Draft: swh/webapp: Add webapp metrics scraping configuration
Limit the scraping to 1 pod as the metrics are the same for all pods
Related to swh/infra/sysadm-environment#5227 (closed)
helm diff
[swh] Comparing changes between branches production and webapp-metrics (per environment)...
Your branch is up to date with 'origin/production'.
[swh] Generate config in production branch for environment staging, namespace swh...
[swh] Generate config in production branch for environment staging, namespace swh-cassandra...
[swh] Generate config in production branch for environment staging, namespace swh-cassandra-next-version...
[swh] Generate config in webapp-metrics branch for environment staging...
[swh] Generate config in webapp-metrics branch for environment staging...
[swh] Generate config in webapp-metrics branch for environment staging...
Your branch is up to date with 'origin/production'.
[swh] Generate config in production branch for environment production, namespace swh...
[swh] Generate config in production branch for environment production, namespace swh-cassandra...
[swh] Generate config in production branch for environment production, namespace swh-cassandra-next-version...
[swh] Generate config in webapp-metrics branch for environment production...
[swh] Generate config in webapp-metrics branch for environment production...
[swh] Generate config in webapp-metrics branch for environment production...
------------- diff for environment staging namespace swh -------------
--- /tmp/swh-chart.swh.fSiJBsr2/staging-swh.before 2024-01-26 11:11:39.101845808 +0100
+++ /tmp/swh-chart.swh.fSiJBsr2/staging-swh.after 2024-01-26 11:11:44.101865938 +0100
@@ -4784,35 +4784,39 @@
spec:
type: ExternalName
externalName: archive-staging-rke2-ingress-nginx-controller.ingress-nginx.svc.cluster.local
---
# Source: swh/templates/graphql/service.yaml
apiVersion: v1
kind: Service
metadata:
name: graphql-postgresql
namespace: swh
+ labels:
+ app: graphql-postgresql
spec:
type: ClusterIP
selector:
app: graphql-postgresql
ports:
- port: 5013
targetPort: 5013
name: rpc
---
# Source: swh/templates/indexer-storage/service.yaml
apiVersion: v1
kind: Service
metadata:
name: indexer-storage-rpc
namespace: swh
+ labels:
+ app: indexer-storage-rpc
spec:
type: ClusterIP
selector:
app: indexer-storage-rpc
ports:
- port: 5007
targetPort: 5007
name: rpc
---
# Source: swh/templates/memcached/service.yaml
@@ -4835,35 +4839,39 @@
- name: metrics
port: 9150
targetPort: 9150
---
# Source: swh/templates/scheduler/rpc-service.yaml
apiVersion: v1
kind: Service
metadata:
name: scheduler-rpc
namespace: swh
+ labels:
+ app: scheduler-rpc
spec:
type: ClusterIP
selector:
app: scheduler-rpc
ports:
- port: 5008
targetPort: 5008
name: rpc
---
# Source: swh/templates/search/rpc-service.yaml
apiVersion: v1
kind: Service
metadata:
name: search-rpc
namespace: swh
+ labels:
+ app: search-rpc
spec:
type: ClusterIP
selector:
app: search-rpc
ports:
- port: 5010
targetPort: 5010
name: rpc
---
# Source: swh/templates/statsd-exporter/service.yaml
@@ -4886,50 +4894,56 @@
- name: http
port: 9102
targetPort: 9102
---
# Source: swh/templates/storage/service.yaml
apiVersion: v1
kind: Service
metadata:
name: storage-postgresql-read-only
namespace: swh
+ labels:
+ app: storage-postgresql-read-only
spec:
type: ClusterIP
selector:
app: storage-postgresql-read-only
ports:
- port: 5002
targetPort: 5002
name: rpc
---
# Source: swh/templates/storage/service.yaml
apiVersion: v1
kind: Service
metadata:
name: storage-postgresql-read-write
namespace: swh
+ labels:
+ app: storage-postgresql-read-write
spec:
type: ClusterIP
selector:
app: storage-postgresql-read-write
ports:
- port: 5002
targetPort: 5002
name: rpc
---
# Source: swh/templates/web/service.yaml
apiVersion: v1
kind: Service
metadata:
name: web-postgresql
namespace: swh
+ labels:
+ app: web-postgresql
spec:
type: ClusterIP
selector:
app: web-postgresql
ports:
- port: 5004
targetPort: 5004
name: rpc
- port: 80
@@ -15048,20 +15062,23 @@
name: config-utils
defaultMode: 0555
restartPolicy: OnFailure
---
# Source: swh/templates/graphql/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh
name: graphql-postgresql-ingress-default
+ labels:
+ app: graphql-postgresql
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/preserve-trailing-slash: "true"
nginx.ingress.kubernetes.io/rewrite-target: /
nginx.ingress.kubernetes.io/ssl-redirect: "false"
spec:
rules:
- host: webapp.staging.swh.network
http:
@@ -15084,20 +15101,23 @@
name: graphql-postgresql
port:
number: 5013
---
# Source: swh/templates/indexer-storage/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh
name: indexer-storage-rpc-ingress-default
+ labels:
+ app: indexer-storage-rpc
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16
nginx.ingress.kubernetes.io/proxy-body-size: 4G
nginx.ingress.kubernetes.io/proxy-connect-timeout: "90"
nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
nginx.ingress.kubernetes.io/proxy-request-buffering: "on"
nginx.ingress.kubernetes.io/proxy-send-timeout: "90"
spec:
@@ -15112,20 +15132,23 @@
name: indexer-storage-rpc
port:
number: 5007
---
# Source: swh/templates/scheduler/rpc-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh
name: scheduler-rpc-ingress-default
+ labels:
+ app: scheduler-rpc
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,192.168.100.29/32,192.168.130.0/24,192.168.50.0/24
nginx.ingress.kubernetes.io/proxy-body-size: 4G
nginx.ingress.kubernetes.io/proxy-connect-timeout: "90"
nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
nginx.ingress.kubernetes.io/proxy-request-buffering: "on"
nginx.ingress.kubernetes.io/proxy-send-timeout: "90"
spec:
@@ -15140,20 +15163,23 @@
name: scheduler-rpc
port:
number: 5008
---
# Source: swh/templates/scheduler/rpc-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh
name: scheduler-rpc-ingress-read-only
+ labels:
+ app: scheduler-rpc
+ endpoint-definition: read-only
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,192.168.100.29/32,192.168.101.0/24,192.168.130.0/24,192.168.50.0/24
nginx.ingress.kubernetes.io/proxy-body-size: 4G
nginx.ingress.kubernetes.io/proxy-connect-timeout: "90"
nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
nginx.ingress.kubernetes.io/proxy-request-buffering: "on"
nginx.ingress.kubernetes.io/proxy-send-timeout: "90"
spec:
@@ -15184,20 +15210,23 @@
name: scheduler-rpc
port:
number: 5008
---
# Source: swh/templates/search/rpc-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh
name: search-rpc-ingress-default
+ labels:
+ app: search-rpc
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,192.168.100.29/32,192.168.130.0/24,192.168.50.0/24
nginx.ingress.kubernetes.io/proxy-body-size: 4G
nginx.ingress.kubernetes.io/proxy-connect-timeout: "90"
nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
nginx.ingress.kubernetes.io/proxy-request-buffering: "on"
nginx.ingress.kubernetes.io/proxy-send-timeout: "90"
spec:
@@ -15223,20 +15252,23 @@
name: search-rpc
port:
number: 5010
---
# Source: swh/templates/search/rpc-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh
name: search-rpc-ingress-read-only
+ labels:
+ app: search-rpc
+ endpoint-definition: read-only
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,192.168.100.29/32,192.168.101.0/24,192.168.130.0/24,192.168.50.0/24
nginx.ingress.kubernetes.io/proxy-body-size: 4G
nginx.ingress.kubernetes.io/proxy-connect-timeout: "90"
nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
nginx.ingress.kubernetes.io/proxy-request-buffering: "on"
nginx.ingress.kubernetes.io/proxy-send-timeout: "90"
spec:
@@ -15310,20 +15342,23 @@
name: search-rpc
port:
number: 5010
---
# Source: swh/templates/storage/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh
name: storage-postgresql-read-only-ingress-default
+ labels:
+ app: storage-postgresql-read-only
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,192.168.100.29/32,192.168.101.0/24,192.168.130.0/24,192.168.50.0/24
nginx.ingress.kubernetes.io/client-body-buffer-size: 128K
nginx.ingress.kubernetes.io/proxy-body-size: 4G
nginx.ingress.kubernetes.io/proxy-buffering: "on"
spec:
rules:
- host: storage-postgresql-read-only-rpc-ingress
@@ -15347,20 +15382,23 @@
name: storage-postgresql-read-only
port:
number: 5002
---
# Source: swh/templates/storage/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh
name: storage-postgresql-read-write-ingress-default
+ labels:
+ app: storage-postgresql-read-write
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,192.168.100.29/32,192.168.130.0/24,192.168.50.0/24
nginx.ingress.kubernetes.io/client-body-buffer-size: 128K
nginx.ingress.kubernetes.io/proxy-body-size: 4G
nginx.ingress.kubernetes.io/proxy-buffering: "on"
spec:
rules:
- host: storage-postgresql-read-write-rpc-ingress
@@ -15373,20 +15411,23 @@
name: storage-postgresql-read-write
port:
number: 5002
---
# Source: swh/templates/web/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh
name: web-postgresql-ingress-authenticated
+ labels:
+ app: web-postgresql
+ endpoint-definition: authenticated
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
cert-manager.io/cluster-issuer: letsencrypt-production-gandi
kubernetes.io/ingress.class: nginx
kubernetes.io/tls-acme: "true"
nginx.ingress.kubernetes.io/ssl-redirect: "true"
# type of authentication
nginx.ingress.kubernetes.io/auth-type: basic
# an htpasswd file in the key auth within the secret
nginx.ingress.kubernetes.io/auth-secret-type: auth-file
@@ -15428,20 +15469,23 @@
- hosts:
- webapp-postgresql.internal.staging.swh.network
secretName: swh-web-crt
---
# Source: swh/templates/web/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh
name: web-postgresql-ingress-default
+ labels:
+ app: web-postgresql
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
cert-manager.io/cluster-issuer: letsencrypt-production-gandi
kubernetes.io/ingress.class: nginx
kubernetes.io/tls-acme: "true"
nginx.ingress.kubernetes.io/ssl-redirect: "true"
spec:
rules:
- host: webapp-postgresql.internal.staging.swh.network
@@ -15467,20 +15511,23 @@
- hosts:
- webapp-postgresql.internal.staging.swh.network
secretName: swh-web-crt
---
# Source: swh/templates/web/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh
name: web-postgresql-ingress-webhooks
+ labels:
+ app: web-postgresql
+ endpoint-definition: webhooks
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 192.168.130.1,192.168.130.2
cert-manager.io/cluster-issuer: letsencrypt-production-gandi
kubernetes.io/ingress.class: nginx
kubernetes.io/tls-acme: "true"
nginx.ingress.kubernetes.io/ssl-redirect: "true"
spec:
rules:
------------- diff for environment staging namespace swh-cassandra -------------
--- /tmp/swh-chart.swh.fSiJBsr2/staging-swh-cassandra.before 2024-01-26 11:11:40.473851332 +0100
+++ /tmp/swh-chart.swh.fSiJBsr2/staging-swh-cassandra.after 2024-01-26 11:11:45.005869577 +0100
@@ -4612,35 +4612,39 @@
group_id: swh-archive-stg-webhooks
object_types:
- origin_visit_status
---
# Source: swh/templates/counters/rpc-service.yaml
apiVersion: v1
kind: Service
metadata:
name: counters-rpc
namespace: swh-cassandra
+ labels:
+ app: counters-rpc
spec:
type: ClusterIP
selector:
app: counters-rpc
ports:
- port: 5011
targetPort: 5011
name: rpc
---
# Source: swh/templates/deposit/service.yaml
apiVersion: v1
kind: Service
metadata:
name: deposit
namespace: swh-cassandra
+ labels:
+ app: deposit
spec:
type: ClusterIP
selector:
app: deposit
ports:
- port: 5006
targetPort: 5006
name: rpc
- port: 80
@@ -4736,20 +4740,22 @@
spec:
type: ExternalName
externalName: archive-staging-rke2-ingress-nginx-controller.ingress-nginx.svc.cluster.local
---
# Source: swh/templates/graphql/service.yaml
apiVersion: v1
kind: Service
metadata:
name: graphql-cassandra
namespace: swh-cassandra
+ labels:
+ app: graphql-cassandra
spec:
type: ClusterIP
selector:
app: graphql-cassandra
ports:
- port: 5013
targetPort: 5013
name: rpc
---
# Source: swh/templates/memcached/service.yaml
@@ -4772,35 +4778,39 @@
- name: metrics
port: 9150
targetPort: 9150
---
# Source: swh/templates/objstorage/service.yaml
apiVersion: v1
kind: Service
metadata:
name: objstorage-read-only
namespace: swh-cassandra
+ labels:
+ app: objstorage-read-only
spec:
type: ClusterIP
selector:
app: objstorage-read-only
ports:
- port: 5003
targetPort: 5003
name: rpc
---
# Source: swh/templates/objstorage/service.yaml
apiVersion: v1
kind: Service
metadata:
name: objstorage-read-write
namespace: swh-cassandra
+ labels:
+ app: objstorage-read-write
spec:
type: ClusterIP
selector:
app: objstorage-read-write
ports:
- port: 5003
targetPort: 5003
name: rpc
---
# Source: swh/templates/statsd-exporter/service.yaml
@@ -4823,50 +4833,56 @@
- name: http
port: 9102
targetPort: 9102
---
# Source: swh/templates/storage/service.yaml
apiVersion: v1
kind: Service
metadata:
name: storage-cassandra
namespace: swh-cassandra
+ labels:
+ app: storage-cassandra
spec:
type: ClusterIP
selector:
app: storage-cassandra
ports:
- port: 5002
targetPort: 5002
name: rpc
---
# Source: swh/templates/vault/rpc-service.yaml
apiVersion: v1
kind: Service
metadata:
name: vault-rpc
namespace: swh-cassandra
+ labels:
+ app: vault-rpc
spec:
type: ClusterIP
selector:
app: vault-rpc
ports:
- port: 5005
targetPort: 5005
name: rpc
---
# Source: swh/templates/web/service.yaml
apiVersion: v1
kind: Service
metadata:
name: web-cassandra
namespace: swh-cassandra
+ labels:
+ app: web-cassandra
spec:
type: ClusterIP
selector:
app: web-cassandra
ports:
- port: 5004
targetPort: 5004
name: rpc
- port: 80
@@ -13590,20 +13606,23 @@
path: "pg_service.conf"
restartPolicy: OnFailure
---
# Source: swh/templates/counters/rpc-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh-cassandra
name: counters-rpc-ingress-default
+ labels:
+ app: counters-rpc
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,192.168.100.29/32,192.168.101.0/24,192.168.130.0/24,192.168.50.0/24
nginx.ingress.kubernetes.io/proxy-body-size: 4G
nginx.ingress.kubernetes.io/proxy-connect-timeout: "90"
nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
nginx.ingress.kubernetes.io/proxy-request-buffering: "on"
nginx.ingress.kubernetes.io/proxy-send-timeout: "90"
spec:
@@ -13629,20 +13648,23 @@
name: counters-rpc
port:
number: 5011
---
# Source: swh/templates/deposit/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh-cassandra
name: deposit-ingress-authenticated
+ labels:
+ app: deposit
+ endpoint-definition: authenticated
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
kubernetes.io/ingress.class: nginx
# type of authentication
nginx.ingress.kubernetes.io/auth-type: basic
# an htpasswd file in the key auth within the secret
nginx.ingress.kubernetes.io/auth-secret-type: auth-file
# name of the secret that contains the user/password definitions
nginx.ingress.kubernetes.io/auth-secret: swh-cassandra/deposit-auth-secrets
# message to display with an appropriate context why the authentication is required
@@ -13682,20 +13704,23 @@
name: deposit
port:
number: 5006
---
# Source: swh/templates/deposit/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh-cassandra
name: deposit-ingress-default
+ labels:
+ app: deposit
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
kubernetes.io/ingress.class: nginx
spec:
rules:
- host: deposit-rpc-ingress
http:
paths:
- path: /
@@ -13751,20 +13776,23 @@
name: deposit
port:
number: 80
---
# Source: swh/templates/graphql/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh-cassandra
name: graphql-cassandra-ingress-default
+ labels:
+ app: graphql-cassandra
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,192.168.100.29/32,192.168.101.0/24,192.168.130.0/24,192.168.50.0/24
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- host: webapp-cassandra.internal.staging.swh.network
http:
paths:
@@ -13775,20 +13803,23 @@
name: graphql-cassandra
port:
number: 5013
---
# Source: swh/templates/objstorage/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh-cassandra
name: objstorage-read-only-ingress-default
+ labels:
+ app: objstorage-read-only
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,192.168.100.29/32,192.168.101.0/24,192.168.130.0/24,192.168.50.0/24
nginx.ingress.kubernetes.io/client-body-buffer-size: 128K
nginx.ingress.kubernetes.io/proxy-body-size: 4G
nginx.ingress.kubernetes.io/proxy-buffering: "on"
spec:
ingressClassName: nginx
rules:
@@ -13813,20 +13844,23 @@
name: objstorage-read-only
port:
number: 5003
---
# Source: swh/templates/objstorage/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh-cassandra
name: objstorage-read-write-ingress-default
+ labels:
+ app: objstorage-read-write
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,192.168.100.29/32,192.168.130.0/24,192.168.50.0/24
nginx.ingress.kubernetes.io/client-body-buffer-size: 128K
nginx.ingress.kubernetes.io/proxy-body-size: 4G
nginx.ingress.kubernetes.io/proxy-buffering: "on"
spec:
ingressClassName: nginx
rules:
@@ -13840,20 +13874,23 @@
name: objstorage-read-write
port:
number: 5003
---
# Source: swh/templates/storage/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh-cassandra
name: storage-cassandra-ingress-default
+ labels:
+ app: storage-cassandra
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,192.168.100.29/32,192.168.101.0/24,192.168.130.0/24,192.168.50.0/24
nginx.ingress.kubernetes.io/client-body-buffer-size: 128K
nginx.ingress.kubernetes.io/proxy-body-size: 4G
nginx.ingress.kubernetes.io/proxy-buffering: "on"
spec:
rules:
- host: storage-cassandra.internal.staging.swh.network
@@ -13866,20 +13903,23 @@
name: storage-cassandra
port:
number: 5002
---
# Source: swh/templates/vault/rpc-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh-cassandra
name: vault-rpc-ingress-default
+ labels:
+ app: vault-rpc
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16
nginx.ingress.kubernetes.io/proxy-body-size: 4G
nginx.ingress.kubernetes.io/proxy-connect-timeout: "90"
nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
nginx.ingress.kubernetes.io/proxy-request-buffering: "on"
nginx.ingress.kubernetes.io/proxy-send-timeout: "90"
spec:
@@ -13894,20 +13934,23 @@
name: vault-rpc
port:
number: 5005
---
# Source: swh/templates/web/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh-cassandra
name: web-cassandra-ingress-authenticated
+ labels:
+ app: web-cassandra
+ endpoint-definition: authenticated
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
cert-manager.io/cluster-issuer: letsencrypt-production-gandi
kubernetes.io/ingress.class: nginx
kubernetes.io/tls-acme: "true"
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
# type of authentication
nginx.ingress.kubernetes.io/auth-type: basic
# an htpasswd file in the key auth within the secret
nginx.ingress.kubernetes.io/auth-secret-type: auth-file
@@ -13977,20 +14020,23 @@
- webapp.staging.swh.network
- webapp-cassandra.internal.staging.swh.network
secretName: swh-web-crt
---
# Source: swh/templates/web/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh-cassandra
name: web-cassandra-ingress-default
+ labels:
+ app: web-cassandra
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
cert-manager.io/cluster-issuer: letsencrypt-production-gandi
kubernetes.io/ingress.class: nginx
kubernetes.io/tls-acme: "true"
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
spec:
rules:
- host: webapp.staging.swh.network
@@ -14036,20 +14082,23 @@
- webapp.staging.swh.network
- webapp-cassandra.internal.staging.swh.network
secretName: swh-web-crt
---
# Source: swh/templates/web/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh-cassandra
name: web-cassandra-ingress-webhooks
+ labels:
+ app: web-cassandra
+ endpoint-definition: webhooks
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 192.168.130.1,192.168.130.2
cert-manager.io/cluster-issuer: letsencrypt-production-gandi
kubernetes.io/ingress.class: nginx
kubernetes.io/tls-acme: "true"
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
spec:
rules:
@@ -14082,20 +14131,40 @@
secretName: swh-web-crt
---
# Source: swh/templates/cookers/deployment.yaml
# Set useJsonLogger to false to let the logs be plain text
---
# Source: swh/templates/loaders/deployment.yaml
# if defined at the "typed" loader level
# otherwise use the global image is defined First this needs to replace - in
# $loader_type with "" to find the proper image name.
---
+# Source: swh/templates/web/monitoring.yaml
+apiVersion: monitoring.coreos.com/v1
+kind: Probe
+metadata:
+ name: web-cassandra-metrics
+ namespace: swh-cassandra
+spec:
+ interval: 300s
+ prober:
+ path: /metrics/prometheus/
+ targets:
+ ingress:
+ namespaceSelector:
+ matchNames:
+ - swh-cassandra
+ selector:
+ matchLabels:
+ endpoint-definition: default
+ app: web-cassandra
+---
# Source: swh/templates/cookers/keda-autoscaling.yaml
apiVersion: keda.sh/v1alpha1
kind: ScaledObject
metadata:
name: cooker-batch-operators
namespace: swh-cassandra
spec:
scaleTargetRef:
apiVersion: apps/v1 # Optional. Default: apps/v1
kind: Deployment # Optional. Default: Deployment
------------- diff for environment staging namespace swh-cassandra-next-version -------------
--- /tmp/swh-chart.swh.fSiJBsr2/staging-swh-cassandra-next-version.before 2024-01-26 11:11:42.353858901 +0100
+++ /tmp/swh-chart.swh.fSiJBsr2/staging-swh-cassandra-next-version.after 2024-01-26 11:11:46.093873956 +0100
@@ -4128,20 +4128,22 @@
- swh.web.save_code_now
- swh.web.save_origin_webhooks
- swh.web.vault
---
# Source: swh/templates/counters/rpc-service.yaml
apiVersion: v1
kind: Service
metadata:
name: counters-rpc
namespace: swh-cassandra-next-version
+ labels:
+ app: counters-rpc
spec:
type: ClusterIP
selector:
app: counters-rpc
ports:
- port: 5011
targetPort: 5011
name: rpc
---
# Source: swh/templates/external-services/cname.yaml
@@ -4233,20 +4235,22 @@
spec:
type: ExternalName
externalName: archive-staging-rke2-ingress-nginx-controller.ingress-nginx.svc.cluster.local
---
# Source: swh/templates/graphql/service.yaml
apiVersion: v1
kind: Service
metadata:
name: graphql-cassandra
namespace: swh-cassandra-next-version
+ labels:
+ app: graphql-cassandra
spec:
type: ClusterIP
selector:
app: graphql-cassandra
ports:
- port: 5013
targetPort: 5013
name: rpc
---
# Source: swh/templates/memcached/service.yaml
@@ -4290,50 +4294,56 @@
- name: http
port: 9102
targetPort: 9102
---
# Source: swh/templates/storage/service.yaml
apiVersion: v1
kind: Service
metadata:
name: storage-cassandra
namespace: swh-cassandra-next-version
+ labels:
+ app: storage-cassandra
spec:
type: ClusterIP
selector:
app: storage-cassandra
ports:
- port: 5002
targetPort: 5002
name: rpc
---
# Source: swh/templates/vault/rpc-service.yaml
apiVersion: v1
kind: Service
metadata:
name: vault-rpc
namespace: swh-cassandra-next-version
+ labels:
+ app: vault-rpc
spec:
type: ClusterIP
selector:
app: vault-rpc
ports:
- port: 5005
targetPort: 5005
name: rpc
---
# Source: swh/templates/web/service.yaml
apiVersion: v1
kind: Service
metadata:
name: web-cassandra
namespace: swh-cassandra-next-version
+ labels:
+ app: web-cassandra
spec:
type: ClusterIP
selector:
app: web-cassandra
ports:
- port: 5004
targetPort: 5004
name: rpc
- port: 80
@@ -11607,20 +11617,23 @@
- key: "refresh-counters-cache.sh"
path: "refresh-counters-cache.sh"
restartPolicy: OnFailure
---
# Source: swh/templates/counters/rpc-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh-cassandra-next-version
name: counters-rpc-ingress-default
+ labels:
+ app: counters-rpc
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,192.168.100.29/32,192.168.101.0/24,192.168.130.0/24,192.168.50.0/24
nginx.ingress.kubernetes.io/proxy-body-size: 4G
nginx.ingress.kubernetes.io/proxy-connect-timeout: "90"
nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
nginx.ingress.kubernetes.io/proxy-request-buffering: "on"
nginx.ingress.kubernetes.io/proxy-send-timeout: "90"
spec:
@@ -11635,20 +11648,23 @@
name: counters-rpc
port:
number: 5011
---
# Source: swh/templates/graphql/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh-cassandra-next-version
name: graphql-cassandra-ingress-default
+ labels:
+ app: graphql-cassandra
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,192.168.100.29/32,192.168.101.0/24,192.168.130.0/24,192.168.50.0/24
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- host: webapp-cassandra-next-version.internal.staging.swh.network
http:
paths:
@@ -11659,20 +11675,23 @@
name: graphql-cassandra
port:
number: 5013
---
# Source: swh/templates/storage/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh-cassandra-next-version
name: storage-cassandra-ingress-default
+ labels:
+ app: storage-cassandra
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,192.168.100.29/32,192.168.101.0/24,192.168.130.0/24,192.168.50.0/24
nginx.ingress.kubernetes.io/client-body-buffer-size: 128K
nginx.ingress.kubernetes.io/proxy-body-size: 4G
nginx.ingress.kubernetes.io/proxy-buffering: "on"
spec:
rules:
- host: storage-cassandra-next-version.internal.staging.swh.network
@@ -11685,20 +11704,23 @@
name: storage-cassandra
port:
number: 5002
---
# Source: swh/templates/vault/rpc-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh-cassandra-next-version
name: vault-rpc-ingress-default
+ labels:
+ app: vault-rpc
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16
nginx.ingress.kubernetes.io/proxy-body-size: 4G
nginx.ingress.kubernetes.io/proxy-connect-timeout: "90"
nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
nginx.ingress.kubernetes.io/proxy-request-buffering: "on"
nginx.ingress.kubernetes.io/proxy-send-timeout: "90"
spec:
@@ -11713,20 +11735,23 @@
name: vault-rpc
port:
number: 5005
---
# Source: swh/templates/web/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh-cassandra-next-version
name: web-cassandra-ingress-authenticated
+ labels:
+ app: web-cassandra
+ endpoint-definition: authenticated
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,192.168.100.29/32,192.168.101.0/24,192.168.130.0/24,192.168.50.0/24
cert-manager.io/cluster-issuer: letsencrypt-production-gandi
kubernetes.io/ingress.class: nginx
kubernetes.io/tls-acme: "true"
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
# type of authentication
nginx.ingress.kubernetes.io/auth-type: basic
# an htpasswd file in the key auth within the secret
@@ -11769,20 +11794,23 @@
- hosts:
- webapp-cassandra-next-version.internal.staging.swh.network
secretName: swh-web-crt
---
# Source: swh/templates/web/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh-cassandra-next-version
name: web-cassandra-ingress-default
+ labels:
+ app: web-cassandra
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,192.168.100.29/32,192.168.101.0/24,192.168.130.0/24,192.168.50.0/24
cert-manager.io/cluster-issuer: letsencrypt-production-gandi
kubernetes.io/ingress.class: nginx
kubernetes.io/tls-acme: "true"
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
spec:
rules:
@@ -11809,20 +11837,23 @@
- hosts:
- webapp-cassandra-next-version.internal.staging.swh.network
secretName: swh-web-crt
---
# Source: swh/templates/web/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh-cassandra-next-version
name: web-cassandra-ingress-webhooks
+ labels:
+ app: web-cassandra
+ endpoint-definition: webhooks
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,192.168.100.29/32,192.168.130.0/24,192.168.130.1,192.168.130.2,192.168.50.0/24
cert-manager.io/cluster-issuer: letsencrypt-production-gandi
kubernetes.io/ingress.class: nginx
kubernetes.io/tls-acme: "true"
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
spec:
rules:
------------- diff for environment production namespace swh -------------
--- /tmp/swh-chart.swh.fSiJBsr2/production-swh.before 2024-01-26 11:11:48.601884052 +0100
+++ /tmp/swh-chart.swh.fSiJBsr2/production-swh.after 2024-01-26 11:11:51.001893711 +0100
@@ -7736,20 +7736,22 @@
- swh.web.save_code_now
- swh.web.save_origin_webhooks
- swh.web.vault
---
# Source: swh/templates/deposit/service.yaml
apiVersion: v1
kind: Service
metadata:
name: deposit
namespace: swh
+ labels:
+ app: deposit
spec:
type: ClusterIP
selector:
app: deposit
ports:
- port: 5006
targetPort: 5006
name: rpc
- port: 80
@@ -7835,65 +7837,73 @@
spec:
type: ExternalName
externalName: archive-production-rke2-ingress-nginx-controller.ingress-nginx.svc.cluster.local
---
# Source: swh/templates/graphql/service.yaml
apiVersion: v1
kind: Service
metadata:
name: graphql-archive
namespace: swh
+ labels:
+ app: graphql-archive
spec:
type: ClusterIP
selector:
app: graphql-archive
ports:
- port: 5013
targetPort: 5013
name: rpc
---
# Source: swh/templates/graphql/service.yaml
apiVersion: v1
kind: Service
metadata:
name: graphql-webapp1
namespace: swh
+ labels:
+ app: graphql-webapp1
spec:
type: ClusterIP
selector:
app: graphql-webapp1
ports:
- port: 5013
targetPort: 5013
name: rpc
---
# Source: swh/templates/indexer-storage/service.yaml
apiVersion: v1
kind: Service
metadata:
name: indexer-storage-read-only
namespace: swh
+ labels:
+ app: indexer-storage-read-only
spec:
type: ClusterIP
selector:
app: indexer-storage-read-only
ports:
- port: 5007
targetPort: 5007
name: rpc
---
# Source: swh/templates/indexer-storage/service.yaml
apiVersion: v1
kind: Service
metadata:
name: indexer-storage-read-write
namespace: swh
+ labels:
+ app: indexer-storage-read-write
spec:
type: ClusterIP
selector:
app: indexer-storage-read-write
ports:
- port: 5007
targetPort: 5007
name: rpc
---
# Source: swh/templates/memcached/service.yaml
@@ -7916,65 +7926,73 @@
- name: metrics
port: 9150
targetPort: 9150
---
# Source: swh/templates/objstorage/service.yaml
apiVersion: v1
kind: Service
metadata:
name: objstorage-read-only
namespace: swh
+ labels:
+ app: objstorage-read-only
spec:
type: ClusterIP
selector:
app: objstorage-read-only
ports:
- port: 5003
targetPort: 5003
name: rpc
---
# Source: swh/templates/objstorage/service.yaml
apiVersion: v1
kind: Service
metadata:
name: objstorage-ro-saam-zfs
namespace: swh
+ labels:
+ app: objstorage-ro-saam-zfs
spec:
type: ClusterIP
selector:
app: objstorage-ro-saam-zfs
ports:
- port: 5003
targetPort: 5003
name: rpc
---
# Source: swh/templates/scheduler/rpc-service.yaml
apiVersion: v1
kind: Service
metadata:
name: scheduler-rpc
namespace: swh
+ labels:
+ app: scheduler-rpc
spec:
type: ClusterIP
selector:
app: scheduler-rpc
ports:
- port: 5008
targetPort: 5008
name: rpc
---
# Source: swh/templates/search/rpc-service.yaml
apiVersion: v1
kind: Service
metadata:
name: search-rpc
namespace: swh
+ labels:
+ app: search-rpc
spec:
type: ClusterIP
selector:
app: search-rpc
ports:
- port: 5010
targetPort: 5010
name: rpc
---
# Source: swh/templates/statsd-exporter/service.yaml
@@ -7997,84 +8015,94 @@
- name: http
port: 9102
targetPort: 9102
---
# Source: swh/templates/storage/service.yaml
apiVersion: v1
kind: Service
metadata:
name: storage-postgresql-azure-readonly
namespace: swh
+ labels:
+ app: storage-postgresql-azure-readonly
spec:
type: ClusterIP
selector:
app: storage-postgresql-azure-readonly
ports:
- port: 5002
targetPort: 5002
name: rpc
---
# Source: swh/templates/storage/service.yaml
apiVersion: v1
kind: Service
metadata:
name: storage-postgresql-saam-zfs
namespace: swh
+ labels:
+ app: storage-postgresql-saam-zfs
spec:
type: ClusterIP
selector:
app: storage-postgresql-saam-zfs
ports:
- port: 5002
targetPort: 5002
name: rpc
---
# Source: swh/templates/vault/rpc-service.yaml
apiVersion: v1
kind: Service
metadata:
name: vault-rpc
namespace: swh
+ labels:
+ app: vault-rpc
spec:
type: ClusterIP
selector:
app: vault-rpc
ports:
- port: 5005
targetPort: 5005
name: rpc
---
# Source: swh/templates/web/service.yaml
apiVersion: v1
kind: Service
metadata:
name: web-app1
namespace: swh
+ labels:
+ app: web-app1
spec:
type: ClusterIP
selector:
app: web-app1
ports:
- port: 5004
targetPort: 5004
name: rpc
- port: 80
targetPort: 80
name: webstatic
---
# Source: swh/templates/web/service.yaml
apiVersion: v1
kind: Service
metadata:
name: web-archive
namespace: swh
+ labels:
+ app: web-archive
spec:
type: ClusterIP
selector:
app: web-archive
ports:
- port: 5004
targetPort: 5004
name: rpc
- port: 80
@@ -24657,20 +24685,23 @@
path: "pg_service.conf"
restartPolicy: OnFailure
---
# Source: swh/templates/deposit/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh
name: deposit-ingress-authenticated
+ labels:
+ app: deposit
+ endpoint-definition: authenticated
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
kubernetes.io/ingress.class: nginx
# type of authentication
nginx.ingress.kubernetes.io/auth-type: basic
# an htpasswd file in the key auth within the secret
nginx.ingress.kubernetes.io/auth-secret-type: auth-file
# name of the secret that contains the user/password definitions
nginx.ingress.kubernetes.io/auth-secret: swh/deposit-auth-secrets
# message to display with an appropriate context why the authentication is required
@@ -24710,20 +24741,23 @@
name: deposit
port:
number: 5006
---
# Source: swh/templates/deposit/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh
name: deposit-ingress-default
+ labels:
+ app: deposit
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
kubernetes.io/ingress.class: nginx
spec:
rules:
- host: deposit-rpc-ingress
http:
paths:
- path: /
@@ -24779,20 +24813,23 @@
name: deposit
port:
number: 80
---
# Source: swh/templates/graphql/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh
name: graphql-archive-ingress-default
+ labels:
+ app: graphql-archive
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- host: archive.softwareheritage.org
http:
paths:
- path: /graphql/
@@ -24802,20 +24839,23 @@
name: graphql-archive
port:
number: 5013
---
# Source: swh/templates/graphql/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh
name: graphql-webapp1-ingress-default
+ labels:
+ app: graphql-webapp1
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,127.0.0.0/8,192.168.100.0/24,192.168.101.0/24,192.168.200.0/22,192.168.50.0/24
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- host: webapp1.internal.softwareheritage.org
http:
paths:
@@ -24826,20 +24866,23 @@
name: graphql-webapp1
port:
number: 5013
---
# Source: swh/templates/indexer-storage/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh
name: indexer-storage-read-only-ingress-default
+ labels:
+ app: indexer-storage-read-only
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16
nginx.ingress.kubernetes.io/proxy-body-size: 4G
nginx.ingress.kubernetes.io/proxy-connect-timeout: "90"
nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
nginx.ingress.kubernetes.io/proxy-request-buffering: "on"
nginx.ingress.kubernetes.io/proxy-send-timeout: "90"
spec:
@@ -24854,20 +24897,23 @@
name: indexer-storage-read-only
port:
number: 5007
---
# Source: swh/templates/indexer-storage/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh
name: indexer-storage-read-write-ingress-default
+ labels:
+ app: indexer-storage-read-write
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16
nginx.ingress.kubernetes.io/proxy-body-size: 4G
nginx.ingress.kubernetes.io/proxy-connect-timeout: "90"
nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
nginx.ingress.kubernetes.io/proxy-request-buffering: "on"
nginx.ingress.kubernetes.io/proxy-send-timeout: "90"
spec:
@@ -24882,20 +24928,23 @@
name: indexer-storage-read-write
port:
number: 5007
---
# Source: swh/templates/objstorage/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh
name: objstorage-read-only-ingress-default
+ labels:
+ app: objstorage-read-only
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,127.0.0.0/8,192.168.100.0/24,192.168.101.0/24,192.168.200.0/22
nginx.ingress.kubernetes.io/client-body-buffer-size: 128K
nginx.ingress.kubernetes.io/proxy-body-size: 4G
nginx.ingress.kubernetes.io/proxy-buffering: "on"
spec:
ingressClassName: nginx
rules:
@@ -24931,20 +24980,23 @@
name: objstorage-read-only
port:
number: 5003
---
# Source: swh/templates/objstorage/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh
name: objstorage-ro-saam-zfs-ingress-default
+ labels:
+ app: objstorage-ro-saam-zfs
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,127.0.0.0/8,192.168.100.0/24,192.168.200.0/22
nginx.ingress.kubernetes.io/client-body-buffer-size: 128K
nginx.ingress.kubernetes.io/proxy-body-size: 4G
nginx.ingress.kubernetes.io/proxy-buffering: "on"
spec:
ingressClassName: nginx
rules:
@@ -24958,20 +25010,23 @@
name: objstorage-ro-saam-zfs
port:
number: 5003
---
# Source: swh/templates/scheduler/rpc-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh
name: scheduler-rpc-ingress-default
+ labels:
+ app: scheduler-rpc
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,127.0.0.0/8,192.168.100.0/24,192.168.130.221,192.168.200.0/22
nginx.ingress.kubernetes.io/proxy-body-size: 4G
nginx.ingress.kubernetes.io/proxy-connect-timeout: "90"
nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
nginx.ingress.kubernetes.io/proxy-request-buffering: "on"
nginx.ingress.kubernetes.io/proxy-send-timeout: "90"
spec:
@@ -24986,20 +25041,23 @@
name: scheduler-rpc
port:
number: 5008
---
# Source: swh/templates/scheduler/rpc-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh
name: scheduler-rpc-ingress-read-only
+ labels:
+ app: scheduler-rpc
+ endpoint-definition: read-only
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,127.0.0.0/8,192.168.100.0/24,192.168.101.0/24,192.168.200.0/22
nginx.ingress.kubernetes.io/proxy-body-size: 4G
nginx.ingress.kubernetes.io/proxy-connect-timeout: "90"
nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
nginx.ingress.kubernetes.io/proxy-request-buffering: "on"
nginx.ingress.kubernetes.io/proxy-send-timeout: "90"
spec:
@@ -25030,20 +25088,23 @@
name: scheduler-rpc
port:
number: 5008
---
# Source: swh/templates/search/rpc-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh
name: search-rpc-ingress-default
+ labels:
+ app: search-rpc
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,127.0.0.0/8,192.168.100.0/24,192.168.200.0/22
nginx.ingress.kubernetes.io/proxy-body-size: 4G
nginx.ingress.kubernetes.io/proxy-connect-timeout: "90"
nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
nginx.ingress.kubernetes.io/proxy-request-buffering: "on"
nginx.ingress.kubernetes.io/proxy-send-timeout: "90"
spec:
@@ -25069,20 +25130,23 @@
name: search-rpc
port:
number: 5010
---
# Source: swh/templates/search/rpc-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh
name: search-rpc-ingress-read-only
+ labels:
+ app: search-rpc
+ endpoint-definition: read-only
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,127.0.0.0/8,192.168.100.0/24,192.168.101.0/24,192.168.200.0/22
nginx.ingress.kubernetes.io/proxy-body-size: 4G
nginx.ingress.kubernetes.io/proxy-connect-timeout: "90"
nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
nginx.ingress.kubernetes.io/proxy-request-buffering: "on"
nginx.ingress.kubernetes.io/proxy-send-timeout: "90"
spec:
@@ -25172,20 +25236,23 @@
name: search-rpc
port:
number: 5010
---
# Source: swh/templates/storage/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh
name: storage-postgresql-azure-readonly-ingress-default
+ labels:
+ app: storage-postgresql-azure-readonly
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,127.0.0.0/8,192.168.100.0/24,192.168.101.0/24,192.168.200.0/22
nginx.ingress.kubernetes.io/proxy-body-size: 4G
nginx.ingress.kubernetes.io/proxy-buffering: "on"
spec:
rules:
- host: storage-azure-read-only-rpc-ingress
http:
@@ -25208,20 +25275,23 @@
name: storage-postgresql-azure-readonly
port:
number: 5002
---
# Source: swh/templates/storage/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh
name: storage-postgresql-saam-zfs-ingress-default
+ labels:
+ app: storage-postgresql-saam-zfs
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,127.0.0.0/8,192.168.100.0/24,192.168.200.0/22
nginx.ingress.kubernetes.io/client-body-buffer-size: 128K
nginx.ingress.kubernetes.io/proxy-body-size: 4G
nginx.ingress.kubernetes.io/proxy-buffering: "on"
spec:
rules:
- host: storage-rw-postgresql-saam-ingress
@@ -25234,20 +25304,23 @@
name: storage-postgresql-saam-zfs
port:
number: 5002
---
# Source: swh/templates/vault/rpc-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh
name: vault-rpc-ingress-default
+ labels:
+ app: vault-rpc
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/proxy-body-size: 4G
nginx.ingress.kubernetes.io/proxy-connect-timeout: "90"
nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
nginx.ingress.kubernetes.io/proxy-request-buffering: "on"
nginx.ingress.kubernetes.io/proxy-send-timeout: "90"
@@ -25263,20 +25336,23 @@
name: vault-rpc
port:
number: 5005
---
# Source: swh/templates/web/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh
name: web-app1-ingress-authenticated
+ labels:
+ app: web-app1
+ endpoint-definition: authenticated
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
cert-manager.io/cluster-issuer: letsencrypt-production-gandi
kubernetes.io/ingress.class: nginx
kubernetes.io/tls-acme: "true"
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
# type of authentication
nginx.ingress.kubernetes.io/auth-type: basic
# an htpasswd file in the key auth within the secret
nginx.ingress.kubernetes.io/auth-secret-type: auth-file
@@ -25318,20 +25394,23 @@
- hosts:
- webapp1.internal.softwareheritage.org
secretName: swh-web-crt
---
# Source: swh/templates/web/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh
name: web-app1-ingress-default
+ labels:
+ app: web-app1
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
cert-manager.io/cluster-issuer: letsencrypt-production-gandi
kubernetes.io/ingress.class: nginx
kubernetes.io/tls-acme: "true"
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
spec:
rules:
- host: webapp1.internal.softwareheritage.org
@@ -25357,20 +25436,23 @@
- hosts:
- webapp1.internal.softwareheritage.org
secretName: swh-web-crt
---
# Source: swh/templates/web/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh
name: web-archive-ingress-authenticated
+ labels:
+ app: web-archive
+ endpoint-definition: authenticated
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
kubernetes.io/ingress.class: nginx
# type of authentication
nginx.ingress.kubernetes.io/auth-type: basic
# an htpasswd file in the key auth within the secret
nginx.ingress.kubernetes.io/auth-secret-type: auth-file
# name of the secret that contains the user/password definitions
nginx.ingress.kubernetes.io/auth-secret: swh/web-auth-secrets
# message to display with an appropriate context why the authentication is required
@@ -25485,20 +25567,23 @@
name: web-archive
port:
number: 5004
---
# Source: swh/templates/web/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh
name: web-archive-ingress-default
+ labels:
+ app: web-archive
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
kubernetes.io/ingress.class: nginx
spec:
rules:
- host: archive.softwareheritage.org
http:
paths:
- path: /
@@ -25578,20 +25663,40 @@
# Set useJsonLogger to false to let the logs be plain text
---
# Source: swh/templates/listers/deployment.yaml
# Set useJsonLogger to false to let the logs be plain text
---
# Source: swh/templates/loaders/deployment.yaml
# if defined at the "typed" loader level
# otherwise use the global image is defined First this needs to replace - in
# $loader_type with "" to find the proper image name.
---
+# Source: swh/templates/web/monitoring.yaml
+apiVersion: monitoring.coreos.com/v1
+kind: Probe
+metadata:
+ name: web-archive-metrics
+ namespace: swh
+spec:
+ interval: 300s
+ prober:
+ path: /metrics/prometheus/
+ targets:
+ ingress:
+ namespaceSelector:
+ matchNames:
+ - swh
+ selector:
+ matchLabels:
+ endpoint-definition: default
+ app: web-archive
+---
# Source: swh/templates/checker-deposit/keda-autoscaling.yaml
apiVersion: keda.sh/v1alpha1
kind: ScaledObject
metadata:
name: checker-deposit-operators
namespace: swh
spec:
scaleTargetRef:
apiVersion: apps/v1 # Optional. Default: apps/v1
kind: Deployment # Optional. Default: Deployment
------------- diff for environment production namespace swh-cassandra -------------
--- /tmp/swh-chart.swh.fSiJBsr2/production-swh-cassandra.before 2024-01-26 11:11:49.037885807 +0100
+++ /tmp/swh-chart.swh.fSiJBsr2/production-swh-cassandra.after 2024-01-26 11:11:51.361895161 +0100
@@ -1727,20 +1727,22 @@
spec:
type: ExternalName
externalName: archive-production-rke2-ingress-nginx-controller.ingress-nginx.svc.cluster.local
---
# Source: swh/templates/graphql/service.yaml
apiVersion: v1
kind: Service
metadata:
name: graphql-cassandra
namespace: swh-cassandra
+ labels:
+ app: graphql-cassandra
spec:
type: ClusterIP
selector:
app: graphql-cassandra
ports:
- port: 5013
targetPort: 5013
name: rpc
---
# Source: swh/templates/memcached/service.yaml
@@ -1784,50 +1786,56 @@
- name: http
port: 9102
targetPort: 9102
---
# Source: swh/templates/storage/service.yaml
apiVersion: v1
kind: Service
metadata:
name: storage-cassandra
namespace: swh-cassandra
+ labels:
+ app: storage-cassandra
spec:
type: ClusterIP
selector:
app: storage-cassandra
ports:
- port: 5002
targetPort: 5002
name: rpc
---
# Source: swh/templates/storage/service.yaml
apiVersion: v1
kind: Service
metadata:
name: storage-cassandra-readonly
namespace: swh-cassandra
+ labels:
+ app: storage-cassandra-readonly
spec:
type: ClusterIP
selector:
app: storage-cassandra-readonly
ports:
- port: 5002
targetPort: 5002
name: rpc
---
# Source: swh/templates/web/service.yaml
apiVersion: v1
kind: Service
metadata:
name: web-cassandra
namespace: swh-cassandra
+ labels:
+ app: web-cassandra
spec:
type: ClusterIP
selector:
app: web-cassandra
ports:
- port: 5004
targetPort: 5004
name: rpc
- port: 80
@@ -5153,20 +5161,23 @@
target:
type: Utilization
averageUtilization: 50
---
# Source: swh/templates/graphql/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh-cassandra
name: graphql-cassandra-ingress-default
+ labels:
+ app: graphql-cassandra
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,127.0.0.0/8,192.168.100.0/24,192.168.101.0/24,192.168.200.0/22,192.168.50.0/24
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- host: webapp-cassandra.internal.softwareheritage.org
http:
paths:
@@ -5177,20 +5188,23 @@
name: graphql-cassandra
port:
number: 5013
---
# Source: swh/templates/storage/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh-cassandra
name: storage-cassandra-readonly-ingress-default
+ labels:
+ app: storage-cassandra-readonly
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/client-body-buffer-size: 128K
nginx.ingress.kubernetes.io/proxy-body-size: 4G
nginx.ingress.kubernetes.io/proxy-buffering: "on"
# type of authentication
nginx.ingress.kubernetes.io/auth-type: basic
# an htpasswd file in the key auth within the secret
nginx.ingress.kubernetes.io/auth-secret-type: auth-file
# name of the secret that contains the user/password definitions
@@ -5221,20 +5235,23 @@
name: storage-cassandra-readonly
port:
number: 5002
---
# Source: swh/templates/web/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: swh-cassandra
name: web-cassandra-ingress-default
+ labels:
+ app: web-cassandra
+ endpoint-definition: default
annotations:
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,127.0.0.0/8,192.168.100.0/24,192.168.101.0/24,192.168.200.0/22,192.168.50.0/24
cert-manager.io/cluster-issuer: letsencrypt-production-gandi
kubernetes.io/ingress.class: nginx
kubernetes.io/tls-acme: "true"
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
spec:
rules:
Edited by Vincent Sellier