From 7adc0eb998194b9f3740add2dd84fe3b78ffd4b4 Mon Sep 17 00:00:00 2001 From: Piotr Dobrowolski Date: Tue, 9 Apr 2019 22:39:42 +0200 Subject: [PATCH] app/registry: migrate to ceph object storage --- app/registry/prod.jsonnet | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/app/registry/prod.jsonnet b/app/registry/prod.jsonnet index 5fc21721..65b24130 100644 --- a/app/registry/prod.jsonnet +++ b/app/registry/prod.jsonnet @@ -1,6 +1,7 @@ # registry.k0.hswaw.net, a private docker registry # This needs an oauth2 secret provisioned, create with: # kubectl -n registry create secret generic auth --from-literal=oauth2_secret=... +# kubectl get secrets rook-ceph-object-user-waw-hdd-redundant-1-object-registry -n ceph-waw1 -o yaml --export | kubectl replace -f - -n registry local kube = import "../../kube/kube.libsonnet"; local cm = import "../../cluster/kube/lib/cert-manager.libsonnet"; @@ -68,8 +69,10 @@ local cm = import "../../cluster/kube/lib/cert-manager.libsonnet"; cache: { blobdescriptor: "inmemory", }, - filesystem: { - rootdirectory: "/var/lib/registry", + s3: { + regionendpoint: "https://object.ceph-waw1.hswaw.net", + bucket: "registry", + region: "waw-hdd-redunant-1-object:default-placement", }, }, http: { @@ -81,6 +84,9 @@ local cm = import "../../cluster/kube/lib/cert-manager.libsonnet"; certificate: "/certs/tls.crt", key: "/certs/tls.key", }, + debug: { + addr: "localhost:5001", + }, }, health: { storagedriver: { @@ -224,6 +230,16 @@ local cm = import "../../cluster/kube/lib/cert-manager.libsonnet"; certs: { mountPath: "/certs" }, authcerts: { mountPath: "/authcerts" }, }, + env_: { + REGISTRY_STORAGE_S3_ACCESSKEY: { secretKeyRef: { + name: "rook-ceph-object-user-waw-hdd-redundant-1-object-registry", + key: "AccessKey" + }}, + REGISTRY_STORAGE_S3_SECRETKEY: { secretKeyRef: { + name: "rook-ceph-object-user-waw-hdd-redundant-1-object-registry", + key: "SecretKey", + }}, + }, }, }, },