From 0f7267e865bf86c41c621c60d38a96416cb74cf9 Mon Sep 17 00:00:00 2001 From: Todd Kazakov Date: Tue, 28 Mar 2023 18:37:25 +0300 Subject: [PATCH 1/5] Allow starting services in read-only mode --- charts/tidepool/templates/_helpers.tpl | 36 ++++++++++++++++---------- charts/tidepool/values.yaml | 26 +++++++++++++++++++ 2 files changed, 49 insertions(+), 13 deletions(-) diff --git a/charts/tidepool/templates/_helpers.tpl b/charts/tidepool/templates/_helpers.tpl index 17e04a50..d55b3605 100644 --- a/charts/tidepool/templates/_helpers.tpl +++ b/charts/tidepool/templates/_helpers.tpl @@ -47,24 +47,28 @@ Create environment variables used by all platform services. */}} } +{{- define "hostname.internal" -}} +{{- .Values.global.hostnames.internal | default (printf "internal-%s" .Release.Namespace) -}} +{{- end -}} + {{ define "charts.platform.env.clients" }} - name: TIDEPOOL_AUTH_CLIENT_ADDRESS - value: http://auth:{{.Values.global.ports.auth}} + value: http://{{.Values.global.hostnames.auth}}:{{.Values.global.ports.auth}} - name: TIDEPOOL_AUTH_CLIENT_EXTERNAL_ADDRESS - value: "http://internal.{{.Release.Namespace}}" + value: "http://{{ include "hostname.internal" .}}" - name: TIDEPOOL_AUTH_CLIENT_EXTERNAL_SERVER_SESSION_TOKEN_SECRET valueFrom: secretKeyRef: name: server key: ServiceAuth - name: TIDEPOOL_BLOB_CLIENT_ADDRESS - value: http://blob:{{.Values.global.ports.blob}} + value: http://{{.Values.global.hostnames.blob}}:{{.Values.global.ports.blob}} - name: TIDEPOOL_DATA_CLIENT_ADDRESS - value: http://data:{{.Values.global.ports.data}} + value: http://{{.Values.global.hostnames.data}}:{{.Values.global.ports.data}} - name: TIDEPOOL_DATA_SOURCE_CLIENT_ADDRESS - value: http://data:{{.Values.global.ports.data}} + value: http://{{.Values.global.hostnames.data}}:{{.Values.global.ports.data}} - name: TIDEPOOL_DEVICES_CLIENT_ADDRESS - value: devices:{{.Values.global.ports.devices_grpc}} + value: {{.Values.global.hostnames.devices}}:{{.Values.global.ports.devices_grpc}} - name: TIDEPOOL_DEXCOM_CLIENT_ADDRESS valueFrom: configMapKeyRef: @@ -76,17 +80,17 @@ Create environment variables used by all platform services. name: dexcom key: AuthorizeURL - name: TIDEPOOL_METRIC_CLIENT_ADDRESS - value: "http://internal.{{.Release.Namespace}}" + value: "http://{{ include "hostname.internal" .}}}" - name: TIDEPOOL_PERMISSION_CLIENT_ADDRESS - value: http://gatekeeper:{{.Values.global.ports.gatekeeper}} + value: http://{{.Values.global.hostnames.gatekeeper}}:{{.Values.global.ports.gatekeeper}} - name: TIDEPOOL_CONFIRMATION_CLIENT_ADDRESS - value: "http://hydrophone:{{.Values.global.ports.hydrophone}}" + value: "http://{{.Values.global.hostnames.hydrophone}}:{{.Values.global.ports.hydrophone}}" - name: TIDEPOOL_TASK_CLIENT_ADDRESS - value: http://task:{{.Values.global.ports.task}} + value: http://{{.Values.global.hostnames.task}}:{{.Values.global.ports.task}} - name: TIDEPOOL_USER_CLIENT_ADDRESS - value: "http://internal.{{.Release.Namespace}}" + value: "http://{{ include "hostname.internal" .}}" - name: TIDEPOOL_CLINIC_CLIENT_ADDRESS - value: "http://internal.{{.Release.Namespace}}" + value: "http://{{ include "hostname.internal" .}}" {{ end }} {{ define "charts.tracing.common" }} @@ -163,6 +167,12 @@ Create environment variables used by all platform services. {{ include "charts.mongo.params" . }} - name: TIDEPOOL_STORE_DATABASE value: tidepool + - name: TIDEPOOL_DISABLE_INDEX_CREATION + valueFrom: + secretKeyRef: + name: {{ .Values.mongo.secretName }} + key: DisabledIndexCreation + optional: true {{ end }} {{/* @@ -188,7 +198,7 @@ Create liveness and readiness probes for platform services. {{- define "charts.init.shoreline" -}} - name: init-shoreline image: busybox:1.31.1 - command: ['sh', '-c', 'until nc -zvv shoreline {{.Values.global.ports.shoreline}}; do echo waiting for shoreline; sleep 2; done;'] + command: ['sh', '-c', 'until nc -zvv {{.Values.global.hostnames.shoreline}} {{.Values.global.ports.shoreline}}; do echo waiting for shoreline; sleep 2; done;'] {{- end -}} {{- define "charts.labels.standard" }} diff --git a/charts/tidepool/values.yaml b/charts/tidepool/values.yaml index f39d29eb..b08d5491 100644 --- a/charts/tidepool/values.yaml +++ b/charts/tidepool/values.yaml @@ -56,6 +56,32 @@ global: linkerdsupport: # -- whether to include linkerdsupport subchart with Linkerd service profiles enabled: true + # -- service hostnames + hostnames: + # -- auth service hostname + auth: "auth" + # -- blob service hostname + blob: "blob" + # -- clinic service hostname + clinic: "clinic" + # -- data service hostname + data: "data" + # -- devices service hostname + devices: "devices" + # -- gatekeeper service hostname + gatekeeper: "gatekeeper" + # -- hydrophone service hostname + hydrophone: "hydrophone" + # -- internal virtual service hostname + internal: "internal" + # -- metric service hostname + metric: "highwater" + # -- shoreline service hostname + shoreline: "shoreline" + # -- task service hostname + task: "task" + # -- user service hostname + user: "user" ports: # -- blip service internal port blip: 31500 From 5e6719e028ccbb4ada330642508494a606333509 Mon Sep 17 00:00:00 2001 From: Todd Kazakov Date: Wed, 29 Mar 2023 16:34:58 +0300 Subject: [PATCH 2/5] Allow disabling the user events handler in platform services --- charts/tidepool/charts/auth/templates/0-configmap.yaml | 1 + charts/tidepool/charts/auth/templates/1-deployment.yaml | 6 ++++++ charts/tidepool/charts/auth/values.yaml | 1 + charts/tidepool/charts/blob/templates/1-deployment.yaml | 6 ++++++ charts/tidepool/charts/data/templates/1-deployment.yaml | 6 ++++++ 5 files changed, 20 insertions(+) diff --git a/charts/tidepool/charts/auth/templates/0-configmap.yaml b/charts/tidepool/charts/auth/templates/0-configmap.yaml index 8a9e4ed7..8b5b27d0 100644 --- a/charts/tidepool/charts/auth/templates/0-configmap.yaml +++ b/charts/tidepool/charts/auth/templates/0-configmap.yaml @@ -11,4 +11,5 @@ data: AppleDeviceCheckKeyId: {{ .AppleDeviceCheckKeyId | default "" }} AppleDeviceCheckKeyIssuer: {{ .AppleDeviceCheckKeyIssuer | default "" }} AppleDeviceCheckUseDevelopment: "{{ .AppleDeviceCheckUseDevelopment | default "true" }}" + UserEventsHandlerDisable: "{{ .UserEventsHandlerDisable | default "false" }}" {{- end }} \ No newline at end of file diff --git a/charts/tidepool/charts/auth/templates/1-deployment.yaml b/charts/tidepool/charts/auth/templates/1-deployment.yaml index bea129ec..ca481b47 100644 --- a/charts/tidepool/charts/auth/templates/1-deployment.yaml +++ b/charts/tidepool/charts/auth/templates/1-deployment.yaml @@ -87,6 +87,12 @@ spec: name: dexcom key: StateSalt optional: true + - name: TIDEPOOL_AUTH_USER_EVENTS_HANDLER_DISABLE + valueFrom: + configMapKeyRef: + name: auth + key: UserEventsHandlerDisable + optional: true - name: TIDEPOOL_AUTH_SERVICE_DOMAIN value: {{ .Values.global.gateway.default.domain }} - name: TIDEPOOL_AUTH_SERVICE_SERVER_ADDRESS diff --git a/charts/tidepool/charts/auth/values.yaml b/charts/tidepool/charts/auth/values.yaml index 017d32dc..e19c57b7 100644 --- a/charts/tidepool/charts/auth/values.yaml +++ b/charts/tidepool/charts/auth/values.yaml @@ -10,6 +10,7 @@ configmap: AppleDeviceCheckKeyIssuer: "75U4X84TEG" AppleDeviceCheckKeyId: "B542R658GF" AppleDeviceCheckUseDevelopment: "true" + UserEventsHandlerDisable: "false" deployment: # -- auth Docker image image: tidepool/platform-auth:master-latest diff --git a/charts/tidepool/charts/blob/templates/1-deployment.yaml b/charts/tidepool/charts/blob/templates/1-deployment.yaml index caef0f2c..c270f018 100644 --- a/charts/tidepool/charts/blob/templates/1-deployment.yaml +++ b/charts/tidepool/charts/blob/templates/1-deployment.yaml @@ -49,6 +49,12 @@ spec: {{ include "charts.platform.env.clients" .}} {{ include "charts.kafka.common" .}} {{ include "charts.kafka.cloudevents.client" (dict "Values" .Values "Release" .Release "client" "blob") }} + - name: TIDEPOOL_BLOB_USER_EVENTS_HANDLER_DISABLE + valueFrom: + configMapKeyRef: + name: blob + key: UserEventsHandlerDisable + optional: true - name: TIDEPOOL_BLOB_SERVICE_SECRET valueFrom: secretKeyRef: diff --git a/charts/tidepool/charts/data/templates/1-deployment.yaml b/charts/tidepool/charts/data/templates/1-deployment.yaml index b6552407..43e90dd6 100644 --- a/charts/tidepool/charts/data/templates/1-deployment.yaml +++ b/charts/tidepool/charts/data/templates/1-deployment.yaml @@ -44,6 +44,12 @@ spec: {{ include "charts.platform.env.clients" .}} {{ include "charts.kafka.common" .}} {{ include "charts.kafka.cloudevents.client" (dict "Values" .Values "Release" .Release "client" "data") }} + - name: TIDEPOOL_DATA_USER_EVENTS_HANDLER_DISABLE + valueFrom: + configMapKeyRef: + name: data + key: UserEventsHandlerDisable + optional: true - name: TIDEPOOL_DATA_SERVICE_SECRET valueFrom: secretKeyRef: From 55b1f0fadb8357cd1a289aaf2035428c0a7d6e8c Mon Sep 17 00:00:00 2001 From: Todd Kazakov Date: Wed, 29 Mar 2023 22:47:09 +0300 Subject: [PATCH 3/5] Fix incorrect include --- charts/tidepool/templates/_helpers.tpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/tidepool/templates/_helpers.tpl b/charts/tidepool/templates/_helpers.tpl index d55b3605..bee572c3 100644 --- a/charts/tidepool/templates/_helpers.tpl +++ b/charts/tidepool/templates/_helpers.tpl @@ -80,7 +80,7 @@ Create environment variables used by all platform services. name: dexcom key: AuthorizeURL - name: TIDEPOOL_METRIC_CLIENT_ADDRESS - value: "http://{{ include "hostname.internal" .}}}" + value: "http://{{ include "hostname.internal" .}}" - name: TIDEPOOL_PERMISSION_CLIENT_ADDRESS value: http://{{.Values.global.hostnames.gatekeeper}}:{{.Values.global.ports.gatekeeper}} - name: TIDEPOOL_CONFIRMATION_CLIENT_ADDRESS From 1229c53dfea504e4d4fe852195d05d1ad55eccc3 Mon Sep 17 00:00:00 2001 From: Todd Kazakov Date: Thu, 30 Mar 2023 16:16:30 +0300 Subject: [PATCH 4/5] Fix environment variable --- charts/tidepool/charts/data/templates/1-deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/tidepool/charts/data/templates/1-deployment.yaml b/charts/tidepool/charts/data/templates/1-deployment.yaml index 43e90dd6..e1ffd92d 100644 --- a/charts/tidepool/charts/data/templates/1-deployment.yaml +++ b/charts/tidepool/charts/data/templates/1-deployment.yaml @@ -44,7 +44,7 @@ spec: {{ include "charts.platform.env.clients" .}} {{ include "charts.kafka.common" .}} {{ include "charts.kafka.cloudevents.client" (dict "Values" .Values "Release" .Release "client" "data") }} - - name: TIDEPOOL_DATA_USER_EVENTS_HANDLER_DISABLE + - name: TIDEPOOL_DATA_SERVICE_USER_EVENTS_HANDLER_DISABLE valueFrom: configMapKeyRef: name: data From 142950cbc48545a4913dcb9cb5501cd3161ad1bd Mon Sep 17 00:00:00 2001 From: Todd Kazakov Date: Wed, 26 Apr 2023 16:13:20 +0300 Subject: [PATCH 5/5] Fix auth service replicas --- charts/tidepool/charts/auth/templates/1-deployment.yaml | 4 ++-- charts/tidepool/charts/blob/templates/1-deployment.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/tidepool/charts/auth/templates/1-deployment.yaml b/charts/tidepool/charts/auth/templates/1-deployment.yaml index ca481b47..89969462 100644 --- a/charts/tidepool/charts/auth/templates/1-deployment.yaml +++ b/charts/tidepool/charts/auth/templates/1-deployment.yaml @@ -19,7 +19,7 @@ spec: app: auth app.kubernetes.io/name: {{ include "charts.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} - replicas: {{ .Values.deployment.replicas | default 1 }} + replicas: {{ .Values.deployment.replicas }} strategy: {} template: metadata: @@ -87,7 +87,7 @@ spec: name: dexcom key: StateSalt optional: true - - name: TIDEPOOL_AUTH_USER_EVENTS_HANDLER_DISABLE + - name: TIDEPOOL_AUTH_SERVICE_USER_EVENTS_HANDLER_DISABLE valueFrom: configMapKeyRef: name: auth diff --git a/charts/tidepool/charts/blob/templates/1-deployment.yaml b/charts/tidepool/charts/blob/templates/1-deployment.yaml index c270f018..20e3e5c4 100644 --- a/charts/tidepool/charts/blob/templates/1-deployment.yaml +++ b/charts/tidepool/charts/blob/templates/1-deployment.yaml @@ -49,7 +49,7 @@ spec: {{ include "charts.platform.env.clients" .}} {{ include "charts.kafka.common" .}} {{ include "charts.kafka.cloudevents.client" (dict "Values" .Values "Release" .Release "client" "blob") }} - - name: TIDEPOOL_BLOB_USER_EVENTS_HANDLER_DISABLE + - name: TIDEPOOL_BLOB_SERVICE_USER_EVENTS_HANDLER_DISABLE valueFrom: configMapKeyRef: name: blob