hswaw
/
hscloud
mirror of https://gerrit.hackerspace.pl/hscloud
4
0
Fork 2
Code Actions

app/registry: migrate to ceph object storage

changes/03/3/1
informatic 2019-04-09 22:39:42 +02:00
parent 5ac85c6e73
commit 7adc0eb998
1 changed files with 18 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
app/registry/prod.jsonnet
View File

@ -1,6 +1,7 @@
# registry.k0.hswaw.net, a private docker registry
# This needs an oauth2 secret provisioned, create with:
# kubectl -n registry create secret generic auth --from-literal=oauth2_secret=...
# kubectl get secrets rook-ceph-object-user-waw-hdd-redundant-1-object-registry -n ceph-waw1 -o yaml --export | kubectl replace -f - -n registry
local kube = import "../../kube/kube.libsonnet";
local cm = import "../../cluster/kube/lib/cert-manager.libsonnet";
@ -68,8 +69,10 @@ local cm = import "../../cluster/kube/lib/cert-manager.libsonnet";
cache: {
blobdescriptor: "inmemory",
},
filesystem: {
rootdirectory: "/var/lib/registry",
s3: {
regionendpoint: "https://object.ceph-waw1.hswaw.net",
bucket: "registry",
region: "waw-hdd-redunant-1-object:default-placement",
},
},
http: {
@ -81,6 +84,9 @@ local cm = import "../../cluster/kube/lib/cert-manager.libsonnet";
certificate: "/certs/tls.crt",
key: "/certs/tls.key",
},
debug: {
addr: "localhost:5001",
},
},
health: {
storagedriver: {
@ -224,6 +230,16 @@ local cm = import "../../cluster/kube/lib/cert-manager.libsonnet";
certs: { mountPath: "/certs" },
authcerts: { mountPath: "/authcerts" },
},
env_: {
REGISTRY_STORAGE_S3_ACCESSKEY: { secretKeyRef: {
name: "rook-ceph-object-user-waw-hdd-redundant-1-object-registry",
key: "AccessKey"
}},
REGISTRY_STORAGE_S3_SECRETKEY: { secretKeyRef: {
name: "rook-ceph-object-user-waw-hdd-redundant-1-object-registry",
key: "SecretKey",
}},
},
},
},
},