From dd847109d81d0132682d1640cc6770b6f94e3683 Mon Sep 17 00:00:00 2001 From: Masudur Rahman Date: Tue, 10 Oct 2023 20:30:32 +0600 Subject: [PATCH] Add option to use cloud storage in self-hosted mode (#200) Signed-off-by: Masudur Rahman --- apis/installer/v1alpha1/ace_ace_types.go | 4 +++- apis/installer/v1alpha1/ace_options_types.go | 8 ++++++-- apis/installer/v1alpha1/stash_presets_types.go | 2 +- charts/accounts-ui/templates/deployment.yaml | 12 ++++++++++++ charts/ace/README.md | 3 +-- charts/ace/templates/platform/setup-job.yaml | 12 ++++++++++++ charts/ace/values.openapiv3_schema.yaml | 10 ++++++---- charts/ace/values.yaml | 1 - charts/billing/templates/processor.yaml | 12 ++++++++++++ charts/billing/templates/summary.yaml | 12 ++++++++++++ charts/kubestash-presets/README.md | 1 - .../kubestash-presets/values.openapiv3_schema.yaml | 1 - charts/kubestash-presets/values.yaml | 2 +- charts/platform-api/templates/statefulset.yaml | 12 ++++++++++++ charts/platform-links/templates/deployment.yaml | 12 ++++++++++++ charts/stash-presets/README.md | 1 - charts/stash-presets/values.openapiv3_schema.yaml | 1 - charts/stash-presets/values.yaml | 2 +- schema/ace-options/values.openapiv3_schema.yaml | 10 +++++++--- 19 files changed, 98 insertions(+), 20 deletions(-) diff --git a/apis/installer/v1alpha1/ace_ace_types.go b/apis/installer/v1alpha1/ace_ace_types.go index 82c3d6ded..e5759cfce 100644 --- a/apis/installer/v1alpha1/ace_ace_types.go +++ b/apis/installer/v1alpha1/ace_ace_types.go @@ -302,8 +302,10 @@ const ( type InfraObjstore struct { Provider ObjstoreProvider `json:"provider"` - Host string `json:"host"` Bucket string `json:"bucket"` + Prefix string `json:"prefix,omitempty"` + Endpoint string `json:"endpoint,omitempty"` + Region string `json:"region,omitempty"` MountPath string `json:"mountPath"` S3 *S3Auth `json:"s3,omitempty"` Azure *AzureAuth `json:"azure,omitempty"` diff --git a/apis/installer/v1alpha1/ace_options_types.go b/apis/installer/v1alpha1/ace_options_types.go index 0a9e12977..1f809c0ae 100644 --- a/apis/installer/v1alpha1/ace_options_types.go +++ b/apis/installer/v1alpha1/ace_options_types.go @@ -152,8 +152,12 @@ type AceOptionsInfraCloudServices struct { } type AceOptionsInfraObjstore struct { - Host string `json:"host"` - Bucket string `json:"bucket"` + Bucket string `json:"bucket"` + Prefix string `json:"prefix,omitempty"` + // Required for s3 type buckets other than AWS s3 buckets + Endpoint string `json:"endpoint,omitempty"` + // Required for s3 buckets + Region string `json:"region,omitempty"` Auth ObjstoreAuth `json:"auth"` } diff --git a/apis/installer/v1alpha1/stash_presets_types.go b/apis/installer/v1alpha1/stash_presets_types.go index 151b3ba13..3b3245c88 100644 --- a/apis/installer/v1alpha1/stash_presets_types.go +++ b/apis/installer/v1alpha1/stash_presets_types.go @@ -88,7 +88,7 @@ type S3 struct { type S3Auth struct { AwsAccessKeyID string `json:"AWS_ACCESS_KEY_ID"` AwsSecretAccessKey string `json:"AWS_SECRET_ACCESS_KEY"` - CaCertData string `json:"CA_CERT_DATA"` + CaCertData string `json:"CA_CERT_DATA,omitempty"` } type Azure struct { diff --git a/charts/accounts-ui/templates/deployment.yaml b/charts/accounts-ui/templates/deployment.yaml index 201b0a3fa..352e54268 100644 --- a/charts/accounts-ui/templates/deployment.yaml +++ b/charts/accounts-ui/templates/deployment.yaml @@ -87,6 +87,18 @@ spec: key: AWS_REGION {{- end }} {{- end }} + {{- if and (include "settings.objstoreSecretName" .) (eq $infra.objstore.provider "azure") }} + - name: AZURE_STORAGE_ACCOUNT + valueFrom: + secretRef: + name: {{ include "settings.objstoreSecretName" . }} + key: AZURE_ACCOUNT_NAME + - name: AZURE_STORAGE_KEY + valueFrom: + secretRef: + name: {{ include "settings.objstoreSecretName" . }} + key: AZURE_ACCOUNT_KEY + {{- end }} volumeMounts: - name: tmp mountPath: /tmp diff --git a/charts/ace/README.md b/charts/ace/README.md index c9e13e985..f593569eb 100644 --- a/charts/ace/README.md +++ b/charts/ace/README.md @@ -94,8 +94,7 @@ The following table lists the configurable parameters of the `ace` chart and the | global.infra.dns.provider | | "cloudflare" # external,cloudflare,route53 | | global.infra.dns.auth.cloudflare.token | | xyz | | global.infra.objstore.provider | | "" # s3,azure,gcs,swift | -| global.infra.objstore.host | might be a file storage prefixed with file:// | "" | -| global.infra.objstore.bucket | | gs://ace-data | +| global.infra.objstore.bucket | might be a file storage prefixed with file:// | gs://ace-data | | global.infra.objstore.mountPath | | /data/credentials | | global.infra.stash.backup.password | | "" | | global.infra.stash.backup.schedule | | '0 */4 * * *' | diff --git a/charts/ace/templates/platform/setup-job.yaml b/charts/ace/templates/platform/setup-job.yaml index 75e30b86d..49a308b0b 100644 --- a/charts/ace/templates/platform/setup-job.yaml +++ b/charts/ace/templates/platform/setup-job.yaml @@ -81,6 +81,18 @@ spec: key: AWS_REGION {{- end }} {{- end }} + {{- if and (include "settings.objstoreSecretName" .) (eq $infra.objstore.provider "azure") }} + - name: AZURE_STORAGE_ACCOUNT + valueFrom: + secretRef: + name: {{ include "settings.objstoreSecretName" . }} + key: AZURE_ACCOUNT_NAME + - name: AZURE_STORAGE_KEY + valueFrom: + secretRef: + name: {{ include "settings.objstoreSecretName" . }} + key: AZURE_ACCOUNT_KEY + {{- end }} volumeMounts: - name: tmp mountPath: /tmp diff --git a/charts/ace/values.openapiv3_schema.yaml b/charts/ace/values.openapiv3_schema.yaml index 243d019f3..c28f4cc5c 100644 --- a/charts/ace/values.openapiv3_schema.yaml +++ b/charts/ace/values.openapiv3_schema.yaml @@ -3785,6 +3785,8 @@ properties: type: object bucket: type: string + endpoint: + type: string gcs: properties: GOOGLE_PROJECT_ID: @@ -3795,10 +3797,10 @@ properties: - GOOGLE_PROJECT_ID - GOOGLE_SERVICE_ACCOUNT_JSON_KEY type: object - host: - type: string mountPath: type: string + prefix: + type: string provider: enum: - gcs @@ -3806,6 +3808,8 @@ properties: - azure - swift type: string + region: + type: string s3: properties: AWS_ACCESS_KEY_ID: @@ -3817,7 +3821,6 @@ properties: required: - AWS_ACCESS_KEY_ID - AWS_SECRET_ACCESS_KEY - - CA_CERT_DATA type: object swift: properties: @@ -3867,7 +3870,6 @@ properties: type: object required: - bucket - - host - mountPath - provider type: object diff --git a/charts/ace/values.yaml b/charts/ace/values.yaml index 5e42ada12..20d28023b 100644 --- a/charts/ace/values.yaml +++ b/charts/ace/values.yaml @@ -152,7 +152,6 @@ global: objstore: provider: "" # s3,azure,gcs,swift # might be a file storage prefixed with file:// - host: "" bucket: gs://ace-data mountPath: /data/credentials # gcs: diff --git a/charts/billing/templates/processor.yaml b/charts/billing/templates/processor.yaml index 9c30e08c3..055b1e474 100644 --- a/charts/billing/templates/processor.yaml +++ b/charts/billing/templates/processor.yaml @@ -86,6 +86,18 @@ spec: key: AWS_REGION {{- end }} {{- end }} + {{- if and (include "settings.objstoreSecretName" .) (eq $infra.objstore.provider "azure") }} + - name: AZURE_STORAGE_ACCOUNT + valueFrom: + secretRef: + name: {{ include "settings.objstoreSecretName" . }} + key: AZURE_ACCOUNT_NAME + - name: AZURE_STORAGE_KEY + valueFrom: + secretRef: + name: {{ include "settings.objstoreSecretName" . }} + key: AZURE_ACCOUNT_KEY + {{- end }} volumeMounts: - name: tmp mountPath: /tmp diff --git a/charts/billing/templates/summary.yaml b/charts/billing/templates/summary.yaml index 9e55df657..7c29cce2c 100644 --- a/charts/billing/templates/summary.yaml +++ b/charts/billing/templates/summary.yaml @@ -55,6 +55,18 @@ spec: key: AWS_REGION {{- end }} {{- end }} + {{- if and (include "settings.objstoreSecretName" .) (eq $infra.objstore.provider "azure") }} + - name: AZURE_STORAGE_ACCOUNT + valueFrom: + secretRef: + name: {{ include "settings.objstoreSecretName" . }} + key: AZURE_ACCOUNT_NAME + - name: AZURE_STORAGE_KEY + valueFrom: + secretRef: + name: {{ include "settings.objstoreSecretName" . }} + key: AZURE_ACCOUNT_KEY + {{- end }} volumeMounts: - name: tmp mountPath: /tmp diff --git a/charts/kubestash-presets/README.md b/charts/kubestash-presets/README.md index 21ac255f1..b51ff1961 100644 --- a/charts/kubestash-presets/README.md +++ b/charts/kubestash-presets/README.md @@ -59,7 +59,6 @@ The following table lists the configurable parameters of the `kubestash-presets` | kubestash.backend.s3.spec.bucket | | "" | | kubestash.backend.s3.auth.AWS_ACCESS_KEY_ID | | "" | | kubestash.backend.s3.auth.AWS_SECRET_ACCESS_KEY | | "" | -| kubestash.backend.s3.auth.CA_CERT_DATA | | "" | | kubestash.backend.azure.spec.container | | "" | | kubestash.backend.azure.auth.AZURE_ACCOUNT_NAME | | "" | | kubestash.backend.azure.auth.AZURE_ACCOUNT_KEY | | "" | diff --git a/charts/kubestash-presets/values.openapiv3_schema.yaml b/charts/kubestash-presets/values.openapiv3_schema.yaml index db205397f..3f8f4718b 100644 --- a/charts/kubestash-presets/values.openapiv3_schema.yaml +++ b/charts/kubestash-presets/values.openapiv3_schema.yaml @@ -107,7 +107,6 @@ properties: required: - AWS_ACCESS_KEY_ID - AWS_SECRET_ACCESS_KEY - - CA_CERT_DATA type: object spec: properties: diff --git a/charts/kubestash-presets/values.yaml b/charts/kubestash-presets/values.yaml index d62c69c76..251af6d56 100644 --- a/charts/kubestash-presets/values.yaml +++ b/charts/kubestash-presets/values.yaml @@ -22,7 +22,7 @@ kubestash: auth: AWS_ACCESS_KEY_ID: "" AWS_SECRET_ACCESS_KEY: "" - CA_CERT_DATA: "" + # CA_CERT_DATA: "" azure: spec: container: "" diff --git a/charts/platform-api/templates/statefulset.yaml b/charts/platform-api/templates/statefulset.yaml index 1fb0dafe6..5291138c5 100644 --- a/charts/platform-api/templates/statefulset.yaml +++ b/charts/platform-api/templates/statefulset.yaml @@ -89,6 +89,18 @@ spec: key: AWS_REGION {{- end }} {{- end }} + {{- if and (include "settings.objstoreSecretName" .) (eq $infra.objstore.provider "azure") }} + - name: AZURE_STORAGE_ACCOUNT + valueFrom: + secretRef: + name: {{ include "settings.objstoreSecretName" . }} + key: AZURE_ACCOUNT_NAME + - name: AZURE_STORAGE_KEY + valueFrom: + secretRef: + name: {{ include "settings.objstoreSecretName" . }} + key: AZURE_ACCOUNT_KEY + {{- end }} volumeMounts: - name: tmp mountPath: /tmp diff --git a/charts/platform-links/templates/deployment.yaml b/charts/platform-links/templates/deployment.yaml index 09bd9850a..2419a86c6 100644 --- a/charts/platform-links/templates/deployment.yaml +++ b/charts/platform-links/templates/deployment.yaml @@ -87,6 +87,18 @@ spec: key: AWS_REGION {{- end }} {{- end }} + {{- if and (include "settings.objstoreSecretName" .) (eq $infra.objstore.provider "azure") }} + - name: AZURE_STORAGE_ACCOUNT + valueFrom: + secretRef: + name: {{ include "settings.objstoreSecretName" . }} + key: AZURE_ACCOUNT_NAME + - name: AZURE_STORAGE_KEY + valueFrom: + secretRef: + name: {{ include "settings.objstoreSecretName" . }} + key: AZURE_ACCOUNT_KEY + {{- end }} volumeMounts: - name: tmp mountPath: /tmp diff --git a/charts/stash-presets/README.md b/charts/stash-presets/README.md index d1a285634..708a039d0 100644 --- a/charts/stash-presets/README.md +++ b/charts/stash-presets/README.md @@ -59,7 +59,6 @@ The following table lists the configurable parameters of the `stash-presets` cha | stash.backend.s3.spec.bucket | | "" | | stash.backend.s3.auth.AWS_ACCESS_KEY_ID | | "" | | stash.backend.s3.auth.AWS_SECRET_ACCESS_KEY | | "" | -| stash.backend.s3.auth.CA_CERT_DATA | | "" | | stash.backend.azure.spec.container | | "" | | stash.backend.azure.auth.AZURE_ACCOUNT_NAME | | "" | | stash.backend.azure.auth.AZURE_ACCOUNT_KEY | | "" | diff --git a/charts/stash-presets/values.openapiv3_schema.yaml b/charts/stash-presets/values.openapiv3_schema.yaml index 65a3a0d9e..69ef82c34 100644 --- a/charts/stash-presets/values.openapiv3_schema.yaml +++ b/charts/stash-presets/values.openapiv3_schema.yaml @@ -107,7 +107,6 @@ properties: required: - AWS_ACCESS_KEY_ID - AWS_SECRET_ACCESS_KEY - - CA_CERT_DATA type: object spec: properties: diff --git a/charts/stash-presets/values.yaml b/charts/stash-presets/values.yaml index 19e76e27f..212976ef0 100644 --- a/charts/stash-presets/values.yaml +++ b/charts/stash-presets/values.yaml @@ -22,7 +22,7 @@ stash: auth: AWS_ACCESS_KEY_ID: "" AWS_SECRET_ACCESS_KEY: "" - CA_CERT_DATA: "" + # CA_CERT_DATA: "" azure: spec: container: "" diff --git a/schema/ace-options/values.openapiv3_schema.yaml b/schema/ace-options/values.openapiv3_schema.yaml index d753d9bb3..937c7aa5c 100644 --- a/schema/ace-options/values.openapiv3_schema.yaml +++ b/schema/ace-options/values.openapiv3_schema.yaml @@ -312,7 +312,6 @@ properties: required: - AWS_ACCESS_KEY_ID - AWS_SECRET_ACCESS_KEY - - CA_CERT_DATA type: object swift: properties: @@ -363,12 +362,17 @@ properties: type: object bucket: type: string - host: + endpoint: + description: Required for s3 type buckets other than AWS s3 buckets + type: string + prefix: + type: string + region: + description: Required for s3 buckets type: string required: - auth - bucket - - host type: object provider: enum: