diff --git a/deploy/manifests/prod/us-east-2/cluster/aws-ebs-csi-driver/kustomization.yaml b/deploy/manifests/prod/us-east-2/cluster/aws-ebs-csi-driver/kustomization.yaml index b610f9a95..6d8be1bfa 100644 --- a/deploy/manifests/prod/us-east-2/cluster/aws-ebs-csi-driver/kustomization.yaml +++ b/deploy/manifests/prod/us-east-2/cluster/aws-ebs-csi-driver/kustomization.yaml @@ -6,7 +6,3 @@ resources: patchesStrategicMerge: - patch.yaml - -replicas: - - count: 0 - name: ebs-csi-controller \ No newline at end of file diff --git a/deploy/manifests/prod/us-east-2/cluster/external-snapshotter/kustomization.yaml b/deploy/manifests/prod/us-east-2/cluster/external-snapshotter/kustomization.yaml index d2862b847..9fc8154a6 100644 --- a/deploy/manifests/prod/us-east-2/cluster/external-snapshotter/kustomization.yaml +++ b/deploy/manifests/prod/us-east-2/cluster/external-snapshotter/kustomization.yaml @@ -3,7 +3,3 @@ kind: Kustomization resources: - ../../../../base/external-snapshotter - -replicas: - - count: 0 - name: snapshot-controller \ No newline at end of file diff --git a/deploy/manifests/prod/us-east-2/cluster/ingress-nginx/kustomization.yaml b/deploy/manifests/prod/us-east-2/cluster/ingress-nginx/kustomization.yaml index 98d4ba336..9a07e7f67 100644 --- a/deploy/manifests/prod/us-east-2/cluster/ingress-nginx/kustomization.yaml +++ b/deploy/manifests/prod/us-east-2/cluster/ingress-nginx/kustomization.yaml @@ -10,4 +10,4 @@ patchesStrategicMerge: replicas: - name: ingress-nginx-controller - count: 0 + count: 2 diff --git a/deploy/manifests/prod/us-east-2/cluster/kustomization.yaml b/deploy/manifests/prod/us-east-2/cluster/kustomization.yaml index 4ed74ae3e..36468b4f8 100644 --- a/deploy/manifests/prod/us-east-2/cluster/kustomization.yaml +++ b/deploy/manifests/prod/us-east-2/cluster/kustomization.yaml @@ -7,8 +7,10 @@ resources: - flux-system - external-dns - cert-manager + - storetheindex - cluster-autoscaler - monitoring - aws-ebs-csi-driver - promtail - external-snapshotter + - ../../../base/foundationdb/crds diff --git a/deploy/manifests/prod/us-east-2/cluster/storetheindex/.sops.yaml b/deploy/manifests/prod/us-east-2/cluster/storetheindex/.sops.yaml new file mode 100644 index 000000000..b01310bae --- /dev/null +++ b/deploy/manifests/prod/us-east-2/cluster/storetheindex/.sops.yaml @@ -0,0 +1,6 @@ +creation_rules: + - path_regex: '.+\.env' + kms: 'arn:aws:kms:us-east-2:407967248065:alias/prod/us-east-2/cluster' + - path_regex: '.+\.y(a)?ml' + encrypted_regex: '^(data|stringData)$' + kms: 'arn:aws:kms:us-east-2:407967248065:alias/prod/us-east-2/cluster' diff --git a/deploy/manifests/prod/us-east-2/cluster/storetheindex/flux-cd.yaml b/deploy/manifests/prod/us-east-2/cluster/storetheindex/flux-cd.yaml new file mode 100644 index 000000000..c8256b1c2 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/cluster/storetheindex/flux-cd.yaml @@ -0,0 +1,92 @@ +apiVersion: source.toolkit.fluxcd.io/v1beta2 +kind: GitRepository +metadata: + name: storetheindex +spec: + interval: 5m + url: https://github.com/filecoin-project/storetheindex.git + ref: + branch: main + secretRef: + name: github-auth +--- +apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 +kind: Kustomization +metadata: + name: storetheindex +spec: + serviceAccountName: flux + decryption: + provider: sops + interval: 5m + path: "./deploy/manifests/prod/us-east-2/tenant/storetheindex" + sourceRef: + kind: GitRepository + name: storetheindex + prune: true + +--- +apiVersion: image.toolkit.fluxcd.io/v1beta1 +kind: ImageRepository +metadata: + name: storetheindex +spec: + interval: 5m + image: 407967248065.dkr.ecr.us-east-2.amazonaws.com/storetheindex/storetheindex + +--- +apiVersion: image.toolkit.fluxcd.io/v1alpha1 +kind: ImagePolicy +metadata: + name: storetheindex +spec: + # Filter tags that match a concrete semver format. + filterTags: + pattern: '^\d+\.\d+\.\d+$' + policy: + # Select the latest semver in any range. + semver: + range: '*' + imageRepositoryRef: + name: storetheindex + +--- +apiVersion: image.toolkit.fluxcd.io/v1beta1 +kind: ImageUpdateAutomation +metadata: + name: storetheindex +spec: + interval: 5m + sourceRef: + kind: GitRepository + name: storetheindex + git: + checkout: + ref: + branch: main + commit: + author: + name: sti-bot + email: sti-bot@protocol.ai + messageTemplate: | + Update {{ .AutomationObject.Namespace }}/{{ .AutomationObject.Name }} in `prod` environment + + Files: + {{ range $filename, $_ := .Updated.Files -}} + - {{ $filename }} + {{ end -}} + + Objects: + {{ range $resource, $_ := .Updated.Objects -}} + - {{ $resource.Kind }} {{ $resource.Name }} + {{ end -}} + + Images: + {{ range .Updated.Images -}} + - {{.}} + {{ end -}} + push: + branch: 'cd/prod' + update: + strategy: Setters + path: "./deploy/manifests/prod/us-east-2/tenant/storetheindex" diff --git a/deploy/manifests/prod/us-east-2/cluster/storetheindex/flux-rbac.yaml b/deploy/manifests/prod/us-east-2/cluster/storetheindex/flux-rbac.yaml new file mode 100644 index 000000000..b83c653b3 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/cluster/storetheindex/flux-rbac.yaml @@ -0,0 +1,26 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: flux +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: flux +rules: + - apiGroups: [ '*' ] + resources: [ '*' ] + verbs: [ '*' ] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: flux +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: flux +subjects: + - kind: ServiceAccount + name: flux + namespace: storetheindex diff --git a/deploy/manifests/prod/us-east-2/cluster/storetheindex/github-auth.yaml b/deploy/manifests/prod/us-east-2/cluster/storetheindex/github-auth.yaml new file mode 100644 index 000000000..26d472867 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/cluster/storetheindex/github-auth.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Secret +metadata: + name: github-auth + namespace: storetheindex +type: Opaque +stringData: + username: ENC[AES256_GCM,data:PIzP32ie7g==,iv:7RftLnboJLG7qgrzaF4egbZ+T/7jG3UumAfpcWXdOG4=,tag:bMSZ8Cbn+9lGVels+fK/kQ==,type:str] + password: ENC[AES256_GCM,data:r+qtwVNJH/hqFjOqvM74smGzoz1R1f+P4lP21Fb+SfYK+J/QExNhog==,iv:Ex6lNi4AocQ7rpvhgXUKgDyucHzRGIqixcMVM9W+ng0=,tag:idg0jvsAe6anpsHYEMV/WA==,type:str] +sops: + kms: + - arn: arn:aws:kms:us-east-2:407967248065:alias/prod/us-east-2/cluster + created_at: "2022-11-16T18:02:15Z" + enc: AQICAHgL6WvsvxWJrxwLulz1m91xJ5UUqyeBQVrWxG7xLPkddQHo3KvXA8OPvGw9nSUNYJvVAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMFug8KK/HsQ597pBSAgEQgDtV5Z3lmPlUXJkJE43HmAdHdGEzkSfgWaZ2jlYBgnGc3WE1fmSGmdOT/bq6LFdf+nYoJT6eWNR3D3AzEw== + aws_profile: "" + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2024-08-04T11:32:47Z" + mac: ENC[AES256_GCM,data:HwH5+ngadFcJhgelKY+f2IKrHXeN4b7AHz9TZ5Fdl4R3jf9eG9HyA2xG87pY7rG0kOLSG23lqlkVBHr/d5atLjNNEuKw6zCjaK2swPk7yrBFs6nVvYY+EaKKcTbDhqwXsRE4cOhK9cDLVkNG3PJ101DH3U3CuiavSSA8TSBvzKg=,iv:VrG+KCnvGQ5OjyxDR+/WDf8Okz1/Uzgf1CzGxl4U1lM=,tag:iVOL2qAMEgtONr5MH31N+w==,type:str] + pgp: [] + encrypted_regex: ^(data|stringData)$ + version: 3.9.0 diff --git a/deploy/manifests/prod/us-east-2/cluster/storetheindex/kustomization.yaml b/deploy/manifests/prod/us-east-2/cluster/storetheindex/kustomization.yaml new file mode 100644 index 000000000..5b4938926 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/cluster/storetheindex/kustomization.yaml @@ -0,0 +1,13 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: storetheindex + +commonLabels: + toolkit.fluxcd.io/tenant: storetheindex + +resources: + - namespace.yaml + - flux-cd.yaml + - flux-rbac.yaml + - github-auth.yaml diff --git a/deploy/manifests/prod/us-east-2/cluster/storetheindex/namespace.yaml b/deploy/manifests/prod/us-east-2/cluster/storetheindex/namespace.yaml new file mode 100644 index 000000000..17f0578b0 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/cluster/storetheindex/namespace.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +kind: Namespace + +metadata: + name: storetheindex diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/.sops.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/.sops.yaml new file mode 100644 index 000000000..e085c78f6 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/.sops.yaml @@ -0,0 +1,4 @@ +creation_rules: + - path_regex: .* + encrypted_regex: '^(data|stringData)$' + kms: 'arn:aws:kms:us-east-2:407967248065:alias/prod/us-east-2/sti' diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/assigner/config.json b/deploy/manifests/prod/us-east-2/tenant/storetheindex/assigner/config.json new file mode 100644 index 000000000..d191e16c1 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/assigner/config.json @@ -0,0 +1,45 @@ +{ + "Version": 1, + "Identity": { + "PeerID": "", + "PrivKey": "" + }, + "Assignment": { + "FilterIPs": false, + "IndexerPool": [], + "Policy": { + "Allow": true, + "Except": null + }, + "PubSubTopic": "/indexer/ingest/mainnet", + "Replication": 1 + }, + "Bootstrap": { + "Peers": [ + "/dns4/node.glif.io/tcp/1235/p2p/12D3KooWBF8cpp65hp2u9LK5mh19x67ftAam84z9LsfaquTDSBpt", + "/dns4/lotus-bootstrap.ipfsforce.com/tcp/41778/p2p/12D3KooWGhufNmZHF3sv48aQeS13ng5XVJZ9E6qy2Ms4VzqeUsHk", + "/dns4/bootstrap-1.starpool.in/tcp/12757/p2p/12D3KooWQZrGH1PxSNZPum99M1zNvjNFM33d1AAu5DcvdHptuU7u", + "/dns4/bootstrap-0.ipfsmain.cn/tcp/34721/p2p/12D3KooWQnwEGNqcM2nAcPtRR9rAX8Hrg4k9kJLCHoTR5chJfz6d", + "/dns4/bootstrap-0.starpool.in/tcp/12757/p2p/12D3KooWGHpBMeZbestVEWkfdnC9u7p6uFHXL1n7m1ZBqsEmiUzz", + "/dns4/bootstrap-1.ipfsmain.cn/tcp/34723/p2p/12D3KooWMKxMkD5DMpSWsW7dBddKxKT7L2GgbNuckz9otxvkvByP" + ], + "MinimumPeers": 4 + }, + "Daemon": { + "HTTPAddr": "/ip4/0.0.0.0/tcp/3001", + "P2PAddr": "/ip4/0.0.0.0/tcp/3003", + "NoResourceManager": false + }, + "Logging": { + "Level": "info", + "Loggers": { + "basichost": "warn", + "bootstrap": "warn" + } + }, + "Peering": { + "Peers": [ + "/dns4/inga-indexer/tcp/3003/p2p/12D3KooWGRNQLAeMZ658jcuCkVBcVnCkxVYT4GqknQV2tRwDXfRT" + ] + } +} diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/assigner/deployment.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/assigner/deployment.yaml new file mode 100644 index 000000000..601ae88c9 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/assigner/deployment.yaml @@ -0,0 +1,28 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: assigner +spec: + template: + spec: + containers: + - name: assigner + resources: + limits: + cpu: "3" + memory: 2Gi + requests: + cpu: "3" + memory: 2Gi + volumeMounts: + - name: config + mountPath: /config + - name: identity + mountPath: /identity + volumes: + - name: config + configMap: + name: config + - name: identity + secret: + secretName: identity diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/assigner/identity.key.encrypted b/deploy/manifests/prod/us-east-2/tenant/storetheindex/assigner/identity.key.encrypted new file mode 100644 index 000000000..f2ad307b5 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/assigner/identity.key.encrypted @@ -0,0 +1,22 @@ +{ + "data": "ENC[AES256_GCM,data:F+PbmodW5HPQufuPbnEi3f+CMHDtd2WBgegjKK19g3maH4gh/gjvA4kdmY+Q0o6mgLomUFXKsljLDFjf6btqik6B4VU=,iv:fwaWp7pDw5DtqUUVI4dLedJKk8qhlGs6dzAzNu9CiBE=,tag:ez8VyqaqU7asqDBJ5+NLnA==,type:str]", + "sops": { + "kms": [ + { + "arn": "arn:aws:kms:us-east-2:407967248065:alias/prod/us-east-2/sti", + "created_at": "2022-04-08T13:58:40Z", + "enc": "AQICAHjmLCaDZ4fRYyty7669VvFjJmy9C7/Y4dwd6seUJHRobwESImggCcGK7u50WYmdSbCnAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMjYpcZD7kdHNXuK9rAgEQgDtV7FuOvcsWmi+/uDQh+2xSp74Z4PRa6bI+XivH+3FAbwU8kHvZlspfbqzCUmZXjOoDSTuJcX59GBqy2Q==", + "aws_profile": "" + } + ], + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": null, + "lastmodified": "2022-04-08T13:58:41Z", + "mac": "ENC[AES256_GCM,data:LvsK2JjW1l04AgIC9O01/f+hRPbnT9JkJZmUK6pcdUl5gvsXJZOhsBdNlHV1bQB05fcqLnR8kvgLsMUSYXUz46qh/81k5nGYFzFyADqGiwrWwJcQtv0GsjeUQUe0bJLK9iVF5kf+hlxp9fuiWeX+h4eI7TOKRaX7J9UNW5HQOgA=,iv:4je01vaQdJ8oIS1GjGNL6kHF4U0z/6JllxOEzry7lSM=,tag:RFyMsCVgodNoYaKmBHICsA==,type:str]", + "pgp": null, + "encrypted_regex": "^(data|stringData)$", + "version": "3.7.2" + } +} \ No newline at end of file diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/assigner/ingress.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/assigner/ingress.yaml new file mode 100644 index 000000000..9097f1993 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/assigner/ingress.yaml @@ -0,0 +1,24 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: assigner + annotations: + kubernetes.io/ingress.class: "nginx" + cert-manager.io/cluster-issuer: "letsencrypt" + nginx.ingress.kubernetes.io/enable-cors: "true" +spec: + tls: + - hosts: + - assigner.prod.cid.contact + secretName: assigner-ingress-tls + rules: + - host: assigner.prod.cid.contact + http: + paths: + - path: /ingest + pathType: Prefix + backend: + service: + name: assigner + port: + number: 3001 diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/assigner/kustomization.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/assigner/kustomization.yaml new file mode 100644 index 000000000..0703f70b6 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/assigner/kustomization.yaml @@ -0,0 +1,32 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: storetheindex + +resources: + - ../../../../../base/assigner + - ingress.yaml + +patchesStrategicMerge: + - deployment.yaml + +secretGenerator: + - name: identity + behavior: create + files: + - identity.key=identity.key.encrypted # 12D3KooWQAymjDKMivbkUNiJP7ChRsvsDuazerHW4wERRvQMWNor + +configMapGenerator: + - name: config + behavior: create + files: + - config=config.json + +replicas: + - name: assigner + count: 0 + +images: +- name: storetheindex + newName: 407967248065.dkr.ecr.us-east-2.amazonaws.com/storetheindex/storetheindex + newTag: 0.8.35 diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/caskadht/deployment.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/caskadht/deployment.yaml new file mode 100644 index 000000000..07f85f633 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/caskadht/deployment.yaml @@ -0,0 +1,52 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: caskadht +spec: + template: + spec: + topologySpreadConstraints: + - maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node.kubernetes.io/instance-type + operator: In + values: + - c6a.8xlarge + containers: + - name: caskadht + args: + - '--libp2pIdentityPath=/identity/identity.key' + - '--libp2pListenAddrs=/ip4/0.0.0.0/tcp/40090,/ip4/0.0.0.0/udp/40090/quic,/ip4/0.0.0.0/udp/40090/quic-v1' + - '--useResourceManager=false' + # Respond with 404 if `?cascade=ipfs-dht` is not specified as URL query parameter. + - '--ipniRequireQueryParam' + - '--libp2pConMgrLow=200' + - '--libp2pConMgrHigh=5000' + ports: + - containerPort: 40090 + name: libp2p + volumeMounts: + - name: identity + mountPath: /identity + resources: + limits: + cpu: "30" + memory: 58Gi + requests: + cpu: "30" + memory: 58Gi + volumes: + - name: identity + secret: + secretName: caskadht-identity + tolerations: + - key: dedicated + operator: Equal + value: c6a-8xl + effect: NoSchedule diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/caskadht/identity.key.encrypted b/deploy/manifests/prod/us-east-2/tenant/storetheindex/caskadht/identity.key.encrypted new file mode 100644 index 000000000..64bd04d8d --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/caskadht/identity.key.encrypted @@ -0,0 +1,22 @@ +{ + "data": "ENC[AES256_GCM,data:6peb2zEx1uMYGCEnll19Dt/gIvqtS7VOTT57tHIxfQgK0PVj4gA0db2G7vWxTGZiT65zNw+v1QZ6WTEPX0ep+ulv3Ns=,iv:vnvX2kEpo2puubBnV4Oz7CFb1SJHPorlWObeJY/WVYQ=,tag:YyOt0vw9KskkpdRNFGWPlw==,type:str]", + "sops": { + "kms": [ + { + "arn": "arn:aws:kms:us-east-2:407967248065:alias/prod/us-east-2/sti", + "created_at": "2023-02-02T15:30:08Z", + "enc": "AQICAHjmLCaDZ4fRYyty7669VvFjJmy9C7/Y4dwd6seUJHRobwFDXoMjowVldpIUZ0FiFjEPAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMcpAWl7p1aYra3zG5AgEQgDv/lauTQwn34nuRVPfWxow12rv3rUAJ+XmNldcynfhl0F8Bzu+1/yhv9l46sRet5FtJpZrtw3fChaOXhw==", + "aws_profile": "" + } + ], + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": null, + "lastmodified": "2023-02-02T15:30:09Z", + "mac": "ENC[AES256_GCM,data:Ov+9w1XdK6HW1KbfHBmqvVbSQ579J3DV1KklCAmQvSHTCVFd9D70LSF94715RDLKga88A8EFJxF/DJBZgA8gxlHc3Qh9Jyy6sWIC/WAN1UblUXFJ3NCA9rk/uy7F6pn9JL3WijbQWBjOw1c0tX76VKvo6C6LxAN4RsOO1vyMGtw=,iv:NIz6B28SVV9Lw8XUmCyicG71geuUPKmQxBovTc7ShMI=,tag:09QE2GhB13jzXeFFUBh57Q==,type:str]", + "pgp": null, + "encrypted_regex": "^(data|stringData)$", + "version": "3.7.3" + } +} \ No newline at end of file diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/caskadht/kustomization.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/caskadht/kustomization.yaml new file mode 100644 index 000000000..e7052e55c --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/caskadht/kustomization.yaml @@ -0,0 +1,32 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: storetheindex + +resources: + - ../../../../../base/caskadht + - pod-monitor.yaml + +patchesStrategicMerge: + - deployment.yaml + - service.yaml + +secretGenerator: + - name: caskadht-identity + files: + - identity.key=identity.key.encrypted # 12D3KooWANvdTsGoqpHeeYirAQYZToEX4BtrTUW73rsRfvCP6Yd4 + +configMapGenerator: + - name: caskadht-env-vars + behavior: merge + literals: + - GOLOG_LOG_LEVEL="info,net/identify=error" + +replicas: + - name: caskadht + count: 0 + +images: + - name: caskadht + newName: 407967248065.dkr.ecr.us-east-2.amazonaws.com/ipni/caskadht + newTag: 20230919184200-e4d0d94109c5cda540ccd116c17e43af177ee252 diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/caskadht/pod-monitor.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/caskadht/pod-monitor.yaml new file mode 100644 index 000000000..da3035e09 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/caskadht/pod-monitor.yaml @@ -0,0 +1,16 @@ +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: caskadht + labels: + app: caskadht +spec: + selector: + matchLabels: + app: caskadht + namespaceSelector: + matchNames: + - storetheindex + podMetricsEndpoints: + - path: /metrics + port: metrics \ No newline at end of file diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/caskadht/service.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/caskadht/service.yaml new file mode 100644 index 000000000..bffae959a --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/caskadht/service.yaml @@ -0,0 +1,18 @@ +# caskadht service is accessible only within K8S cluster VPC via: +# - http://caskadht.internal.prod.cid.contact +# +# See: https://github.com/ipni/caskadht +kind: Service +apiVersion: v1 +metadata: + name: caskadht + annotations: + service.beta.kubernetes.io/aws-load-balancer-internal: "true" + service.beta.kubernetes.io/aws-load-balancer-scheme: internal + service.beta.kubernetes.io/aws-load-balancer-type: nlb + service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: ip + external-dns.alpha.kubernetes.io/access: private + external-dns.alpha.kubernetes.io/hostname: caskadht.internal.prod.cid.contact +spec: + externalTrafficPolicy: Cluster + type: LoadBalancer diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-helga/deployment.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-helga/deployment.yaml new file mode 100644 index 000000000..08a19525f --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-helga/deployment.yaml @@ -0,0 +1,55 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: dhstore +spec: + selector: + matchLabels: + app: dhstore-helga + template: + metadata: + labels: + app: dhstore-helga + spec: + topologySpreadConstraints: + - maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + containers: + - name: dhstore + args: + - '--providersURL=http://inga-indexer:3000/' + - '--storePath=/data' + - '--disableWAL' + - '--blockCacheSize=2Gi' + volumeMounts: + - name: data + mountPath: /data + resources: + limits: + cpu: "7" + memory: 58Gi + requests: + cpu: "7" + memory: 58Gi + ports: + - containerPort: 40081 + name: metrics + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node.kubernetes.io/instance-type + operator: In + values: + - r6a.2xlarge + - key: topology.kubernetes.io/zone + operator: In + values: + - us-east-2a + volumes: + - name: data + persistentVolumeClaim: + claimName: dhstore-data-helga + diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-helga/internal-service.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-helga/internal-service.yaml new file mode 100644 index 000000000..aa131e2a4 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-helga/internal-service.yaml @@ -0,0 +1,27 @@ +# DHStore internal service, accessible only within K8S cluster VPC via: +# - http://dhstore-helga.internal.prod.cid.contact +# +# See: https://github.com/ipni/dhstore +kind: Service +apiVersion: v1 +metadata: + name: dhstore-internal + annotations: + service.beta.kubernetes.io/aws-load-balancer-internal: "true" + service.beta.kubernetes.io/aws-load-balancer-scheme: internal + service.beta.kubernetes.io/aws-load-balancer-type: nlb + service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: ip + service.beta.kubernetes.io/aws-load-balancer-subnets: subnet-042a0fcb8ae88f355 + external-dns.alpha.kubernetes.io/access: private + external-dns.alpha.kubernetes.io/hostname: dhstore-helga.internal.prod.cid.contact + labels: + app: dhstore-helga +spec: + externalTrafficPolicy: Cluster + ports: + - name: http + port: 80 + targetPort: http + selector: + app: dhstore-helga + type: LoadBalancer diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-helga/kustomization.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-helga/kustomization.yaml new file mode 100644 index 000000000..b2be6d745 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-helga/kustomization.yaml @@ -0,0 +1,26 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: storetheindex + +resources: + - github.com/ipni/dhstore/deploy/kubernetes?ref=58dfcad7aae9c172c68237dad25494625d8ac160 + - pvc.yaml + - internal-service.yaml + - pod-monitor.yaml + +nameSuffix: -helga + +patchesStrategicMerge: + - deployment.yaml + - pdb.yaml + - service.yaml + +images: + - name: dhstore + newName: 407967248065.dkr.ecr.us-east-2.amazonaws.com/ipni/dhstore + newTag: 20240823093542-3078e23bce56b098cf0b55dbc82af166a5590799 + +replicas: + - name: dhstore-helga + count: 0 \ No newline at end of file diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-helga/pdb.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-helga/pdb.yaml new file mode 100644 index 000000000..c2350dc85 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-helga/pdb.yaml @@ -0,0 +1,10 @@ +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: dhstore + labels: + app: dhstore-helga +spec: + selector: + matchLabels: + app: dhstore-helga diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-helga/pod-monitor.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-helga/pod-monitor.yaml new file mode 100644 index 000000000..2ec3e65f6 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-helga/pod-monitor.yaml @@ -0,0 +1,16 @@ +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: dhstore + labels: + app: dhstore-helga +spec: + selector: + matchLabels: + app: dhstore-helga + namespaceSelector: + matchNames: + - storetheindex + podMetricsEndpoints: + - path: /metrics + port: metrics diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-helga/pvc.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-helga/pvc.yaml new file mode 100644 index 000000000..15dfc10b8 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-helga/pvc.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: dhstore-data +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 16Ti + storageClassName: gp3 diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-helga/service.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-helga/service.yaml new file mode 100644 index 000000000..2b289db04 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-helga/service.yaml @@ -0,0 +1,9 @@ +kind: Service +apiVersion: v1 +metadata: + name: dhstore + labels: + app: dhstore-helga +spec: + selector: + app: dhstore-helga \ No newline at end of file diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-porvy/deployment.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-porvy/deployment.yaml new file mode 100644 index 000000000..93f327ae0 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-porvy/deployment.yaml @@ -0,0 +1,55 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: dhstore +spec: + selector: + matchLabels: + app: dhstore-porvy + template: + metadata: + labels: + app: dhstore-porvy + spec: + topologySpreadConstraints: + - maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + containers: + - name: dhstore + args: + - '--providersURL=http://inga-indexer:3000/' + - '--storePath=/data' + - '--disableWAL' + - '--blockCacheSize=2Gi' + volumeMounts: + - name: data + mountPath: /data + resources: + limits: + cpu: "7" + memory: 58Gi + requests: + cpu: "7" + memory: 58Gi + ports: + - containerPort: 40081 + name: metrics + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node.kubernetes.io/instance-type + operator: In + values: + - r6a.2xlarge + - key: topology.kubernetes.io/zone + operator: In + values: + - us-east-2a + volumes: + - name: data + persistentVolumeClaim: + claimName: dhstore-data-porvy + diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-porvy/internal-service.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-porvy/internal-service.yaml new file mode 100644 index 000000000..caf31d0b7 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-porvy/internal-service.yaml @@ -0,0 +1,27 @@ +# DHStore internal service, accessible only within K8S cluster VPC via: +# - http://dhstore-porvy.internal.prod.cid.contact +# +# See: https://github.com/ipni/dhstore +kind: Service +apiVersion: v1 +metadata: + name: dhstore-internal + annotations: + service.beta.kubernetes.io/aws-load-balancer-internal: "true" + service.beta.kubernetes.io/aws-load-balancer-scheme: internal + service.beta.kubernetes.io/aws-load-balancer-type: nlb + service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: ip + service.beta.kubernetes.io/aws-load-balancer-subnets: subnet-042a0fcb8ae88f355 + external-dns.alpha.kubernetes.io/access: private + external-dns.alpha.kubernetes.io/hostname: dhstore-porvy.internal.prod.cid.contact + labels: + app: dhstore-porvy +spec: + externalTrafficPolicy: Cluster + ports: + - name: http + port: 80 + targetPort: http + selector: + app: dhstore-porvy + type: LoadBalancer diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-porvy/kustomization.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-porvy/kustomization.yaml new file mode 100644 index 000000000..9e9dbd121 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-porvy/kustomization.yaml @@ -0,0 +1,26 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: storetheindex + +resources: + - github.com/ipni/dhstore/deploy/kubernetes?ref=58dfcad7aae9c172c68237dad25494625d8ac160 + - pvc.yaml + - internal-service.yaml + - pod-monitor.yaml + +nameSuffix: -porvy + +patchesStrategicMerge: + - deployment.yaml + - pdb.yaml + - service.yaml + +images: + - name: dhstore + newName: 407967248065.dkr.ecr.us-east-2.amazonaws.com/ipni/dhstore + newTag: 20240823093542-3078e23bce56b098cf0b55dbc82af166a5590799 + +replicas: + - name: dhstore-porvy + count: 0 \ No newline at end of file diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-porvy/pdb.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-porvy/pdb.yaml new file mode 100644 index 000000000..da8e3d06f --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-porvy/pdb.yaml @@ -0,0 +1,10 @@ +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: dhstore + labels: + app: dhstore-porvy +spec: + selector: + matchLabels: + app: dhstore-porvy diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-porvy/pod-monitor.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-porvy/pod-monitor.yaml new file mode 100644 index 000000000..24ac3414a --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-porvy/pod-monitor.yaml @@ -0,0 +1,16 @@ +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: dhstore + labels: + app: dhstore-porvy +spec: + selector: + matchLabels: + app: dhstore-porvy + namespaceSelector: + matchNames: + - storetheindex + podMetricsEndpoints: + - path: /metrics + port: metrics diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-porvy/pvc.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-porvy/pvc.yaml new file mode 100644 index 000000000..15dfc10b8 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-porvy/pvc.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: dhstore-data +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 16Ti + storageClassName: gp3 diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-porvy/service.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-porvy/service.yaml new file mode 100644 index 000000000..01591fe90 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-porvy/service.yaml @@ -0,0 +1,9 @@ +kind: Service +apiVersion: v1 +metadata: + name: dhstore + labels: + app: dhstore-porvy +spec: + selector: + app: dhstore-porvy \ No newline at end of file diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-qiu/deployment.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-qiu/deployment.yaml new file mode 100644 index 000000000..cd8dceb8b --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-qiu/deployment.yaml @@ -0,0 +1,45 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: dhstore +spec: + template: + spec: + containers: + - name: dhstore + args: + - '--providersURL=http://inga-indexer:3000/' + - '--storePath=/data' + - '--disableWAL' + - '--blockCacheSize=2Gi' + env: + - name: GO_DEBUG_MAX_THREADS + value: "20000" + volumeMounts: + - name: data + mountPath: /data + resources: + limits: + cpu: "7" + memory: 58Gi + requests: + cpu: "7" + memory: 58Gi + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node.kubernetes.io/instance-type + operator: In + values: + - r6a.2xlarge + - key: topology.kubernetes.io/zone + operator: In + values: + - us-east-2b + volumes: + - name: data + persistentVolumeClaim: + claimName: dhstore-data-qiu + diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-qiu/kustomization.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-qiu/kustomization.yaml new file mode 100644 index 000000000..1c0427514 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-qiu/kustomization.yaml @@ -0,0 +1,26 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: storetheindex + +resources: + - github.com/ipni/dhstore/deploy/kubernetes?ref=65afbf7dd908b7391e60c321822db69e9939bee7 + - pvc.yaml + - pod-monitor.yaml + +nameSuffix: -qiu + +commonLabels: + app: dhstore-qiu + +patchesStrategicMerge: + - deployment.yaml + +images: + - name: dhstore + newName: 407967248065.dkr.ecr.us-east-2.amazonaws.com/ipni/dhstore + newTag: 20240823093542-3078e23bce56b098cf0b55dbc82af166a5590799 + +replicas: + - name: dhstore-qiu + count: 0 \ No newline at end of file diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-qiu/pod-monitor.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-qiu/pod-monitor.yaml new file mode 100644 index 000000000..f8424b1fe --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-qiu/pod-monitor.yaml @@ -0,0 +1,16 @@ +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: dhstore + labels: + app: dhstore-qiu +spec: + selector: + matchLabels: + app: dhstore-qiu + namespaceSelector: + matchNames: + - storetheindex + podMetricsEndpoints: + - path: /metrics + port: metrics diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-qiu/pvc.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-qiu/pvc.yaml new file mode 100644 index 000000000..2a556ecf8 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-qiu/pvc.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: dhstore-data +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 15Ti + storageClassName: gp3 diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-ravi/deployment.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-ravi/deployment.yaml new file mode 100644 index 000000000..c1e7bc3f8 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-ravi/deployment.yaml @@ -0,0 +1,45 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: dhstore +spec: + template: + spec: + containers: + - name: dhstore + args: + - '--providersURL=http://inga-indexer:3000/' + - '--storePath=/data' + - '--disableWAL' + - '--blockCacheSize=2Gi' + env: + - name: GO_DEBUG_MAX_THREADS + value: "20000" + volumeMounts: + - name: data + mountPath: /data + resources: + limits: + cpu: "7" + memory: 58Gi + requests: + cpu: "7" + memory: 58Gi + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node.kubernetes.io/instance-type + operator: In + values: + - r6a.2xlarge + - key: topology.kubernetes.io/zone + operator: In + values: + - us-east-2b + volumes: + - name: data + persistentVolumeClaim: + claimName: dhstore-data-ravi + diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-ravi/kustomization.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-ravi/kustomization.yaml new file mode 100644 index 000000000..ba9368601 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-ravi/kustomization.yaml @@ -0,0 +1,26 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: storetheindex + +resources: + - github.com/ipni/dhstore/deploy/kubernetes?ref=65afbf7dd908b7391e60c321822db69e9939bee7 + - pvc.yaml + - pod-monitor.yaml + +nameSuffix: -ravi + +commonLabels: + app: dhstore-ravi + +patchesStrategicMerge: + - deployment.yaml + +images: + - name: dhstore + newName: 407967248065.dkr.ecr.us-east-2.amazonaws.com/ipni/dhstore + newTag: 20240823093542-3078e23bce56b098cf0b55dbc82af166a5590799 + +replicas: + - name: dhstore-ravi + count: 0 \ No newline at end of file diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-ravi/pod-monitor.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-ravi/pod-monitor.yaml new file mode 100644 index 000000000..3cb3396cf --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-ravi/pod-monitor.yaml @@ -0,0 +1,16 @@ +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: dhstore + labels: + app: dhstore-ravi +spec: + selector: + matchLabels: + app: dhstore-ravi + namespaceSelector: + matchNames: + - storetheindex + podMetricsEndpoints: + - path: /metrics + port: metrics diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-ravi/pvc.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-ravi/pvc.yaml new file mode 100644 index 000000000..2a556ecf8 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-ravi/pvc.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: dhstore-data +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 15Ti + storageClassName: gp3 diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-seka/deployment.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-seka/deployment.yaml new file mode 100644 index 000000000..73c92abdf --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-seka/deployment.yaml @@ -0,0 +1,45 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: dhstore +spec: + template: + spec: + containers: + - name: dhstore + args: + - '--providersURL=http://inga-indexer:3000/' + - '--storePath=/data' + - '--disableWAL' + - '--blockCacheSize=2Gi' + env: + - name: GO_DEBUG_MAX_THREADS + value: "20000" + volumeMounts: + - name: data + mountPath: /data + resources: + limits: + cpu: "7" + memory: 58Gi + requests: + cpu: "7" + memory: 58Gi + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node.kubernetes.io/instance-type + operator: In + values: + - r6a.2xlarge + - key: topology.kubernetes.io/zone + operator: In + values: + - us-east-2c + volumes: + - name: data + persistentVolumeClaim: + claimName: dhstore-data-seka + diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-seka/kustomization.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-seka/kustomization.yaml new file mode 100644 index 000000000..82500b822 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-seka/kustomization.yaml @@ -0,0 +1,26 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: storetheindex + +resources: + - github.com/ipni/dhstore/deploy/kubernetes?ref=65afbf7dd908b7391e60c321822db69e9939bee7 + - pvc.yaml + - pod-monitor.yaml + +nameSuffix: -seka + +commonLabels: + app: dhstore-seka + +patchesStrategicMerge: + - deployment.yaml + +images: + - name: dhstore + newName: 407967248065.dkr.ecr.us-east-2.amazonaws.com/ipni/dhstore + newTag: 20240823093542-3078e23bce56b098cf0b55dbc82af166a5590799 + +replicas: + - name: dhstore-seka + count: 0 \ No newline at end of file diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-seka/pod-monitor.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-seka/pod-monitor.yaml new file mode 100644 index 000000000..d6134cbae --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-seka/pod-monitor.yaml @@ -0,0 +1,16 @@ +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: dhstore + labels: + app: dhstore-seka +spec: + selector: + matchLabels: + app: dhstore-seka + namespaceSelector: + matchNames: + - storetheindex + podMetricsEndpoints: + - path: /metrics + port: metrics diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-seka/pvc.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-seka/pvc.yaml new file mode 100644 index 000000000..2a556ecf8 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-seka/pvc.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: dhstore-data +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 15Ti + storageClassName: gp3 diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-tetra/deployment.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-tetra/deployment.yaml new file mode 100644 index 000000000..a8c164f11 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-tetra/deployment.yaml @@ -0,0 +1,45 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: dhstore +spec: + template: + spec: + containers: + - name: dhstore + args: + - '--providersURL=http://inga-indexer:3000/' + - '--storePath=/data' + - '--disableWAL' + - '--blockCacheSize=2Gi' + env: + - name: GO_DEBUG_MAX_THREADS + value: "20000" + volumeMounts: + - name: data + mountPath: /data + resources: + limits: + cpu: "7" + memory: 58Gi + requests: + cpu: "7" + memory: 58Gi + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node.kubernetes.io/instance-type + operator: In + values: + - r6a.2xlarge + - key: topology.kubernetes.io/zone + operator: In + values: + - us-east-2c + volumes: + - name: data + persistentVolumeClaim: + claimName: dhstore-data-tetra + diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-tetra/kustomization.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-tetra/kustomization.yaml new file mode 100644 index 000000000..e3a72117d --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-tetra/kustomization.yaml @@ -0,0 +1,26 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: storetheindex + +resources: + - github.com/ipni/dhstore/deploy/kubernetes?ref=65afbf7dd908b7391e60c321822db69e9939bee7 + - pvc.yaml + - pod-monitor.yaml + +nameSuffix: -tetra + +commonLabels: + app: dhstore-tetra + +patchesStrategicMerge: + - deployment.yaml + +images: + - name: dhstore + newName: 407967248065.dkr.ecr.us-east-2.amazonaws.com/ipni/dhstore + newTag: 20240823093542-3078e23bce56b098cf0b55dbc82af166a5590799 + +replicas: + - name: dhstore-tetra + count: 0 \ No newline at end of file diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-tetra/pod-monitor.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-tetra/pod-monitor.yaml new file mode 100644 index 000000000..4a15c0784 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-tetra/pod-monitor.yaml @@ -0,0 +1,16 @@ +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: dhstore + labels: + app: dhstore-tetra +spec: + selector: + matchLabels: + app: dhstore-tetra + namespaceSelector: + matchNames: + - storetheindex + podMetricsEndpoints: + - path: /metrics + port: metrics diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-tetra/pvc.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-tetra/pvc.yaml new file mode 100644 index 000000000..15dfc10b8 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore-tetra/pvc.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: dhstore-data +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 16Ti + storageClassName: gp3 diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore/deployment.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore/deployment.yaml new file mode 100644 index 000000000..677a17d30 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore/deployment.yaml @@ -0,0 +1,54 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: dhstore +spec: + template: + spec: + topologySpreadConstraints: + - maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + containers: + - name: dhstore + args: + - '--providersURL=http://inga-indexer:3000/' + - '--storePath=/data' + - '--disableWAL' + - '--blockCacheSize=2Gi' + volumeMounts: + - name: data + mountPath: /data + resources: + limits: + cpu: "28" + memory: 58Gi + requests: + cpu: "28" + memory: 58Gi + ports: + - containerPort: 40081 + name: metrics + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node.kubernetes.io/instance-type + operator: In + values: + - c6a.8xlarge + - key: topology.kubernetes.io/zone + operator: In + values: + - us-east-2c + volumes: + - name: data + persistentVolumeClaim: + claimName: dhstore-data-gp3 + tolerations: + - key: dedicated + operator: Equal + value: c6a-8xl + effect: NoSchedule + diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore/internal-service.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore/internal-service.yaml new file mode 100644 index 000000000..612652cc8 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore/internal-service.yaml @@ -0,0 +1,27 @@ +# DHStore internal service, accessible only within K8S cluster VPC via: +# - http://dhstore.internal.prod.cid.contact +# +# See: https://github.com/ipni/dhstore +kind: Service +apiVersion: v1 +metadata: + name: dhstore-internal + annotations: + service.beta.kubernetes.io/aws-load-balancer-internal: "true" + service.beta.kubernetes.io/aws-load-balancer-scheme: internal + service.beta.kubernetes.io/aws-load-balancer-type: nlb + service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: ip + service.beta.kubernetes.io/aws-load-balancer-subnets: subnet-042a0fcb8ae88f355 + external-dns.alpha.kubernetes.io/access: private + external-dns.alpha.kubernetes.io/hostname: dhstore.internal.prod.cid.contact + labels: + app: dhstore +spec: + externalTrafficPolicy: Cluster + ports: + - name: http + port: 80 + targetPort: http + selector: + app: dhstore + type: LoadBalancer diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore/kustomization.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore/kustomization.yaml new file mode 100644 index 000000000..f64f52c0e --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore/kustomization.yaml @@ -0,0 +1,22 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: storetheindex + +resources: + - github.com/ipni/dhstore/deploy/kubernetes?ref=58dfcad7aae9c172c68237dad25494625d8ac160 + - internal-service.yaml + - pod-monitor.yaml + - pvc-gp3.yaml + +patchesStrategicMerge: + - deployment.yaml + +images: + - name: dhstore + newName: 407967248065.dkr.ecr.us-east-2.amazonaws.com/ipni/dhstore + newTag: 20240823093542-3078e23bce56b098cf0b55dbc82af166a5590799 + +replicas: + - name: dhstore + count: 0 \ No newline at end of file diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore/pod-monitor.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore/pod-monitor.yaml new file mode 100644 index 000000000..9281be4a1 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore/pod-monitor.yaml @@ -0,0 +1,16 @@ +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: dhstore + labels: + app: dhstore +spec: + selector: + matchLabels: + app: dhstore + namespaceSelector: + matchNames: + - storetheindex + podMetricsEndpoints: + - path: /metrics + port: metrics diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore/pvc-gp3.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore/pvc-gp3.yaml new file mode 100644 index 000000000..f43e992bc --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/dhstore/pvc-gp3.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: dhstore-data-gp3 +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 16Ti + dataSource: + name: dhstore-20230427 + kind: VolumeSnapshot + apiGroup: snapshot.storage.k8s.io + storageClassName: gp3-iops5k-t300 diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/heyfil/deployment.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/heyfil/deployment.yaml new file mode 100644 index 000000000..2c12320fd --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/heyfil/deployment.yaml @@ -0,0 +1,26 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: heyfil +spec: + template: + spec: + containers: + - name: heyfil + args: + - '--httpIndexerEndpoint=https://cid.contact' + - '--storePath=/store' + resources: + limits: + cpu: "2" + memory: 4Gi + requests: + cpu: "2" + memory: 4Gi + volumeMounts: + - name: store + mountPath: /store + volumes: + - name: store + persistentVolumeClaim: + claimName: heyfil diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/heyfil/ingress.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/heyfil/ingress.yaml new file mode 100644 index 000000000..30c839a8f --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/heyfil/ingress.yaml @@ -0,0 +1,24 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: heyfil + annotations: + kubernetes.io/ingress.class: "nginx" + cert-manager.io/cluster-issuer: "letsencrypt" + nginx.ingress.kubernetes.io/enable-cors: "true" +spec: + tls: + - hosts: + - heyfil.prod.cid.contact + secretName: heyfil-ingress-tls + rules: + - host: heyfil.prod.cid.contact + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: heyfil + port: + name: api diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/heyfil/kustomization.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/heyfil/kustomization.yaml new file mode 100644 index 000000000..87cc68da8 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/heyfil/kustomization.yaml @@ -0,0 +1,18 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: storetheindex + +resources: + - ../../../../../base/heyfil + - monitor.yaml + - pvc.yaml + - ingress.yaml + +patchesStrategicMerge: + - deployment.yaml + +images: + - name: heyfil + newName: 407967248065.dkr.ecr.us-east-2.amazonaws.com/ipni/heyfil + newTag: 20231003153132-c3c32eb10e6d45b351beaf11d158ec090cb26f04 diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/heyfil/monitor.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/heyfil/monitor.yaml new file mode 100644 index 000000000..2e327b9f4 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/heyfil/monitor.yaml @@ -0,0 +1,16 @@ +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: heyfil + labels: + app: heyfil +spec: + selector: + matchLabels: + app: heyfil + namespaceSelector: + matchNames: + - storetheindex + podMetricsEndpoints: + - path: /metrics + port: metrics diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/heyfil/pvc.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/heyfil/pvc.yaml new file mode 100644 index 000000000..21fe7bcee --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/heyfil/pvc.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app: heyfil + name: heyfil +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 2Gi + storageClassName: gp3 \ No newline at end of file diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/indexstar/berg-ingress.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/indexstar/berg-ingress.yaml new file mode 100644 index 000000000..3fb3fd64a --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/indexstar/berg-ingress.yaml @@ -0,0 +1,38 @@ +apiVersion: v1 +kind: Service +metadata: + name: indexstar-berg + namespace: storetheindex +spec: + type: ExternalName + externalName: berg.cid.contact + ports: + - port: 443 +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: indexstar-berg + namespace: storetheindex + annotations: + kubernetes.io/ingress.class: "nginx" + cert-manager.io/cluster-issuer: "letsencrypt" + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + nginx.ingress.kubernetes.io/enable-cors: "true" +spec: + tls: + - hosts: + - indexstar-berg.prod.cid.contact + secretName: indexstar-berg-ingress-tls + rules: + - host: indexstar-berg.prod.cid.contact + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: indexstar-berg + port: + number: 443 + diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/indexstar/deployment.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/indexstar/deployment.yaml new file mode 100644 index 000000000..2d16314ad --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/indexstar/deployment.yaml @@ -0,0 +1,53 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: indexstar +spec: + template: + spec: + topologySpreadConstraints: + - maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + containers: + - name: indexstar + args: + - '--translateNonStreaming' + - '--providersBackends=http://inga-indexer:3000/' + + - '--backends=http://dhstore-tetra:40080/' + - '--backends=http://dhstore-seka:40080/' + - '--backends=http://dhstore-ravi:40080/' + - '--backends=http://dhstore-qiu:40080/' + - '--backends=http://dhstore-porvy.internal.prod.cid.contact/' + - '--backends=http://dhstore-helga.internal.prod.cid.contact/' + - '--backends=http://dhstore.internal.prod.cid.contact/' + - '--dhBackends=http://dhstore-tetra:40080' + - '--dhBackends=http://dhstore-seka:40080' + - '--dhBackends=http://dhstore-ravi:40080' + - '--dhBackends=http://dhstore-qiu:40080' + - '--dhBackends=http://dhstore-porvy.internal.prod.cid.contact/' + - '--dhBackends=http://dhstore-helga.internal.prod.cid.contact/' + - '--dhBackends=http://dhstore.internal.prod.cid.contact/' + - '--cascadeBackends=http://caskadht.internal.prod.cid.contact/' + env: + # Increase maximum accepted request body to 1 MiB in order to allow batch finds requests + # by the `provider verify-ingest` CLI command. + - name: SERVER_MAX_REQUEST_BODY_SIZE + value: '1048576' + # The service provided by caskadht. + - name: SERVER_CASCADE_LABELS + value: 'ipfs-dht,legacy' + - name: SERVER_HTTP_CLIENT_TIMEOUT + value: '30s' + - name: SERVER_RESULT_MAX_WAIT + value: '2s' + - name: SERVER_RESULT_STREAM_MAX_WAIT + value: '5s' + resources: + limits: + cpu: "3" + memory: 2Gi + requests: + cpu: "3" + memory: 2Gi diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/indexstar/ingress.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/indexstar/ingress.yaml new file mode 100644 index 000000000..53e97cd4c --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/indexstar/ingress.yaml @@ -0,0 +1,24 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: indexstar + annotations: + kubernetes.io/ingress.class: "nginx" + cert-manager.io/cluster-issuer: "letsencrypt" + nginx.ingress.kubernetes.io/enable-cors: "true" +spec: + tls: + - hosts: + - indexstar.prod.cid.contact + secretName: indexstar-ingress-tls + rules: + - host: indexstar.prod.cid.contact + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: indexstar + port: + number: 8080 diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/indexstar/kustomization.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/indexstar/kustomization.yaml new file mode 100644 index 000000000..091745ea2 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/indexstar/kustomization.yaml @@ -0,0 +1,22 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: storetheindex + +resources: + - ../../../../../base/indexstar + - ingress.yaml + - pod-monitor.yaml + - berg-ingress.yaml + +patchesStrategicMerge: + - deployment.yaml + +replicas: + - name: indexstar + count: 0 + +images: + - name: indexstar + newName: 407967248065.dkr.ecr.us-east-2.amazonaws.com/indexstar/indexstar + newTag: 20241013090428-5ea99e81778c7337eb3173aeea8edee9413fefe9 diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/indexstar/pod-monitor.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/indexstar/pod-monitor.yaml new file mode 100644 index 000000000..abe95831d --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/indexstar/pod-monitor.yaml @@ -0,0 +1,16 @@ +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: indexstar + labels: + app: indexstar +spec: + selector: + matchLabels: + app: indexstar + namespaceSelector: + matchNames: + - storetheindex + podMetricsEndpoints: + - path: /metrics + port: metrics \ No newline at end of file diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/indexstar/sf-ingress.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/indexstar/sf-ingress.yaml new file mode 100644 index 000000000..d76918265 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/indexstar/sf-ingress.yaml @@ -0,0 +1,37 @@ +apiVersion: v1 +kind: Service +metadata: + name: indexstar-sf + namespace: storetheindex +spec: + type: ExternalName + externalName: sf.cid.contact + ports: + - port: 443 +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: indexstar-sf + namespace: storetheindex + annotations: + kubernetes.io/ingress.class: "nginx" + cert-manager.io/cluster-issuer: "letsencrypt" + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + nginx.ingress.kubernetes.io/enable-cors: "true" +spec: + tls: + - hosts: + - indexstar-sf.prod.cid.contact + secretName: indexstar-sf-ingress-tls + rules: + - host: indexstar-sf.prod.cid.contact + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: indexstar-sf + port: + number: 443 \ No newline at end of file diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/README.md b/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/README.md new file mode 100644 index 000000000..c6509c8cd --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/README.md @@ -0,0 +1,7 @@ +# Instances + +List of individually configurable instances: + +| Instance | Storage Class | Backing store | +|----------|-----------------|----------------| +| `inga` | gp3 | Pebble/DHStore | diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/inga/config.json b/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/inga/config.json new file mode 100644 index 000000000..576058144 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/inga/config.json @@ -0,0 +1,111 @@ +{ + "Version": 2, + "Identity": { + "PeerID": "", + "PrivKey": "" + }, + "Addresses": { + "Admin": "/ip4/0.0.0.0/tcp/3002", + "Finder": "/ip4/0.0.0.0/tcp/3000", + "FinderWebpage": "https://web-ipni.cid.contact/", + "Ingest": "/ip4/0.0.0.0/tcp/3001", + "P2PAddr": "/ip4/0.0.0.0/tcp/3003", + "NoResourceManager": true + }, + "Bootstrap": { + "Peers": [ + "/dns4/bootstrap-0.ipfsmain.cn/tcp/34721/p2p/12D3KooWQnwEGNqcM2nAcPtRR9rAX8Hrg4k9kJLCHoTR5chJfz6d", + "/dns4/node.glif.io/tcp/1235/p2p/12D3KooWBF8cpp65hp2u9LK5mh19x67ftAam84z9LsfaquTDSBpt", + "/dns4/bootstrap-1.starpool.in/tcp/12757/p2p/12D3KooWQZrGH1PxSNZPum99M1zNvjNFM33d1AAu5DcvdHptuU7u", + "/dns4/bootstrap-0.starpool.in/tcp/12757/p2p/12D3KooWGHpBMeZbestVEWkfdnC9u7p6uFHXL1n7m1ZBqsEmiUzz", + "/dns4/lotus-bootstrap.ipfsforce.com/tcp/41778/p2p/12D3KooWGhufNmZHF3sv48aQeS13ng5XVJZ9E6qy2Ms4VzqeUsHk", + "/dns4/bootstrap-1.ipfsmain.cn/tcp/34723/p2p/12D3KooWMKxMkD5DMpSWsW7dBddKxKT7L2GgbNuckz9otxvkvByP" + ], + "MinimumPeers": 4 + }, + "Datastore": { + "Dir": "/data/datastore", + "Type": "levelds", + "TmpDir": "/data/tmpstore", + "TmpType": "levelds" + }, + "Discovery": { + "FilterIPs": true, + "IgnoreBadAdsTime": "2h0m0s", + "Policy": { + "Allow": true, + "Except": null, + "Publish": true, + "PublishExcept": null + }, + "PollInterval": "6h0m0s", + "PollRetryAfter": "5m0s", + "PollStopAfter": "168h0m0s", + "PollOverrides": null, + "UseAssigner": false + }, + "Indexer": { + "CacheSize": -1, + "ConfigCheckInterval": "30s", + "ShutdownTimeout": "15m", + "ValueStoreDir": "/data/valuestore", + "ValueStoreType": "none", + "DHBatchSize": 16384, + "DHStoreURL": "http://dhstore-seka:40080", + "DHStoreClusterURLs": [ + "http://dhstore-porvy.internal.prod.cid.contact", + "http://dhstore-tetra:40080", + "http://dhstore-ravi:40080", + "http://dhstore-helga.internal.prod.cid.contact", + "http://dhstore.internal.prod.cid.contact", + "http://dhstore-qiu:40080" + ], + "DHStoreHttpClientTimeout": "60s" + }, + "Ingest": { + "AdvertisementDepthLimit": 33554432, + "AdvertisementMirror": { + "Read": false, + "Write": true, + "Compress": "gzip", + "Retrieval": { + "Type": "s3", + "S3": { + "BucketName": "prod-sti-adstore" + } + }, + "Storage": { + "Type": "s3", + "S3": { + "BucketName": "prod-sti-adstore" + } + } + }, + "EntriesDepthLimit": 65536, + "HttpSyncRetryMax": 0, + "HttpSyncRetryWaitMax": "30s", + "HttpSyncRetryWaitMin": "1s", + "HttpSyncTimeout": "90s", + "IngestWorkerCount": 25, + "PubSubTopic": "/indexer/ingest/mainnet", + "ResendDirectAnnounce": false, + "Skip500EntriesError": true, + "SyncSegmentDepthLimit": 2000, + "SyncTimeout": "2h0m0s" + }, + "Logging": { + "Level": "info", + "Loggers": { + "basichost": "warn", + "bootstrap": "warn", + "dt-impl": "warn", + "dt_graphsync": "warn", + "graphsync": "warn" + } + }, + "Peering": { + "Peers": [ + "/dns4/assigner/tcp/3003/p2p/12D3KooWQAymjDKMivbkUNiJP7ChRsvsDuazerHW4wERRvQMWNor" + ] + } +} diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/inga/deployment.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/inga/deployment.yaml new file mode 100644 index 000000000..6dbc68380 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/inga/deployment.yaml @@ -0,0 +1,43 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: indexer +spec: + template: + spec: + serviceAccountName: storetheindex + # Wait at most 3 minutes for storetheindex process to exit. + # This value used to be 10 minutes which we hit every time the shutdown took longer than 3 minutes. + # The most likely cause for this is lingering GraphSync syncs which do not clear after 10 minutes of wait, + # hence no point to wait that long. + terminationGracePeriodSeconds: 180 + containers: + - name: indexer + volumeMounts: + - name: data + mountPath: /data + resources: + limits: + cpu: "28" + memory: 58Gi + requests: + cpu: "28" + memory: 58Gi + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node.kubernetes.io/instance-type + operator: In + values: + - c6a.8xlarge + - key: topology.kubernetes.io/zone + operator: In + values: + - us-east-2c + volumes: + - name: data + persistentVolumeClaim: + claimName: inga-data + diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/inga/identity.key.encrypted b/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/inga/identity.key.encrypted new file mode 100644 index 000000000..abc6c52c5 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/inga/identity.key.encrypted @@ -0,0 +1,22 @@ +{ + "data": "ENC[AES256_GCM,data:5XXqHzpF8Bg16Plc4ByibhG+QFxXzvFg77gIJSkjhUzrYAvKT9atmZR0m5TNmQKeZfbIC1pe4efIorqj4nujyojDi7s=,iv:eyf2dE8G4ufIN+0xbQ3Wtq50xreFEtKon9FhhcDAaNY=,tag:W/qjrh2TS0z5hpvDx1pSRg==,type:str]", + "sops": { + "kms": [ + { + "arn": "arn:aws:kms:us-east-2:407967248065:alias/prod/us-east-2/sti", + "created_at": "2023-03-15T15:31:38Z", + "enc": "AQICAHjmLCaDZ4fRYyty7669VvFjJmy9C7/Y4dwd6seUJHRobwFDUv6gGIxsWWYFPBskUcBzAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMvmpDC7xg/hrjMoX0AgEQgDt/GSkHaU+RuinSGmXVCHBPgQDCjcIb5pFb8hPnqbpLmpLcDy0UscmiCXgwhGMbcD7l/EP2BlPItXa+GA==", + "aws_profile": "" + } + ], + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": null, + "lastmodified": "2023-03-15T15:31:38Z", + "mac": "ENC[AES256_GCM,data:IbwQFCXI2XHoew1yuhH8MAlO/CvbR05v0/lunuZkDToK1Rd0j+QBYVGxOIJTiZEe8P+epy0IePJV2FGNabl8+qGdu0i2ngv3TCnnMeY+SuKYoe3eNhMkmtUIxEDbWkFbY1jn/yCdvTT59WXUqgGg4jQhUFvx5yto/rPWyKmTVhI=,iv:QU8tbVtumsHAy/Lp5DTGyXAd7fmNAL7AbgN47/wHQJs=,tag:qTtxlKMQVY8JfOWYQXhTFg==,type:str]", + "pgp": null, + "encrypted_regex": "^(data|stringData)$", + "version": "3.7.3" + } +} \ No newline at end of file diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/inga/ingress.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/inga/ingress.yaml new file mode 100644 index 000000000..4a78e7eda --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/inga/ingress.yaml @@ -0,0 +1,30 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: indexer + annotations: + kubernetes.io/ingress.class: "nginx" + cert-manager.io/cluster-issuer: "letsencrypt" +spec: + tls: + - hosts: + - inga.prod.cid.contact + secretName: inga-indexer-ingress-tls + rules: + - host: inga.prod.cid.contact + http: + paths: + - path: /ingest + pathType: Prefix + backend: + service: + name: indexer + port: + number: 3001 + - path: / + pathType: Prefix + backend: + service: + name: indexer + port: + number: 3000 diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/inga/kustomization.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/inga/kustomization.yaml new file mode 100644 index 000000000..38b608b0e --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/inga/kustomization.yaml @@ -0,0 +1,33 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: storetheindex + +resources: + - ../../../../../../base/storetheindex-single + - ingress.yaml + - pvc_data.yaml + +namePrefix: inga- + +commonLabels: + name: inga + +secretGenerator: + - name: identity + behavior: replace + files: + - identity.key=identity.key.encrypted # 12D3KooWGRNQLAeMZ658jcuCkVBcVnCkxVYT4GqknQV2tRwDXfRT + +configMapGenerator: + - name: config + behavior: replace + files: + - config=config.json + +patchesStrategicMerge: + - deployment.yaml + +replicas: + - name: inga-indexer + count: 0 \ No newline at end of file diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/inga/pvc_data.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/inga/pvc_data.yaml new file mode 100644 index 000000000..38bb93477 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/inga/pvc_data.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app: indexer-single + app.kubernetes.io/managed-by: kustomization + app.kubernetes.io/part-of: storetheindex + name: data +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Ti + storageClassName: gp3 diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/kustomization.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/kustomization.yaml new file mode 100644 index 000000000..184af9d74 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/kustomization.yaml @@ -0,0 +1,9 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: storetheindex + +resources: + - pdb.yaml + - pod-monitor.yaml + - inga # double hashed instance, writes to prod dhstore diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/pdb.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/pdb.yaml new file mode 100644 index 000000000..ad9e020ae --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/pdb.yaml @@ -0,0 +1,11 @@ +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: indexer-single + labels: + app: indexer-single +spec: + maxUnavailable: 1 + selector: + matchLabels: + app: indexer-single diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/pod-monitor.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/pod-monitor.yaml new file mode 100644 index 000000000..6c4d56980 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/pod-monitor.yaml @@ -0,0 +1,16 @@ +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: indexer-single + labels: + app: indexer-single +spec: + selector: + matchLabels: + app: indexer-single + namespaceSelector: + matchNames: + - storetheindex + podMetricsEndpoints: + - path: /metrics + port: admin diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/kustomization.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/kustomization.yaml new file mode 100644 index 000000000..857267f68 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/kustomization.yaml @@ -0,0 +1,24 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: storetheindex +resources: +- service-account.yaml +- assigner +- instances +- indexstar +- heyfil +- snapshots +- caskadht +- lookout +- dhstore +- dhstore-helga +- dhstore-porvy +- dhstore-qiu +- dhstore-ravi +- dhstore-seka +- dhstore-tetra +- telemetry +images: +- name: storetheindex + newName: 407967248065.dkr.ecr.us-east-2.amazonaws.com/storetheindex/storetheindex # {"$imagepolicy": "storetheindex:storetheindex:name"} + newTag: 0.8.36 # {"$imagepolicy": "storetheindex:storetheindex:tag"} diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/lookout/config.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/lookout/config.yaml new file mode 100644 index 000000000..e3234fcbb --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/lookout/config.yaml @@ -0,0 +1,51 @@ +checkers: + # Check production endpoint behind cache + cid_contact: + type: ipni-non-streaming + ipniEndpoint: https://cid.contact + timeout: 30s + parallelism: 10 + # Check production endpoint behind cache with cascade over IPFS DHT enabled + cid_contact_with_cascade: + type: ipni-non-streaming + ipniEndpoint: https://cid.contact + timeout: 30s + cascadeLabels: + - ipfs-dht + - legacy + parallelism: 10 + # Check production endpoint without cache + indexstar: + type: ipni-non-streaming + ipniEndpoint: https://indexstar.prod.cid.contact + timeout: 30s + parallelism: 10 + # Check production endpoint without cache with cascade over IPFS DHT enabled + indexstar_with_cascade: + type: ipni-non-streaming + ipniEndpoint: https://indexstar.prod.cid.contact + timeout: 30s + cascadeLabels: + - ipfs-dht + - legacy + parallelism: 10 +samplers: + # List of root CIDs of well known IPFS datasets. + # See: + # - https://awesome.ipfs.io/datasets/ + 'awesome.ipfs.io/datasets': + type: awesome-ipfs-datasets + # List of top CIDs collected by saturn orchestrator with inner paths stripped. + # See: + # - https://orchestrator.strn.pl/top-cids + 'orchestrator.strn.pl/top-cids': + type: saturn-orch-top-cids + # List of top 300 CIDs belonging to Internet Archive. + # See: + # - https://github.com/ipni/lookout/blob/main/sample/internet_archive_sampler.go + 'archive.org/top-cids': + type: internet-archive-top-cids +checkInterval: 10m +checkersParallelism: 10 +samplersParallelism: 10 +metricsListenAddr: 0.0.0.0:40080 \ No newline at end of file diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/lookout/deployment.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/lookout/deployment.yaml new file mode 100644 index 000000000..6809acf0c --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/lookout/deployment.yaml @@ -0,0 +1,25 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: lookout +spec: + template: + spec: + containers: + - name: lookout + args: + - '--config=/config/config.yaml' + resources: + limits: + cpu: "0.3" + memory: 512Mi + requests: + cpu: "0.3" + memory: 512Mi + volumeMounts: + - name: config + mountPath: /config + volumes: + - name: config + configMap: + name: lookout-config \ No newline at end of file diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/lookout/kustomization.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/lookout/kustomization.yaml new file mode 100644 index 000000000..10245d50f --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/lookout/kustomization.yaml @@ -0,0 +1,26 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: storetheindex + +resources: + - ../../../../../base/lookout + - pod-monitor.yaml + +patchesStrategicMerge: + - deployment.yaml + +configMapGenerator: + - name: lookout-config + behavior: create + files: + - config.yaml + +images: + - name: lookout + newName: 407967248065.dkr.ecr.us-east-2.amazonaws.com/ipni/lookout + newTag: 20230511104023-2cb718182431d507d5ee33defde11dedad466bd1 + +replicas: + - name: lookout + count: 0 \ No newline at end of file diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/lookout/pod-monitor.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/lookout/pod-monitor.yaml new file mode 100644 index 000000000..0e736725c --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/lookout/pod-monitor.yaml @@ -0,0 +1,16 @@ +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: lookout + labels: + app: lookout +spec: + selector: + matchLabels: + app: lookout + namespaceSelector: + matchNames: + - storetheindex + podMetricsEndpoints: + - path: /metrics + port: metrics \ No newline at end of file diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/service-account.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/service-account.yaml new file mode 100644 index 000000000..d17a21b37 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/service-account.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: storetheindex + annotations: + eks.amazonaws.com/role-arn: "arn:aws:iam::407967248065:role/prod_sti_s3_rw" diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/snapshots/dhstore-snapshot.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/snapshots/dhstore-snapshot.yaml new file mode 100644 index 000000000..c0dab47c5 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/snapshots/dhstore-snapshot.yaml @@ -0,0 +1,8 @@ +apiVersion: snapshot.storage.k8s.io/v1 +kind: VolumeSnapshot +metadata: + name: dhstore-20230427 +spec: + volumeSnapshotClassName: csi-aws-vsc + source: + persistentVolumeClaimName: dhstore-data \ No newline at end of file diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/snapshots/kustomization.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/snapshots/kustomization.yaml new file mode 100644 index 000000000..9ca64e9d1 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/snapshots/kustomization.yaml @@ -0,0 +1,7 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: storetheindex + +resources: + - dhstore-snapshot.yaml diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/telemetry/deployment.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/telemetry/deployment.yaml new file mode 100644 index 000000000..32ebd14fd --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/telemetry/deployment.yaml @@ -0,0 +1,28 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: telemetry +spec: + template: + spec: + topologySpreadConstraints: + - maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + containers: + - name: telemetry + args: + - '-indexerURL=http://inga-indexer:3002' + - '-providersURL=http://indexstar:8080/' + - '-maxDepth=5000' + - '-updateIn=2m' + - '-updateTimeout=5m' + - '-listenAddr=0.0.0.0:40080' + - '-metricsAddr=0.0.0.0:40081' + resources: + limits: + cpu: "1" + memory: 6Gi + requests: + cpu: "1" + memory: 6Gi diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/telemetry/kustomization.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/telemetry/kustomization.yaml new file mode 100644 index 000000000..cbcd1103e --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/telemetry/kustomization.yaml @@ -0,0 +1,21 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: storetheindex + +resources: + - ../../../../../base/telemetry + - pod-monitor.yaml + +patchesStrategicMerge: + - deployment.yaml + +images: + - name: telemetry + newName: 407967248065.dkr.ecr.us-east-2.amazonaws.com/ipni/telemetry + newTag: 20240308135359-c8e7f0dd9599b74c64b2247580de5987f56ecbd7 + + +replicas: + - name: telemetry + count: 0 \ No newline at end of file diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/telemetry/pod-monitor.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/telemetry/pod-monitor.yaml new file mode 100644 index 000000000..339cd8802 --- /dev/null +++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/telemetry/pod-monitor.yaml @@ -0,0 +1,16 @@ +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: telemetry + labels: + app: telemetry +spec: + selector: + matchLabels: + app: telemetry + namespaceSelector: + matchNames: + - storetheindex + podMetricsEndpoints: + - path: /metrics + port: metrics