swh/infra/swh-apps/utils:20231211.1"
            imagePullPolicy: IfNotPresent
            env:
            - name: BROKER_USER_PASSWORD
              valueFrom:
                secretKeyRef:
                  key: BROKER_USER_PASSWORD
                  name: swh-archive-broker-secret
                  optional: false
            - name: CASSANDRA_PASSWORD
              valueFrom:
                secretKeyRef:
                  key: cassandra-swh-ro-password
                  name: common-secrets
                  optional: false
            - name: SCRUBBER_POSTGRESQL_PASSWORD
              valueFrom:
                secretKeyRef:
                  key: postgres-swh-scrubber-password
                  name: swh-scrubber-postgresql-common-secret
                  optional: false
            command:
            - /entrypoints/prepare-configuration.sh
            volumeMounts:
            - name: config-utils
              mountPath: /entrypoints
              readOnly: true
            - name: configuration
              mountPath: /etc/swh
            - name: configuration-template
              mountPath: /etc/swh/configuration-template
          - name: check-scrubber-migration
            image: "container-registry.softwareheritage.org/swh/infra/swh-apps/scrubber:20240604.3"
            command:
            - /entrypoints/check-scrubber-db-version.sh
            env:
            - name: MODULE
              value: scrubber
            volumeMounts:
            - name: configuration
              mountPath: /etc/swh
            - name: database-utils
              mountPath: /entrypoints
          - name: check-objstorage-migration
            image: "container-registry.softwareheritage.org/swh/infra/swh-apps/scrubber:20240604.3"
            command:
            - /entrypoints/check-objstorage-db-version.sh
            env:
            - name: MODULE
              value: objstorage
            volumeMounts:
            - name: configuration
              mountPath: /etc/swh
            - name: database-utils
              mountPath: /entrypoints
          containers:
          - name: storage-checker
            resources:
              requests:
                memory: 200Mi
                cpu: 400m
            image: "container-registry.softwareheritage.org/swh/infra/swh-apps/scrubber:20240604.3"
            imagePullPolicy: IfNotPresent
            command:
            - /opt/swh/entrypoint.sh
            args:
            - swh
            - scrubber
            - check
            - run
            - objstorage-storage1-content
            env:
            - name: STATSD_HOST
              value: prometheus-statsd-exporter
            - name: STATSD_PORT
              value: 9125
            - name: STATSD_TAGS
              value: "deployment:scrubber-objstoragechecker-storage1"
            - name: MAX_TASKS_PER_CHILD
              value: 1
            - name: SWH_LOG_LEVEL
              value: INFO
            - name: SWH_CONFIG_FILENAME
              value: /etc/swh/config.yml
            - name: SWH_SENTRY_ENVIRONMENT
              value: staging
            - name: SWH_MAIN_PACKAGE
              value: swh.scrubber
            - name: SWH_SENTRY_DSN
              valueFrom:
                secretKeyRef:
                  name: common-secrets
                  key: scrubber-sentry-dsn
                  # 'name' secret must exist & include key "host"
    optional: false
            volumeMounts:
            - name: configuration
              mountPath: /etc/swh
          volumes:
          - name: configuration
            emptyDir: {}
          - name: configuration-template
            configMap:
              name: scrubber-objstoragechecker-storage1-template
              defaultMode: 0777
              items:
              - key: config.yml.template
                path: config.yml.template
          - name: database-utils
            configMap:
              name: database-utils
              defaultMode: 0555
          - name: config-utils
            configMap:
              name: config-utils
              defaultMode: 0555
    
  



------------- diff for environment staging namespace swh-cassandra-next-version -------------

     _        __  __
   _| |_   _ / _|/ _|  between /tmp/swh-chart.swh.OAIaX5xY/staging-swh-cassandra-next-version.before, 149 documents
 / _' | | | | |_| |_       and /tmp/swh-chart.swh.OAIaX5xY/staging-swh-cassandra-next-version.after, 149 documents
| (_| | |_| |  _|  _|
 \__,_|\__, |_| |_|   returned no differences
        |___/



------------- diff for environment production namespace swh -------------

     _        __  __
   _| |_   _ / _|/ _|  between /tmp/swh-chart.swh.OAIaX5xY/production-swh.before, 412 documents
 / _' | | | | |_| |_       and /tmp/swh-chart.swh.OAIaX5xY/production-swh.after, 412 documents
| (_| | |_| |  _|  _|
 \__,_|\__, |_| |_|   returned no differences
        |___/



------------- diff for environment production namespace swh-cassandra -------------

     _        __  __
   _| |_   _ / _|/ _|  between /tmp/swh-chart.swh.OAIaX5xY/production-swh-cassandra.before, 94 documents
 / _' | | | | |_| |_       and /tmp/swh-chart.swh.OAIaX5xY/production-swh-cassandra.after, 94 documents
| (_| | |_| |  _|  _|
 \__,_|\__, |_| |_|   returned no differences
        |___/

Merge request reports

Loading