Skip to content

KubeArchive: install on production #6407

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

KubeArchive: install on production #6407

wants to merge 1 commit into from
+1,293 −200

Conversation

rh-hemartin
Copy link
Contributor

  • Added production clusters
  • Patches are duplicated because we need them to be this way for clusters to be independent.
  • The remote-argocd account will need permissions to create clusterkubearchive.kubearchive.org/v1
  • The kyverno user will need permissions to create kubearchiveconfigs.kubearchive.org/v1
  • Before this get merged I need someone to initialize the databases, let me know and I can help you, instructions are:
curl -L https://github.com/golang-migrate/migrate/releases/latest/download/migrate.linux-amd64.tar.gz | tar xvz migrate;
git clone https://github.com/kubearchive/kubearchive --branch=v1.0.1;
cd kubearchive;
./migrate -verbose -path integrations/database/postgresql/migrations/ -database postgresql://${DATABASE_USER}:${DATABASE_PASSWORD}@${DATABASE_URL}:${DATABASE_PORT}/${DATABASE_DB} up

@openshift-ci openshift-ci bot requested review from mafh314 and skoved May 19, 2025 06:44
@rh-hemartin
Copy link
Contributor Author

@hugares @manish-jangra do you know which is the correct path for the database secrets? I just assumed the same path as the staging secret.

@rh-hemartin
Copy link
Contributor Author

/hold

@maruiz93
Copy link
Contributor

Could you also add the configuration needed under konflux-ui component (based on this) so the kubearchive API is available for Konflux UI through its nginx proxy.

NOTE: There is no need to add the Route as the service doesn't need to be exposed for that. That is something we need to deal with when it comes to the kubearchive CLI usage, but not for the API per se.

@rh-hemartin rh-hemartin force-pushed the kubearchive-production branch from 9b9fa2d to d6966f9 Compare May 19, 2025 08:10
@rh-hemartin
Copy link
Contributor Author

Could you also add the configuration needed under konflux-ui component (based on this) so the kubearchive API is available for Konflux UI through its nginx proxy.

Done!

@maruiz93
Copy link
Contributor

/lgtm

@openshift-ci openshift-ci bot added the lgtm label May 19, 2025
@rh-hemartin
Copy link
Contributor Author

/retest

@rh-hemartin
Copy link
Contributor Author

Ping

@mafh314
Copy link
Contributor

mafh314 commented May 29, 2025

/lgtm

filariow
filariow reviewed May 29, 2025
View reviewed changes
argo-cd-apps/base/member/infra-deployments/kubearchive/kubearchive.yaml Outdated
Comment on lines 29 to 30
- nameNormalized: stone-prd-m01
values.clusterDir: stone-prd-m01
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- nameNormalized: stone-prd-m01
values.clusterDir: stone-prd-m01

m01 is deprecated and it will be removed soon. @hugares should skip it in this rollout already?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I removed it, I can add it back if needed.

components/kubearchive/development/kustomization.yaml Outdated
Comment on lines 133 to 137
cpu: 200m
memory: 1Gi
requests:
cpu: 200m
memory: 900Mi
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the development overlay is used in e2e tests. Do you think we can reduce deployments' resources in this overlay so we'll require smaller clusters during e2e tests?

Copy link
Contributor Author

@rh-hemartin rh-hemartin May 29, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I reduced the memory for all deployments, currently we are sitting at ~30Mi on staging because we introduced a fix that solved the high memory usage so I set it to 128Mi. I can adjust it even lower for development if you want.

components/kubearchive/production/kflux-ocp-p01/kustomization.yaml Outdated
limits:
cpu: 500m
requests:
cpu: 10m
memory: 256Mi
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

to prevent eviction of this service in production, we'd like to ensure the deployment has Guaranteed QoS (i.e. limits==requests). This suggestion applies also to the other KubeArchive's deployments.

Copy link
Contributor Author

@rh-hemartin rh-hemartin May 29, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done for all deployments. However it applies to just memory or CPU as well?

@rh-hemartin
KubeArchive: install on production
1ccc9f0 
Signed-off-by: Hector Martinez <[email protected]>
@rh-hemartin rh-hemartin force-pushed the kubearchive-production branch from d6966f9 to 1ccc9f0 Compare May 29, 2025 14:26
@openshift-ci openshift-ci bot removed the lgtm label May 29, 2025
@skoved
Copy link
Contributor

skoved commented Jun 4, 2025

/lgtm

@openshift-ci openshift-ci bot added the lgtm label Jun 4, 2025
@ralphbean
Copy link
Member

/lgtm

@ralphbean
Copy link
Member

/approve

@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Jun 5, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: mafh314, maruiz93, ralphbean, rh-hemartin, skoved

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved label Jun 5, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@filariow filariow filariow left review comments

@maruiz93 maruiz93 maruiz93 approved these changes

@skoved skoved skoved approved these changes

@mafh314 mafh314 mafh314 approved these changes

At least 1 approving review is required to merge this pull request.

Assignees

@ralphbean ralphbean

@maruiz93 maruiz93

@skoved skoved

@mafh314 mafh314

Labels
approved do-not-merge/hold lgtm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@rh-hemartin @maruiz93 @mafh314 @skoved @ralphbean @filariow