30-webapp.yml
No OneTemporary
Actions

Size

6 KB

Subscribers

None

30-webapp.yml
View Options

	---
	apiVersion: v1
	kind: ConfigMap
	metadata:
	name: webapp
	data:
	config.yml: \|
	storage:
	cls: remote
	args:
	url: http://storage:5002/
	timeout: 1

	objstorage:
	cls: remote
	args:
	url: http://objstorage:5003/

	# indexer_storage:
	# cls: remote
	# args:
	# url: http://indexer-storage:5007/

	scheduler:
	cls: remote
	args:
	url: http://scheduler:5008/

	vault:
	cls: remote
	args:
	url: http://vault:5005/

	# deposit:
	# private_api_url: https://deposit:5006/1/private/
	# private_api_user: swhworker
	# private_api_password: ''

	# TODO: remove the *
	allowed_hosts:
	- "*"
	- appserver

	debug: yes

	serve_assets: yes

	history_counters_url: http://counters:5011/counters_history/history.json

	# TODO find a way to make this dynamic
	production_db:
	host: web-db
	port: 5432
	name: swh-web
	user: swh
	password: swh

	throttling:
	cache_uri: memcached:11211
	scopes:
	swh_api:
	limiter_rate:
	default: 120/h
	exempted_networks:
	- 0.0.0.0/0
	swh_api_origin_search:
	limiter_rate:
	default: 70/m
	exempted_networks:
	- 0.0.0.0/0
	swh_api_origin_visit_latest:
	limiter_rate:
	default: 700/m
	exempted_networks:
	- 0.0.0.0/0
	swh_vault_cooking:
	limiter_rate:
	default: 120/h
	exempted_networks:
	- 0.0.0.0/0
	swh_save_origin:
	limiter_rate:
	default: 120/h
	exempted_networks:
	- 0.0.0.0/0

	search:
	cls: remote
	url: http://search:5010/
	entrypoint-init.sh: \|
	#!/bin/bash

	set -e

	source /srv/softwareheritage/utils/pgsql.sh

	create_admin_script="
	from django.contrib.auth import get_user_model

	username = 'admin';
	password = 'admin';
	email = 'admin@swh-web.org';

	User = get_user_model();

	if not User.objects.filter(username = username).exists():
	User.objects.create_superuser(username, email, password);
	"

	echo "waiting for database availability"
	wait_pgsql ${PGDATABASE}

	echo "Migrating db using ${DJANGO_SETTINGS_MODULE}"
	django-admin migrate --settings=${DJANGO_SETTINGS_MODULE}

	echo "Creating Django admin user"
	echo "$create_admin_script" \| python3 -m swh.web.manage shell

	entrypoint.sh: \|
	#!/bin/bash

	set -e

	echo "starting the swh-web server"
	exec gunicorn --bind 0.0.0.0:5004 \
	--threads 2 \
	--workers 2 \
	--timeout 3600 \
	--access-logfile '-' \
	--config 'python:swh.web.gunicorn_config' \
	'django.core.wsgi:get_wsgi_application()'
	---
	apiVersion: v1
	kind: Service
	metadata:
	name: memcached
	spec:
	type: ClusterIP
	selector:
	app: memcached
	ports:
	- port: 11211
	targetPort: 11211
	---
	apiVersion: apps/v1
	kind: Deployment
	metadata:
	name: memcached
	labels:
	app: memcached
	spec:
	replicas: 1
	selector:
	matchLabels:
	app: memcached
	template:
	metadata:
	labels:
	app: memcached
	spec:
	containers:
	- name: memcached
	image: memcached
	imagePullPolicy: Always
	resources:
	limits:
	memory: "128Mi"
	cpu: "100m"
	---
	apiVersion: v1
	kind: Service
	metadata:
	name: webapp
	spec:
	selector:
	app: webapp
	ports:
	- port: 5004
	targetPort: 5004
	---
	apiVersion: networking.k8s.io/v1
	kind: Ingress
	metadata:
	name: webapp
	labels:
	name: webapp
	spec:
	rules:
	- host: webapp.default
	http:
	paths:
	- pathType: Prefix
	path: "/"
	backend:
	service:
	name: webapp
	port:
	number: 5004
	---
	apiVersion: apps/v1
	kind: Deployment
	metadata:
	name: webapp
	spec:
	selector:
	matchLabels:
	app: webapp
	strategy:
	type: RollingUpdate
	rollingUpdate:
	maxSurge: 1
	template:
	metadata:
	labels:
	app: webapp
	spec:
	initContainers:
	- name: web-init
	image: swh/webapp:latest
	imagePullPolicy: Always
	command:
	- /entrypoint.sh
	env:
	- name: PGHOST
	value: "web-db"
	- name: PGUSER
	valueFrom:
	configMapKeyRef:
	name: web-db
	key: POSTGRES_USER
	- name: PGPASSWORD
	valueFrom:
	secretKeyRef:
	name: web-db
	key: POSTGRES_PASSWORD
	- name: PGDATABASE
	valueFrom:
	configMapKeyRef:
	name: web-db
	key: POSTGRES_DB
	- name: DJANGO_SETTINGS_MODULE
	value: swh.web.settings.production
	volumeMounts:
	- name: db-password
	mountPath: /run/secrets/postgres-password
	subPath: POSTGRES_PASSWORD
	readOnly: true
	- name: config
	mountPath: /entrypoint.sh
	subPath: entrypoint-init.sh
	readOnly: true
	containers:
	- name: webapp
	image: swh/webapp:latest
	imagePullPolicy: Always
	command:
	- /entrypoint.sh
	readinessProbe:
	httpGet:
	path: /
	port: 5004
	scheme: "HTTP"
	initialDelaySeconds: 0
	failureThreshold: 2
	periodSeconds: 10
	startupProbe:
	httpGet:
	path: /
	port: 5004
	scheme: "HTTP"
	initialDelaySeconds: 5
	failureThreshold: 30
	periodSeconds: 1
	resources:
	requests:
	memory: "196Mi"
	cpu: "50m"
	limits:
	memory: "256Mi"
	cpu: "512m"
	ports:
	- containerPort: 5004
	env:
	- name: PORT
	value: "5004"
	- name: VERBOSITY
	value: "3"
	- name: DJANGO_SETTINGS_MODULE
	value: swh.web.settings.production
	- name: SWH_CONFIG_FILENAME
	value: /etc/softwareheritage/config.yml
	volumeMounts:
	- name: config
	mountPath: /etc/softwareheritage/config.yml
	subPath: config.yml
	readOnly: true
	- name: config
	mountPath: /entrypoint.sh
	subPath: entrypoint.sh
	readOnly: true
	volumes:
	- name: config
	configMap:
	name: webapp
	defaultMode: 0777
	- name: db-password
	secret:
	secretName: web-db

File Metadata

Mime Type: text/plain
Expires: Fri, Jul 4, 1:19 PM (1 w, 5 h ago)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 3429496

30-webapp.ymlNo OneTemporaryActions

30-webapp.ymlView Options

File Metadata

Event Timeline

30-webapp.yml
No OneTemporary
Actions

30-webapp.yml
View Options