diff --git a/cluster/kube/cluster.jsonnet b/cluster/kube/cluster.jsonnet index a57c8978..a4d86800 100644 --- a/cluster/kube/cluster.jsonnet +++ b/cluster/kube/cluster.jsonnet @@ -122,8 +122,7 @@ local Cluster(fqdn) = { }, }, }, - cephWaw1Object: kube._Object("ceph.rook.io/v1", "CephObjectStore", "waw-hdd-redundant-1-object") { - metadata+: cluster.cephWaw1.metadata, + cephWaw1Object: rook.S3ObjectStore(cluster.cephWaw1, "waw-hdd-redundant-1-object") { spec: { metadataPool: { failureDomain: "host", @@ -136,13 +135,6 @@ local Cluster(fqdn) = { codingChunks: 1, }, }, - gateway: { - type: "s3", - port: 80, - #securePort: - instances: 1, - allNodes: false, - }, }, }, }; diff --git a/cluster/kube/lib/rook.libsonnet b/cluster/kube/lib/rook.libsonnet index b553ca46..de1bf7ac 100644 --- a/cluster/kube/lib/rook.libsonnet +++ b/cluster/kube/lib/rook.libsonnet @@ -495,4 +495,54 @@ local kube = import "../../../kube/kube.libsonnet"; reclaimPolicy: "Retain", }, }, + + S3ObjectStore(cluster, name):: { + local store = self, + spec:: error "spec must be specified", + objectStore: kube._Object("ceph.rook.io/v1", "CephObjectStore", name) { + metadata+: cluster.metadata, + spec: store.spec { + gateway: { + type: "s3", + port: 80, + instances: 1, + allNodes: false, + }, + }, + }, + + objectIngress: kube.Ingress(name) { + metadata+: cluster.metadata { + annotations+: { + "kubernetes.io/tls-acme": "true", + "certmanager.k8s.io/cluster-issuer": "letsencrypt-prod", + "nginx.ingress.kubernetes.io/proxy-body-size": "0", + }, + }, + spec+: { + tls: [ + { + hosts: ["object.%s.hswaw.net" % [cluster.metadata.namespace]], + secretName: "%s-tls" % [name], + }, + ], + rules: [ + { + host: "object.%s.hswaw.net" % [cluster.metadata.namespace], + http: { + paths: [ + { + path: "/", + backend: { + serviceName: "rook-ceph-rgw-%s" % [name], + servicePort: 80, + }, + }, + ] + }, + } + ], + }, + }, + }, }