swh/staging: Deploy objstorage checker
Related to product-management/core-platform#23
These modifications will create two objstorage scrubbers, one per backend, in the staging environment.
Helm diff
[swh] Comparing changes between branches production and staging_objstorage_checker (per environment)...
Your branch is up to date with 'origin/production'.
[swh] Generate config in production branch for environment staging, namespace swh...
[swh] Generate config in production branch for environment staging, namespace swh-cassandra...
[swh] Generate config in production branch for environment staging, namespace swh-cassandra-next-version...
Your branch is up to date with 'origin/staging_objstorage_checker'.
[swh] Generate config in staging_objstorage_checker branch for environment staging...
[swh] Generate config in staging_objstorage_checker branch for environment staging...
[swh] Generate config in staging_objstorage_checker branch for environment staging...
Your branch is up to date with 'origin/production'.
[swh] Generate config in production branch for environment production, namespace swh...
[swh] Generate config in production branch for environment production, namespace swh-cassandra...
[swh] Generate config in production branch for environment production, namespace swh-cassandra-next-version...
Your branch is up to date with 'origin/staging_objstorage_checker'.
[swh] Generate config in staging_objstorage_checker branch for environment production...
[swh] Generate config in staging_objstorage_checker branch for environment production...
[swh] Generate config in staging_objstorage_checker branch for environment production...
------------- diff for environment staging namespace swh -------------
_ __ __
_| |_ _ / _|/ _| between /tmp/swh-chart.swh.OAIaX5xY/staging-swh.before, 113 documents
/ _' | | | | |_| |_ and /tmp/swh-chart.swh.OAIaX5xY/staging-swh.after, 113 documents
| (_| | |_| | _| _|
\__,_|\__, |_| |_| returned no differences
|___/
------------- diff for environment staging namespace swh-cassandra -------------
_ __ __
_| |_ _ / _|/ _| between /tmp/swh-chart.swh.OAIaX5xY/staging-swh-cassandra.before, 392 documents
/ _' | | | | |_| |_ and /tmp/swh-chart.swh.OAIaX5xY/staging-swh-cassandra.after, 396 documents
| (_| | |_| | _| _|
\__,_|\__, |_| |_| returned one difference
|___/
(file level)
---
# Source: swh/templates/scrubber/objstorage-checker-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: scrubber-objstoragechecker-db1-template
namespace: swh-cassandra
data:
config.yml.template: |
scrubber:
cls: postgresql
db: host=db1.internal.staging.swh.network port=5432 user=swh-scrubber dbname=swh-scrubber
password=${SCRUBBER_POSTGRESQL_PASSWORD}
storage:
auth_provider:
cls: cassandra.auth.PlainTextAuthProvider
password: ${CASSANDRA_PASSWORD}
username: swh-ro
cls: cassandra
consistency_level: LOCAL_QUORUM
hosts:
- cassandra1.internal.staging.swh.network
- cassandra2.internal.staging.swh.network
- cassandra3.internal.staging.swh.network
keyspace: swh
journal:
brokers:
- journal2.internal.staging.swh.network:9094
cls: kafka
group_id: swh-archive-stg-objstorage
message.max.bytes: 524288000
on_eof: restart
prefix: swh.journal.objects
sasl.mechanism: SCRAM-SHA-512
sasl.password: ${BROKER_USER_PASSWORD}
sasl.username: swh-archive-stg
security.protocol: SASL_SSL
objstorage:
cls: remote
name: db1
url: http://objstorage-db1-ro-rpc-ingress
# Source: swh/templates/scrubber/objstorage-checker-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
namespace: swh-cassandra
name: scrubber-objstoragechecker-storage1-template
data:
config.yml.template: |
scrubber:
cls: postgresql
db: host=db1.internal.staging.swh.network port=5432 user=swh-scrubber dbname=swh-scrubber
password=${SCRUBBER_POSTGRESQL_PASSWORD}
storage:
auth_provider:
cls: cassandra.auth.PlainTextAuthProvider
password: ${CASSANDRA_PASSWORD}
username: swh-ro
cls: cassandra
consistency_level: LOCAL_QUORUM
hosts:
- cassandra1.internal.staging.swh.network
- cassandra2.internal.staging.swh.network
- cassandra3.internal.staging.swh.network
keyspace: swh
journal:
brokers:
- journal2.internal.staging.swh.network:9094
cls: kafka
group_id: swh-archive-stg-objstorage
message.max.bytes: 524288000
on_eof: restart
prefix: swh.journal.objects
sasl.mechanism: SCRAM-SHA-512
sasl.password: ${BROKER_USER_PASSWORD}
sasl.username: swh-archive-stg
security.protocol: SASL_SSL
objstorage:
cls: remote
name: storage1
url: http://objstorage-storage1-ro-rpc-ingress
# Source: swh/templates/scrubber/objstorage-checker-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: scrubber-objstoragechecker-db1
namespace: swh-cassandra
labels:
app: scrubber-objstoragechecker-db1
spec:
revisionHistoryLimit: 2
replicas: 2
selector:
matchLabels:
app: scrubber-objstoragechecker-db1
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 1
template:
metadata:
labels:
app: scrubber-objstoragechecker-db1
annotations:
# Force a rollout upgrade if the configuration changes
checksum/config: 1b464f6d8c2099b29ea746568d22eb430fefbe3077f9b7bfe3d3dc83c69343a9
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: swh/scrubber
operator: In
values:
- "true"
priorityClassName: swh-cassandra-background-workload
initContainers:
- name: prepare-configuration
image: "container-registry.softwareheritage.org/swh/infra/swh-apps/utils:20231211.1"
imagePullPolicy: IfNotPresent
env:
- name: BROKER_USER_PASSWORD
valueFrom:
secretKeyRef:
key: BROKER_USER_PASSWORD
name: swh-archive-broker-secret
optional: false
- name: CASSANDRA_PASSWORD
valueFrom:
secretKeyRef:
key: cassandra-swh-ro-password
name: common-secrets
optional: false
- name: SCRUBBER_POSTGRESQL_PASSWORD
valueFrom:
secretKeyRef:
key: postgres-swh-scrubber-password
name: swh-scrubber-postgresql-common-secret
optional: false
command:
- /entrypoints/prepare-configuration.sh
volumeMounts:
- name: config-utils
mountPath: /entrypoints
readOnly: true
- name: configuration
mountPath: /etc/swh
- name: configuration-template
mountPath: /etc/swh/configuration-template
- name: check-scrubber-migration
image: "container-registry.softwareheritage.org/swh/infra/swh-apps/scrubber:20240604.3"
command:
- /entrypoints/check-scrubber-db-version.sh
env:
- name: MODULE
value: scrubber
volumeMounts:
- name: configuration
mountPath: /etc/swh
- name: database-utils
mountPath: /entrypoints
- name: check-objstorage-migration
image: "container-registry.softwareheritage.org/swh/infra/swh-apps/scrubber:20240604.3"
command:
- /entrypoints/check-objstorage-db-version.sh
env:
- name: MODULE
value: objstorage
volumeMounts:
- name: configuration
mountPath: /etc/swh
- name: database-utils
mountPath: /entrypoints
containers:
- name: storage-checker
resources:
requests:
memory: 200Mi
cpu: 400m
image: "container-registry.softwareheritage.org/swh/infra/swh-apps/scrubber:20240604.3"
imagePullPolicy: IfNotPresent
command:
- /opt/swh/entrypoint.sh
args:
- swh
- scrubber
- check
- run
- objstorage-db1-content
env:
- name: STATSD_HOST
value: prometheus-statsd-exporter
- name: STATSD_PORT
value: 9125
- name: STATSD_TAGS
value: "deployment:scrubber-objstoragechecker-db1"
- name: MAX_TASKS_PER_CHILD
value: 1
- name: SWH_LOG_LEVEL
value: INFO
- name: SWH_CONFIG_FILENAME
value: /etc/swh/config.yml
- name: SWH_SENTRY_ENVIRONMENT
value: staging
- name: SWH_MAIN_PACKAGE
value: swh.scrubber
- name: SWH_SENTRY_DSN
valueFrom:
secretKeyRef:
name: common-secrets
key: scrubber-sentry-dsn
# 'name' secret must exist & include key "host"
optional: false
volumeMounts:
- name: configuration
mountPath: /etc/swh
volumes:
- name: configuration
emptyDir: {}
- name: configuration-template
configMap:
name: scrubber-objstoragechecker-db1-template
defaultMode: 0777
items:
- key: config.yml.template
path: config.yml.template
- name: database-utils
configMap:
name: database-utils
defaultMode: 0555
- name: config-utils
configMap:
name: config-utils
defaultMode: 0555
# Source: swh/templates/scrubber/objstorage-checker-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: scrubber-objstoragechecker-storage1
namespace: swh-cassandra
labels:
app: scrubber-objstoragechecker-storage1
spec:
revisionHistoryLimit: 2
replicas: 2
selector:
matchLabels:
app: scrubber-objstoragechecker-storage1
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 1
template:
metadata:
labels:
app: scrubber-objstoragechecker-storage1
annotations:
# Force a rollout upgrade if the configuration changes
checksum/config: eba91a89735c415c184d1008178446de2068abddc1fa28f1db2b3120d60ced9f
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: swh/scrubber
operator: In
values:
- "true"
priorityClassName: swh-cassandra-background-workload
initContainers:
- name: prepare-configuration
image: "container-registry.softwareheritage.org/swh/infra/swh-apps/utils:20231211.1"
imagePullPolicy: IfNotPresent
env:
- name: BROKER_USER_PASSWORD
valueFrom:
secretKeyRef:
key: BROKER_USER_PASSWORD
name: swh-archive-broker-secret
optional: false
- name: CASSANDRA_PASSWORD
valueFrom:
secretKeyRef:
key: cassandra-swh-ro-password
name: common-secrets
optional: false
- name: SCRUBBER_POSTGRESQL_PASSWORD
valueFrom:
secretKeyRef:
key: postgres-swh-scrubber-password
name: swh-scrubber-postgresql-common-secret
optional: false
command:
- /entrypoints/prepare-configuration.sh
volumeMounts:
- name: config-utils
mountPath: /entrypoints
readOnly: true
- name: configuration
mountPath: /etc/swh
- name: configuration-template
mountPath: /etc/swh/configuration-template
- name: check-scrubber-migration
image: "container-registry.softwareheritage.org/swh/infra/swh-apps/scrubber:20240604.3"
command:
- /entrypoints/check-scrubber-db-version.sh
env:
- name: MODULE
value: scrubber
volumeMounts:
- name: configuration
mountPath: /etc/swh
- name: database-utils
mountPath: /entrypoints
- name: check-objstorage-migration
image: "container-registry.softwareheritage.org/swh/infra/swh-apps/scrubber:20240604.3"
command:
- /entrypoints/check-objstorage-db-version.sh
env:
- name: MODULE
value: objstorage
volumeMounts:
- name: configuration
mountPath: /etc/swh
- name: database-utils
mountPath: /entrypoints
containers:
- name: storage-checker
resources:
requests:
memory: 200Mi
cpu: 400m
image: "container-registry.softwareheritage.org/swh/infra/swh-apps/scrubber:20240604.3"
imagePullPolicy: IfNotPresent
command:
- /opt/swh/entrypoint.sh
args:
- swh
- scrubber
- check
- run
- objstorage-storage1-content
env:
- name: STATSD_HOST
value: prometheus-statsd-exporter
- name: STATSD_PORT
value: 9125
- name: STATSD_TAGS
value: "deployment:scrubber-objstoragechecker-storage1"
- name: MAX_TASKS_PER_CHILD
value: 1
- name: SWH_LOG_LEVEL
value: INFO
- name: SWH_CONFIG_FILENAME
value: /etc/swh/config.yml
- name: SWH_SENTRY_ENVIRONMENT
value: staging
- name: SWH_MAIN_PACKAGE
value: swh.scrubber
- name: SWH_SENTRY_DSN
valueFrom:
secretKeyRef:
name: common-secrets
key: scrubber-sentry-dsn
# 'name' secret must exist & include key "host"
optional: false
volumeMounts:
- name: configuration
mountPath: /etc/swh
volumes:
- name: configuration
emptyDir: {}
- name: configuration-template
configMap:
name: scrubber-objstoragechecker-storage1-template
defaultMode: 0777
items:
- key: config.yml.template
path: config.yml.template
- name: database-utils
configMap:
name: database-utils
defaultMode: 0555
- name: config-utils
configMap:
name: config-utils
defaultMode: 0555
------------- diff for environment staging namespace swh-cassandra-next-version -------------
_ __ __
_| |_ _ / _|/ _| between /tmp/swh-chart.swh.OAIaX5xY/staging-swh-cassandra-next-version.before, 149 documents
/ _' | | | | |_| |_ and /tmp/swh-chart.swh.OAIaX5xY/staging-swh-cassandra-next-version.after, 149 documents
| (_| | |_| | _| _|
\__,_|\__, |_| |_| returned no differences
|___/
------------- diff for environment production namespace swh -------------
_ __ __
_| |_ _ / _|/ _| between /tmp/swh-chart.swh.OAIaX5xY/production-swh.before, 412 documents
/ _' | | | | |_| |_ and /tmp/swh-chart.swh.OAIaX5xY/production-swh.after, 412 documents
| (_| | |_| | _| _|
\__,_|\__, |_| |_| returned no differences
|___/
------------- diff for environment production namespace swh-cassandra -------------
_ __ __
_| |_ _ / _|/ _| between /tmp/swh-chart.swh.OAIaX5xY/production-swh-cassandra.before, 94 documents
/ _' | | | | |_| |_ and /tmp/swh-chart.swh.OAIaX5xY/production-swh-cassandra.after, 94 documents
| (_| | |_| | _| _|
\__,_|\__, |_| |_| returned no differences
|___/