diff --git a/base/blobstore/blobstore.Deployment.yaml b/base/blobstore/blobstore.Deployment.yaml index ddc092e8d0c0..94b9ed4ba85c 100644 --- a/base/blobstore/blobstore.Deployment.yaml +++ b/base/blobstore/blobstore.Deployment.yaml @@ -26,7 +26,7 @@ spec: spec: containers: - name: blobstore - image: index.docker.io/sourcegraph/blobstore:5.10.2832@sha256:f6b5ca96aa06a48e0c2c1f0387af74bb965029e27d4e0a58cdc38fbd4ac3c80e + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/blobstore:5.11.4013@sha256:0ea39c4fd5ba0c4ed130cd21b03ad3fd815a74f92ee5eef3e9f8094ead083708 terminationMessagePolicy: FallbackToLogsOnError ports: - containerPort: 9000 diff --git a/base/cadvisor/cadvisor.DaemonSet.yaml b/base/cadvisor/cadvisor.DaemonSet.yaml index 23737aa2b04d..f547ca228197 100644 --- a/base/cadvisor/cadvisor.DaemonSet.yaml +++ b/base/cadvisor/cadvisor.DaemonSet.yaml @@ -26,7 +26,7 @@ spec: serviceAccountName: cadvisor containers: - name: cadvisor - image: index.docker.io/sourcegraph/cadvisor:5.10.2832@sha256:22f81bf1d57b6f9d14c831639f6ec8057649c4d1525d0df46efb4872d5e95308 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/cadvisor:5.11.4013@sha256:a65c8e3df16d1035b8f992e0864d6c20102b2898396f2604c592dca656129f42 args: # Kubernetes-specific flags below (other flags are baked into the Docker image) # diff --git a/base/codeinsights-db/codeinsights-db.Deployment.yaml b/base/codeinsights-db/codeinsights-db.Deployment.yaml index 0d4251af76e3..4a811dee5904 100644 --- a/base/codeinsights-db/codeinsights-db.Deployment.yaml +++ b/base/codeinsights-db/codeinsights-db.Deployment.yaml @@ -26,7 +26,7 @@ spec: spec: initContainers: - name: correct-data-dir-permissions - image: index.docker.io/sourcegraph/alpine-3.14:5.10.2832@sha256:d0d92d9ccbbf01005a095401aafce754c4bdc865cb993a56b673fbb4d7f274fb + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/alpine-3.14:5.11.4013@sha256:64c643b1ebc4c86f6327435e73c2fd13414a7a53248b7e1f95a1a3b59a0c9823 command: ["sh", "-c", "if [ -d /var/lib/postgresql/data/pgdata ]; then chmod 750 /var/lib/postgresql/data/pgdata; fi"] volumeMounts: - mountPath: /var/lib/postgresql/data/ @@ -42,7 +42,7 @@ spec: memory: "50Mi" containers: - name: codeinsights - image: index.docker.io/sourcegraph/postgresql-16-codeinsights:5.10.2832@sha256:96b88fb2fe8bbd735be8ee75e5b49c70d7dc11089ae5fa7307955728adba6a7d + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/postgresql-16-codeinsights:5.11.4013@sha256:41d8f168c3b80136fa692906becf8a3760b037cb9253aab597febba2e62d3560 env: - name: POSTGRES_DB value: postgres @@ -75,7 +75,7 @@ spec: value: postgres://postgres:@localhost:5432/?sslmode=disable - name: PG_EXPORTER_EXTEND_QUERY_PATH value: /config/code_insights_queries.yaml - image: index.docker.io/sourcegraph/postgres_exporter:5.10.2832@sha256:190eea7189d7831be9f04f13a47cfb19de9a1c1ac18739ac40d261f05c2b41aa + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/postgres_exporter:5.11.4013@sha256:d79cacd6d17387d7df0fa162576e7f411ad558699fe862c7a2fc34fcd04be878 terminationMessagePolicy: FallbackToLogsOnError name: pgsql-exporter resources: diff --git a/base/codeintel-db/codeintel-db.Deployment.yaml b/base/codeintel-db/codeintel-db.Deployment.yaml index 4bb01ce0ce3e..0491295d4752 100644 --- a/base/codeintel-db/codeintel-db.Deployment.yaml +++ b/base/codeintel-db/codeintel-db.Deployment.yaml @@ -27,7 +27,7 @@ spec: spec: initContainers: - name: correct-data-dir-permissions - image: index.docker.io/sourcegraph/alpine-3.14:5.10.2832@sha256:d0d92d9ccbbf01005a095401aafce754c4bdc865cb993a56b673fbb4d7f274fb + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/alpine-3.14:5.11.4013@sha256:64c643b1ebc4c86f6327435e73c2fd13414a7a53248b7e1f95a1a3b59a0c9823 command: ["sh", "-c", "if [ -d /data/pgdata-12 ]; then chmod 750 /data/pgdata-12; fi"] volumeMounts: - mountPath: /data @@ -43,7 +43,7 @@ spec: memory: "50Mi" containers: - name: pgsql - image: index.docker.io/sourcegraph/postgresql-16:5.10.2832@sha256:7a637a98960cb7d3ac6705c7f7335874c005ed9f0c68bfaa0e5eebf2d7f71e94 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/postgresql-16:5.11.4013@sha256:201c000ccd95d484e94e6e7d87a7c2f2d24c36a41650f355cae4b2914e2c9403 terminationMessagePolicy: FallbackToLogsOnError readinessProbe: exec: @@ -80,7 +80,7 @@ spec: value: postgres://sg:@localhost:5432/?sslmode=disable - name: PG_EXPORTER_EXTEND_QUERY_PATH value: /config/code_intel_queries.yaml - image: index.docker.io/sourcegraph/postgres_exporter:5.10.2832@sha256:190eea7189d7831be9f04f13a47cfb19de9a1c1ac18739ac40d261f05c2b41aa + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/postgres_exporter:5.11.4013@sha256:d79cacd6d17387d7df0fa162576e7f411ad558699fe862c7a2fc34fcd04be878 terminationMessagePolicy: FallbackToLogsOnError name: pgsql-exporter resources: diff --git a/base/frontend/sourcegraph-frontend.Deployment.yaml b/base/frontend/sourcegraph-frontend.Deployment.yaml index 1cf469eed98b..79ff0b4fcbcd 100644 --- a/base/frontend/sourcegraph-frontend.Deployment.yaml +++ b/base/frontend/sourcegraph-frontend.Deployment.yaml @@ -29,7 +29,7 @@ spec: spec: initContainers: - name: migrator - image: index.docker.io/sourcegraph/migrator:5.10.2832@sha256:4f5e69016f947211ef7d14e88df091550a6472f5281b025f08d234d8acc0d993 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/migrator:5.11.4013@sha256:f313ed43e610189646025c0a3f3fc9949a5bad527d61925d7b591c54cb9dc6f2 args: ["up"] resources: limits: @@ -63,7 +63,7 @@ spec: value: sg containers: - name: frontend - image: index.docker.io/sourcegraph/frontend:5.10.2832@sha256:b918b672d858dc6e0c9e48f0669a59bc1a78aed9bfceec020788f689829ad415 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/frontend:5.11.4013@sha256:a9d25de49eaa9886267041963937ceb97b5b58137fdc6135348ce6a5c80abf72 args: - serve env: diff --git a/base/gitserver/gitserver.StatefulSet.yaml b/base/gitserver/gitserver.StatefulSet.yaml index e812fbe8aa98..a0b082319493 100644 --- a/base/gitserver/gitserver.StatefulSet.yaml +++ b/base/gitserver/gitserver.StatefulSet.yaml @@ -35,7 +35,7 @@ spec: fieldPath: status.hostIP - name: OTEL_EXPORTER_OTLP_ENDPOINT value: http://$(OTEL_AGENT_HOST):4317 - image: index.docker.io/sourcegraph/gitserver:5.10.2832@sha256:da3e193ab6b37ffa9374fb44d727ebfdbe62f88e117c902e488b348c59663ace + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/gitserver:5.11.4013@sha256:75557aae6a4a3ccef283cba571824137576c86d5e71e629848753effbe99a893 terminationMessagePolicy: FallbackToLogsOnError livenessProbe: initialDelaySeconds: 5 diff --git a/base/grafana/grafana.StatefulSet.yaml b/base/grafana/grafana.StatefulSet.yaml index 8a279d037e55..1bff09277be1 100644 --- a/base/grafana/grafana.StatefulSet.yaml +++ b/base/grafana/grafana.StatefulSet.yaml @@ -26,7 +26,7 @@ spec: spec: containers: - name: grafana - image: index.docker.io/sourcegraph/grafana:5.10.2832@sha256:5bbc2a2a9a32490a0ea7969a400ae17af1baa22a8216c45fa14168d560574f79 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/grafana:5.11.4013@sha256:cee720fc5e75dbe7533452a3f269c13415fb3ce0ab4a85dd1158683a64fe766c terminationMessagePolicy: FallbackToLogsOnError ports: - containerPort: 3370 diff --git a/base/indexed-search/indexed-search.StatefulSet.yaml b/base/indexed-search/indexed-search.StatefulSet.yaml index f9f50872f1c2..accb81252d41 100644 --- a/base/indexed-search/indexed-search.StatefulSet.yaml +++ b/base/indexed-search/indexed-search.StatefulSet.yaml @@ -33,7 +33,7 @@ spec: value: http://$(OTEL_AGENT_HOST):4317 - name: OPENTELEMETRY_DISABLED value: "false" - image: index.docker.io/sourcegraph/indexed-searcher:5.10.2832@sha256:876a5b31fd55dfcd827329b64e2ba5bcce7ed268e0964736b4527aa8b17a835b + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/indexed-searcher:5.11.4013@sha256:c49282731c448fa83f944e3fbd835880bec9484195b95e05163e460089b87554 terminationMessagePolicy: FallbackToLogsOnError ports: - containerPort: 6070 @@ -67,7 +67,7 @@ spec: value: http://$(OTEL_AGENT_HOST):4317 - name: OPENTELEMETRY_DISABLED value: "false" - image: index.docker.io/sourcegraph/search-indexer:5.10.2832@sha256:deedce4cb9a7c01105904c427d615a23e34301e52728af8f08c73fda4eecbee1 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/search-indexer:5.11.4013@sha256:ea079a9f399d1586e8763760b9f5d866087666d967cf844e79997280c19e2042 terminationMessagePolicy: FallbackToLogsOnError ports: - containerPort: 6072 diff --git a/base/node-exporter/node-exporter.DaemonSet.yaml b/base/node-exporter/node-exporter.DaemonSet.yaml index fc8ba74e6897..49b71123e5ab 100644 --- a/base/node-exporter/node-exporter.DaemonSet.yaml +++ b/base/node-exporter/node-exporter.DaemonSet.yaml @@ -24,7 +24,7 @@ spec: spec: containers: - name: node-exporter - image: index.docker.io/sourcegraph/node-exporter:5.10.2832@sha256:c31345f0ad1f9665b121d09df45ba9cfc87945b31a8ae7aaa528a2564e3002e4 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/node-exporter:5.11.4013@sha256:2e9415129c515fda8b8caafd920cc1a3e092fafdb5b502809efa850765b1906f imagePullPolicy: IfNotPresent resources: limits: diff --git a/base/otel-collector/otel-agent.DaemonSet.yaml b/base/otel-collector/otel-agent.DaemonSet.yaml index d7c4aaec9537..303fbd1f3b57 100644 --- a/base/otel-collector/otel-agent.DaemonSet.yaml +++ b/base/otel-collector/otel-agent.DaemonSet.yaml @@ -26,7 +26,7 @@ spec: spec: containers: - name: otel-agent - image: index.docker.io/sourcegraph/opentelemetry-collector:5.10.2832@sha256:b1cc044ff1263220944c00bd056779fe789deb72aaf7d5f9f23bba1af66683dd + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/opentelemetry-collector:5.11.4013@sha256:6f68a65a8c9ded88ef81d73583576a6888dbddc05bc55f3b794c776404658ac7 command: - "/bin/otelcol-sourcegraph" - "--config=/etc/otel-agent/config.yaml" diff --git a/base/otel-collector/otel-collector.Deployment.yaml b/base/otel-collector/otel-collector.Deployment.yaml index 21dbd25aae8e..7fd33c2dc234 100644 --- a/base/otel-collector/otel-collector.Deployment.yaml +++ b/base/otel-collector/otel-collector.Deployment.yaml @@ -26,7 +26,7 @@ spec: spec: containers: - name: otel-collector - image: index.docker.io/sourcegraph/opentelemetry-collector:5.10.2832@sha256:b1cc044ff1263220944c00bd056779fe789deb72aaf7d5f9f23bba1af66683dd + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/opentelemetry-collector:5.11.4013@sha256:6f68a65a8c9ded88ef81d73583576a6888dbddc05bc55f3b794c776404658ac7 command: - "/bin/otelcol-sourcegraph" # To use a custom configuration, edit otel-collector.ConfigMap.yaml diff --git a/base/pgsql/pgsql.Deployment.yaml b/base/pgsql/pgsql.Deployment.yaml index bfd883150d53..a5b06035a4f0 100644 --- a/base/pgsql/pgsql.Deployment.yaml +++ b/base/pgsql/pgsql.Deployment.yaml @@ -27,7 +27,7 @@ spec: spec: initContainers: - name: correct-data-dir-permissions - image: index.docker.io/sourcegraph/alpine-3.14:5.10.2832@sha256:d0d92d9ccbbf01005a095401aafce754c4bdc865cb993a56b673fbb4d7f274fb + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/alpine-3.14:5.11.4013@sha256:64c643b1ebc4c86f6327435e73c2fd13414a7a53248b7e1f95a1a3b59a0c9823 command: ["sh", "-c", "if [ -d /data/pgdata-12 ]; then chmod 750 /data/pgdata-12; fi"] volumeMounts: - mountPath: /data @@ -43,7 +43,7 @@ spec: memory: "50Mi" containers: - env: - image: index.docker.io/sourcegraph/postgresql-16:5.10.2832@sha256:7a637a98960cb7d3ac6705c7f7335874c005ed9f0c68bfaa0e5eebf2d7f71e94 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/postgresql-16:5.11.4013@sha256:201c000ccd95d484e94e6e7d87a7c2f2d24c36a41650f355cae4b2914e2c9403 terminationMessagePolicy: FallbackToLogsOnError readinessProbe: exec: @@ -83,7 +83,7 @@ spec: value: postgres://sg:@localhost:5432/?sslmode=disable - name: PG_EXPORTER_EXTEND_QUERY_PATH value: /config/queries.yaml - image: index.docker.io/sourcegraph/postgres_exporter:5.10.2832@sha256:190eea7189d7831be9f04f13a47cfb19de9a1c1ac18739ac40d261f05c2b41aa + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/postgres_exporter:5.11.4013@sha256:d79cacd6d17387d7df0fa162576e7f411ad558699fe862c7a2fc34fcd04be878 terminationMessagePolicy: FallbackToLogsOnError name: pgsql-exporter resources: diff --git a/base/precise-code-intel/worker.Deployment.yaml b/base/precise-code-intel/worker.Deployment.yaml index dcd1d7e78d3a..a54821771323 100644 --- a/base/precise-code-intel/worker.Deployment.yaml +++ b/base/precise-code-intel/worker.Deployment.yaml @@ -46,7 +46,7 @@ spec: fieldPath: status.hostIP - name: OTEL_EXPORTER_OTLP_ENDPOINT value: http://$(OTEL_AGENT_HOST):4317 - image: index.docker.io/sourcegraph/precise-code-intel-worker:5.10.2832@sha256:62f10f3cd7aa7dd74053ac76057c914b90a8ced07c999e3d862b50544b11bc09 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/precise-code-intel-worker:5.11.4013@sha256:25fda9b309a63722157c5aae947be3cbf33e31d78a14c581ecf00d88f574bb84 terminationMessagePolicy: FallbackToLogsOnError livenessProbe: httpGet: diff --git a/base/prometheus/prometheus.Deployment.yaml b/base/prometheus/prometheus.Deployment.yaml index 6fabd965305a..28e96081313b 100644 --- a/base/prometheus/prometheus.Deployment.yaml +++ b/base/prometheus/prometheus.Deployment.yaml @@ -25,7 +25,7 @@ spec: spec: containers: - name: prometheus - image: index.docker.io/sourcegraph/prometheus:5.10.2832@sha256:18023ce87c412b62e3c8f56030247de55f0d545608edefdfc041c5a95d1c4951 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/prometheus:5.11.4013@sha256:f26d45cf9c7478dc1c4f2d99eb4c8a88dd5cd7b5699e9954a88c4a1b49fb8eec terminationMessagePolicy: FallbackToLogsOnError readinessProbe: httpGet: diff --git a/base/redis/redis-cache.Deployment.yaml b/base/redis/redis-cache.Deployment.yaml index ad9e0d44954d..6f4289d07f25 100644 --- a/base/redis/redis-cache.Deployment.yaml +++ b/base/redis/redis-cache.Deployment.yaml @@ -26,7 +26,7 @@ spec: spec: containers: - name: redis-cache - image: index.docker.io/sourcegraph/redis-cache:5.10.2832@sha256:7c62920aa1cfbaf4f7ecb216786120a0f880de872669dea5afa0459af5bf36a5 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/redis-cache:5.11.4013@sha256:8ed5e1716e414494c13cc6b68534c838cc9ad6a0a20986af34d42a0eee3060cf terminationMessagePolicy: FallbackToLogsOnError livenessProbe: initialDelaySeconds: 30 @@ -66,7 +66,7 @@ spec: - mountPath: /redis-data name: redis-data - name: redis-exporter - image: index.docker.io/sourcegraph/redis_exporter:5.10.2832@sha256:c356c8a4c32f1433d280f3ce43e3fc504dd6b0f07e208d18443adcc44cf5e5ed + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/redis_exporter:5.11.4013@sha256:679352f2153411034847b7f2cf325d664eae86f0b929ec6feef5c7ce00d5bef3 terminationMessagePolicy: FallbackToLogsOnError ports: - containerPort: 9121 diff --git a/base/redis/redis-store.Deployment.yaml b/base/redis/redis-store.Deployment.yaml index e9d1d5af49ca..97f2f429dc0d 100644 --- a/base/redis/redis-store.Deployment.yaml +++ b/base/redis/redis-store.Deployment.yaml @@ -25,7 +25,7 @@ spec: spec: containers: - name: redis-store - image: index.docker.io/sourcegraph/redis-store:5.10.2832@sha256:413d44f4cc7ec3625f0dcaac2b2a8faa3c2455e78df7ba0e7485e2f0b09a2a41 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/redis-store:5.11.4013@sha256:222387291dc24cdcd2b60888eb0ab10fac12c8859a53e62e3c9b741a92953718 terminationMessagePolicy: FallbackToLogsOnError livenessProbe: initialDelaySeconds: 30 @@ -65,7 +65,7 @@ spec: - mountPath: /redis-data name: redis-data - name: redis-exporter - image: index.docker.io/sourcegraph/redis_exporter:5.10.2832@sha256:c356c8a4c32f1433d280f3ce43e3fc504dd6b0f07e208d18443adcc44cf5e5ed + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/redis_exporter:5.11.4013@sha256:679352f2153411034847b7f2cf325d664eae86f0b929ec6feef5c7ce00d5bef3 terminationMessagePolicy: FallbackToLogsOnError ports: - containerPort: 9121 diff --git a/base/repo-updater/repo-updater.Deployment.yaml b/base/repo-updater/repo-updater.Deployment.yaml index 48ec8f0eead2..1341f6df6061 100644 --- a/base/repo-updater/repo-updater.Deployment.yaml +++ b/base/repo-updater/repo-updater.Deployment.yaml @@ -29,7 +29,7 @@ spec: spec: containers: - name: repo-updater - image: index.docker.io/sourcegraph/repo-updater:5.10.2832@sha256:2fc71baa001a842760f219379343e7f89ed144ad8e2d9925ed3f988ba15b9b35 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/repo-updater:5.11.4013@sha256:8e3c6b90208eec5d575dc32332bc754c99bec4e72946b4d57c73b8a69c98c14b env: # OTEL_AGENT_HOST must be defined before OTEL_EXPORTER_OTLP_ENDPOINT to substitute the node IP on which the DaemonSet pod instance runs in the latter variable - name: OTEL_AGENT_HOST diff --git a/base/searcher/searcher.Deployment.yaml b/base/searcher/searcher.Deployment.yaml index dde4f94357e1..742a5b7ff199 100644 --- a/base/searcher/searcher.Deployment.yaml +++ b/base/searcher/searcher.Deployment.yaml @@ -49,7 +49,7 @@ spec: fieldPath: status.hostIP - name: OTEL_EXPORTER_OTLP_ENDPOINT value: http://$(OTEL_AGENT_HOST):4317 - image: index.docker.io/sourcegraph/searcher:5.10.2832@sha256:cd129b4232059e670d275a1c5b20b46c869b099631014c5980258f608f4b5053 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/searcher:5.11.4013@sha256:1e3a048bc08007c03e263ba4a3151bbac3e9182d035ae90ad6ea616832217e81 terminationMessagePolicy: FallbackToLogsOnError ports: - containerPort: 3181 diff --git a/base/symbols/symbols.Deployment.yaml b/base/symbols/symbols.Deployment.yaml index e7a60c7fa01f..b86963eff8a4 100644 --- a/base/symbols/symbols.Deployment.yaml +++ b/base/symbols/symbols.Deployment.yaml @@ -49,7 +49,7 @@ spec: fieldPath: status.hostIP - name: OTEL_EXPORTER_OTLP_ENDPOINT value: http://$(OTEL_AGENT_HOST):4317 - image: index.docker.io/sourcegraph/symbols:5.10.2832@sha256:83b4a9d2c6b14f16adaffcd87578efd132dadcf7307611661e3c6bc61f1c9640 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/symbols:5.11.4013@sha256:9cebd4fc33ad51ed92242952a4d2fb856db4e5cffcc2bf7134d7a8996e2f74f0 terminationMessagePolicy: FallbackToLogsOnError livenessProbe: httpGet: diff --git a/base/syntect-server/syntect-server.Deployment.yaml b/base/syntect-server/syntect-server.Deployment.yaml index c63484c46a4d..b647bf4db752 100644 --- a/base/syntect-server/syntect-server.Deployment.yaml +++ b/base/syntect-server/syntect-server.Deployment.yaml @@ -29,7 +29,7 @@ spec: containers: - name: syntect-server env: - image: index.docker.io/sourcegraph/syntax-highlighter:5.10.2832@sha256:6043ae53bb68c84ef466902dce435e2e42f72a6ebb6fbc3c1902554ca946917f + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/syntax-highlighter:5.11.4013@sha256:c41da930df4055289d1baf29b07e613e17c232355d648b8d847645c1c1cd2d3a terminationMessagePolicy: FallbackToLogsOnError livenessProbe: httpGet: diff --git a/base/worker/worker.Deployment.yaml b/base/worker/worker.Deployment.yaml index bb02708876a6..e430b7c7e63d 100644 --- a/base/worker/worker.Deployment.yaml +++ b/base/worker/worker.Deployment.yaml @@ -44,7 +44,7 @@ spec: fieldPath: status.hostIP - name: OTEL_EXPORTER_OTLP_ENDPOINT value: http://$(OTEL_AGENT_HOST):4317 - image: index.docker.io/sourcegraph/worker:5.10.2832@sha256:a4a9a4fb88855ce043536e0f694e29327cea881a8ca28a54a99d87d3bc63f783 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/worker:5.11.4013@sha256:8717c224ed52f6b8d5a1957b1ee8d0974fc00d977c7a5b99a858660c98c59545 envFrom: - configMapRef: name: embeddings-backend diff --git a/configure/executors/dind/executor.Deployment.yaml b/configure/executors/dind/executor.Deployment.yaml index 111192f67960..caf3b657b057 100644 --- a/configure/executors/dind/executor.Deployment.yaml +++ b/configure/executors/dind/executor.Deployment.yaml @@ -28,7 +28,7 @@ spec: spec: containers: - name: executor - image: index.docker.io/sourcegraph/executor:5.10.2832@sha256:f47dfe9663f316cb224f401f6be3bbf96ae4f3bbd379fb4322f5ff5fca31b40b + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/executor:5.11.4013@sha256:0c6d3903da4095efd968cb56204f47abf605d436b8fc0bf4448811873a25e8ea imagePullPolicy: Always livenessProbe: exec: @@ -67,7 +67,7 @@ spec: - mountPath: /scratch name: executor-scratch - name: dind - image: index.docker.io/sourcegraph/dind:5.10.2832@sha256:54afd8c51285ee4b8570e999657d6edd89930fcb925079996b91447a860cbeea + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/dind:5.11.4013@sha256:4aefceeddf1c0b439e5e4842a9fb4878e795ad87ea507d18b44ed9243ca25a4c imagePullPolicy: Always securityContext: privileged: true diff --git a/configure/executors/k8s/executor.Deployment.yaml b/configure/executors/k8s/executor.Deployment.yaml index 8b2a9d8c5407..845f4ec5031e 100644 --- a/configure/executors/k8s/executor.Deployment.yaml +++ b/configure/executors/k8s/executor.Deployment.yaml @@ -29,7 +29,7 @@ spec: serviceAccountName: executor containers: - name: executor - image: index.docker.io/sourcegraph/executor-kubernetes:5.10.2832@sha256:abf9c89453bf0a603cb0ba293e32e35e1550504f21a5bf93007f902bef7ff313 + image: us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/executor-kubernetes:5.11.4013@sha256:050dda9cc0c95ea30584f597738256f3aeeece51caf405eaf21e1ab79ceb100a imagePullPolicy: Always livenessProbe: exec: diff --git a/configure/migrator/migrator.Job.yaml b/configure/migrator/migrator.Job.yaml index a8ecdfe52715..00e3aac1d150 100644 --- a/configure/migrator/migrator.Job.yaml +++ b/configure/migrator/migrator.Job.yaml @@ -12,7 +12,7 @@ spec: spec: containers: - name: migrator - image: "index.docker.io/sourcegraph/migrator:5.10.2832@sha256:4f5e69016f947211ef7d14e88df091550a6472f5281b025f08d234d8acc0d993" + image: "us-central1-docker.pkg.dev/sourcegraph-ci/rfc795-internal/migrator:5.11.4013@sha256:f313ed43e610189646025c0a3f3fc9949a5bad527d61925d7b591c54cb9dc6f2" args: ["up"] env: - name: PGHOST diff --git a/resources-update/kustomization.yaml b/resources-update/kustomization.yaml new file mode 100644 index 000000000000..88183e90d9af --- /dev/null +++ b/resources-update/kustomization.yaml @@ -0,0 +1,9 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: default +resources: + - ../bases/deployments + - ../bases/pvcs +patchesStrategicMerge: + # Update the resources listed in the ./resources.yaml + - resources.yaml \ No newline at end of file diff --git a/resources-update/resources.yaml b/resources-update/resources.yaml new file mode 100644 index 000000000000..f2728945912d --- /dev/null +++ b/resources-update/resources.yaml @@ -0,0 +1,435 @@ +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: cadvisor +# spec: +# template: +# spec: +# containers: +# - name: cadvisor +# resources: +# limits: +# cpu: 300m +# memory: 200Mi +# requests: +# cpu: 100m +# memory: 200Mi +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: codeinsights-db +# spec: +# template: +# spec: +# containers: +# - name: codeinsights +# resources: +# limits: +# cpu: "4" +# memory: "2Gi" +# requests: +# cpu: "4" +# memory: "2Gi" +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + name: codeinsights-db +# spec: +# resources: +# requests: +# storage: 200Gi +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: codeintel-db +# spec: +# template: +# spec: +# containers: +# - name: pgsql +# resources: +# limits: +# cpu: "16" +# memory: 16G +# requests: +# cpu: "8" +# memory: 8G +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: codeintel-db +# spec: +# resources: +# requests: +# storage: 500Gi +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: sourcegraph-frontend +# spec: +# replicas: 2 +# template: +# spec: +# containers: +# - name: frontend +# resources: +# limits: +# cpu: "2" +# ephemeral-storage: "8Gi" +# memory: 4G +# requests: +# cpu: "2" +# ephemeral-storage: "4Gi" +# memory: 2G +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: gitserver +# spec: +# replicas: 1 +# template: +# spec: +# containers: +# - name: gitserver +# resources: +# limits: +# cpu: "4" +# memory: 8G +# requests: +# cpu: "4" +# memory: 8G +# - metadata: +# name: repos +# spec: +# resources: +# requests: +# storage: 200Gi # If you change this, also change indexed-search's disk size. +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: grafana +# spec: +# template: +# spec: +# containers: +# - name: grafana +# resources: +# limits: +# cpu: "1" +# memory: 512Mi +# requests: +# cpu: 100m +# memory: 512Mi +# volumeClaimTemplates: +# - metadata: +# name: grafana-data +# spec: +# resources: +# requests: +# storage: 2Gi +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: indexed-search +# spec: +# replicas: 1 +# template: +# spec: +# containers: +# - name: zoekt-webserver +# resources: +# limits: +# cpu: "16" +# memory: 16G +# requests: +# cpu: "8" +# memory: 8G +# - name: zoekt-indexserver +# resources: +# limits: +# cpu: "16" +# memory: 16G +# requests: +# cpu: "8" +# memory: 8G +# volumeClaimTemplates: +# - metadata: +# spec: +# resources: +# requests: +# storage: 200Gi +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: blobstore +# spec: +# template: +# spec: +# containers: +# - name: blobstore +# resources: +# limits: +# cpu: "1" +# memory: 500M +# requests: +# cpu: "1" +# memory: 500M +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: blobstore +# spec: +# resources: +# requests: +# storage: 100Gi +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: pgsql +# spec: +# template: +# spec: +# containers: +# - name: pgsql +# resources: +# limits: +# cpu: "4" +# memory: 4Gi +# requests: +# cpu: "4" +# memory: 4Gi +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: pgsql +# spec: +# resources: +# requests: +# storage: 200Gi +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: precise-code-intel-worker +# spec: +# replicas: 2 +# template: +# spec: +# containers: +# - name: precise-code-intel-worker +# resources: +# limits: +# cpu: "2" +# memory: 4G +# requests: +# cpu: 500m +# memory: 2G +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: prometheus +# spec: +# template: +# spec: +# containers: +# - name: prometheus +# resources: +# limits: +# cpu: "2" +# memory: 6G +# requests: +# cpu: 500m +# memory: 6G +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: redis-cache +# spec: +# template: +# spec: +# containers: +# - name: redis-cache +# resources: +# limits: +# cpu: "1" +# memory: 7Gi +# requests: +# cpu: "1" +# memory: 7Gi +# - name: redis-exporter +# resources: +# limits: +# cpu: 10m +# memory: 100Mi +# requests: +# cpu: 10m +# memory: 100Mi +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: redis-store +# spec: +# template: +# spec: +# containers: +# - name: redis-store +# resources: +# limits: +# cpu: "1" +# memory: 7Gi +# requests: +# cpu: "1" +# memory: 7Gi +# - name: redis-exporter +# resources: +# limits: +# cpu: 10m +# memory: 100Mi +# requests: +# cpu: 10m +# memory: 100Mi +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: repo-updater +# spec: +# replicas: 1 # IMPORTANT: Singleton service. Do NOT add more replica. +# template: +# spec: +# containers: +# - name: repo-updater +# resources: +# limits: +# cpu: "1" +# memory: 2Gi +# requests: +# cpu: "1" +# memory: 500Mi +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: searcher +# spec: +# replicas: 2 +# template: +# spec: +# containers: +# - name: searcher +# resources: +# limits: +# cpu: "2" +# ephemeral-storage: "26G" +# memory: 2G +# requests: +# cpu: 500m +# ephemeral-storage: "25G" +# memory: 500M +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: symbols +# spec: +# replicas: 1 +# template: +# spec: +# containers: +# - name: symbols +# resources: +# limits: +# cpu: "2" +# ephemeral-storage: "12G" +# memory: 2G +# requests: +# cpu: 500m +# ephemeral-storage: "10G" +# memory: 500M +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: syntect-server +# spec: +# replicas: 1 +# template: +# spec: +# containers: +# - name: syntect-server +# resources: +# limits: +# cpu: "4" +# memory: 6G +# requests: +# cpu: 250m +# memory: 2G +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: worker +# spec: +# replicas: 1 +# template: +# spec: +# containers: +# - name: worker +# resources: +# limits: +# cpu: "2" +# memory: 4G +# requests: +# cpu: 500m +# memory: 2G +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: otel-agent +# spec: +# template: +# spec: +# containers: +# - name: otel-agent +# resources: +# limits: +# cpu: "500m" +# memory: 500Mi +# requests: +# cpu: "100m" +# memory: 100Mi +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: otel-collector +# spec: +# replicas: 1 +# template: +# spec: +# containers: +# - name: otel-collector +# resources: +# limits: +# cpu: "1" +# memory: 2Gi +# requests: +# cpu: "0.5" +# memory: 512Mi diff --git a/test-cluster-5.9/apps_v1_daemonset_cadvisor.yaml b/test-cluster-5.9/apps_v1_daemonset_cadvisor.yaml new file mode 100644 index 000000000000..0cc2a6db544a --- /dev/null +++ b/test-cluster-5.9/apps_v1_daemonset_cadvisor.yaml @@ -0,0 +1,80 @@ +apiVersion: apps/v1 +kind: DaemonSet +metadata: + annotations: + description: DaemonSet to ensure all nodes run a cAdvisor pod. + seccomp.security.alpha.kubernetes.io/pod: docker/default + labels: + app.kubernetes.io/component: cadvisor + deploy: sourcegraph + sourcegraph-resource-requires: cluster-admin + name: cadvisor + namespace: ns-sourcegraph +spec: + selector: + matchLabels: + app: cadvisor + template: + metadata: + annotations: + description: Collects and exports container metrics. + prometheus.io/port: "48080" + sourcegraph.prometheus/scrape: "true" + labels: + app: cadvisor + deploy: sourcegraph + spec: + automountServiceAccountToken: false + containers: + - args: + - --store_container_labels=false + - --whitelisted_container_labels=io.kubernetes.container.name,io.kubernetes.pod.name,io.kubernetes.pod.namespace,io.kubernetes.pod.uid + image: index.docker.io/sourcegraph/cadvisor:5.9.0@sha256:b44d46754136e59d4853753967b783744df7e4a6bae140fde10c939b5c96bd43 + name: cadvisor + ports: + - containerPort: 48080 + name: http + protocol: TCP + resources: + limits: + cpu: 300m + memory: 2000Mi + requests: + cpu: 150m + memory: 200Mi + securityContext: + privileged: null + volumeMounts: + - mountPath: /rootfs + name: rootfs + readOnly: true + - mountPath: /var/run + name: var-run + readOnly: true + - mountPath: /sys + name: sys + readOnly: true + - mountPath: /var/lib/docker + name: docker + readOnly: true + - mountPath: /dev/disk + name: disk + readOnly: true + serviceAccountName: cadvisor + terminationGracePeriodSeconds: 30 + volumes: + - hostPath: + path: / + name: rootfs + - hostPath: + path: /var/run + name: var-run + - hostPath: + path: /sys + name: sys + - hostPath: + path: /var/lib/docker + name: docker + - hostPath: + path: /dev/disk + name: disk diff --git a/test-cluster-5.9/apps_v1_daemonset_node-exporter.yaml b/test-cluster-5.9/apps_v1_daemonset_node-exporter.yaml new file mode 100644 index 000000000000..6591191a9a93 --- /dev/null +++ b/test-cluster-5.9/apps_v1_daemonset_node-exporter.yaml @@ -0,0 +1,109 @@ +apiVersion: apps/v1 +kind: DaemonSet +metadata: + annotations: + description: DaemonSet to ensure all nodes run a node-exporter pod. + seccomp.security.alpha.kubernetes.io/pod: docker/default + labels: + app: node-exporter + app.kubernetes.io/component: node-exporter + deploy: sourcegraph + name: node-exporter + namespace: ns-sourcegraph +spec: + selector: + matchLabels: + app: node-exporter + template: + metadata: + annotations: + description: Collects and exports machine metrics. + kubectl.kubernetes.io/default-container: node-exporter + labels: + app: node-exporter + deploy: sourcegraph + spec: + affinity: null + automountServiceAccountToken: false + containers: + - args: + - --web.listen-address=:9100 + - --path.sysfs=/host/sys + - --path.rootfs=/host/root + - --path.procfs=/host/proc + - --no-collector.wifi + - --no-collector.hwmon + - --collector.filesystem.ignored-mount-points=^/(dev|proc|sys|var/lib/docker/.+|var/lib/kubelet/pods/.+)($|/) + - --collector.netclass.ignored-devices=^(veth.*)$ + - --collector.netdev.device-exclude=^(veth.*)$ + env: null + image: index.docker.io/sourcegraph/node-exporter:5.9.0@sha256:70eca4d670dd52326eb9c2a98e3f80b1dab24b47448192e111c8b22ffbf153b4 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + port: metrics + scheme: HTTP + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: node-exporter + ports: + - containerPort: 9100 + name: metrics + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + port: metrics + scheme: HTTP + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + limits: + cpu: "1" + memory: 1Gi + requests: + cpu: 200m + memory: 100Mi + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsGroup: 65534 + runAsUser: 65534 + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /host/root + mountPropagation: HostToContainer + name: rootfs + readOnly: true + - mountPath: /host/sys + mountPropagation: HostToContainer + name: sys + readOnly: true + - mountPath: /host/proc + mountPropagation: HostToContainer + name: proc + readOnly: true + hostPID: true + nodeSelector: null + securityContext: + fsGroup: 65534 + runAsGroup: 65534 + runAsNonRoot: true + runAsUser: 65534 + terminationGracePeriodSeconds: 30 + tolerations: null + volumes: + - hostPath: + path: / + name: rootfs + - hostPath: + path: /sys + name: sys + - hostPath: + path: /proc + name: proc diff --git a/test-cluster-5.9/apps_v1_daemonset_otel-agent.yaml b/test-cluster-5.9/apps_v1_daemonset_otel-agent.yaml new file mode 100644 index 000000000000..c49d319f5194 --- /dev/null +++ b/test-cluster-5.9/apps_v1_daemonset_otel-agent.yaml @@ -0,0 +1,71 @@ +apiVersion: apps/v1 +kind: DaemonSet +metadata: + annotations: + description: Forwards telemetry data to the OpenTelemetry Collector Deployment. + prometheus.io/port: "8888" + sourcegraph.prometheus/scrape: "true" + labels: + app.kubernetes.io/component: otel-collector + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: otel-agent + namespace: ns-sourcegraph +spec: + minReadySeconds: 5 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: otel-agent + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: otel-agent + labels: + app: otel-agent + deploy: sourcegraph + spec: + containers: + - command: + - /bin/otelcol-sourcegraph + - --config=/etc/otel-agent/config.yaml + image: index.docker.io/sourcegraph/opentelemetry-collector:5.9.0@sha256:f15976f64335b28fe9605e20991b591466d63ad72f488eb0bdb12a57b0a47dd2 + livenessProbe: + httpGet: + path: / + port: 13133 + name: otel-agent + ports: + - containerPort: 55679 + name: zpages + - containerPort: 4317 + hostPort: 4317 + name: otlp-grpc + - containerPort: 4318 + hostPort: 4318 + name: otlp-http + - containerPort: 8888 + name: metrics + readinessProbe: + httpGet: + path: / + port: 13133 + resources: + limits: + cpu: 500m + memory: 500Mi + requests: + cpu: 100m + memory: 100Mi + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /etc/otel-agent + name: config + terminationGracePeriodSeconds: 120 + volumes: + - configMap: + items: + - key: config.yaml + path: config.yaml + name: otel-agent + name: config diff --git a/test-cluster-5.9/apps_v1_deployment_blobstore.yaml b/test-cluster-5.9/apps_v1_deployment_blobstore.yaml new file mode 100644 index 000000000000..dc15c5b08ab8 --- /dev/null +++ b/test-cluster-5.9/apps_v1_deployment_blobstore.yaml @@ -0,0 +1,57 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + description: generic S3-like blobstore for storing LSIF uploads. + kubectl.kubernetes.io/default-container: blobstore + labels: + app.kubernetes.io/component: blobstore + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: blobstore + namespace: ns-sourcegraph +spec: + minReadySeconds: 10 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: blobstore + strategy: + type: Recreate + template: + metadata: + labels: + app: blobstore + deploy: sourcegraph + spec: + containers: + - image: index.docker.io/sourcegraph/blobstore:5.9.0@sha256:8d10f750f838610a7fb4b747826c3bd13e8db1194cd36e43525c6f97463c4582 + livenessProbe: + httpGet: + path: / + port: blobstore + scheme: HTTP + initialDelaySeconds: 60 + timeoutSeconds: 5 + name: blobstore + ports: + - containerPort: 9000 + name: blobstore + readinessProbe: + httpGet: + path: / + port: blobstore + scheme: HTTP + periodSeconds: 5 + timeoutSeconds: 5 + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /data + name: blobstore-data + securityContext: + runAsUser: 0 + volumes: + - name: blobstore-data + persistentVolumeClaim: + claimName: blobstore diff --git a/test-cluster-5.9/apps_v1_deployment_codeinsights-db.yaml b/test-cluster-5.9/apps_v1_deployment_codeinsights-db.yaml new file mode 100644 index 000000000000..d89b48ccf246 --- /dev/null +++ b/test-cluster-5.9/apps_v1_deployment_codeinsights-db.yaml @@ -0,0 +1,96 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + description: Code Insights Postgres DB instance. + labels: + app.kubernetes.io/component: codeinsights-db + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: codeinsights-db + namespace: ns-sourcegraph +spec: + minReadySeconds: 10 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: codeinsights-db + strategy: + type: Recreate + template: + metadata: + labels: + app: codeinsights-db + deploy: sourcegraph + group: backend + spec: + containers: + - env: + - name: POSTGRES_DB + value: postgres + - name: POSTGRES_PASSWORD + value: password + - name: POSTGRES_USER + value: postgres + - name: PGDATA + value: /var/lib/postgresql/data/pgdata + - name: POSTGRESQL_CONF_DIR + value: /conf + image: index.docker.io/sourcegraph/codeinsights-db:5.9.0@sha256:e8351546420bde04c1133c32e77469cb14caef8da8dc4c95780e13f3b240fe4f + name: codeinsights + ports: + - containerPort: 5432 + name: codeinsights-db + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /var/lib/postgresql/data/ + name: disk + - mountPath: /conf + name: codeinsights-conf + - env: + - name: DATA_SOURCE_NAME + value: postgres://postgres:@localhost:5432/?sslmode=disable + - name: PG_EXPORTER_EXTEND_QUERY_PATH + value: /config/code_insights_queries.yaml + image: index.docker.io/sourcegraph/postgres_exporter:5.9.0@sha256:98663c98e0566504f97a0f4b375ce675b0dd03fad53dd9f35f9bb35575b98335 + name: pgsql-exporter + resources: + limits: + cpu: 10m + memory: 50Mi + requests: + cpu: 10m + memory: 50Mi + terminationMessagePolicy: FallbackToLogsOnError + initContainers: + - command: + - sh + - -c + - if [ -d /var/lib/postgresql/data/pgdata ]; then chmod 750 /var/lib/postgresql/data/pgdata; + fi + image: index.docker.io/sourcegraph/alpine-3.14:5.9.0@sha256:5d55abef94603e5c2a19c57b639d97a1c243dc28fb61609dc0d94e69bb65966f + name: correct-data-dir-permissions + resources: + limits: + cpu: 10m + memory: 50Mi + requests: + cpu: 10m + memory: 50Mi + securityContext: + runAsUser: 0 + volumeMounts: + - mountPath: /var/lib/postgresql/data/ + name: disk + securityContext: + runAsUser: 0 + terminationGracePeriodSeconds: 120 + volumes: + - name: disk + persistentVolumeClaim: + claimName: codeinsights-db + - configMap: + defaultMode: 511 + name: codeinsights-db-conf + name: codeinsights-conf diff --git a/test-cluster-5.9/apps_v1_deployment_codeintel-db.yaml b/test-cluster-5.9/apps_v1_deployment_codeintel-db.yaml new file mode 100644 index 000000000000..251c80f2e321 --- /dev/null +++ b/test-cluster-5.9/apps_v1_deployment_codeintel-db.yaml @@ -0,0 +1,93 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + description: Postgres database for various data. + kubectl.kubernetes.io/default-container: pgsql + labels: + app.kubernetes.io/component: codeintel-db + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: codeintel-db + namespace: ns-sourcegraph +spec: + minReadySeconds: 10 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: codeintel-db + strategy: + type: Recreate + template: + metadata: + labels: + app: codeintel-db + deploy: sourcegraph + group: backend + spec: + containers: + - image: index.docker.io/sourcegraph/codeintel-db:5.9.0@sha256:e707113d032e21a77d961c6a48b4f90f012424db026a9506b76115986eeaa80d + livenessProbe: + exec: + command: + - /liveness.sh + initialDelaySeconds: 15 + name: pgsql + ports: + - containerPort: 5432 + name: pgsql + readinessProbe: + exec: + command: + - /ready.sh + startupProbe: + exec: + command: + - /liveness.sh + failureThreshold: 360 + periodSeconds: 10 + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /data + name: disk + - mountPath: /conf + name: pgsql-conf + - env: + - name: DATA_SOURCE_NAME + value: postgres://sg:@localhost:5432/?sslmode=disable + - name: PG_EXPORTER_EXTEND_QUERY_PATH + value: /config/code_intel_queries.yaml + image: index.docker.io/sourcegraph/postgres_exporter:5.9.0@sha256:98663c98e0566504f97a0f4b375ce675b0dd03fad53dd9f35f9bb35575b98335 + name: pgsql-exporter + terminationMessagePolicy: FallbackToLogsOnError + initContainers: + - command: + - sh + - -c + - if [ -d /data/pgdata-12 ]; then chmod 750 /data/pgdata-12; fi + image: index.docker.io/sourcegraph/alpine-3.14:5.9.0@sha256:5d55abef94603e5c2a19c57b639d97a1c243dc28fb61609dc0d94e69bb65966f + name: correct-data-dir-permissions + resources: + limits: + cpu: 10m + memory: 50Mi + requests: + cpu: 10m + memory: 50Mi + securityContext: + runAsUser: 0 + volumeMounts: + - mountPath: /data + name: disk + securityContext: + runAsUser: 0 + terminationGracePeriodSeconds: 120 + volumes: + - name: disk + persistentVolumeClaim: + claimName: codeintel-db + - configMap: + defaultMode: 511 + name: codeintel-db-conf + name: pgsql-conf diff --git a/test-cluster-5.9/apps_v1_deployment_otel-collector.yaml b/test-cluster-5.9/apps_v1_deployment_otel-collector.yaml new file mode 100644 index 000000000000..3814b8c6c4e1 --- /dev/null +++ b/test-cluster-5.9/apps_v1_deployment_otel-collector.yaml @@ -0,0 +1,69 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + description: Receives, processes, and exports telemetry data. + labels: + app.kubernetes.io/component: otel-collector + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: otel-collector + namespace: ns-sourcegraph +spec: + minReadySeconds: 5 + progressDeadlineSeconds: 120 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: otel-collector + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: otel-collector + labels: + app: otel-collector + deploy: sourcegraph + spec: + containers: + - command: + - /bin/otelcol-sourcegraph + - --config=/etc/otel-collector/configs/logging.yaml + image: index.docker.io/sourcegraph/opentelemetry-collector:5.9.0@sha256:f15976f64335b28fe9605e20991b591466d63ad72f488eb0bdb12a57b0a47dd2 + livenessProbe: + httpGet: + path: / + port: 13133 + name: otel-collector + ports: + - containerPort: 55679 + name: zpages + - containerPort: 4317 + name: otlp-grpc + - containerPort: 4318 + name: otlp-http + - containerPort: 8888 + name: metrics + readinessProbe: + httpGet: + path: / + port: 13133 + resources: + limits: + cpu: "2" + memory: 3Gi + requests: + cpu: "0.5" + memory: 1Gi + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /etc/otel-collector/conf + name: config + terminationGracePeriodSeconds: 120 + volumes: + - configMap: + items: + - key: config.yaml + path: config.yaml + name: otel-collector + name: config diff --git a/test-cluster-5.9/apps_v1_deployment_pgsql.yaml b/test-cluster-5.9/apps_v1_deployment_pgsql.yaml new file mode 100644 index 000000000000..303df75ff504 --- /dev/null +++ b/test-cluster-5.9/apps_v1_deployment_pgsql.yaml @@ -0,0 +1,100 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + description: Postgres database for various data. + kubectl.kubernetes.io/default-container: pgsql + labels: + app.kubernetes.io/component: pgsql + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: pgsql + namespace: ns-sourcegraph +spec: + minReadySeconds: 10 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: pgsql + strategy: + type: Recreate + template: + metadata: + labels: + app: pgsql + deploy: sourcegraph + group: backend + spec: + containers: + - env: null + image: index.docker.io/sourcegraph/postgres-12-alpine:5.9.0@sha256:e707113d032e21a77d961c6a48b4f90f012424db026a9506b76115986eeaa80d + livenessProbe: + exec: + command: + - /liveness.sh + initialDelaySeconds: 15 + name: pgsql + ports: + - containerPort: 5432 + name: pgsql + readinessProbe: + exec: + command: + - /ready.sh + startupProbe: + exec: + command: + - /liveness.sh + failureThreshold: 360 + periodSeconds: 10 + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /data + name: disk + - mountPath: /conf + name: pgsql-conf + - mountPath: /dev/shm + name: dshm + - env: + - name: DATA_SOURCE_NAME + value: postgres://sg:@localhost:5432/?sslmode=disable + - name: PG_EXPORTER_EXTEND_QUERY_PATH + value: /config/queries.yaml + image: index.docker.io/sourcegraph/postgres_exporter:5.9.0@sha256:98663c98e0566504f97a0f4b375ce675b0dd03fad53dd9f35f9bb35575b98335 + name: pgsql-exporter + terminationMessagePolicy: FallbackToLogsOnError + initContainers: + - command: + - sh + - -c + - if [ -d /data/pgdata-12 ]; then chmod 750 /data/pgdata-12; fi + image: index.docker.io/sourcegraph/alpine-3.14:5.9.0@sha256:5d55abef94603e5c2a19c57b639d97a1c243dc28fb61609dc0d94e69bb65966f + name: correct-data-dir-permissions + resources: + limits: + cpu: 10m + memory: 50Mi + requests: + cpu: 10m + memory: 50Mi + securityContext: + runAsUser: 0 + volumeMounts: + - mountPath: /data + name: disk + securityContext: + runAsUser: 0 + terminationGracePeriodSeconds: 120 + volumes: + - name: disk + persistentVolumeClaim: + claimName: pgsql + - configMap: + defaultMode: 511 + name: pgsql-conf + name: pgsql-conf + - emptyDir: + medium: Memory + sizeLimit: 1G + name: dshm diff --git a/test-cluster-5.9/apps_v1_deployment_precise-code-intel-worker.yaml b/test-cluster-5.9/apps_v1_deployment_precise-code-intel-worker.yaml new file mode 100644 index 000000000000..6a052c6296bd --- /dev/null +++ b/test-cluster-5.9/apps_v1_deployment_precise-code-intel-worker.yaml @@ -0,0 +1,71 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + description: Handles conversion of uploaded precise code intelligence bundles. + labels: + app.kubernetes.io/component: precise-code-intel + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: precise-code-intel-worker + namespace: ns-sourcegraph +spec: + minReadySeconds: 10 + replicas: 2 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: precise-code-intel-worker + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 1 + type: RollingUpdate + template: + metadata: + labels: + app: precise-code-intel-worker + deploy: sourcegraph + spec: + containers: + - env: + - name: PRECISE_CODE_INTEL_UPLOAD_BACKEND + value: blobstore + - name: PRECISE_CODE_INTEL_UPLOAD_AWS_ENDPOINT + value: http://blobstore:9000 + - name: NUM_WORKERS + value: "4" + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OTEL_AGENT_HOST + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: OTEL_EXPORTER_OTLP_ENDPOINT + value: http://$(OTEL_AGENT_HOST):4317 + image: index.docker.io/sourcegraph/precise-code-intel-worker:5.9.0@sha256:b46fdfe8bc900857513701a219fc6c4fc55415b02c09229bb040264ff1cbaec1 + livenessProbe: + httpGet: + path: /healthz + port: debug + scheme: HTTP + initialDelaySeconds: 60 + timeoutSeconds: 5 + name: precise-code-intel-worker + ports: + - containerPort: 3188 + name: http + - containerPort: 6060 + name: debug + readinessProbe: + httpGet: + path: /ready + port: debug + scheme: HTTP + periodSeconds: 5 + timeoutSeconds: 5 + terminationMessagePolicy: FallbackToLogsOnError + securityContext: + runAsUser: 0 diff --git a/test-cluster-5.9/apps_v1_deployment_prometheus.yaml b/test-cluster-5.9/apps_v1_deployment_prometheus.yaml new file mode 100644 index 000000000000..543dfb841452 --- /dev/null +++ b/test-cluster-5.9/apps_v1_deployment_prometheus.yaml @@ -0,0 +1,57 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + description: Collects metrics and aggregates them into graphs. + labels: + app.kubernetes.io/component: prometheus + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: prometheus + namespace: ns-sourcegraph +spec: + minReadySeconds: 10 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: prometheus + strategy: + type: Recreate + template: + metadata: + labels: + app: prometheus + deploy: sourcegraph + spec: + containers: + - image: index.docker.io/sourcegraph/prometheus:5.9.0@sha256:de537ad18bde9e55b1ab2baac919337480e3b5b42d17d6ae2e2d56b52d0c1c97 + name: prometheus + ports: + - containerPort: 9090 + name: http + readinessProbe: + failureThreshold: 120 + httpGet: + path: /-/ready + port: 9090 + periodSeconds: 5 + timeoutSeconds: 3 + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /prometheus + name: data + - mountPath: /sg_prometheus_add_ons + name: config + securityContext: + runAsUser: 0 + serviceAccountName: prometheus + terminationGracePeriodSeconds: 120 + volumes: + - name: data + persistentVolumeClaim: + claimName: prometheus + - configMap: + defaultMode: 511 + name: prometheus + name: config diff --git a/test-cluster-5.9/apps_v1_deployment_redis-cache.yaml b/test-cluster-5.9/apps_v1_deployment_redis-cache.yaml new file mode 100644 index 000000000000..8aff4d6fe0a6 --- /dev/null +++ b/test-cluster-5.9/apps_v1_deployment_redis-cache.yaml @@ -0,0 +1,73 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + description: Redis for storing short-lived caches. + kubectl.kubernetes.io/default-container: redis-cache + labels: + app.kubernetes.io/component: redis + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: redis-cache + namespace: ns-sourcegraph +spec: + minReadySeconds: 10 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: redis-cache + strategy: + type: Recreate + template: + metadata: + labels: + app: redis-cache + deploy: sourcegraph + spec: + containers: + - image: index.docker.io/sourcegraph/redis-cache:5.9.0@sha256:b756d68f64e602f88dbf9780b38fb045f1aa7fd0d8b7647ed8071d62e73bd961 + livenessProbe: + initialDelaySeconds: 30 + tcpSocket: + port: redis + name: redis-cache + ports: + - containerPort: 6379 + name: redis + readinessProbe: + exec: + command: + - /bin/sh + - -c + - | + #!/bin/bash + PASS_CHECK=$(grep -h "requirepass" /etc/redis/redis.conf | cut -d ' ' -f 2) + if [ ! -z "$PASS_CHECK" ]; then + export REDISCLI_AUTH="$PASS_CHECK" + fi + response=$( + redis-cli ping + ) + if [ "$response" != "PONG" ]; then + echo "$response" + exit 1 + fi + initialDelaySeconds: 10 + timeoutSeconds: 5 + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /redis-data + name: redis-data + - image: index.docker.io/sourcegraph/redis_exporter:5.9.0@sha256:dda28a1f6785ff7d5395a5252783b5d69568383dcf185dea73128f807eb77875 + name: redis-exporter + ports: + - containerPort: 9121 + name: redisexp + terminationMessagePolicy: FallbackToLogsOnError + securityContext: + runAsUser: 0 + volumes: + - name: redis-data + persistentVolumeClaim: + claimName: redis-cache diff --git a/test-cluster-5.9/apps_v1_deployment_redis-store.yaml b/test-cluster-5.9/apps_v1_deployment_redis-store.yaml new file mode 100644 index 000000000000..5255028c35e8 --- /dev/null +++ b/test-cluster-5.9/apps_v1_deployment_redis-store.yaml @@ -0,0 +1,72 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + description: Redis for storing semi-persistent data like user sessions. + labels: + app.kubernetes.io/component: redis + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: redis-store + namespace: ns-sourcegraph +spec: + minReadySeconds: 10 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: redis-store + strategy: + type: Recreate + template: + metadata: + labels: + app: redis-store + deploy: sourcegraph + spec: + containers: + - image: index.docker.io/sourcegraph/redis-store:5.9.0@sha256:f89d0f6a6c25245d6e9e86199e15c573c482c092506689516ef0237e6a29591e + livenessProbe: + initialDelaySeconds: 30 + tcpSocket: + port: redis + name: redis-store + ports: + - containerPort: 6379 + name: redis + readinessProbe: + exec: + command: + - /bin/sh + - -c + - | + #!/bin/bash + PASS_CHECK=$(grep -h "requirepass" /etc/redis/redis.conf | cut -d ' ' -f 2) + if [ ! -z "$PASS_CHECK" ]; then + export REDISCLI_AUTH="$PASS_CHECK" + fi + response=$( + redis-cli ping + ) + if [ "$response" != "PONG" ]; then + echo "$response" + exit 1 + fi + initialDelaySeconds: 10 + timeoutSeconds: 5 + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /redis-data + name: redis-data + - image: index.docker.io/sourcegraph/redis_exporter:5.9.0@sha256:dda28a1f6785ff7d5395a5252783b5d69568383dcf185dea73128f807eb77875 + name: redis-exporter + ports: + - containerPort: 9121 + name: redisexp + terminationMessagePolicy: FallbackToLogsOnError + securityContext: + runAsUser: 0 + volumes: + - name: redis-data + persistentVolumeClaim: + claimName: redis-store diff --git a/test-cluster-5.9/apps_v1_deployment_repo-updater.yaml b/test-cluster-5.9/apps_v1_deployment_repo-updater.yaml new file mode 100644 index 000000000000..e5aab4fc4c12 --- /dev/null +++ b/test-cluster-5.9/apps_v1_deployment_repo-updater.yaml @@ -0,0 +1,65 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + description: Handles repository metadata (not Git data) lookups and updates from + external code hosts and other similar services. + kubectl.kubernetes.io/default-container: repo-updater + labels: + app.kubernetes.io/component: repo-updater + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: repo-updater + namespace: ns-sourcegraph +spec: + minReadySeconds: 10 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: repo-updater + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 0 + type: RollingUpdate + template: + metadata: + labels: + app: repo-updater + deploy: sourcegraph + spec: + containers: + - env: + - name: OTEL_AGENT_HOST + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: OTEL_EXPORTER_OTLP_ENDPOINT + value: http://$(OTEL_AGENT_HOST):4317 + image: index.docker.io/sourcegraph/repo-updater:5.9.0@sha256:4f971ce19d33b31180f9e2d04cba878af8c51f5c024687dda9b2b8b192b848bb + livenessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: debug + scheme: HTTP + periodSeconds: 1 + timeoutSeconds: 5 + name: repo-updater + ports: + - containerPort: 3182 + name: http + - containerPort: 6060 + name: debug + readinessProbe: + failureThreshold: 3 + httpGet: + path: /ready + port: debug + scheme: HTTP + periodSeconds: 1 + timeoutSeconds: 5 + terminationMessagePolicy: FallbackToLogsOnError + securityContext: + runAsUser: 0 diff --git a/test-cluster-5.9/apps_v1_deployment_searcher.yaml b/test-cluster-5.9/apps_v1_deployment_searcher.yaml new file mode 100644 index 000000000000..a208cfea93a9 --- /dev/null +++ b/test-cluster-5.9/apps_v1_deployment_searcher.yaml @@ -0,0 +1,74 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + description: Backend for text search operations. + kubectl.kubernetes.io/default-container: searcher + labels: + app.kubernetes.io/component: searcher + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: searcher + namespace: ns-sourcegraph +spec: + minReadySeconds: 10 + replicas: 2 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: searcher + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 1 + type: RollingUpdate + template: + metadata: + labels: + app: searcher + deploy: sourcegraph + spec: + containers: + - env: + - name: SEARCHER_CACHE_SIZE_MB + valueFrom: + resourceFieldRef: + containerName: searcher + divisor: 1M + resource: requests.ephemeral-storage + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: CACHE_DIR + value: /mnt/cache/$(POD_NAME) + - name: OTEL_AGENT_HOST + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: OTEL_EXPORTER_OTLP_ENDPOINT + value: http://$(OTEL_AGENT_HOST):4317 + image: index.docker.io/sourcegraph/searcher:5.9.0@sha256:82fb0c169e6a852c9f0e2538f309e127553272d4a5bf702cc8b7ca1ed49da7e3 + name: searcher + ports: + - containerPort: 3181 + name: http + - containerPort: 6060 + name: debug + readinessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: http + scheme: HTTP + periodSeconds: 5 + timeoutSeconds: 5 + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /mnt/cache + name: cache-ssd + securityContext: + runAsUser: 0 + volumes: + - emptyDir: {} + name: cache-ssd diff --git a/test-cluster-5.9/apps_v1_deployment_sourcegraph-frontend.yaml b/test-cluster-5.9/apps_v1_deployment_sourcegraph-frontend.yaml new file mode 100644 index 000000000000..e69b8512b4d7 --- /dev/null +++ b/test-cluster-5.9/apps_v1_deployment_sourcegraph-frontend.yaml @@ -0,0 +1,132 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + description: Serves the frontend of Sourcegraph via HTTP(S). + kubectl.kubernetes.io/default-container: frontend + labels: + app.kubernetes.io/component: frontend + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: sourcegraph-frontend + namespace: ns-sourcegraph +spec: + minReadySeconds: 10 + replicas: 2 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: sourcegraph-frontend + strategy: + rollingUpdate: + maxSurge: 2 + maxUnavailable: 0 + type: RollingUpdate + template: + metadata: + labels: + app: sourcegraph-frontend + deploy: sourcegraph + spec: + containers: + - args: + - serve + env: + - name: PGDATABASE + value: sg + - name: PGHOST + value: pgsql + - name: PGPORT + value: "5432" + - name: PGSSLMODE + value: disable + - name: PGUSER + value: sg + - name: CODEINSIGHTS_PGDATASOURCE + value: postgres://postgres:password@codeinsights-db:5432/postgres + - name: CODEINTEL_PGDATABASE + value: sg + - name: CODEINTEL_PGHOST + value: codeintel-db + - name: CODEINTEL_PGPORT + value: "5432" + - name: CODEINTEL_PGSSLMODE + value: disable + - name: CODEINTEL_PGUSER + value: sg + - name: PRECISE_CODE_INTEL_UPLOAD_BACKEND + value: blobstore + - name: PRECISE_CODE_INTEL_UPLOAD_AWS_ENDPOINT + value: http://blobstore:9000 + - name: GRAFANA_SERVER_URL + value: http://grafana:30070 + - name: PROMETHEUS_URL + value: http://prometheus:30090 + - name: OTEL_AGENT_HOST + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: OTEL_EXPORTER_OTLP_ENDPOINT + value: http://$(OTEL_AGENT_HOST):4317 + image: index.docker.io/sourcegraph/frontend:5.9.0@sha256:e6ed449a01a9d4d33e64c49032656eb454d82137ca464f0276cc7f924a8d6c33 + livenessProbe: + httpGet: + path: /healthz + port: debug + scheme: HTTP + initialDelaySeconds: 300 + timeoutSeconds: 5 + name: frontend + ports: + - containerPort: 3080 + name: http + - containerPort: 3090 + name: http-internal + - containerPort: 6060 + name: debug + readinessProbe: + httpGet: + path: /ready + port: debug + scheme: HTTP + periodSeconds: 5 + timeoutSeconds: 5 + terminationMessagePolicy: FallbackToLogsOnError + initContainers: + - args: + - up + env: + - name: PGDATABASE + value: sg + - name: PGHOST + value: pgsql + - name: PGPORT + value: "5432" + - name: PGSSLMODE + value: disable + - name: PGUSER + value: sg + - name: CODEINSIGHTS_PGDATASOURCE + value: postgres://postgres:password@codeinsights-db:5432/postgres + - name: CODEINTEL_PGDATABASE + value: sg + - name: CODEINTEL_PGHOST + value: codeintel-db + - name: CODEINTEL_PGPORT + value: "5432" + - name: CODEINTEL_PGSSLMODE + value: disable + - name: CODEINTEL_PGUSER + value: sg + image: index.docker.io/sourcegraph/migrator:5.9.0@sha256:61104f27dabfa90139879d81e1c818a54555e1db7d15c0c878d72d4f54d58556 + name: migrator + resources: + limits: + cpu: 500m + memory: 100M + requests: + cpu: 100m + memory: 50M + securityContext: + runAsUser: 0 + serviceAccountName: sourcegraph-frontend diff --git a/test-cluster-5.9/apps_v1_deployment_symbols.yaml b/test-cluster-5.9/apps_v1_deployment_symbols.yaml new file mode 100644 index 000000000000..c0845496060f --- /dev/null +++ b/test-cluster-5.9/apps_v1_deployment_symbols.yaml @@ -0,0 +1,80 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + description: Backend for symbols operations. + kubectl.kubernetes.io/default-container: symbols + labels: + app.kubernetes.io/component: symbols + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: symbols + namespace: ns-sourcegraph +spec: + minReadySeconds: 10 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: symbols + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 1 + type: RollingUpdate + template: + metadata: + labels: + app: symbols + deploy: sourcegraph + spec: + containers: + - env: + - name: SYMBOLS_CACHE_SIZE_MB + valueFrom: + resourceFieldRef: + containerName: symbols + divisor: 1M + resource: requests.ephemeral-storage + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: CACHE_DIR + value: /mnt/cache/$(POD_NAME) + - name: OTEL_AGENT_HOST + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: OTEL_EXPORTER_OTLP_ENDPOINT + value: http://$(OTEL_AGENT_HOST):4317 + image: index.docker.io/sourcegraph/symbols:5.9.0@sha256:0e8b099645ede69e0bcaa04bfff66aa72dc184d2cf43955d74a39c2d66fe4c6a + livenessProbe: + httpGet: + path: /healthz + port: http + scheme: HTTP + initialDelaySeconds: 60 + timeoutSeconds: 5 + name: symbols + ports: + - containerPort: 3184 + name: http + - containerPort: 6060 + name: debug + readinessProbe: + httpGet: + path: /healthz + port: http + scheme: HTTP + periodSeconds: 5 + timeoutSeconds: 5 + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /mnt/cache + name: cache-ssd + securityContext: + runAsUser: 0 + volumes: + - emptyDir: {} + name: cache-ssd diff --git a/test-cluster-5.9/apps_v1_deployment_syntect-server.yaml b/test-cluster-5.9/apps_v1_deployment_syntect-server.yaml new file mode 100644 index 000000000000..6f3a1ba558e8 --- /dev/null +++ b/test-cluster-5.9/apps_v1_deployment_syntect-server.yaml @@ -0,0 +1,49 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + description: Backend for syntax highlighting operations. + labels: + app.kubernetes.io/component: syntect-server + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: syntect-server + namespace: ns-sourcegraph +spec: + minReadySeconds: 10 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: syntect-server + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 0 + type: RollingUpdate + template: + metadata: + labels: + app: syntect-server + deploy: sourcegraph + spec: + containers: + - env: null + image: index.docker.io/sourcegraph/syntax-highlighter:5.9.0@sha256:8dfcbf50825369d8b1ea15a7a9ff52086e3113bf54d8a7a8fa4a0452ec835e6a + livenessProbe: + httpGet: + path: /health + port: http + scheme: HTTP + initialDelaySeconds: 5 + timeoutSeconds: 5 + name: syntect-server + ports: + - containerPort: 9238 + name: http + readinessProbe: + tcpSocket: + port: http + terminationMessagePolicy: FallbackToLogsOnError + securityContext: + runAsUser: 0 diff --git a/test-cluster-5.9/apps_v1_deployment_worker.yaml b/test-cluster-5.9/apps_v1_deployment_worker.yaml new file mode 100644 index 000000000000..03dcc5bd96f7 --- /dev/null +++ b/test-cluster-5.9/apps_v1_deployment_worker.yaml @@ -0,0 +1,75 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + description: Manages background processes. + labels: + app.kubernetes.io/component: worker + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: worker + namespace: ns-sourcegraph +spec: + minReadySeconds: 10 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: worker + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 1 + type: RollingUpdate + template: + metadata: + labels: + app: worker + deploy: sourcegraph + spec: + containers: + - env: + - name: PRECISE_CODE_INTEL_UPLOAD_BACKEND + value: blobstore + - name: PRECISE_CODE_INTEL_UPLOAD_AWS_ENDPOINT + value: http://blobstore:9000 + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OTEL_AGENT_HOST + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: OTEL_EXPORTER_OTLP_ENDPOINT + value: http://$(OTEL_AGENT_HOST):4317 + envFrom: + - configMapRef: + name: embeddings-backend + optional: true + image: index.docker.io/sourcegraph/worker:5.9.0@sha256:57c465146b25028e2bf86e274fbd9b9897a08ada5e5dd13f20cad3e82fc2b527 + livenessProbe: + httpGet: + path: /healthz + port: debug + scheme: HTTP + initialDelaySeconds: 60 + timeoutSeconds: 5 + name: worker + ports: + - containerPort: 3189 + name: http + - containerPort: 6060 + name: debug + - containerPort: 6996 + name: prom + readinessProbe: + httpGet: + path: /ready + port: debug + scheme: HTTP + periodSeconds: 5 + timeoutSeconds: 5 + terminationMessagePolicy: FallbackToLogsOnError + securityContext: + runAsUser: 0 diff --git a/test-cluster-5.9/apps_v1_statefulset_gitserver.yaml b/test-cluster-5.9/apps_v1_statefulset_gitserver.yaml new file mode 100644 index 000000000000..c0ad99263564 --- /dev/null +++ b/test-cluster-5.9/apps_v1_statefulset_gitserver.yaml @@ -0,0 +1,68 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + annotations: + description: Stores clones of repositories to perform Git operations. + kubectl.kubernetes.io/default-container: gitserver + labels: + app.kubernetes.io/component: gitserver + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: gitserver + namespace: ns-sourcegraph +spec: + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: gitserver + serviceName: gitserver + template: + metadata: + labels: + app: gitserver + deploy: sourcegraph + group: backend + type: gitserver + spec: + containers: + - args: + - run + env: + - name: OTEL_AGENT_HOST + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: OTEL_EXPORTER_OTLP_ENDPOINT + value: http://$(OTEL_AGENT_HOST):4317 + image: index.docker.io/sourcegraph/gitserver:5.9.0@sha256:04d4239cc7e6748bb9e761c960d5d190fdca6028257aba0dd9fa6a1f80f136b4 + livenessProbe: + initialDelaySeconds: 5 + tcpSocket: + port: rpc + timeoutSeconds: 5 + name: gitserver + ports: + - containerPort: 3178 + name: rpc + protocol: TCP + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /data/repos + name: repos + securityContext: + runAsUser: 0 + volumes: + - name: repos + updateStrategy: + type: RollingUpdate + volumeClaimTemplates: + - metadata: + name: repos + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 200Gi + storageClassName: standard diff --git a/test-cluster-5.9/apps_v1_statefulset_grafana.yaml b/test-cluster-5.9/apps_v1_statefulset_grafana.yaml new file mode 100644 index 000000000000..1bdef742617d --- /dev/null +++ b/test-cluster-5.9/apps_v1_statefulset_grafana.yaml @@ -0,0 +1,57 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + annotations: + description: Metrics/monitoring dashboards and alerts. + kubectl.kubernetes.io/default-container: grafana + labels: + app.kubernetes.io/component: grafana + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: grafana + namespace: ns-sourcegraph +spec: + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: grafana + serviceName: grafana + template: + metadata: + labels: + app: grafana + deploy: sourcegraph + spec: + containers: + - image: index.docker.io/sourcegraph/grafana:5.9.0@sha256:5fd88c17cee0c76366735f32840012383bb967f414b534ba1e3af8232ca2317b + name: grafana + ports: + - containerPort: 3370 + name: http + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /var/lib/grafana + name: grafana-data + - mountPath: /sg_config_grafana/provisioning/datasources + name: config + securityContext: + runAsUser: 0 + serviceAccountName: grafana + volumes: + - configMap: + defaultMode: 511 + name: grafana + name: config + updateStrategy: + type: RollingUpdate + volumeClaimTemplates: + - metadata: + name: grafana-data + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 2Gi + storageClassName: standard diff --git a/test-cluster-5.9/apps_v1_statefulset_indexed-search.yaml b/test-cluster-5.9/apps_v1_statefulset_indexed-search.yaml new file mode 100644 index 000000000000..a2e62151fa37 --- /dev/null +++ b/test-cluster-5.9/apps_v1_statefulset_indexed-search.yaml @@ -0,0 +1,87 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + annotations: + description: Backend for indexed text search operations. + labels: + app.kubernetes.io/component: indexed-search + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: indexed-search + namespace: ns-sourcegraph +spec: + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: indexed-search + serviceName: indexed-search + template: + metadata: + labels: + app: indexed-search + deploy: sourcegraph + spec: + containers: + - env: + - name: OTEL_AGENT_HOST + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: OTEL_EXPORTER_OTLP_ENDPOINT + value: http://$(OTEL_AGENT_HOST):4317 + - name: OPENTELEMETRY_DISABLED + value: "false" + image: index.docker.io/sourcegraph/indexed-searcher:5.9.0@sha256:f6dc6d5715894faf08b5bde4de2a9ba467d7d67f492f7ee1ab587b66a6d7e320 + name: zoekt-webserver + ports: + - containerPort: 6070 + name: http + readinessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: http + scheme: HTTP + periodSeconds: 5 + timeoutSeconds: 5 + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /data + name: data + - env: + - name: OTEL_AGENT_HOST + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: OTEL_EXPORTER_OTLP_ENDPOINT + value: http://$(OTEL_AGENT_HOST):4317 + - name: OPENTELEMETRY_DISABLED + value: "false" + image: index.docker.io/sourcegraph/search-indexer:5.9.0@sha256:15fe16ddc51898b07986784e5a59118cf708cf3ff176afe0de8947583920a997 + name: zoekt-indexserver + ports: + - containerPort: 6072 + name: index-http + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /data + name: data + securityContext: + runAsUser: 0 + volumes: + - name: data + updateStrategy: + type: RollingUpdate + volumeClaimTemplates: + - metadata: + labels: + deploy: sourcegraph + name: data + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 200Gi + storageClassName: standard diff --git a/test-cluster-5.9/networking.k8s.io_v1_ingress_sourcegraph-frontend.yaml b/test-cluster-5.9/networking.k8s.io_v1_ingress_sourcegraph-frontend.yaml new file mode 100644 index 000000000000..8eaeeb46e8ae --- /dev/null +++ b/test-cluster-5.9/networking.k8s.io_v1_ingress_sourcegraph-frontend.yaml @@ -0,0 +1,24 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + kubernetes.io/ingress.class: nginx + nginx.ingress.kubernetes.io/proxy-body-size: 150m + labels: + app: sourcegraph-frontend + app.kubernetes.io/component: frontend + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: sourcegraph-frontend + namespace: ns-sourcegraph +spec: + rules: + - http: + paths: + - backend: + service: + name: sourcegraph-frontend + port: + number: 30080 + path: / + pathType: Prefix diff --git a/test-cluster-5.9/rbac.authorization.k8s.io_v1_clusterrole_prometheus.yaml b/test-cluster-5.9/rbac.authorization.k8s.io_v1_clusterrole_prometheus.yaml new file mode 100644 index 000000000000..f9a86cfbb01d --- /dev/null +++ b/test-cluster-5.9/rbac.authorization.k8s.io_v1_clusterrole_prometheus.yaml @@ -0,0 +1,34 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/component: prometheus + category: rbac + deploy: sourcegraph + sourcegraph-resource-requires: cluster-admin + name: prometheus +rules: +- apiGroups: + - "" + resources: + - endpoints + - namespaces + - nodes + - nodes/metrics + - nodes/proxy + - pods + - services + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get +- nonResourceURLs: + - /metrics + verbs: + - get diff --git a/test-cluster-5.9/rbac.authorization.k8s.io_v1_clusterrolebinding_prometheus.yaml b/test-cluster-5.9/rbac.authorization.k8s.io_v1_clusterrolebinding_prometheus.yaml new file mode 100644 index 000000000000..80501143fa9a --- /dev/null +++ b/test-cluster-5.9/rbac.authorization.k8s.io_v1_clusterrolebinding_prometheus.yaml @@ -0,0 +1,17 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app.kubernetes.io/component: prometheus + category: rbac + deploy: sourcegraph + sourcegraph-resource-requires: cluster-admin + name: prometheus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: prometheus +subjects: +- kind: ServiceAccount + name: prometheus + namespace: ns-sourcegraph diff --git a/test-cluster-5.9/rbac.authorization.k8s.io_v1_role_sourcegraph-frontend.yaml b/test-cluster-5.9/rbac.authorization.k8s.io_v1_role_sourcegraph-frontend.yaml new file mode 100644 index 000000000000..80564628e8ff --- /dev/null +++ b/test-cluster-5.9/rbac.authorization.k8s.io_v1_role_sourcegraph-frontend.yaml @@ -0,0 +1,28 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + labels: + app.kubernetes.io/component: frontend + category: rbac + deploy: sourcegraph + sourcegraph-resource-requires: cluster-admin + name: sourcegraph-frontend + namespace: ns-sourcegraph +rules: +- apiGroups: + - "" + resources: + - endpoints + - services + verbs: + - get + - list + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - get + - list + - watch diff --git a/test-cluster-5.9/rbac.authorization.k8s.io_v1_rolebinding_sourcegraph-frontend.yaml b/test-cluster-5.9/rbac.authorization.k8s.io_v1_rolebinding_sourcegraph-frontend.yaml new file mode 100644 index 000000000000..b8112d084295 --- /dev/null +++ b/test-cluster-5.9/rbac.authorization.k8s.io_v1_rolebinding_sourcegraph-frontend.yaml @@ -0,0 +1,18 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + labels: + app.kubernetes.io/component: frontend + category: rbac + deploy: sourcegraph + sourcegraph-resource-requires: cluster-admin + name: sourcegraph-frontend + namespace: ns-sourcegraph +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: sourcegraph-frontend +subjects: +- kind: ServiceAccount + name: sourcegraph-frontend + namespace: ns-sourcegraph diff --git a/test-cluster-5.9/v1_configmap_codeinsights-db-conf.yaml b/test-cluster-5.9/v1_configmap_codeinsights-db-conf.yaml new file mode 100644 index 000000000000..25b9a03c4068 --- /dev/null +++ b/test-cluster-5.9/v1_configmap_codeinsights-db-conf.yaml @@ -0,0 +1,763 @@ +apiVersion: v1 +data: + postgresql.conf: | + # ----------------------------- + # PostgreSQL configuration file + # ----------------------------- + # + # This file consists of lines of the form: + # + # name = value + # + # (The "=" is optional.) Whitespace may be used. Comments are introduced with + # "#" anywhere on a line. The complete list of parameter names and allowed + # values can be found in the PostgreSQL documentation. + # + # The commented-out settings shown in this file represent the default values. + # Re-commenting a setting is NOT sufficient to revert it to the default value; + # you need to reload the server. + # + # This file is read on server startup and when the server receives a SIGHUP + # signal. If you edit the file on a running system, you have to SIGHUP the + # server for the changes to take effect, run "pg_ctl reload", or execute + # "SELECT pg_reload_conf()". Some parameters, which are marked below, + # require a server shutdown and restart to take effect. + # + # Any parameter can also be given as a command-line option to the server, e.g., + # "postgres -c log_connections=on". Some parameters can be changed at run time + # with the "SET" SQL command. + # + # Memory units: kB = kilobytes Time units: ms = milliseconds + # MB = megabytes s = seconds + # GB = gigabytes min = minutes + # TB = terabytes h = hours + # d = days + + + #------------------------------------------------------------------------------ + # FILE LOCATIONS + #------------------------------------------------------------------------------ + + # The default values of these variables are driven from the -D command-line + # option or PGDATA environment variable, represented here as ConfigDir. + + #data_directory = 'ConfigDir' # use data in another directory + # (change requires restart) + #hba_file = 'ConfigDir/pg_hba.conf' # host-based authentication file + # (change requires restart) + #ident_file = 'ConfigDir/pg_ident.conf' # ident configuration file + # (change requires restart) + + # If external_pid_file is not explicitly set, no extra PID file is written. + #external_pid_file = '' # write an extra PID file + # (change requires restart) + + + #------------------------------------------------------------------------------ + # CONNECTIONS AND AUTHENTICATION + #------------------------------------------------------------------------------ + + # - Connection Settings - + + listen_addresses = '*' + # comma-separated list of addresses; + # defaults to 'localhost'; use '*' for all + # (change requires restart) + #port = 5432 # (change requires restart) + max_connections = 20 # (change requires restart) + #superuser_reserved_connections = 3 # (change requires restart) + #unix_socket_directories = '/var/run/postgresql' # comma-separated list of directories + # (change requires restart) + #unix_socket_group = '' # (change requires restart) + #unix_socket_permissions = 0777 # begin with 0 to use octal notation + # (change requires restart) + #bonjour = off # advertise server via Bonjour + # (change requires restart) + #bonjour_name = '' # defaults to the computer name + # (change requires restart) + + # - TCP settings - + # see "man 7 tcp" for details + + #tcp_keepalives_idle = 0 # TCP_KEEPIDLE, in seconds; + # 0 selects the system default + #tcp_keepalives_interval = 0 # TCP_KEEPINTVL, in seconds; + # 0 selects the system default + #tcp_keepalives_count = 0 # TCP_KEEPCNT; + # 0 selects the system default + #tcp_user_timeout = 0 # TCP_USER_TIMEOUT, in milliseconds; + # 0 selects the system default + + # - Authentication - + + #authentication_timeout = 1min # 1s-600s + #password_encryption = md5 # md5 or scram-sha-256 + #db_user_namespace = off + + # GSSAPI using Kerberos + #krb_server_keyfile = '' + #krb_caseins_users = off + + # - SSL - + + #ssl = off + #ssl_ca_file = '' + #ssl_cert_file = 'server.crt' + #ssl_crl_file = '' + #ssl_key_file = 'server.key' + #ssl_ciphers = 'HIGH:MEDIUM:+3DES:!aNULL' # allowed SSL ciphers + #ssl_prefer_server_ciphers = on + #ssl_ecdh_curve = 'prime256v1' + #ssl_min_protocol_version = 'TLSv1' + #ssl_max_protocol_version = '' + #ssl_dh_params_file = '' + #ssl_passphrase_command = '' + #ssl_passphrase_command_supports_reload = off + + + #------------------------------------------------------------------------------ + # RESOURCE USAGE (except WAL) + #------------------------------------------------------------------------------ + + # - Memory - + + shared_buffers = 509546kB # min 128kB + # (change requires restart) + #huge_pages = try # on, off, or try + # (change requires restart) + #temp_buffers = 8MB # min 800kB + #max_prepared_transactions = 0 # zero disables the feature + # (change requires restart) + # Caution: it is not advisable to set max_prepared_transactions nonzero unless + # you actively intend to use prepared transactions. + work_mem = 3184kB # min 64kB + maintenance_work_mem = 254773kB # min 1MB + #autovacuum_work_mem = -1 # min 1MB, or -1 to use maintenance_work_mem + #max_stack_depth = 2MB # min 100kB + #shared_memory_type = mmap # the default is the first option + # supported by the operating system: + # mmap + # sysv + # windows + # (change requires restart) + dynamic_shared_memory_type = posix # the default is the first option + # supported by the operating system: + # posix + # sysv + # windows + # mmap + # (change requires restart) + + # - Disk - + + #temp_file_limit = -1 # limits per-process temp file space + # in kB, or -1 for no limit + + # - Kernel Resources - + + #max_files_per_process = 1000 # min 25 + # (change requires restart) + + # - Cost-Based Vacuum Delay - + + #vacuum_cost_delay = 0 # 0-100 milliseconds (0 disables) + #vacuum_cost_page_hit = 1 # 0-10000 credits + #vacuum_cost_page_miss = 10 # 0-10000 credits + #vacuum_cost_page_dirty = 20 # 0-10000 credits + #vacuum_cost_limit = 200 # 1-10000 credits + + # - Background Writer - + + #bgwriter_delay = 200ms # 10-10000ms between rounds + #bgwriter_lru_maxpages = 100 # max buffers written/round, 0 disables + #bgwriter_lru_multiplier = 2.0 # 0-10.0 multiplier on buffers scanned/round + #bgwriter_flush_after = 512kB # measured in pages, 0 disables + + # - Asynchronous Behavior - + + effective_io_concurrency = 200 # 1-1000; 0 disables prefetching + max_worker_processes = 19 # (change requires restart) + #max_parallel_maintenance_workers = 2 # taken from max_parallel_workers + max_parallel_workers_per_gather = 4 # taken from max_parallel_workers + #parallel_leader_participation = on + max_parallel_workers = 8 # maximum number of max_worker_processes that + # can be used in parallel operations + #old_snapshot_threshold = -1 # 1min-60d; -1 disables; 0 is immediate + # (change requires restart) + #backend_flush_after = 0 # measured in pages, 0 disables + + + #------------------------------------------------------------------------------ + # WRITE-AHEAD LOG + #------------------------------------------------------------------------------ + + # - Settings - + + #wal_level = replica # minimal, replica, or logical + # (change requires restart) + #fsync = on # flush data to disk for crash safety + # (turning this off can cause + # unrecoverable data corruption) + #synchronous_commit = on # synchronization level; + # off, local, remote_write, remote_apply, or on + #wal_sync_method = fsync # the default is the first option + # supported by the operating system: + # open_datasync + # fdatasync (default on Linux) + # fsync + # fsync_writethrough + # open_sync + #full_page_writes = on # recover from partial page writes + #wal_compression = off # enable compression of full-page writes + #wal_log_hints = off # also do full page writes of non-critical updates + # (change requires restart) + #wal_init_zero = on # zero-fill new WAL files + #wal_recycle = on # recycle WAL files + wal_buffers = 15285kB # min 32kB, -1 sets based on shared_buffers + # (change requires restart) + #wal_writer_delay = 200ms # 1-10000 milliseconds + #wal_writer_flush_after = 1MB # measured in pages, 0 disables + + #commit_delay = 0 # range 0-100000, in microseconds + #commit_siblings = 5 # range 1-1000 + + # - Checkpoints - + + #checkpoint_timeout = 5min # range 30s-1d + max_wal_size = 1GB + min_wal_size = 512MB + checkpoint_completion_target = 0.9 # checkpoint target duration, 0.0 - 1.0 + #checkpoint_flush_after = 256kB # measured in pages, 0 disables + #checkpoint_warning = 30s # 0 disables + + # - Archiving - + + #archive_mode = off # enables archiving; off, on, or always + # (change requires restart) + #archive_command = '' # command to use to archive a logfile segment + # placeholders: %p = path of file to archive + # %f = file name only + # e.g. 'test ! -f /mnt/server/archivedir/%f && cp %p /mnt/server/archivedir/%f' + #archive_timeout = 0 # force a logfile segment switch after this + # number of seconds; 0 disables + + # - Archive Recovery - + + # These are only used in recovery mode. + + #restore_command = '' # command to use to restore an archived logfile segment + # placeholders: %p = path of file to restore + # %f = file name only + # e.g. 'cp /mnt/server/archivedir/%f %p' + # (change requires restart) + #archive_cleanup_command = '' # command to execute at every restartpoint + #recovery_end_command = '' # command to execute at completion of recovery + + # - Recovery Target - + + # Set these only when performing a targeted recovery. + + #recovery_target = '' # 'immediate' to end recovery as soon as a + # consistent state is reached + # (change requires restart) + #recovery_target_name = '' # the named restore point to which recovery will proceed + # (change requires restart) + #recovery_target_time = '' # the time stamp up to which recovery will proceed + # (change requires restart) + #recovery_target_xid = '' # the transaction ID up to which recovery will proceed + # (change requires restart) + #recovery_target_lsn = '' # the WAL LSN up to which recovery will proceed + # (change requires restart) + #recovery_target_inclusive = on # Specifies whether to stop: + # just after the specified recovery target (on) + # just before the recovery target (off) + # (change requires restart) + #recovery_target_timeline = 'latest' # 'current', 'latest', or timeline ID + # (change requires restart) + #recovery_target_action = 'pause' # 'pause', 'promote', 'shutdown' + # (change requires restart) + + + #------------------------------------------------------------------------------ + # REPLICATION + #------------------------------------------------------------------------------ + + # - Sending Servers - + + # Set these on the master and on any standby that will send replication data. + + #max_wal_senders = 10 # max number of walsender processes + # (change requires restart) + #wal_keep_segments = 0 # in logfile segments; 0 disables + #wal_sender_timeout = 60s # in milliseconds; 0 disables + + #max_replication_slots = 10 # max number of replication slots + # (change requires restart) + #track_commit_timestamp = off # collect timestamp of transaction commit + # (change requires restart) + + # - Master Server - + + # These settings are ignored on a standby server. + + #synchronous_standby_names = '' # standby servers that provide sync rep + # method to choose sync standbys, number of sync standbys, + # and comma-separated list of application_name + # from standby(s); '*' = all + #vacuum_defer_cleanup_age = 0 # number of xacts by which cleanup is delayed + + # - Standby Servers - + + # These settings are ignored on a master server. + + #primary_conninfo = '' # connection string to sending server + # (change requires restart) + #primary_slot_name = '' # replication slot on sending server + # (change requires restart) + #promote_trigger_file = '' # file name whose presence ends recovery + #hot_standby = on # "off" disallows queries during recovery + # (change requires restart) + #max_standby_archive_delay = 30s # max delay before canceling queries + # when reading WAL from archive; + # -1 allows indefinite delay + #max_standby_streaming_delay = 30s # max delay before canceling queries + # when reading streaming WAL; + # -1 allows indefinite delay + #wal_receiver_status_interval = 10s # send replies at least this often + # 0 disables + #hot_standby_feedback = off # send info from standby to prevent + # query conflicts + #wal_receiver_timeout = 60s # time that receiver waits for + # communication from master + # in milliseconds; 0 disables + #wal_retrieve_retry_interval = 5s # time to wait before retrying to + # retrieve WAL after a failed attempt + #recovery_min_apply_delay = 0 # minimum delay for applying changes during recovery + + # - Subscribers - + + # These settings are ignored on a publisher. + + #max_logical_replication_workers = 4 # taken from max_worker_processes + # (change requires restart) + #max_sync_workers_per_subscription = 2 # taken from max_logical_replication_workers + + + #------------------------------------------------------------------------------ + # QUERY TUNING + #------------------------------------------------------------------------------ + + # - Planner Method Configuration - + + #enable_bitmapscan = on + #enable_hashagg = on + #enable_hashjoin = on + #enable_indexscan = on + #enable_indexonlyscan = on + #enable_material = on + #enable_mergejoin = on + #enable_nestloop = on + #enable_parallel_append = on + #enable_seqscan = on + #enable_sort = on + #enable_tidscan = on + #enable_partitionwise_join = off + #enable_partitionwise_aggregate = off + #enable_parallel_hash = on + #enable_partition_pruning = on + + # - Planner Cost Constants - + + #seq_page_cost = 1.0 # measured on an arbitrary scale + random_page_cost = 1.1 # same scale as above + #cpu_tuple_cost = 0.01 # same scale as above + #cpu_index_tuple_cost = 0.005 # same scale as above + #cpu_operator_cost = 0.0025 # same scale as above + #parallel_tuple_cost = 0.1 # same scale as above + #parallel_setup_cost = 1000.0 # same scale as above + + #jit_above_cost = 100000 # perform JIT compilation if available + # and query more expensive than this; + # -1 disables + #jit_inline_above_cost = 500000 # inline small functions if query is + # more expensive than this; -1 disables + #jit_optimize_above_cost = 500000 # use expensive JIT optimizations if + # query is more expensive than this; + # -1 disables + + #min_parallel_table_scan_size = 8MB + #min_parallel_index_scan_size = 512kB + effective_cache_size = 1492MB + + # - Genetic Query Optimizer - + + #geqo = on + #geqo_threshold = 12 + #geqo_effort = 5 # range 1-10 + #geqo_pool_size = 0 # selects default based on effort + #geqo_generations = 0 # selects default based on effort + #geqo_selection_bias = 2.0 # range 1.5-2.0 + #geqo_seed = 0.0 # range 0.0-1.0 + + # - Other Planner Options - + + default_statistics_target = 500 # range 1-10000 + #constraint_exclusion = partition # on, off, or partition + #cursor_tuple_fraction = 0.1 # range 0.0-1.0 + #from_collapse_limit = 8 + #join_collapse_limit = 8 # 1 disables collapsing of explicit + # JOIN clauses + #force_parallel_mode = off + #jit = on # allow JIT compilation + #plan_cache_mode = auto # auto, force_generic_plan or + # force_custom_plan + + + #------------------------------------------------------------------------------ + # REPORTING AND LOGGING + #------------------------------------------------------------------------------ + + # - Where to Log - + + #log_destination = 'stderr' # Valid values are combinations of + # stderr, csvlog, syslog, and eventlog, + # depending on platform. csvlog + # requires logging_collector to be on. + + # This is used when logging to stderr: + #logging_collector = off # Enable capturing of stderr and csvlog + # into log files. Required to be on for + # csvlogs. + # (change requires restart) + + # These are only used if logging_collector is on: + #log_directory = 'log' # directory where log files are written, + # can be absolute or relative to PGDATA + #log_filename = 'postgresql-%Y-%m-%d_%H%M%S.log' # log file name pattern, + # can include strftime() escapes + #log_file_mode = 0600 # creation mode for log files, + # begin with 0 to use octal notation + #log_truncate_on_rotation = off # If on, an existing log file with the + # same name as the new log file will be + # truncated rather than appended to. + # But such truncation only occurs on + # time-driven rotation, not on restarts + # or size-driven rotation. Default is + # off, meaning append to existing files + # in all cases. + #log_rotation_age = 1d # Automatic rotation of logfiles will + # happen after that time. 0 disables. + #log_rotation_size = 10MB # Automatic rotation of logfiles will + # happen after that much log output. + # 0 disables. + + # These are relevant when logging to syslog: + #syslog_facility = 'LOCAL0' + #syslog_ident = 'postgres' + #syslog_sequence_numbers = on + #syslog_split_messages = on + + # This is only relevant when logging to eventlog (win32): + # (change requires restart) + #event_source = 'PostgreSQL' + + # - When to Log - + + #log_min_messages = warning # values in order of decreasing detail: + # debug5 + # debug4 + # debug3 + # debug2 + # debug1 + # info + # notice + # warning + # error + # log + # fatal + # panic + + #log_min_error_statement = error # values in order of decreasing detail: + # debug5 + # debug4 + # debug3 + # debug2 + # debug1 + # info + # notice + # warning + # error + # log + # fatal + # panic (effectively off) + + #log_min_duration_statement = -1 # -1 is disabled, 0 logs all statements + # and their durations, > 0 logs only + # statements running at least this number + # of milliseconds + + #log_transaction_sample_rate = 0.0 # Fraction of transactions whose statements + # are logged regardless of their duration. 1.0 logs all + # statements from all transactions, 0.0 never logs. + + # - What to Log - + + #debug_print_parse = off + #debug_print_rewritten = off + #debug_print_plan = off + #debug_pretty_print = on + #log_checkpoints = off + #log_connections = off + #log_disconnections = off + #log_duration = off + #log_error_verbosity = default # terse, default, or verbose messages + #log_hostname = off + #log_line_prefix = '%m [%p] ' # special values: + # %a = application name + # %u = user name + # %d = database name + # %r = remote host and port + # %h = remote host + # %p = process ID + # %t = timestamp without milliseconds + # %m = timestamp with milliseconds + # %n = timestamp with milliseconds (as a Unix epoch) + # %i = command tag + # %e = SQL state + # %c = session ID + # %l = session line number + # %s = session start timestamp + # %v = virtual transaction ID + # %x = transaction ID (0 if none) + # %q = stop here in non-session + # processes + # %% = '%' + # e.g. '<%u%%%d> ' + #log_lock_waits = off # log lock waits >= deadlock_timeout + #log_statement = 'none' # none, ddl, mod, all + #log_replication_commands = off + #log_temp_files = -1 # log temporary files equal or larger + # than the specified size in kilobytes; + # -1 disables, 0 logs all temp files + log_timezone = 'UTC' + + #------------------------------------------------------------------------------ + # PROCESS TITLE + #------------------------------------------------------------------------------ + + #cluster_name = '' # added to process titles if nonempty + # (change requires restart) + #update_process_title = on + + + #------------------------------------------------------------------------------ + # STATISTICS + #------------------------------------------------------------------------------ + + # - Query and Index Statistics Collector - + + #track_activities = on + #track_counts = on + #track_io_timing = off + #track_functions = none # none, pl, all + #track_activity_query_size = 1024 # (change requires restart) + #stats_temp_directory = 'pg_stat_tmp' + + + # - Monitoring - + + #log_parser_stats = off + #log_planner_stats = off + #log_executor_stats = off + #log_statement_stats = off + + + #------------------------------------------------------------------------------ + # AUTOVACUUM + #------------------------------------------------------------------------------ + + #autovacuum = on # Enable autovacuum subprocess? 'on' + # requires track_counts to also be on. + #log_autovacuum_min_duration = -1 # -1 disables, 0 logs all actions and + # their durations, > 0 logs only + # actions running at least this number + # of milliseconds. + autovacuum_max_workers = 10 # max number of autovacuum subprocesses + # (change requires restart) + autovacuum_naptime = 10 # time between autovacuum runs + #autovacuum_vacuum_threshold = 50 # min number of row updates before + # vacuum + #autovacuum_analyze_threshold = 50 # min number of row updates before + # analyze + #autovacuum_vacuum_scale_factor = 0.2 # fraction of table size before vacuum + #autovacuum_analyze_scale_factor = 0.1 # fraction of table size before analyze + #autovacuum_freeze_max_age = 200000000 # maximum XID age before forced vacuum + # (change requires restart) + #autovacuum_multixact_freeze_max_age = 400000000 # maximum multixact age + # before forced vacuum + # (change requires restart) + #autovacuum_vacuum_cost_delay = 2ms # default vacuum cost delay for + # autovacuum, in milliseconds; + # -1 means use vacuum_cost_delay + #autovacuum_vacuum_cost_limit = -1 # default vacuum cost limit for + # autovacuum, -1 means use + # vacuum_cost_limit + + + #------------------------------------------------------------------------------ + # CLIENT CONNECTION DEFAULTS + #------------------------------------------------------------------------------ + + # - Statement Behavior - + + #client_min_messages = notice # values in order of decreasing detail: + # debug5 + # debug4 + # debug3 + # debug2 + # debug1 + # log + # notice + # warning + # error + #search_path = '"$user", public' # schema names + #row_security = on + #default_tablespace = '' # a tablespace name, '' uses the default + #temp_tablespaces = '' # a list of tablespace names, '' uses + # only default tablespace + #default_table_access_method = 'heap' + #check_function_bodies = on + #default_transaction_isolation = 'read committed' + #default_transaction_read_only = off + #default_transaction_deferrable = off + #session_replication_role = 'origin' + #statement_timeout = 0 # in milliseconds, 0 is disabled + #lock_timeout = 0 # in milliseconds, 0 is disabled + #idle_in_transaction_session_timeout = 0 # in milliseconds, 0 is disabled + #vacuum_freeze_min_age = 50000000 + #vacuum_freeze_table_age = 150000000 + #vacuum_multixact_freeze_min_age = 5000000 + #vacuum_multixact_freeze_table_age = 150000000 + #vacuum_cleanup_index_scale_factor = 0.1 # fraction of total number of tuples + # before index cleanup, 0 always performs + # index cleanup + #bytea_output = 'hex' # hex, escape + #xmlbinary = 'base64' + #xmloption = 'content' + #gin_fuzzy_search_limit = 0 + #gin_pending_list_limit = 4MB + + # - Locale and Formatting - + + datestyle = 'iso, mdy' + #intervalstyle = 'postgres' + timezone = 'UTC' + #timezone_abbreviations = 'Default' # Select the set of available time zone + # abbreviations. Currently, there are + # Default + # Australia (historical usage) + # India + # You can create your own file in + # share/timezonesets/. + #extra_float_digits = 1 # min -15, max 3; any value >0 actually + # selects precise output mode + #client_encoding = sql_ascii # actually, defaults to database + # encoding + + # These settings are initialized by initdb, but they can be changed. + lc_messages = 'en_US.utf8' # locale for system error message + # strings + lc_monetary = 'en_US.utf8' # locale for monetary formatting + lc_numeric = 'en_US.utf8' # locale for number formatting + lc_time = 'en_US.utf8' # locale for time formatting + + # default configuration for text search + default_text_search_config = 'pg_catalog.english' + + # - Shared Library Preloading - + + shared_preload_libraries = '' # (change requires restart) + #local_preload_libraries = '' + #session_preload_libraries = '' + #jit_provider = 'llvmjit' # JIT library to use + + # - Other Defaults - + + #dynamic_library_path = '$libdir' + + + #------------------------------------------------------------------------------ + # LOCK MANAGEMENT + #------------------------------------------------------------------------------ + + #deadlock_timeout = 1s + max_locks_per_transaction = 64 # min 10 + # (change requires restart) + #max_pred_locks_per_transaction = 64 # min 10 + # (change requires restart) + #max_pred_locks_per_relation = -2 # negative values mean + # (max_pred_locks_per_transaction + # / -max_pred_locks_per_relation) - 1 + #max_pred_locks_per_page = 2 # min 0 + + + #------------------------------------------------------------------------------ + # VERSION AND PLATFORM COMPATIBILITY + #------------------------------------------------------------------------------ + + # - Previous PostgreSQL Versions - + + #array_nulls = on + #backslash_quote = safe_encoding # on, off, or safe_encoding + #escape_string_warning = on + #lo_compat_privileges = off + #operator_precedence_warning = off + #quote_all_identifiers = off + #standard_conforming_strings = on + #synchronize_seqscans = on + + # - Other Platforms and Clients - + + #transform_null_equals = off + + + #------------------------------------------------------------------------------ + # ERROR HANDLING + #------------------------------------------------------------------------------ + + #exit_on_error = off # terminate session on any error? + #restart_after_crash = on # reinitialize after backend crash? + #data_sync_retry = off # retry or panic on failure to fsync + # data? + # (change requires restart) + + + #------------------------------------------------------------------------------ + # CONFIG FILE INCLUDES + #------------------------------------------------------------------------------ + + # These options allow settings to be loaded from files other than the + # default postgresql.conf. Note that these are directives, not variable + # assignments, so they can usefully be given more than once. + + #include_dir = '...' # include files ending in '.conf' from + # a directory, e.g., 'conf.d' + #include_if_exists = '...' # include file only if it exists + #include = '...' # include file + + + #------------------------------------------------------------------------------ + # CUSTOMIZED OPTIONS + #------------------------------------------------------------------------------ + + # Add settings for extensions here +kind: ConfigMap +metadata: + annotations: + description: Configuration for CodeInsightsDB + labels: + app.kubernetes.io/component: codeinsights-db + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: codeinsights-db-conf + namespace: ns-sourcegraph diff --git a/test-cluster-5.9/v1_configmap_codeintel-db-conf.yaml b/test-cluster-5.9/v1_configmap_codeintel-db-conf.yaml new file mode 100644 index 000000000000..b2c106c8e40d --- /dev/null +++ b/test-cluster-5.9/v1_configmap_codeintel-db-conf.yaml @@ -0,0 +1,705 @@ +apiVersion: v1 +data: + postgresql.conf: | + # ----------------------------- + # PostgreSQL configuration file + # ----------------------------- + # SOURCEGRAPH CUSTOMIZATIONS CONTAIN "# SG CUSTOM" in the comment + # + # This file consists of lines of the form: + # + # name = value + # + # (The "=" is optional.) Whitespace may be used. Comments are introduced with + # "#" anywhere on a line. The complete list of parameter names and allowed + # values can be found in the PostgreSQL documentation. + # + # The commented-out settings shown in this file represent the default values. + # Re-commenting a setting is NOT sufficient to revert it to the default value; + # you need to reload the server. + # + # This file is read on server startup and when the server receives a SIGHUP + # signal. If you edit the file on a running system, you have to SIGHUP the + # server for the changes to take effect, run "pg_ctl reload", or execute + # "SELECT pg_reload_conf()". Some parameters, which are marked below, + # require a server shutdown and restart to take effect. + # + # Any parameter can also be given as a command-line option to the server, e.g., + # "postgres -c log_connections=on". Some parameters can be changed at run time + # with the "SET" SQL command. + # + # Memory units: kB = kilobytes Time units: ms = milliseconds + # MB = megabytes s = seconds + # GB = gigabytes min = minutes + # TB = terabytes h = hours + # d = days + + + #------------------------------------------------------------------------------ + # FILE LOCATIONS + #------------------------------------------------------------------------------ + + # The default values of these variables are driven from the -D command-line + # option or PGDATA environment variable, represented here as ConfigDir. + + #data_directory = 'ConfigDir' # use data in another directory + # (change requires restart) + #hba_file = 'ConfigDir/pg_hba.conf' # host-based authentication file + # (change requires restart) + #ident_file = 'ConfigDir/pg_ident.conf' # ident configuration file + # (change requires restart) + + # If external_pid_file is not explicitly set, no extra PID file is written. + #external_pid_file = '' # write an extra PID file + # (change requires restart) + + + #------------------------------------------------------------------------------ + # CONNECTIONS AND AUTHENTICATION + #------------------------------------------------------------------------------ + + # - Connection Settings - + + listen_addresses = '*' + # comma-separated list of addresses; + # defaults to 'localhost'; use '*' for all + # (change requires restart) + #port = 5432 # (change requires restart) + max_connections = 100 # (change requires restart) + #superuser_reserved_connections = 3 # (change requires restart) + #unix_socket_directories = '/var/run/postgresql' # comma-separated list of directories + # (change requires restart) + #unix_socket_group = '' # (change requires restart) + #unix_socket_permissions = 0777 # begin with 0 to use octal notation + # (change requires restart) + #bonjour = off # advertise server via Bonjour + # (change requires restart) + #bonjour_name = '' # defaults to the computer name + # (change requires restart) + + # - TCP Keepalives - + # see "man 7 tcp" for details + + #tcp_keepalives_idle = 0 # TCP_KEEPIDLE, in seconds; + # 0 selects the system default + #tcp_keepalives_interval = 0 # TCP_KEEPINTVL, in seconds; + # 0 selects the system default + #tcp_keepalives_count = 0 # TCP_KEEPCNT; + # 0 selects the system default + + # - Authentication - + + #authentication_timeout = 1min # 1s-600s + #password_encryption = md5 # md5 or scram-sha-256 + #db_user_namespace = off + + # GSSAPI using Kerberos + #krb_server_keyfile = '' + #krb_caseins_users = off + + # - SSL - + + #ssl = off + #ssl_ca_file = '' + #ssl_cert_file = 'server.crt' + #ssl_crl_file = '' + #ssl_key_file = 'server.key' + #ssl_ciphers = 'HIGH:MEDIUM:+3DES:!aNULL' # allowed SSL ciphers + #ssl_prefer_server_ciphers = on + #ssl_ecdh_curve = 'prime256v1' + #ssl_dh_params_file = '' + #ssl_passphrase_command = '' + #ssl_passphrase_command_supports_reload = off + + + #------------------------------------------------------------------------------ + # RESOURCE USAGE (except WAL) + #------------------------------------------------------------------------------ + + # - Memory - + + shared_buffers = 1GB # SG CUSTOM min 128kB + # (change requires restart) + #huge_pages = try # on, off, or try + # (change requires restart) + #temp_buffers = 8MB # min 800kB + #max_prepared_transactions = 0 # zero disables the feature + # (change requires restart) + # Caution: it is not advisable to set max_prepared_transactions nonzero unless + # you actively intend to use prepared transactions. + work_mem = 5MB # SG CUSTOM min 64kB + maintenance_work_mem = 250MB # SG CUSTOM min 1MB + #autovacuum_work_mem = -1 # min 1MB, or -1 to use maintenance_work_mem + #max_stack_depth = 2MB # min 100kB + dynamic_shared_memory_type = posix # the default is the first option + # supported by the operating system: + # posix + # sysv + # windows + # mmap + # use none to disable dynamic shared memory + # (change requires restart) + + # - Disk - + + temp_file_limit = 20GB # SG CUSTOM limits per-process temp file space + # in kB, or -1 for no limit + + # - Kernel Resources - + + #max_files_per_process = 1000 # min 25 + # (change requires restart) + + # - Cost-Based Vacuum Delay - + + #vacuum_cost_delay = 0 # 0-100 milliseconds + #vacuum_cost_page_hit = 1 # 0-10000 credits + #vacuum_cost_page_miss = 10 # 0-10000 credits + #vacuum_cost_page_dirty = 20 # 0-10000 credits + #vacuum_cost_limit = 200 # 1-10000 credits + + # - Background Writer - + + bgwriter_delay = 50ms # SG CUSTOM 10-10000ms between rounds + bgwriter_lru_maxpages = 200 # SG CUSTOM max buffers written/round, 0 disables + + #bgwriter_lru_multiplier = 2.0 # 0-10.0 multiplier on buffers scanned/round + #bgwriter_flush_after = 512kB # measured in pages, 0 disables + + # - Asynchronous Behavior - + + effective_io_concurrency = 200 # 1-1000; 0 disables prefetching + max_worker_processes = 4 # SG CUSTOM (change requires restart) + max_parallel_maintenance_workers = 4 # SG CUSTOM taken from max_parallel_workers + max_parallel_workers_per_gather = 2 # SG CUSTOM taken from max_parallel_workers + #parallel_leader_participation = on + max_parallel_workers = 4 # SG CUSTOM maximum number of max_worker_processes that + # can be used in parallel operations + #old_snapshot_threshold = -1 # 1min-60d; -1 disables; 0 is immediate + # (change requires restart) + #backend_flush_after = 0 # measured in pages, 0 disables + + + #------------------------------------------------------------------------------ + # WRITE-AHEAD LOG + #------------------------------------------------------------------------------ + + # - Settings - + + #wal_level = replica # minimal, replica, or logical + # (change requires restart) + #fsync = on # flush data to disk for crash safety + # (turning this off can cause + # unrecoverable data corruption) + #synchronous_commit = on # synchronization level; + # off, local, remote_write, remote_apply, or on + #wal_sync_method = fsync # the default is the first option + # supported by the operating system: + # open_datasync + # fdatasync (default on Linux) + # fsync + # fsync_writethrough + # open_sync + #full_page_writes = on # recover from partial page writes + #wal_compression = off # enable compression of full-page writes + #wal_log_hints = off # also do full page writes of non-critical updates + # (change requires restart) + wal_buffers = 16MB # SG CUSTOM min 32kB, -1 sets based on shared_buffers + # (change requires restart) + #wal_writer_delay = 200ms # 1-10000 milliseconds + #wal_writer_flush_after = 1MB # measured in pages, 0 disables + + #commit_delay = 0 # range 0-100000, in microseconds + #commit_siblings = 5 # range 1-1000 + + # - Checkpoints - + + #checkpoint_timeout = 5min # range 30s-1d + max_wal_size = 8GB # SG CUSTOM + min_wal_size = 2GB # SG CUSTOM + #checkpoint_completion_target = 0.5 # checkpoint target duration, 0.0 - 1.0 + #checkpoint_flush_after = 256kB # measured in pages, 0 disables + #checkpoint_warning = 30s # 0 disables + + # - Archiving - + + #archive_mode = off # enables archiving; off, on, or always + # (change requires restart) + #archive_command = '' # command to use to archive a logfile segment + # placeholders: %p = path of file to archive + # %f = file name only + # e.g. 'test ! -f /mnt/server/archivedir/%f && cp %p /mnt/server/archivedir/%f' + #archive_timeout = 0 # force a logfile segment switch after this + # number of seconds; 0 disables + + + #------------------------------------------------------------------------------ + # REPLICATION + #------------------------------------------------------------------------------ + + # - Sending Servers - + + # Set these on the master and on any standby that will send replication data. + + #max_wal_senders = 10 # max number of walsender processes + # (change requires restart) + #wal_keep_segments = 0 # in logfile segments; 0 disables + #wal_sender_timeout = 60s # in milliseconds; 0 disables + + #max_replication_slots = 10 # max number of replication slots + # (change requires restart) + #track_commit_timestamp = off # collect timestamp of transaction commit + # (change requires restart) + + # - Master Server - + + # These settings are ignored on a standby server. + + #synchronous_standby_names = '' # standby servers that provide sync rep + # method to choose sync standbys, number of sync standbys, + # and comma-separated list of application_name + # from standby(s); '*' = all + #vacuum_defer_cleanup_age = 0 # number of xacts by which cleanup is delayed + + # - Standby Servers - + + # These settings are ignored on a master server. + + #hot_standby = on # "off" disallows queries during recovery + # (change requires restart) + #max_standby_archive_delay = 30s # max delay before canceling queries + # when reading WAL from archive; + # -1 allows indefinite delay + #max_standby_streaming_delay = 30s # max delay before canceling queries + # when reading streaming WAL; + # -1 allows indefinite delay + #wal_receiver_status_interval = 10s # send replies at least this often + # 0 disables + #hot_standby_feedback = off # send info from standby to prevent + # query conflicts + #wal_receiver_timeout = 60s # time that receiver waits for + # communication from master + # in milliseconds; 0 disables + #wal_retrieve_retry_interval = 5s # time to wait before retrying to + # retrieve WAL after a failed attempt + + # - Subscribers - + + # These settings are ignored on a publisher. + + #max_logical_replication_workers = 4 # taken from max_worker_processes + # (change requires restart) + #max_sync_workers_per_subscription = 2 # taken from max_logical_replication_workers + + + #------------------------------------------------------------------------------ + # QUERY TUNING + #------------------------------------------------------------------------------ + + # - Planner Method Configuration - + + #enable_bitmapscan = on + #enable_hashagg = on + #enable_hashjoin = on + #enable_indexscan = on + #enable_indexonlyscan = on + #enable_material = on + #enable_mergejoin = on + #enable_nestloop = on + #enable_parallel_append = on + #enable_seqscan = on + #enable_sort = on + #enable_tidscan = on + #enable_partitionwise_join = off + #enable_partitionwise_aggregate = off + #enable_parallel_hash = on + #enable_partition_pruning = on + + # - Planner Cost Constants - + + #seq_page_cost = 1.0 # measured on an arbitrary scale + random_page_cost = 1.1 # SG CUSTOM same scale as above + #cpu_tuple_cost = 0.01 # same scale as above + #cpu_index_tuple_cost = 0.005 # same scale as above + #cpu_operator_cost = 0.0025 # same scale as above + #parallel_tuple_cost = 0.1 # same scale as above + #parallel_setup_cost = 1000.0 # same scale as above + + #jit_above_cost = 100000 # perform JIT compilation if available + # and query more expensive than this; + # -1 disables + #jit_inline_above_cost = 500000 # inline small functions if query is + # more expensive than this; -1 disables + #jit_optimize_above_cost = 500000 # use expensive JIT optimizations if + # query is more expensive than this; + # -1 disables + + #min_parallel_table_scan_size = 8MB + #min_parallel_index_scan_size = 512kB + effective_cache_size = 3GB # SG CUSTOM + + # - Genetic Query Optimizer - + + #geqo = on + #geqo_threshold = 12 + #geqo_effort = 5 # range 1-10 + #geqo_pool_size = 0 # selects default based on effort + #geqo_generations = 0 # selects default based on effort + #geqo_selection_bias = 2.0 # range 1.5-2.0 + #geqo_seed = 0.0 # range 0.0-1.0 + + # - Other Planner Options - + + #default_statistics_target = 100 # range 1-10000 + #constraint_exclusion = partition # on, off, or partition + #cursor_tuple_fraction = 0.1 # range 0.0-1.0 + #from_collapse_limit = 8 + #join_collapse_limit = 8 # 1 disables collapsing of explicit + # JOIN clauses + #force_parallel_mode = off + #jit = off # allow JIT compilation + + + #------------------------------------------------------------------------------ + # REPORTING AND LOGGING + #------------------------------------------------------------------------------ + + # - Where to Log - + + #log_destination = 'stderr' # Valid values are combinations of + # stderr, csvlog, syslog, and eventlog, + # depending on platform. csvlog + # requires logging_collector to be on. + + # This is used when logging to stderr: + #logging_collector = off # Enable capturing of stderr and csvlog + # into log files. Required to be on for + # csvlogs. + # (change requires restart) + + # These are only used if logging_collector is on: + #log_directory = 'log' # directory where log files are written, + # can be absolute or relative to PGDATA + #log_filename = 'postgresql-%Y-%m-%d_%H%M%S.log' # log file name pattern, + # can include strftime() escapes + #log_file_mode = 0600 # creation mode for log files, + # begin with 0 to use octal notation + #log_truncate_on_rotation = off # If on, an existing log file with the + # same name as the new log file will be + # truncated rather than appended to. + # But such truncation only occurs on + # time-driven rotation, not on restarts + # or size-driven rotation. Default is + # off, meaning append to existing files + # in all cases. + #log_rotation_age = 1d # Automatic rotation of logfiles will + # happen after that time. 0 disables. + #log_rotation_size = 10MB # Automatic rotation of logfiles will + # happen after that much log output. + # 0 disables. + + # These are relevant when logging to syslog: + #syslog_facility = 'LOCAL0' + #syslog_ident = 'postgres' + #syslog_sequence_numbers = on + #syslog_split_messages = on + + # This is only relevant when logging to eventlog (win32): + # (change requires restart) + #event_source = 'PostgreSQL' + + # - When to Log - + + #log_min_messages = warning # values in order of decreasing detail: + # debug5 + # debug4 + # debug3 + # debug2 + # debug1 + # info + # notice + # warning + # error + # log + # fatal + # panic + + #log_min_error_statement = error # values in order of decreasing detail: + # debug5 + # debug4 + # debug3 + # debug2 + # debug1 + # info + # notice + # warning + # error + # log + # fatal + # panic (effectively off) + + #log_min_duration_statement = -1 # -1 is disabled, 0 logs all statements + # and their durations, > 0 logs only + # statements running at least this number + # of milliseconds + + + # - What to Log - + + #debug_print_parse = off + #debug_print_rewritten = off + #debug_print_plan = off + #debug_pretty_print = on + #log_checkpoints = off + #log_connections = off + #log_disconnections = off + #log_duration = off + #log_error_verbosity = default # terse, default, or verbose messages + #log_hostname = off + #log_line_prefix = '%m [%p] ' # special values: + # %a = application name + # %u = user name + # %d = database name + # %r = remote host and port + # %h = remote host + # %p = process ID + # %t = timestamp without milliseconds + # %m = timestamp with milliseconds + # %n = timestamp with milliseconds (as a Unix epoch) + # %i = command tag + # %e = SQL state + # %c = session ID + # %l = session line number + # %s = session start timestamp + # %v = virtual transaction ID + # %x = transaction ID (0 if none) + # %q = stop here in non-session + # processes + # %% = '%' + # e.g. '<%u%%%d> ' + #log_lock_waits = off # log lock waits >= deadlock_timeout + #log_statement = 'none' # none, ddl, mod, all + #log_replication_commands = off + #log_temp_files = -1 # log temporary files equal or larger + # than the specified size in kilobytes; + # -1 disables, 0 logs all temp files + log_timezone = 'Etc/UTC' + + #------------------------------------------------------------------------------ + # PROCESS TITLE + #------------------------------------------------------------------------------ + + #cluster_name = '' # added to process titles if nonempty + # (change requires restart) + #update_process_title = on + + + #------------------------------------------------------------------------------ + # STATISTICS + #------------------------------------------------------------------------------ + + # - Query and Index Statistics Collector - + + #track_activities = on + #track_counts = on + #track_io_timing = off + #track_functions = none # none, pl, all + #track_activity_query_size = 1024 # (change requires restart) + #stats_temp_directory = 'pg_stat_tmp' + + + # - Monitoring - + + #log_parser_stats = off + #log_planner_stats = off + #log_executor_stats = off + #log_statement_stats = off + + + #------------------------------------------------------------------------------ + # AUTOVACUUM + #------------------------------------------------------------------------------ + + #autovacuum = on # Enable autovacuum subprocess? 'on' + # requires track_counts to also be on. + #log_autovacuum_min_duration = -1 # -1 disables, 0 logs all actions and + # their durations, > 0 logs only + # actions running at least this number + # of milliseconds. + #autovacuum_max_workers = 3 # max number of autovacuum subprocesses + # (change requires restart) + #autovacuum_naptime = 1min # time between autovacuum runs + #autovacuum_vacuum_threshold = 50 # min number of row updates before + # vacuum + #autovacuum_analyze_threshold = 50 # min number of row updates before + # analyze + #autovacuum_vacuum_scale_factor = 0.2 # fraction of table size before vacuum + #autovacuum_analyze_scale_factor = 0.1 # fraction of table size before analyze + #autovacuum_freeze_max_age = 200000000 # maximum XID age before forced vacuum + # (change requires restart) + #autovacuum_multixact_freeze_max_age = 400000000 # maximum multixact age + # before forced vacuum + # (change requires restart) + #autovacuum_vacuum_cost_delay = 20ms # default vacuum cost delay for + # autovacuum, in milliseconds; + # -1 means use vacuum_cost_delay + #autovacuum_vacuum_cost_limit = -1 # default vacuum cost limit for + # autovacuum, -1 means use + # vacuum_cost_limit + + + #------------------------------------------------------------------------------ + # CLIENT CONNECTION DEFAULTS + #------------------------------------------------------------------------------ + + # - Statement Behavior - + + #client_min_messages = notice # values in order of decreasing detail: + # debug5 + # debug4 + # debug3 + # debug2 + # debug1 + # log + # notice + # warning + # error + #search_path = '"$user", public' # schema names + #row_security = on + #default_tablespace = '' # a tablespace name, '' uses the default + #temp_tablespaces = '' # a list of tablespace names, '' uses + # only default tablespace + #check_function_bodies = on + #default_transaction_isolation = 'read committed' + #default_transaction_read_only = off + #default_transaction_deferrable = off + #session_replication_role = 'origin' + #statement_timeout = 0 # in milliseconds, 0 is disabled + #lock_timeout = 0 # in milliseconds, 0 is disabled + #idle_in_transaction_session_timeout = 0 # in milliseconds, 0 is disabled + #vacuum_freeze_min_age = 50000000 + #vacuum_freeze_table_age = 150000000 + #vacuum_multixact_freeze_min_age = 5000000 + #vacuum_multixact_freeze_table_age = 150000000 + #vacuum_cleanup_index_scale_factor = 0.1 # fraction of total number of tuples + # before index cleanup, 0 always performs + # index cleanup + #bytea_output = 'hex' # hex, escape + #xmlbinary = 'base64' + #xmloption = 'content' + #gin_fuzzy_search_limit = 0 + #gin_pending_list_limit = 4MB + + # - Locale and Formatting - + + datestyle = 'iso, mdy' + #intervalstyle = 'postgres' + timezone = 'Etc/UTC' + #timezone_abbreviations = 'Default' # Select the set of available time zone + # abbreviations. Currently, there are + # Default + # Australia (historical usage) + # India + # You can create your own file in + # share/timezonesets/. + #extra_float_digits = 0 # min -15, max 3 + #client_encoding = sql_ascii # actually, defaults to database + # encoding + + # These settings are initialized by initdb, but they can be changed. + lc_messages = 'en_US.utf8' # locale for system error message + # strings + lc_monetary = 'en_US.utf8' # locale for monetary formatting + lc_numeric = 'en_US.utf8' # locale for number formatting + lc_time = 'en_US.utf8' # locale for time formatting + + # default configuration for text search + default_text_search_config = 'pg_catalog.english' + + # - Shared Library Preloading - + + #shared_preload_libraries = '' # (change requires restart) + #local_preload_libraries = '' + #session_preload_libraries = '' + #jit_provider = 'llvmjit' # JIT library to use + + # - Other Defaults - + + #dynamic_library_path = '$libdir' + + + #------------------------------------------------------------------------------ + # LOCK MANAGEMENT + #------------------------------------------------------------------------------ + + #deadlock_timeout = 1s + #max_locks_per_transaction = 64 # min 10 + # (change requires restart) + #max_pred_locks_per_transaction = 64 # min 10 + # (change requires restart) + #max_pred_locks_per_relation = -2 # negative values mean + # (max_pred_locks_per_transaction + # / -max_pred_locks_per_relation) - 1 + #max_pred_locks_per_page = 2 # min 0 + + + #------------------------------------------------------------------------------ + # VERSION AND PLATFORM COMPATIBILITY + #------------------------------------------------------------------------------ + + # - Previous PostgreSQL Versions - + + #array_nulls = on + #backslash_quote = safe_encoding # on, off, or safe_encoding + #default_with_oids = off + #escape_string_warning = on + #lo_compat_privileges = off + #operator_precedence_warning = off + #quote_all_identifiers = off + #standard_conforming_strings = on + #synchronize_seqscans = on + + # - Other Platforms and Clients - + + #transform_null_equals = off + + + #------------------------------------------------------------------------------ + # ERROR HANDLING + #------------------------------------------------------------------------------ + + #exit_on_error = off # terminate session on any error? + #restart_after_crash = on # reinitialize after backend crash? + #data_sync_retry = off # retry or panic on failure to fsync + # data? + # (change requires restart) + + + #------------------------------------------------------------------------------ + # CONFIG FILE INCLUDES + #------------------------------------------------------------------------------ + + # These options allow settings to be loaded from files other than the + # default postgresql.conf. + + #include_dir = '' # include files ending in '.conf' from + # a directory, e.g., 'conf.d' + #include_if_exists = '' # include file only if it exists + #include = '' # include file + + + #------------------------------------------------------------------------------ + # CUSTOMIZED OPTIONS + #------------------------------------------------------------------------------ + + # Add settings for extensions here +kind: ConfigMap +metadata: + annotations: + description: Configuration for PostgreSQL + labels: + app.kubernetes.io/component: codeintel-db + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: codeintel-db-conf + namespace: ns-sourcegraph diff --git a/test-cluster-5.9/v1_configmap_grafana.yaml b/test-cluster-5.9/v1_configmap_grafana.yaml new file mode 100644 index 000000000000..bf26fc5ce974 --- /dev/null +++ b/test-cluster-5.9/v1_configmap_grafana.yaml @@ -0,0 +1,20 @@ +apiVersion: v1 +data: + datasources.yml: | + apiVersion: 1 + + datasources: + - name: Prometheus + type: prometheus + access: proxy + url: http://prometheus:30090 + isDefault: true + editable: false +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/component: grafana + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: grafana + namespace: ns-sourcegraph diff --git a/test-cluster-5.9/v1_configmap_otel-agent.yaml b/test-cluster-5.9/v1_configmap_otel-agent.yaml new file mode 100644 index 000000000000..c49c15add61a --- /dev/null +++ b/test-cluster-5.9/v1_configmap_otel-agent.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +data: + config.yaml: "receivers:\n otlp:\n protocols:\n grpc: # port 4317\n http: + # port 4318\n\nexporters:\n otlp:\n endpoint: \"otel-collector:4317\"\n tls:\n + \ insecure: true\n sending_queue:\n num_consumers: 4\n queue_size: + 100\n retry_on_failure:\n enabled: true\n\nextensions:\n health_check:\n + \ endpoint: \":13133\"\n zpages:\n endpoint: \"localhost:55679\"\n\nservice:\n + \ extensions:\n - zpages\n - health_check\n pipelines:\n traces:\n receivers:\n + \ - otlp\n exporters:\n - otlp\n \n" +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/component: otel-collector + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: otel-agent + namespace: ns-sourcegraph diff --git a/test-cluster-5.9/v1_configmap_otel-collector.yaml b/test-cluster-5.9/v1_configmap_otel-collector.yaml new file mode 100644 index 000000000000..c10740478e75 --- /dev/null +++ b/test-cluster-5.9/v1_configmap_otel-collector.yaml @@ -0,0 +1,47 @@ +apiVersion: v1 +data: + config.yaml: | + # This is the template configuration for OpenTelemetry collector, and is not used by default. + # It is mounted to '/etc/otel-collector/config.yaml' in the otel-collector container. + # + # To learn more, see https://docs.sourcegraph.com/admin/deploy/kubernetes/configure#configure-a-tracing-backend + + exporters: + # Add your exporter(s) configuration here. For each exporter, make sure it is enabled + # in the service configuration below. + # Refer to our OpenTelemetry docs for information on how to configure different exporters: + # https://docs.sourcegraph.com/admin/observability/opentelemetry + + service: + pipelines: + traces: + exporters: + # Add the name of your exporter(s) here, e.g.: + # - logging + receivers: + - otlp # Do not remove this receiver + extensions: + # Do not remove these extensions + - health_check + - zpages + + receivers: + # Do not modify this receiver, as it is configured to accept data from OpenTelemetry agents. + otlp: + protocols: + grpc: # port 4317 + http: # port 4318 + + extensions: + health_check: + port: 13133 + zpages: + endpoint: "localhost:55679" +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/component: otel-collector + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: otel-collector + namespace: ns-sourcegraph diff --git a/test-cluster-5.9/v1_configmap_pgsql-conf.yaml b/test-cluster-5.9/v1_configmap_pgsql-conf.yaml new file mode 100644 index 000000000000..d9ac3218fa7e --- /dev/null +++ b/test-cluster-5.9/v1_configmap_pgsql-conf.yaml @@ -0,0 +1,705 @@ +apiVersion: v1 +data: + postgresql.conf: | + # ----------------------------- + # PostgreSQL configuration file + # ----------------------------- + # SOURCEGRAPH CUSTOMIZATIONS CONTAIN "# SG CUSTOM" in the comment + # + # This file consists of lines of the form: + # + # name = value + # + # (The "=" is optional.) Whitespace may be used. Comments are introduced with + # "#" anywhere on a line. The complete list of parameter names and allowed + # values can be found in the PostgreSQL documentation. + # + # The commented-out settings shown in this file represent the default values. + # Re-commenting a setting is NOT sufficient to revert it to the default value; + # you need to reload the server. + # + # This file is read on server startup and when the server receives a SIGHUP + # signal. If you edit the file on a running system, you have to SIGHUP the + # server for the changes to take effect, run "pg_ctl reload", or execute + # "SELECT pg_reload_conf()". Some parameters, which are marked below, + # require a server shutdown and restart to take effect. + # + # Any parameter can also be given as a command-line option to the server, e.g., + # "postgres -c log_connections=on". Some parameters can be changed at run time + # with the "SET" SQL command. + # + # Memory units: kB = kilobytes Time units: ms = milliseconds + # MB = megabytes s = seconds + # GB = gigabytes min = minutes + # TB = terabytes h = hours + # d = days + + + #------------------------------------------------------------------------------ + # FILE LOCATIONS + #------------------------------------------------------------------------------ + + # The default values of these variables are driven from the -D command-line + # option or PGDATA environment variable, represented here as ConfigDir. + + #data_directory = 'ConfigDir' # use data in another directory + # (change requires restart) + #hba_file = 'ConfigDir/pg_hba.conf' # host-based authentication file + # (change requires restart) + #ident_file = 'ConfigDir/pg_ident.conf' # ident configuration file + # (change requires restart) + + # If external_pid_file is not explicitly set, no extra PID file is written. + #external_pid_file = '' # write an extra PID file + # (change requires restart) + + + #------------------------------------------------------------------------------ + # CONNECTIONS AND AUTHENTICATION + #------------------------------------------------------------------------------ + + # - Connection Settings - + + listen_addresses = '*' + # comma-separated list of addresses; + # defaults to 'localhost'; use '*' for all + # (change requires restart) + #port = 5432 # (change requires restart) + max_connections = 100 # (change requires restart) + #superuser_reserved_connections = 3 # (change requires restart) + #unix_socket_directories = '/var/run/postgresql' # comma-separated list of directories + # (change requires restart) + #unix_socket_group = '' # (change requires restart) + #unix_socket_permissions = 0777 # begin with 0 to use octal notation + # (change requires restart) + #bonjour = off # advertise server via Bonjour + # (change requires restart) + #bonjour_name = '' # defaults to the computer name + # (change requires restart) + + # - TCP Keepalives - + # see "man 7 tcp" for details + + #tcp_keepalives_idle = 0 # TCP_KEEPIDLE, in seconds; + # 0 selects the system default + #tcp_keepalives_interval = 0 # TCP_KEEPINTVL, in seconds; + # 0 selects the system default + #tcp_keepalives_count = 0 # TCP_KEEPCNT; + # 0 selects the system default + + # - Authentication - + + #authentication_timeout = 1min # 1s-600s + #password_encryption = md5 # md5 or scram-sha-256 + #db_user_namespace = off + + # GSSAPI using Kerberos + #krb_server_keyfile = '' + #krb_caseins_users = off + + # - SSL - + + #ssl = off + #ssl_ca_file = '' + #ssl_cert_file = 'server.crt' + #ssl_crl_file = '' + #ssl_key_file = 'server.key' + #ssl_ciphers = 'HIGH:MEDIUM:+3DES:!aNULL' # allowed SSL ciphers + #ssl_prefer_server_ciphers = on + #ssl_ecdh_curve = 'prime256v1' + #ssl_dh_params_file = '' + #ssl_passphrase_command = '' + #ssl_passphrase_command_supports_reload = off + + + #------------------------------------------------------------------------------ + # RESOURCE USAGE (except WAL) + #------------------------------------------------------------------------------ + + # - Memory - + + shared_buffers = 1GB # SG CUSTOM min 128kB + # (change requires restart) + #huge_pages = try # on, off, or try + # (change requires restart) + #temp_buffers = 8MB # min 800kB + #max_prepared_transactions = 0 # zero disables the feature + # (change requires restart) + # Caution: it is not advisable to set max_prepared_transactions nonzero unless + # you actively intend to use prepared transactions. + work_mem = 5MB # SG CUSTOM min 64kB + maintenance_work_mem = 250MB # SG CUSTOM min 1MB + #autovacuum_work_mem = -1 # min 1MB, or -1 to use maintenance_work_mem + #max_stack_depth = 2MB # min 100kB + dynamic_shared_memory_type = posix # the default is the first option + # supported by the operating system: + # posix + # sysv + # windows + # mmap + # use none to disable dynamic shared memory + # (change requires restart) + + # - Disk - + + temp_file_limit = 20GB # SG CUSTOM limits per-process temp file space + # in kB, or -1 for no limit + + # - Kernel Resources - + + #max_files_per_process = 1000 # min 25 + # (change requires restart) + + # - Cost-Based Vacuum Delay - + + #vacuum_cost_delay = 0 # 0-100 milliseconds + #vacuum_cost_page_hit = 1 # 0-10000 credits + #vacuum_cost_page_miss = 10 # 0-10000 credits + #vacuum_cost_page_dirty = 20 # 0-10000 credits + #vacuum_cost_limit = 200 # 1-10000 credits + + # - Background Writer - + + bgwriter_delay = 50ms # SG CUSTOM 10-10000ms between rounds + bgwriter_lru_maxpages = 200 # SG CUSTOM max buffers written/round, 0 disables + + #bgwriter_lru_multiplier = 2.0 # 0-10.0 multiplier on buffers scanned/round + #bgwriter_flush_after = 512kB # measured in pages, 0 disables + + # - Asynchronous Behavior - + + effective_io_concurrency = 200 # 1-1000; 0 disables prefetching + max_worker_processes = 4 # SG CUSTOM (change requires restart) + max_parallel_maintenance_workers = 4 # SG CUSTOM taken from max_parallel_workers + max_parallel_workers_per_gather = 2 # SG CUSTOM taken from max_parallel_workers + #parallel_leader_participation = on + max_parallel_workers = 4 # SG CUSTOM maximum number of max_worker_processes that + # can be used in parallel operations + #old_snapshot_threshold = -1 # 1min-60d; -1 disables; 0 is immediate + # (change requires restart) + #backend_flush_after = 0 # measured in pages, 0 disables + + + #------------------------------------------------------------------------------ + # WRITE-AHEAD LOG + #------------------------------------------------------------------------------ + + # - Settings - + + #wal_level = replica # minimal, replica, or logical + # (change requires restart) + #fsync = on # flush data to disk for crash safety + # (turning this off can cause + # unrecoverable data corruption) + #synchronous_commit = on # synchronization level; + # off, local, remote_write, remote_apply, or on + #wal_sync_method = fsync # the default is the first option + # supported by the operating system: + # open_datasync + # fdatasync (default on Linux) + # fsync + # fsync_writethrough + # open_sync + #full_page_writes = on # recover from partial page writes + #wal_compression = off # enable compression of full-page writes + #wal_log_hints = off # also do full page writes of non-critical updates + # (change requires restart) + wal_buffers = 16MB # SG CUSTOM min 32kB, -1 sets based on shared_buffers + # (change requires restart) + #wal_writer_delay = 200ms # 1-10000 milliseconds + #wal_writer_flush_after = 1MB # measured in pages, 0 disables + + #commit_delay = 0 # range 0-100000, in microseconds + #commit_siblings = 5 # range 1-1000 + + # - Checkpoints - + + #checkpoint_timeout = 5min # range 30s-1d + max_wal_size = 8GB # SG CUSTOM + min_wal_size = 2GB # SG CUSTOM + #checkpoint_completion_target = 0.5 # checkpoint target duration, 0.0 - 1.0 + #checkpoint_flush_after = 256kB # measured in pages, 0 disables + #checkpoint_warning = 30s # 0 disables + + # - Archiving - + + #archive_mode = off # enables archiving; off, on, or always + # (change requires restart) + #archive_command = '' # command to use to archive a logfile segment + # placeholders: %p = path of file to archive + # %f = file name only + # e.g. 'test ! -f /mnt/server/archivedir/%f && cp %p /mnt/server/archivedir/%f' + #archive_timeout = 0 # force a logfile segment switch after this + # number of seconds; 0 disables + + + #------------------------------------------------------------------------------ + # REPLICATION + #------------------------------------------------------------------------------ + + # - Sending Servers - + + # Set these on the master and on any standby that will send replication data. + + #max_wal_senders = 10 # max number of walsender processes + # (change requires restart) + #wal_keep_segments = 0 # in logfile segments; 0 disables + #wal_sender_timeout = 60s # in milliseconds; 0 disables + + #max_replication_slots = 10 # max number of replication slots + # (change requires restart) + #track_commit_timestamp = off # collect timestamp of transaction commit + # (change requires restart) + + # - Master Server - + + # These settings are ignored on a standby server. + + #synchronous_standby_names = '' # standby servers that provide sync rep + # method to choose sync standbys, number of sync standbys, + # and comma-separated list of application_name + # from standby(s); '*' = all + #vacuum_defer_cleanup_age = 0 # number of xacts by which cleanup is delayed + + # - Standby Servers - + + # These settings are ignored on a master server. + + #hot_standby = on # "off" disallows queries during recovery + # (change requires restart) + #max_standby_archive_delay = 30s # max delay before canceling queries + # when reading WAL from archive; + # -1 allows indefinite delay + #max_standby_streaming_delay = 30s # max delay before canceling queries + # when reading streaming WAL; + # -1 allows indefinite delay + #wal_receiver_status_interval = 10s # send replies at least this often + # 0 disables + #hot_standby_feedback = off # send info from standby to prevent + # query conflicts + #wal_receiver_timeout = 60s # time that receiver waits for + # communication from master + # in milliseconds; 0 disables + #wal_retrieve_retry_interval = 5s # time to wait before retrying to + # retrieve WAL after a failed attempt + + # - Subscribers - + + # These settings are ignored on a publisher. + + #max_logical_replication_workers = 4 # taken from max_worker_processes + # (change requires restart) + #max_sync_workers_per_subscription = 2 # taken from max_logical_replication_workers + + + #------------------------------------------------------------------------------ + # QUERY TUNING + #------------------------------------------------------------------------------ + + # - Planner Method Configuration - + + #enable_bitmapscan = on + #enable_hashagg = on + #enable_hashjoin = on + #enable_indexscan = on + #enable_indexonlyscan = on + #enable_material = on + #enable_mergejoin = on + #enable_nestloop = on + #enable_parallel_append = on + #enable_seqscan = on + #enable_sort = on + #enable_tidscan = on + #enable_partitionwise_join = off + #enable_partitionwise_aggregate = off + #enable_parallel_hash = on + #enable_partition_pruning = on + + # - Planner Cost Constants - + + #seq_page_cost = 1.0 # measured on an arbitrary scale + random_page_cost = 1.1 # SG CUSTOM same scale as above + #cpu_tuple_cost = 0.01 # same scale as above + #cpu_index_tuple_cost = 0.005 # same scale as above + #cpu_operator_cost = 0.0025 # same scale as above + #parallel_tuple_cost = 0.1 # same scale as above + #parallel_setup_cost = 1000.0 # same scale as above + + #jit_above_cost = 100000 # perform JIT compilation if available + # and query more expensive than this; + # -1 disables + #jit_inline_above_cost = 500000 # inline small functions if query is + # more expensive than this; -1 disables + #jit_optimize_above_cost = 500000 # use expensive JIT optimizations if + # query is more expensive than this; + # -1 disables + + #min_parallel_table_scan_size = 8MB + #min_parallel_index_scan_size = 512kB + effective_cache_size = 3GB # SG CUSTOM + + # - Genetic Query Optimizer - + + #geqo = on + #geqo_threshold = 12 + #geqo_effort = 5 # range 1-10 + #geqo_pool_size = 0 # selects default based on effort + #geqo_generations = 0 # selects default based on effort + #geqo_selection_bias = 2.0 # range 1.5-2.0 + #geqo_seed = 0.0 # range 0.0-1.0 + + # - Other Planner Options - + + #default_statistics_target = 100 # range 1-10000 + #constraint_exclusion = partition # on, off, or partition + #cursor_tuple_fraction = 0.1 # range 0.0-1.0 + #from_collapse_limit = 8 + #join_collapse_limit = 8 # 1 disables collapsing of explicit + # JOIN clauses + #force_parallel_mode = off + #jit = off # allow JIT compilation + + + #------------------------------------------------------------------------------ + # REPORTING AND LOGGING + #------------------------------------------------------------------------------ + + # - Where to Log - + + #log_destination = 'stderr' # Valid values are combinations of + # stderr, csvlog, syslog, and eventlog, + # depending on platform. csvlog + # requires logging_collector to be on. + + # This is used when logging to stderr: + #logging_collector = off # Enable capturing of stderr and csvlog + # into log files. Required to be on for + # csvlogs. + # (change requires restart) + + # These are only used if logging_collector is on: + #log_directory = 'log' # directory where log files are written, + # can be absolute or relative to PGDATA + #log_filename = 'postgresql-%Y-%m-%d_%H%M%S.log' # log file name pattern, + # can include strftime() escapes + #log_file_mode = 0600 # creation mode for log files, + # begin with 0 to use octal notation + #log_truncate_on_rotation = off # If on, an existing log file with the + # same name as the new log file will be + # truncated rather than appended to. + # But such truncation only occurs on + # time-driven rotation, not on restarts + # or size-driven rotation. Default is + # off, meaning append to existing files + # in all cases. + #log_rotation_age = 1d # Automatic rotation of logfiles will + # happen after that time. 0 disables. + #log_rotation_size = 10MB # Automatic rotation of logfiles will + # happen after that much log output. + # 0 disables. + + # These are relevant when logging to syslog: + #syslog_facility = 'LOCAL0' + #syslog_ident = 'postgres' + #syslog_sequence_numbers = on + #syslog_split_messages = on + + # This is only relevant when logging to eventlog (win32): + # (change requires restart) + #event_source = 'PostgreSQL' + + # - When to Log - + + #log_min_messages = warning # values in order of decreasing detail: + # debug5 + # debug4 + # debug3 + # debug2 + # debug1 + # info + # notice + # warning + # error + # log + # fatal + # panic + + #log_min_error_statement = error # values in order of decreasing detail: + # debug5 + # debug4 + # debug3 + # debug2 + # debug1 + # info + # notice + # warning + # error + # log + # fatal + # panic (effectively off) + + #log_min_duration_statement = -1 # -1 is disabled, 0 logs all statements + # and their durations, > 0 logs only + # statements running at least this number + # of milliseconds + + + # - What to Log - + + #debug_print_parse = off + #debug_print_rewritten = off + #debug_print_plan = off + #debug_pretty_print = on + #log_checkpoints = off + #log_connections = off + #log_disconnections = off + #log_duration = off + #log_error_verbosity = default # terse, default, or verbose messages + #log_hostname = off + #log_line_prefix = '%m [%p] ' # special values: + # %a = application name + # %u = user name + # %d = database name + # %r = remote host and port + # %h = remote host + # %p = process ID + # %t = timestamp without milliseconds + # %m = timestamp with milliseconds + # %n = timestamp with milliseconds (as a Unix epoch) + # %i = command tag + # %e = SQL state + # %c = session ID + # %l = session line number + # %s = session start timestamp + # %v = virtual transaction ID + # %x = transaction ID (0 if none) + # %q = stop here in non-session + # processes + # %% = '%' + # e.g. '<%u%%%d> ' + #log_lock_waits = off # log lock waits >= deadlock_timeout + #log_statement = 'none' # none, ddl, mod, all + #log_replication_commands = off + #log_temp_files = -1 # log temporary files equal or larger + # than the specified size in kilobytes; + # -1 disables, 0 logs all temp files + log_timezone = 'Etc/UTC' + + #------------------------------------------------------------------------------ + # PROCESS TITLE + #------------------------------------------------------------------------------ + + #cluster_name = '' # added to process titles if nonempty + # (change requires restart) + #update_process_title = on + + + #------------------------------------------------------------------------------ + # STATISTICS + #------------------------------------------------------------------------------ + + # - Query and Index Statistics Collector - + + #track_activities = on + #track_counts = on + #track_io_timing = off + #track_functions = none # none, pl, all + #track_activity_query_size = 1024 # (change requires restart) + #stats_temp_directory = 'pg_stat_tmp' + + + # - Monitoring - + + #log_parser_stats = off + #log_planner_stats = off + #log_executor_stats = off + #log_statement_stats = off + + + #------------------------------------------------------------------------------ + # AUTOVACUUM + #------------------------------------------------------------------------------ + + #autovacuum = on # Enable autovacuum subprocess? 'on' + # requires track_counts to also be on. + #log_autovacuum_min_duration = -1 # -1 disables, 0 logs all actions and + # their durations, > 0 logs only + # actions running at least this number + # of milliseconds. + #autovacuum_max_workers = 3 # max number of autovacuum subprocesses + # (change requires restart) + #autovacuum_naptime = 1min # time between autovacuum runs + #autovacuum_vacuum_threshold = 50 # min number of row updates before + # vacuum + #autovacuum_analyze_threshold = 50 # min number of row updates before + # analyze + #autovacuum_vacuum_scale_factor = 0.2 # fraction of table size before vacuum + #autovacuum_analyze_scale_factor = 0.1 # fraction of table size before analyze + #autovacuum_freeze_max_age = 200000000 # maximum XID age before forced vacuum + # (change requires restart) + #autovacuum_multixact_freeze_max_age = 400000000 # maximum multixact age + # before forced vacuum + # (change requires restart) + #autovacuum_vacuum_cost_delay = 20ms # default vacuum cost delay for + # autovacuum, in milliseconds; + # -1 means use vacuum_cost_delay + #autovacuum_vacuum_cost_limit = -1 # default vacuum cost limit for + # autovacuum, -1 means use + # vacuum_cost_limit + + + #------------------------------------------------------------------------------ + # CLIENT CONNECTION DEFAULTS + #------------------------------------------------------------------------------ + + # - Statement Behavior - + + #client_min_messages = notice # values in order of decreasing detail: + # debug5 + # debug4 + # debug3 + # debug2 + # debug1 + # log + # notice + # warning + # error + #search_path = '"$user", public' # schema names + #row_security = on + #default_tablespace = '' # a tablespace name, '' uses the default + #temp_tablespaces = '' # a list of tablespace names, '' uses + # only default tablespace + #check_function_bodies = on + #default_transaction_isolation = 'read committed' + #default_transaction_read_only = off + #default_transaction_deferrable = off + #session_replication_role = 'origin' + #statement_timeout = 0 # in milliseconds, 0 is disabled + #lock_timeout = 0 # in milliseconds, 0 is disabled + #idle_in_transaction_session_timeout = 0 # in milliseconds, 0 is disabled + #vacuum_freeze_min_age = 50000000 + #vacuum_freeze_table_age = 150000000 + #vacuum_multixact_freeze_min_age = 5000000 + #vacuum_multixact_freeze_table_age = 150000000 + #vacuum_cleanup_index_scale_factor = 0.1 # fraction of total number of tuples + # before index cleanup, 0 always performs + # index cleanup + #bytea_output = 'hex' # hex, escape + #xmlbinary = 'base64' + #xmloption = 'content' + #gin_fuzzy_search_limit = 0 + #gin_pending_list_limit = 4MB + + # - Locale and Formatting - + + datestyle = 'iso, mdy' + #intervalstyle = 'postgres' + timezone = 'Etc/UTC' + #timezone_abbreviations = 'Default' # Select the set of available time zone + # abbreviations. Currently, there are + # Default + # Australia (historical usage) + # India + # You can create your own file in + # share/timezonesets/. + #extra_float_digits = 0 # min -15, max 3 + #client_encoding = sql_ascii # actually, defaults to database + # encoding + + # These settings are initialized by initdb, but they can be changed. + lc_messages = 'en_US.utf8' # locale for system error message + # strings + lc_monetary = 'en_US.utf8' # locale for monetary formatting + lc_numeric = 'en_US.utf8' # locale for number formatting + lc_time = 'en_US.utf8' # locale for time formatting + + # default configuration for text search + default_text_search_config = 'pg_catalog.english' + + # - Shared Library Preloading - + + #shared_preload_libraries = '' # (change requires restart) + #local_preload_libraries = '' + #session_preload_libraries = '' + #jit_provider = 'llvmjit' # JIT library to use + + # - Other Defaults - + + #dynamic_library_path = '$libdir' + + + #------------------------------------------------------------------------------ + # LOCK MANAGEMENT + #------------------------------------------------------------------------------ + + #deadlock_timeout = 1s + #max_locks_per_transaction = 64 # min 10 + # (change requires restart) + #max_pred_locks_per_transaction = 64 # min 10 + # (change requires restart) + #max_pred_locks_per_relation = -2 # negative values mean + # (max_pred_locks_per_transaction + # / -max_pred_locks_per_relation) - 1 + #max_pred_locks_per_page = 2 # min 0 + + + #------------------------------------------------------------------------------ + # VERSION AND PLATFORM COMPATIBILITY + #------------------------------------------------------------------------------ + + # - Previous PostgreSQL Versions - + + #array_nulls = on + #backslash_quote = safe_encoding # on, off, or safe_encoding + #default_with_oids = off + #escape_string_warning = on + #lo_compat_privileges = off + #operator_precedence_warning = off + #quote_all_identifiers = off + #standard_conforming_strings = on + #synchronize_seqscans = on + + # - Other Platforms and Clients - + + #transform_null_equals = off + + + #------------------------------------------------------------------------------ + # ERROR HANDLING + #------------------------------------------------------------------------------ + + #exit_on_error = off # terminate session on any error? + #restart_after_crash = on # reinitialize after backend crash? + #data_sync_retry = off # retry or panic on failure to fsync + # data? + # (change requires restart) + + + #------------------------------------------------------------------------------ + # CONFIG FILE INCLUDES + #------------------------------------------------------------------------------ + + # These options allow settings to be loaded from files other than the + # default postgresql.conf. + + #include_dir = '' # include files ending in '.conf' from + # a directory, e.g., 'conf.d' + #include_if_exists = '' # include file only if it exists + #include = '' # include file + + + #------------------------------------------------------------------------------ + # CUSTOMIZED OPTIONS + #------------------------------------------------------------------------------ + + # Add settings for extensions here +kind: ConfigMap +metadata: + annotations: + description: Configuration for PostgreSQL + labels: + app.kubernetes.io/component: pgsql + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: pgsql-conf + namespace: ns-sourcegraph diff --git a/test-cluster-5.9/v1_configmap_prometheus.yaml b/test-cluster-5.9/v1_configmap_prometheus.yaml new file mode 100644 index 000000000000..f267f1aceaed --- /dev/null +++ b/test-cluster-5.9/v1_configmap_prometheus.yaml @@ -0,0 +1,147 @@ +apiVersion: v1 +data: + extra_rules.yml: "" + prometheus.yml: "global:\n scrape_interval: 30s\n evaluation_interval: 30s\n\nalerting:\n + \ alertmanagers:\n # Bundled Alertmanager, started by prom-wrapper\n - static_configs:\n + \ - targets: ['127.0.0.1:9093']\n path_prefix: /alertmanager\n # + Uncomment the following to have alerts delivered to additional Alertmanagers discovered\n + \ # in the cluster. This configuration is not required if you use Sourcegraph's + built-in alerting:\n # https://docs.sourcegraph.com/admin/observability/alerting\n + \ # - kubernetes_sd_configs:\n # - role: endpoints\n # relabel_configs:\n + \ # - source_labels: [__meta_kubernetes_service_name]\n # regex: + alertmanager\n # action: keep\n\nrule_files:\n - '*_rules.yml'\n - \"/sg_config_prometheus/*_rules.yml\"\n + \ - \"/sg_prometheus_add_ons/*_rules.yml\"\n\n# A scrape configuration for running + Prometheus on a Kubernetes cluster.\n# This uses separate scrape configs for cluster + components (i.e. API server, node)\n# and services to allow each to use different + authentication configs.\n#\n# Kubernetes labels will be added as Prometheus labels + on metrics via the\n# `labelmap` relabeling action.\n\n# Scrape config for API + servers.\n#\n# Kubernetes exposes API servers as endpoints to the default/kubernetes\n# + service so this uses `endpoints` role and uses relabelling to only keep\n# the + endpoints associated with the default/kubernetes service using the\n# default + named port `https`. This works for single API server deployments as\n# well as + HA API server deployments.\nscrape_configs:\n- job_name: 'kubernetes-apiservers'\n\n + \ kubernetes_sd_configs:\n - role: endpoints\n\n # Default to scraping over + https. If required, just disable this or change to\n # `http`.\n scheme: https\n\n + \ # This TLS & bearer token file config is used to connect to the actual scrape\n + \ # endpoints for cluster components. This is separate to discovery auth\n # + configuration because discovery & scraping are two separate concerns in\n # Prometheus. + The discovery auth config is automatic if Prometheus runs inside\n # the cluster. + Otherwise, more config options have to be provided within the\n # .\n + \ tls_config:\n ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt\n + \ # If your node certificates are self-signed or use a different CA to the\n + \ # master CA, then disable certificate verification below. Note that\n # + certificate verification is an integral part of a secure infrastructure\n # + so this should only be disabled in a controlled environment. You can\n # disable + certificate verification by uncommenting the line below.\n #\n # insecure_skip_verify: + true\n bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token\n\n + \ # Keep only the default/kubernetes service endpoints for the https port. This\n + \ # will add targets for each API server which Kubernetes adds an endpoint to\n + \ # the default/kubernetes service.\n relabel_configs:\n - source_labels: [__meta_kubernetes_namespace, + __meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name]\n action: + keep\n regex: default;kubernetes;https\n\n- job_name: 'kubernetes-nodes'\n\n + \ # Default to scraping over https. If required, just disable this or change to\n + \ # `http`.\n scheme: https\n\n # This TLS & bearer token file config is used + to connect to the actual scrape\n # endpoints for cluster components. This is + separate to discovery auth\n # configuration because discovery & scraping are + two separate concerns in\n # Prometheus. The discovery auth config is automatic + if Prometheus runs inside\n # the cluster. Otherwise, more config options have + to be provided within the\n # .\n tls_config:\n ca_file: + /var/run/secrets/kubernetes.io/serviceaccount/ca.crt\n # If your node certificates + are self-signed or use a different CA to the\n # master CA, then disable certificate + verification below. Note that\n # certificate verification is an integral part + of a secure infrastructure\n # so this should only be disabled in a controlled + environment. You can\n # disable certificate verification by uncommenting the + line below.\n #\n insecure_skip_verify: true\n bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token\n\n + \ kubernetes_sd_configs:\n - role: node\n\n relabel_configs:\n - action: labelmap\n + \ regex: __meta_kubernetes_node_label_(.+)\n - target_label: __address__\n + \ replacement: kubernetes.default.svc:443\n - source_labels: [__meta_kubernetes_node_name]\n + \ regex: (.+)\n target_label: __metrics_path__\n replacement: /api/v1/nodes/${1}/proxy/metrics\n\n# + Scrape config for service endpoints.\n#\n# The relabeling allows the actual service + scrape endpoint to be configured\n# via the following annotations:\n#\n# * `sourcegraph.prometheus/scrape`: + Only scrape services that have a value of `true`\n# * `prometheus.io/scheme`: + If the metrics endpoint is secured then you will need\n# to set this to `https` + & most likely set the `tls_config` of the scrape config.\n# * `prometheus.io/path`: + If the metrics path is not `/metrics` override this.\n# * `prometheus.io/port`: + If the metrics are exposed on a different port to the\n# service then set this + appropriately.\n- job_name: 'kubernetes-service-endpoints'\n\n kubernetes_sd_configs:\n + \ - role: endpoints\n\n relabel_configs:\n # Sourcegraph specific customization, + only scrape pods with our annotation\n - source_labels: [__meta_kubernetes_service_annotation_sourcegraph_prometheus_scrape]\n + \ action: keep\n regex: true\n - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scheme]\n + \ action: replace\n target_label: __scheme__\n regex: (https?)\n - source_labels: + [__meta_kubernetes_service_annotation_prometheus_io_path]\n action: replace\n + \ target_label: __metrics_path__\n regex: (.+)\n - source_labels: [__address__, + __meta_kubernetes_service_annotation_prometheus_io_port]\n action: replace\n + \ target_label: __address__\n regex: (.+)(?::\\d+);(\\d+)\n replacement: + $1:$2\n - action: labelmap\n regex: __meta_kubernetes_service_label_(.+)\n + \ - source_labels: [__meta_kubernetes_namespace]\n action: replace\n # Sourcegraph + specific customization. We want a more convenient to type label.\n # target_label: + kubernetes_namespace\n target_label: ns\n - source_labels: [__meta_kubernetes_service_name]\n + \ action: replace\n target_label: kubernetes_name\n # Sourcegraph specific + customization. We want a nicer name for job\n - source_labels: [app]\n action: + replace\n target_label: job\n # Sourcegraph specific customization. We want + a nicer name for instance\n - source_labels: [__meta_kubernetes_pod_name]\n action: + replace\n target_label: instance\n # Sourcegraph specific customization. We + want to add a label to every \n # metric that indicates the node it came from.\n + \ - source_labels: [__meta_kubernetes_endpoint_node_name]\n action: replace\n + \ target_label: nodename\n metric_relabel_configs:\n # Sourcegraph specific + customization. Drop metrics with empty nodename responses from the k8s API\n - + source_labels: [nodename]\n regex: ^$\n action: drop\n\n# Example scrape + config for probing services via the Blackbox Exporter.\n#\n# The relabeling allows + the actual service scrape endpoint to be configured\n# via the following annotations:\n#\n# + * `prometheus.io/probe`: Only probe services that have a value of `true`\n- job_name: + 'kubernetes-services'\n\n metrics_path: /probe\n params:\n module: [http_2xx]\n\n + \ kubernetes_sd_configs:\n - role: service\n\n relabel_configs:\n - source_labels: + [__meta_kubernetes_service_annotation_prometheus_io_probe]\n action: keep\n + \ regex: true\n - source_labels: [__address__]\n target_label: __param_target\n + \ - target_label: __address__\n replacement: blackbox\n - source_labels: [__param_target]\n + \ target_label: instance\n - action: labelmap\n regex: __meta_kubernetes_service_label_(.+)\n + \ - source_labels: [__meta_kubernetes_service_namespace]\n # Sourcegraph specific + customization. We want a more convenient to type label.\n # target_label: kubernetes_namespace\n + \ target_label: ns\n - source_labels: [__meta_kubernetes_service_name]\n target_label: + kubernetes_name\n\n# Example scrape config for pods\n#\n# The relabeling allows + the actual pod scrape endpoint to be configured via the\n# following annotations:\n#\n# + * `sourcegraph.prometheus/scrape`: Only scrape pods that have a value of `true`\n# + * `prometheus.io/path`: If the metrics path is not `/metrics` override this.\n# + * `prometheus.io/port`: Scrape the pod on the indicated port instead of the default + of `9102`.\n- job_name: 'kubernetes-pods'\n\n kubernetes_sd_configs:\n - role: + pod\n\n relabel_configs:\n # Sourcegraph specific customization, only scrape + pods with our annotation\n - source_labels: [__meta_kubernetes_pod_annotation_sourcegraph_prometheus_scrape]\n + \ action: keep\n regex: true\n - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_path]\n + \ action: replace\n target_label: __metrics_path__\n regex: (.+)\n - + source_labels: [__address__, __meta_kubernetes_pod_annotation_prometheus_io_port]\n + \ action: replace\n regex: (.+):(?:\\d+);(\\d+)\n replacement: ${1}:${2}\n + \ target_label: __address__\n - action: labelmap\n regex: __meta_kubernetes_pod_label_(.+)\n + \ - source_labels: [__meta_kubernetes_pod_name]\n action: replace\n target_label: + kubernetes_pod_name\n # Sourcegraph specific customization. We want a more convenient + to type label.\n # target_label: kubernetes_namespace\n - source_labels: [__meta_kubernetes_namespace]\n + \ action: replace\n target_label: ns\n # Sourcegraph specific customization. + We want to add a label to every \n # metric that indicates the node it came from.\n + \ - source_labels: [__meta_kubernetes_pod_node_name]\n action: replace\n target_label: + nodename\n\n metric_relabel_configs:\n # cAdvisor-specific customization. Drop + container metrics exported by cAdvisor\n # not in the same namespace as Sourcegraph.\n + \ # Uncomment this if you have problems with certain dashboards or cAdvisor itself\n + \ # picking up non-Sourcegraph services. Ensure all Sourcegraph services are running\n + \ # within the Sourcegraph namespace you have defined.\n # The regex must keep + matches on '^$' (empty string) to ensure other metrics do not\n # get dropped.\n + \ # - source_labels: [container_label_io_kubernetes_pod_namespace]\n # regex: + ^$|ns-sourcegraph # ensure this matches with namespace declarations\n # action: + keep\n # cAdvisor-specific customization. We want container metrics to be named + after their container name label.\n # Note that 'io.kubernetes.container.name' + and 'io.kubernetes.pod.name' must be provided in cAdvisor\n # '--whitelisted_container_labels' + (see cadvisor.DaemonSet.yaml)\n - source_labels: [container_label_io_kubernetes_container_name, + container_label_io_kubernetes_pod_name]\n regex: (.+)\n action: replace\n + \ target_label: name\n separator: '-'\n # Sourcegraph specific customization. + Drop metrics with empty nodename responses from the k8s API\n - source_labels: + [nodename]\n regex: ^$\n action: drop\n\n# Scrape prometheus itself for + metrics.\n- job_name: 'builtin-prometheus'\n static_configs:\n - targets: + ['127.0.0.1:9092']\n labels:\n app: prometheus\n- job_name: 'builtin-alertmanager'\n + \ metrics_path: /alertmanager/metrics\n static_configs:\n - targets: ['127.0.0.1:9093']\n + \ labels:\n app: alertmanager\n" +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/component: prometheus + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: prometheus + namespace: ns-sourcegraph diff --git a/test-cluster-5.9/v1_persistentvolumeclaim_blobstore.yaml b/test-cluster-5.9/v1_persistentvolumeclaim_blobstore.yaml new file mode 100644 index 000000000000..97e338949ac2 --- /dev/null +++ b/test-cluster-5.9/v1_persistentvolumeclaim_blobstore.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app.kubernetes.io/component: blobstore + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: blobstore + namespace: ns-sourcegraph +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi + storageClassName: standard diff --git a/test-cluster-5.9/v1_persistentvolumeclaim_codeinsights-db.yaml b/test-cluster-5.9/v1_persistentvolumeclaim_codeinsights-db.yaml new file mode 100644 index 000000000000..bdcdc51ae144 --- /dev/null +++ b/test-cluster-5.9/v1_persistentvolumeclaim_codeinsights-db.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app.kubernetes.io/component: codeinsights-db + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: codeinsights-db + namespace: ns-sourcegraph +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi + storageClassName: standard diff --git a/test-cluster-5.9/v1_persistentvolumeclaim_codeintel-db.yaml b/test-cluster-5.9/v1_persistentvolumeclaim_codeintel-db.yaml new file mode 100644 index 000000000000..6b7deb87e7c9 --- /dev/null +++ b/test-cluster-5.9/v1_persistentvolumeclaim_codeintel-db.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app.kubernetes.io/component: codeintel-db + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: codeintel-db + namespace: ns-sourcegraph +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi + storageClassName: standard diff --git a/test-cluster-5.9/v1_persistentvolumeclaim_pgsql.yaml b/test-cluster-5.9/v1_persistentvolumeclaim_pgsql.yaml new file mode 100644 index 000000000000..4d84d37bfe4a --- /dev/null +++ b/test-cluster-5.9/v1_persistentvolumeclaim_pgsql.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app.kubernetes.io/component: pgsql + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: pgsql + namespace: ns-sourcegraph +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi + storageClassName: standard diff --git a/test-cluster-5.9/v1_persistentvolumeclaim_prometheus.yaml b/test-cluster-5.9/v1_persistentvolumeclaim_prometheus.yaml new file mode 100644 index 000000000000..c5f580a69414 --- /dev/null +++ b/test-cluster-5.9/v1_persistentvolumeclaim_prometheus.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app.kubernetes.io/component: prometheus + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: prometheus + namespace: ns-sourcegraph +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi + storageClassName: standard diff --git a/test-cluster-5.9/v1_persistentvolumeclaim_redis-cache.yaml b/test-cluster-5.9/v1_persistentvolumeclaim_redis-cache.yaml new file mode 100644 index 000000000000..ced30e3dd2ec --- /dev/null +++ b/test-cluster-5.9/v1_persistentvolumeclaim_redis-cache.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app.kubernetes.io/component: redis + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: redis-cache + namespace: ns-sourcegraph +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi + storageClassName: standard diff --git a/test-cluster-5.9/v1_persistentvolumeclaim_redis-store.yaml b/test-cluster-5.9/v1_persistentvolumeclaim_redis-store.yaml new file mode 100644 index 000000000000..70a330c00354 --- /dev/null +++ b/test-cluster-5.9/v1_persistentvolumeclaim_redis-store.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app.kubernetes.io/component: redis + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: redis-store + namespace: ns-sourcegraph +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi + storageClassName: standard diff --git a/test-cluster-5.9/v1_service_blobstore.yaml b/test-cluster-5.9/v1_service_blobstore.yaml new file mode 100644 index 000000000000..16a036a551be --- /dev/null +++ b/test-cluster-5.9/v1_service_blobstore.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app: blobstore + app.kubernetes.io/component: blobstore + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: blobstore + namespace: ns-sourcegraph +spec: + ports: + - name: blobstore + port: 9000 + targetPort: blobstore + selector: + app: blobstore + type: ClusterIP diff --git a/test-cluster-5.9/v1_service_codeinsights-db.yaml b/test-cluster-5.9/v1_service_codeinsights-db.yaml new file mode 100644 index 000000000000..1fdadd028fb0 --- /dev/null +++ b/test-cluster-5.9/v1_service_codeinsights-db.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/port: "9187" + sourcegraph.prometheus/scrape: "true" + labels: + app: codeinsights-db + app.kubernetes.io/component: codeinsights-db + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: codeinsights-db + namespace: ns-sourcegraph +spec: + ports: + - name: codeinsights-db + port: 5432 + targetPort: codeinsights-db + selector: + app: codeinsights-db + type: ClusterIP diff --git a/test-cluster-5.9/v1_service_codeintel-db.yaml b/test-cluster-5.9/v1_service_codeintel-db.yaml new file mode 100644 index 000000000000..da6dc799d673 --- /dev/null +++ b/test-cluster-5.9/v1_service_codeintel-db.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/port: "9187" + sourcegraph.prometheus/scrape: "true" + labels: + app: codeintel-db + app.kubernetes.io/component: codeintel-db + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: codeintel-db + namespace: ns-sourcegraph +spec: + ports: + - name: pgsql + port: 5432 + targetPort: pgsql + selector: + app: codeintel-db + type: ClusterIP diff --git a/test-cluster-5.9/v1_service_gitserver.yaml b/test-cluster-5.9/v1_service_gitserver.yaml new file mode 100644 index 000000000000..c24ef8f004fe --- /dev/null +++ b/test-cluster-5.9/v1_service_gitserver.yaml @@ -0,0 +1,26 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + description: Headless service that provides a stable network identity for the + gitserver stateful set. + prometheus.io/port: "6060" + sourcegraph.prometheus/scrape: "true" + labels: + app: gitserver + app.kubernetes.io/component: gitserver + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + type: gitserver + name: gitserver + namespace: ns-sourcegraph +spec: + clusterIP: None + ports: + - name: unused + port: 10811 + targetPort: 10811 + selector: + app: gitserver + type: gitserver + type: ClusterIP diff --git a/test-cluster-5.9/v1_service_grafana.yaml b/test-cluster-5.9/v1_service_grafana.yaml new file mode 100644 index 000000000000..7d5483d89786 --- /dev/null +++ b/test-cluster-5.9/v1_service_grafana.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app: grafana + app.kubernetes.io/component: grafana + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: grafana + namespace: ns-sourcegraph +spec: + ports: + - name: http + port: 30070 + targetPort: http + selector: + app: grafana + type: ClusterIP diff --git a/test-cluster-5.9/v1_service_indexed-search-indexer.yaml b/test-cluster-5.9/v1_service_indexed-search-indexer.yaml new file mode 100644 index 000000000000..04c1a921809a --- /dev/null +++ b/test-cluster-5.9/v1_service_indexed-search-indexer.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + description: Headless service that provides a stable network identity for the + indexed-search stateful set. + prometheus.io/port: "6072" + sourcegraph.prometheus/scrape: "true" + labels: + app: indexed-search-indexer + app.kubernetes.io/component: indexed-search + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: indexed-search-indexer + namespace: ns-sourcegraph +spec: + clusterIP: None + ports: + - port: 6072 + targetPort: 6072 + selector: + app: indexed-search + type: ClusterIP diff --git a/test-cluster-5.9/v1_service_indexed-search.yaml b/test-cluster-5.9/v1_service_indexed-search.yaml new file mode 100644 index 000000000000..7ed09ab00f53 --- /dev/null +++ b/test-cluster-5.9/v1_service_indexed-search.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + description: Headless service that provides a stable network identity for the + indexed-search stateful set. + prometheus.io/port: "6070" + sourcegraph.prometheus/scrape: "true" + labels: + app: indexed-search + app.kubernetes.io/component: indexed-search + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: indexed-search + namespace: ns-sourcegraph +spec: + clusterIP: None + ports: + - port: 6070 + selector: + app: indexed-search + type: ClusterIP diff --git a/test-cluster-5.9/v1_service_node-exporter.yaml b/test-cluster-5.9/v1_service_node-exporter.yaml new file mode 100644 index 000000000000..e87e2b1fe609 --- /dev/null +++ b/test-cluster-5.9/v1_service_node-exporter.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + description: Prometheus exporter for hardware and OS metrics. + prometheus.io/port: "9100" + sourcegraph.prometheus/scrape: "true" + url: https://github.com/prometheus/node_exporter + labels: + app: node-exporter + app.kubernetes.io/component: node-exporter + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: node-exporter + namespace: ns-sourcegraph +spec: + ports: + - name: metrics + port: 9100 + targetPort: metrics + selector: + app: node-exporter + type: ClusterIP diff --git a/test-cluster-5.9/v1_service_otel-collector.yaml b/test-cluster-5.9/v1_service_otel-collector.yaml new file mode 100644 index 000000000000..1b8fba770d27 --- /dev/null +++ b/test-cluster-5.9/v1_service_otel-collector.yaml @@ -0,0 +1,28 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/port: "8888" + sourcegraph.prometheus/scrape: "true" + labels: + app: otel-collector + app.kubernetes.io/component: otel-collector + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: otel-collector + namespace: ns-sourcegraph +spec: + ports: + - name: otlp-grpc + port: 4317 + protocol: TCP + targetPort: 4317 + - name: otlp-http + port: 4318 + protocol: TCP + targetPort: 4318 + - name: metrics + port: 8888 + selector: + app: otel-collector + type: ClusterIP diff --git a/test-cluster-5.9/v1_service_pgsql.yaml b/test-cluster-5.9/v1_service_pgsql.yaml new file mode 100644 index 000000000000..f8472818c8d7 --- /dev/null +++ b/test-cluster-5.9/v1_service_pgsql.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/port: "9187" + sourcegraph.prometheus/scrape: "true" + labels: + app: pgsql + app.kubernetes.io/component: pgsql + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: pgsql + namespace: ns-sourcegraph +spec: + ports: + - name: pgsql + port: 5432 + targetPort: pgsql + selector: + app: pgsql + type: ClusterIP diff --git a/test-cluster-5.9/v1_service_precise-code-intel-worker.yaml b/test-cluster-5.9/v1_service_precise-code-intel-worker.yaml new file mode 100644 index 000000000000..245696d0b863 --- /dev/null +++ b/test-cluster-5.9/v1_service_precise-code-intel-worker.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/port: "6060" + sourcegraph.prometheus/scrape: "true" + labels: + app: precise-code-intel-worker + app.kubernetes.io/component: precise-code-intel + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: precise-code-intel-worker + namespace: ns-sourcegraph +spec: + ports: + - name: http + port: 3188 + targetPort: http + - name: debug + port: 6060 + targetPort: debug + selector: + app: precise-code-intel-worker + type: ClusterIP diff --git a/test-cluster-5.9/v1_service_prometheus.yaml b/test-cluster-5.9/v1_service_prometheus.yaml new file mode 100644 index 000000000000..e6dc2ce4ba3e --- /dev/null +++ b/test-cluster-5.9/v1_service_prometheus.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app: prometheus + app.kubernetes.io/component: prometheus + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: prometheus + namespace: ns-sourcegraph +spec: + ports: + - name: http + port: 30090 + targetPort: http + selector: + app: prometheus + type: ClusterIP diff --git a/test-cluster-5.9/v1_service_redis-cache.yaml b/test-cluster-5.9/v1_service_redis-cache.yaml new file mode 100644 index 000000000000..f506f3f98d0b --- /dev/null +++ b/test-cluster-5.9/v1_service_redis-cache.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/port: "9121" + sourcegraph.prometheus/scrape: "true" + labels: + app: redis-cache + app.kubernetes.io/component: redis + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: redis-cache + namespace: ns-sourcegraph +spec: + ports: + - name: redis + port: 6379 + targetPort: redis + selector: + app: redis-cache + type: ClusterIP diff --git a/test-cluster-5.9/v1_service_redis-store.yaml b/test-cluster-5.9/v1_service_redis-store.yaml new file mode 100644 index 000000000000..93fac11977f8 --- /dev/null +++ b/test-cluster-5.9/v1_service_redis-store.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/port: "9121" + sourcegraph.prometheus/scrape: "true" + labels: + app: redis-store + app.kubernetes.io/component: redis + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: redis-store + namespace: ns-sourcegraph +spec: + ports: + - name: redis + port: 6379 + targetPort: redis + selector: + app: redis-store + type: ClusterIP diff --git a/test-cluster-5.9/v1_service_repo-updater.yaml b/test-cluster-5.9/v1_service_repo-updater.yaml new file mode 100644 index 000000000000..3582580fcd2f --- /dev/null +++ b/test-cluster-5.9/v1_service_repo-updater.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/port: "6060" + sourcegraph.prometheus/scrape: "true" + labels: + app: repo-updater + app.kubernetes.io/component: repo-updater + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: repo-updater + namespace: ns-sourcegraph +spec: + ports: + - name: http + port: 3182 + targetPort: http + selector: + app: repo-updater + type: ClusterIP diff --git a/test-cluster-5.9/v1_service_searcher.yaml b/test-cluster-5.9/v1_service_searcher.yaml new file mode 100644 index 000000000000..b2e44df99174 --- /dev/null +++ b/test-cluster-5.9/v1_service_searcher.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/port: "6060" + sourcegraph.prometheus/scrape: "true" + labels: + app: searcher + app.kubernetes.io/component: searcher + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: searcher + namespace: ns-sourcegraph +spec: + ports: + - name: http + port: 3181 + targetPort: http + - name: debug + port: 6060 + targetPort: debug + selector: + app: searcher + type: ClusterIP diff --git a/test-cluster-5.9/v1_service_sourcegraph-frontend-internal.yaml b/test-cluster-5.9/v1_service_sourcegraph-frontend-internal.yaml new file mode 100644 index 000000000000..e061d0719269 --- /dev/null +++ b/test-cluster-5.9/v1_service_sourcegraph-frontend-internal.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app: sourcegraph-frontend + app.kubernetes.io/component: frontend + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: sourcegraph-frontend-internal + namespace: ns-sourcegraph +spec: + ports: + - name: http-internal + port: 80 + targetPort: http-internal + selector: + app: sourcegraph-frontend + type: ClusterIP diff --git a/test-cluster-5.9/v1_service_sourcegraph-frontend.yaml b/test-cluster-5.9/v1_service_sourcegraph-frontend.yaml new file mode 100644 index 000000000000..44a4fe2eb74f --- /dev/null +++ b/test-cluster-5.9/v1_service_sourcegraph-frontend.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/port: "6060" + sourcegraph.prometheus/scrape: "true" + labels: + app: sourcegraph-frontend + app.kubernetes.io/component: frontend + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: sourcegraph-frontend + namespace: ns-sourcegraph +spec: + ports: + - name: http + port: 30080 + targetPort: http + selector: + app: sourcegraph-frontend + type: ClusterIP diff --git a/test-cluster-5.9/v1_service_symbols.yaml b/test-cluster-5.9/v1_service_symbols.yaml new file mode 100644 index 000000000000..f395b62efdbd --- /dev/null +++ b/test-cluster-5.9/v1_service_symbols.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/port: "6060" + sourcegraph.prometheus/scrape: "true" + labels: + app: symbols + app.kubernetes.io/component: symbols + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: symbols + namespace: ns-sourcegraph +spec: + ports: + - name: http + port: 3184 + targetPort: http + - name: debug + port: 6060 + targetPort: debug + selector: + app: symbols + type: ClusterIP diff --git a/test-cluster-5.9/v1_service_syntect-server.yaml b/test-cluster-5.9/v1_service_syntect-server.yaml new file mode 100644 index 000000000000..f30cb8120c79 --- /dev/null +++ b/test-cluster-5.9/v1_service_syntect-server.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app: syntect-server + app.kubernetes.io/component: syntect-server + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: syntect-server + namespace: ns-sourcegraph +spec: + ports: + - name: http + port: 9238 + targetPort: http + selector: + app: syntect-server + type: ClusterIP diff --git a/test-cluster-5.9/v1_service_worker-executors.yaml b/test-cluster-5.9/v1_service_worker-executors.yaml new file mode 100644 index 000000000000..641f1d3c87b0 --- /dev/null +++ b/test-cluster-5.9/v1_service_worker-executors.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/port: "6996" + sourcegraph.prometheus/scrape: "true" + labels: + app: worker + app.kubernetes.io/component: worker + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: worker-executors + namespace: ns-sourcegraph +spec: + ports: + - name: prom + port: 6996 + targetPort: prom + selector: + app: worker + type: ClusterIP diff --git a/test-cluster-5.9/v1_service_worker.yaml b/test-cluster-5.9/v1_service_worker.yaml new file mode 100644 index 000000000000..0404d1f04f59 --- /dev/null +++ b/test-cluster-5.9/v1_service_worker.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/port: "6060" + sourcegraph.prometheus/scrape: "true" + labels: + app: worker + app.kubernetes.io/component: worker + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: worker + namespace: ns-sourcegraph +spec: + ports: + - name: http + port: 3189 + targetPort: http + - name: debug + port: 6060 + targetPort: debug + selector: + app: worker + type: ClusterIP diff --git a/test-cluster-5.9/v1_serviceaccount_cadvisor.yaml b/test-cluster-5.9/v1_serviceaccount_cadvisor.yaml new file mode 100644 index 000000000000..126d4ff83375 --- /dev/null +++ b/test-cluster-5.9/v1_serviceaccount_cadvisor.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app: cadvisor + app.kubernetes.io/component: cadvisor + category: rbac + deploy: sourcegraph + sourcegraph-resource-requires: cluster-admin + name: cadvisor + namespace: ns-sourcegraph diff --git a/test-cluster-5.9/v1_serviceaccount_grafana.yaml b/test-cluster-5.9/v1_serviceaccount_grafana.yaml new file mode 100644 index 000000000000..3171ada89a16 --- /dev/null +++ b/test-cluster-5.9/v1_serviceaccount_grafana.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +imagePullSecrets: +- name: docker-registry +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/component: grafana + category: rbac + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: grafana + namespace: ns-sourcegraph diff --git a/test-cluster-5.9/v1_serviceaccount_prometheus.yaml b/test-cluster-5.9/v1_serviceaccount_prometheus.yaml new file mode 100644 index 000000000000..57b9998f706f --- /dev/null +++ b/test-cluster-5.9/v1_serviceaccount_prometheus.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/component: prometheus + category: rbac + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: prometheus + namespace: ns-sourcegraph diff --git a/test-cluster-5.9/v1_serviceaccount_sourcegraph-frontend.yaml b/test-cluster-5.9/v1_serviceaccount_sourcegraph-frontend.yaml new file mode 100644 index 000000000000..f0b20f0ecdad --- /dev/null +++ b/test-cluster-5.9/v1_serviceaccount_sourcegraph-frontend.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +imagePullSecrets: +- name: docker-registry +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/component: frontend + category: rbac + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: sourcegraph-frontend + namespace: ns-sourcegraph diff --git a/test-cluster/apps_v1_daemonset_cadvisor.yaml b/test-cluster/apps_v1_daemonset_cadvisor.yaml new file mode 100644 index 000000000000..24bbaf1e48c3 --- /dev/null +++ b/test-cluster/apps_v1_daemonset_cadvisor.yaml @@ -0,0 +1,80 @@ +apiVersion: apps/v1 +kind: DaemonSet +metadata: + annotations: + description: DaemonSet to ensure all nodes run a cAdvisor pod. + seccomp.security.alpha.kubernetes.io/pod: docker/default + labels: + app.kubernetes.io/component: cadvisor + deploy: sourcegraph + sourcegraph-resource-requires: cluster-admin + name: cadvisor + namespace: ns-sourcegraph +spec: + selector: + matchLabels: + app: cadvisor + template: + metadata: + annotations: + description: Collects and exports container metrics. + prometheus.io/port: "48080" + sourcegraph.prometheus/scrape: "true" + labels: + app: cadvisor + deploy: sourcegraph + spec: + automountServiceAccountToken: false + containers: + - args: + - --store_container_labels=false + - --whitelisted_container_labels=io.kubernetes.container.name,io.kubernetes.pod.name,io.kubernetes.pod.namespace,io.kubernetes.pod.uid + image: index.docker.io/sourcegraph/cadvisor:5.10.2832@sha256:22f81bf1d57b6f9d14c831639f6ec8057649c4d1525d0df46efb4872d5e95308 + name: cadvisor + ports: + - containerPort: 48080 + name: http + protocol: TCP + resources: + limits: + cpu: 300m + memory: 2000Mi + requests: + cpu: 150m + memory: 200Mi + securityContext: + privileged: null + volumeMounts: + - mountPath: /rootfs + name: rootfs + readOnly: true + - mountPath: /var/run + name: var-run + readOnly: true + - mountPath: /sys + name: sys + readOnly: true + - mountPath: /var/lib/docker + name: docker + readOnly: true + - mountPath: /dev/disk + name: disk + readOnly: true + serviceAccountName: cadvisor + terminationGracePeriodSeconds: 30 + volumes: + - hostPath: + path: / + name: rootfs + - hostPath: + path: /var/run + name: var-run + - hostPath: + path: /sys + name: sys + - hostPath: + path: /var/lib/docker + name: docker + - hostPath: + path: /dev/disk + name: disk diff --git a/test-cluster/apps_v1_daemonset_node-exporter.yaml b/test-cluster/apps_v1_daemonset_node-exporter.yaml new file mode 100644 index 000000000000..a4bb68a2c95b --- /dev/null +++ b/test-cluster/apps_v1_daemonset_node-exporter.yaml @@ -0,0 +1,109 @@ +apiVersion: apps/v1 +kind: DaemonSet +metadata: + annotations: + description: DaemonSet to ensure all nodes run a node-exporter pod. + seccomp.security.alpha.kubernetes.io/pod: docker/default + labels: + app: node-exporter + app.kubernetes.io/component: node-exporter + deploy: sourcegraph + name: node-exporter + namespace: ns-sourcegraph +spec: + selector: + matchLabels: + app: node-exporter + template: + metadata: + annotations: + description: Collects and exports machine metrics. + kubectl.kubernetes.io/default-container: node-exporter + labels: + app: node-exporter + deploy: sourcegraph + spec: + affinity: null + automountServiceAccountToken: false + containers: + - args: + - --web.listen-address=:9100 + - --path.sysfs=/host/sys + - --path.rootfs=/host/root + - --path.procfs=/host/proc + - --no-collector.wifi + - --no-collector.hwmon + - --collector.filesystem.ignored-mount-points=^/(dev|proc|sys|var/lib/docker/.+|var/lib/kubelet/pods/.+)($|/) + - --collector.netclass.ignored-devices=^(veth.*)$ + - --collector.netdev.device-exclude=^(veth.*)$ + env: null + image: index.docker.io/sourcegraph/node-exporter:5.10.2832@sha256:c31345f0ad1f9665b121d09df45ba9cfc87945b31a8ae7aaa528a2564e3002e4 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + port: metrics + scheme: HTTP + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: node-exporter + ports: + - containerPort: 9100 + name: metrics + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + port: metrics + scheme: HTTP + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + limits: + cpu: "1" + memory: 1Gi + requests: + cpu: 200m + memory: 100Mi + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsGroup: 65534 + runAsUser: 65534 + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /host/root + mountPropagation: HostToContainer + name: rootfs + readOnly: true + - mountPath: /host/sys + mountPropagation: HostToContainer + name: sys + readOnly: true + - mountPath: /host/proc + mountPropagation: HostToContainer + name: proc + readOnly: true + hostPID: true + nodeSelector: null + securityContext: + fsGroup: 65534 + runAsGroup: 65534 + runAsNonRoot: true + runAsUser: 65534 + terminationGracePeriodSeconds: 30 + tolerations: null + volumes: + - hostPath: + path: / + name: rootfs + - hostPath: + path: /sys + name: sys + - hostPath: + path: /proc + name: proc diff --git a/test-cluster/apps_v1_daemonset_otel-agent.yaml b/test-cluster/apps_v1_daemonset_otel-agent.yaml new file mode 100644 index 000000000000..ad43459e423c --- /dev/null +++ b/test-cluster/apps_v1_daemonset_otel-agent.yaml @@ -0,0 +1,71 @@ +apiVersion: apps/v1 +kind: DaemonSet +metadata: + annotations: + description: Forwards telemetry data to the OpenTelemetry Collector Deployment. + prometheus.io/port: "8888" + sourcegraph.prometheus/scrape: "true" + labels: + app.kubernetes.io/component: otel-collector + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: otel-agent + namespace: ns-sourcegraph +spec: + minReadySeconds: 5 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: otel-agent + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: otel-agent + labels: + app: otel-agent + deploy: sourcegraph + spec: + containers: + - command: + - /bin/otelcol-sourcegraph + - --config=/etc/otel-agent/config.yaml + image: index.docker.io/sourcegraph/opentelemetry-collector:5.10.2832@sha256:b1cc044ff1263220944c00bd056779fe789deb72aaf7d5f9f23bba1af66683dd + livenessProbe: + httpGet: + path: / + port: 13133 + name: otel-agent + ports: + - containerPort: 55679 + name: zpages + - containerPort: 4317 + hostPort: 4317 + name: otlp-grpc + - containerPort: 4318 + hostPort: 4318 + name: otlp-http + - containerPort: 8888 + name: metrics + readinessProbe: + httpGet: + path: / + port: 13133 + resources: + limits: + cpu: 500m + memory: 500Mi + requests: + cpu: 100m + memory: 100Mi + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /etc/otel-agent + name: config + terminationGracePeriodSeconds: 120 + volumes: + - configMap: + items: + - key: config.yaml + path: config.yaml + name: otel-agent + name: config diff --git a/test-cluster/apps_v1_deployment_blobstore.yaml b/test-cluster/apps_v1_deployment_blobstore.yaml new file mode 100644 index 000000000000..511e749987fe --- /dev/null +++ b/test-cluster/apps_v1_deployment_blobstore.yaml @@ -0,0 +1,57 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + description: generic S3-like blobstore for storing LSIF uploads. + kubectl.kubernetes.io/default-container: blobstore + labels: + app.kubernetes.io/component: blobstore + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: blobstore + namespace: ns-sourcegraph +spec: + minReadySeconds: 10 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: blobstore + strategy: + type: Recreate + template: + metadata: + labels: + app: blobstore + deploy: sourcegraph + spec: + containers: + - image: index.docker.io/sourcegraph/blobstore:5.10.2832@sha256:f6b5ca96aa06a48e0c2c1f0387af74bb965029e27d4e0a58cdc38fbd4ac3c80e + livenessProbe: + httpGet: + path: / + port: blobstore + scheme: HTTP + initialDelaySeconds: 60 + timeoutSeconds: 5 + name: blobstore + ports: + - containerPort: 9000 + name: blobstore + readinessProbe: + httpGet: + path: / + port: blobstore + scheme: HTTP + periodSeconds: 5 + timeoutSeconds: 5 + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /data + name: blobstore-data + securityContext: + runAsUser: 0 + volumes: + - name: blobstore-data + persistentVolumeClaim: + claimName: blobstore diff --git a/test-cluster/apps_v1_deployment_codeinsights-db.yaml b/test-cluster/apps_v1_deployment_codeinsights-db.yaml new file mode 100644 index 000000000000..7cfb29a5b980 --- /dev/null +++ b/test-cluster/apps_v1_deployment_codeinsights-db.yaml @@ -0,0 +1,96 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + description: Code Insights Postgres DB instance. + labels: + app.kubernetes.io/component: codeinsights-db + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: codeinsights-db + namespace: ns-sourcegraph +spec: + minReadySeconds: 10 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: codeinsights-db + strategy: + type: Recreate + template: + metadata: + labels: + app: codeinsights-db + deploy: sourcegraph + group: backend + spec: + containers: + - env: + - name: POSTGRES_DB + value: postgres + - name: POSTGRES_PASSWORD + value: password + - name: POSTGRES_USER + value: postgres + - name: PGDATA + value: /var/lib/postgresql/data/pgdata + - name: POSTGRESQL_CONF_DIR + value: /conf + image: postgresql-16-codeinsights:candidate + name: codeinsights + ports: + - containerPort: 5432 + name: codeinsights-db + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /var/lib/postgresql/data/ + name: disk + - mountPath: /conf + name: codeinsights-conf + - env: + - name: DATA_SOURCE_NAME + value: postgres://postgres:@localhost:5432/?sslmode=disable + - name: PG_EXPORTER_EXTEND_QUERY_PATH + value: /config/code_insights_queries.yaml + image: index.docker.io/sourcegraph/postgres_exporter:5.10.2832@sha256:190eea7189d7831be9f04f13a47cfb19de9a1c1ac18739ac40d261f05c2b41aa + name: pgsql-exporter + resources: + limits: + cpu: 10m + memory: 50Mi + requests: + cpu: 10m + memory: 50Mi + terminationMessagePolicy: FallbackToLogsOnError + initContainers: + - command: + - sh + - -c + - if [ -d /var/lib/postgresql/data/pgdata ]; then chmod 750 /var/lib/postgresql/data/pgdata; + fi + image: index.docker.io/sourcegraph/alpine-3.14:5.10.2832@sha256:d0d92d9ccbbf01005a095401aafce754c4bdc865cb993a56b673fbb4d7f274fb + name: correct-data-dir-permissions + resources: + limits: + cpu: 10m + memory: 50Mi + requests: + cpu: 10m + memory: 50Mi + securityContext: + runAsUser: 0 + volumeMounts: + - mountPath: /var/lib/postgresql/data/ + name: disk + securityContext: + runAsUser: 0 + terminationGracePeriodSeconds: 120 + volumes: + - name: disk + persistentVolumeClaim: + claimName: codeinsights-db + - configMap: + defaultMode: 511 + name: codeinsights-db-conf + name: codeinsights-conf diff --git a/test-cluster/apps_v1_deployment_codeintel-db.yaml b/test-cluster/apps_v1_deployment_codeintel-db.yaml new file mode 100644 index 000000000000..e350b48c2ee6 --- /dev/null +++ b/test-cluster/apps_v1_deployment_codeintel-db.yaml @@ -0,0 +1,93 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + description: Postgres database for various data. + kubectl.kubernetes.io/default-container: pgsql + labels: + app.kubernetes.io/component: codeintel-db + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: codeintel-db + namespace: ns-sourcegraph +spec: + minReadySeconds: 10 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: codeintel-db + strategy: + type: Recreate + template: + metadata: + labels: + app: codeintel-db + deploy: sourcegraph + group: backend + spec: + containers: + - image: postgresql-16:candidate + livenessProbe: + exec: + command: + - /liveness.sh + initialDelaySeconds: 15 + name: pgsql + ports: + - containerPort: 5432 + name: pgsql + readinessProbe: + exec: + command: + - /ready.sh + startupProbe: + exec: + command: + - /liveness.sh + failureThreshold: 360 + periodSeconds: 10 + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /data + name: disk + - mountPath: /conf + name: pgsql-conf + - env: + - name: DATA_SOURCE_NAME + value: postgres://sg:@localhost:5432/?sslmode=disable + - name: PG_EXPORTER_EXTEND_QUERY_PATH + value: /config/code_intel_queries.yaml + image: index.docker.io/sourcegraph/postgres_exporter:5.10.2832@sha256:190eea7189d7831be9f04f13a47cfb19de9a1c1ac18739ac40d261f05c2b41aa + name: pgsql-exporter + terminationMessagePolicy: FallbackToLogsOnError + initContainers: + - command: + - sh + - -c + - if [ -d /data/pgdata-12 ]; then chmod 750 /data/pgdata-12; fi + image: index.docker.io/sourcegraph/alpine-3.14:5.10.2832@sha256:d0d92d9ccbbf01005a095401aafce754c4bdc865cb993a56b673fbb4d7f274fb + name: correct-data-dir-permissions + resources: + limits: + cpu: 10m + memory: 50Mi + requests: + cpu: 10m + memory: 50Mi + securityContext: + runAsUser: 0 + volumeMounts: + - mountPath: /data + name: disk + securityContext: + runAsUser: 0 + terminationGracePeriodSeconds: 120 + volumes: + - name: disk + persistentVolumeClaim: + claimName: codeintel-db + - configMap: + defaultMode: 511 + name: codeintel-db-conf + name: pgsql-conf diff --git a/test-cluster/apps_v1_deployment_otel-collector.yaml b/test-cluster/apps_v1_deployment_otel-collector.yaml new file mode 100644 index 000000000000..6a253b9ef151 --- /dev/null +++ b/test-cluster/apps_v1_deployment_otel-collector.yaml @@ -0,0 +1,69 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + description: Receives, processes, and exports telemetry data. + labels: + app.kubernetes.io/component: otel-collector + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: otel-collector + namespace: ns-sourcegraph +spec: + minReadySeconds: 5 + progressDeadlineSeconds: 120 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: otel-collector + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: otel-collector + labels: + app: otel-collector + deploy: sourcegraph + spec: + containers: + - command: + - /bin/otelcol-sourcegraph + - --config=/etc/otel-collector/configs/logging.yaml + image: index.docker.io/sourcegraph/opentelemetry-collector:5.10.2832@sha256:b1cc044ff1263220944c00bd056779fe789deb72aaf7d5f9f23bba1af66683dd + livenessProbe: + httpGet: + path: / + port: 13133 + name: otel-collector + ports: + - containerPort: 55679 + name: zpages + - containerPort: 4317 + name: otlp-grpc + - containerPort: 4318 + name: otlp-http + - containerPort: 8888 + name: metrics + readinessProbe: + httpGet: + path: / + port: 13133 + resources: + limits: + cpu: "2" + memory: 3Gi + requests: + cpu: "0.5" + memory: 1Gi + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /etc/otel-collector/conf + name: config + terminationGracePeriodSeconds: 120 + volumes: + - configMap: + items: + - key: config.yaml + path: config.yaml + name: otel-collector + name: config diff --git a/test-cluster/apps_v1_deployment_pgsql.yaml b/test-cluster/apps_v1_deployment_pgsql.yaml new file mode 100644 index 000000000000..af8c5ca01afe --- /dev/null +++ b/test-cluster/apps_v1_deployment_pgsql.yaml @@ -0,0 +1,100 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + description: Postgres database for various data. + kubectl.kubernetes.io/default-container: pgsql + labels: + app.kubernetes.io/component: pgsql + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: pgsql + namespace: ns-sourcegraph +spec: + minReadySeconds: 10 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: pgsql + strategy: + type: Recreate + template: + metadata: + labels: + app: pgsql + deploy: sourcegraph + group: backend + spec: + containers: + - env: null + image: postgresql-16:candidate + livenessProbe: + exec: + command: + - /liveness.sh + initialDelaySeconds: 15 + name: pgsql + ports: + - containerPort: 5432 + name: pgsql + readinessProbe: + exec: + command: + - /ready.sh + startupProbe: + exec: + command: + - /liveness.sh + failureThreshold: 360 + periodSeconds: 10 + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /data + name: disk + - mountPath: /conf + name: pgsql-conf + - mountPath: /dev/shm + name: dshm + - env: + - name: DATA_SOURCE_NAME + value: postgres://sg:@localhost:5432/?sslmode=disable + - name: PG_EXPORTER_EXTEND_QUERY_PATH + value: /config/queries.yaml + image: index.docker.io/sourcegraph/postgres_exporter:5.10.2832@sha256:190eea7189d7831be9f04f13a47cfb19de9a1c1ac18739ac40d261f05c2b41aa + name: pgsql-exporter + terminationMessagePolicy: FallbackToLogsOnError + initContainers: + - command: + - sh + - -c + - if [ -d /data/pgdata-12 ]; then chmod 750 /data/pgdata-12; fi + image: index.docker.io/sourcegraph/alpine-3.14:5.10.2832@sha256:d0d92d9ccbbf01005a095401aafce754c4bdc865cb993a56b673fbb4d7f274fb + name: correct-data-dir-permissions + resources: + limits: + cpu: 10m + memory: 50Mi + requests: + cpu: 10m + memory: 50Mi + securityContext: + runAsUser: 0 + volumeMounts: + - mountPath: /data + name: disk + securityContext: + runAsUser: 0 + terminationGracePeriodSeconds: 120 + volumes: + - name: disk + persistentVolumeClaim: + claimName: pgsql + - configMap: + defaultMode: 511 + name: pgsql-conf + name: pgsql-conf + - emptyDir: + medium: Memory + sizeLimit: 1G + name: dshm diff --git a/test-cluster/apps_v1_deployment_precise-code-intel-worker.yaml b/test-cluster/apps_v1_deployment_precise-code-intel-worker.yaml new file mode 100644 index 000000000000..88a03509c7a1 --- /dev/null +++ b/test-cluster/apps_v1_deployment_precise-code-intel-worker.yaml @@ -0,0 +1,71 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + description: Handles conversion of uploaded precise code intelligence bundles. + labels: + app.kubernetes.io/component: precise-code-intel + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: precise-code-intel-worker + namespace: ns-sourcegraph +spec: + minReadySeconds: 10 + replicas: 2 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: precise-code-intel-worker + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 1 + type: RollingUpdate + template: + metadata: + labels: + app: precise-code-intel-worker + deploy: sourcegraph + spec: + containers: + - env: + - name: PRECISE_CODE_INTEL_UPLOAD_BACKEND + value: blobstore + - name: PRECISE_CODE_INTEL_UPLOAD_AWS_ENDPOINT + value: http://blobstore:9000 + - name: NUM_WORKERS + value: "4" + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OTEL_AGENT_HOST + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: OTEL_EXPORTER_OTLP_ENDPOINT + value: http://$(OTEL_AGENT_HOST):4317 + image: index.docker.io/sourcegraph/precise-code-intel-worker:5.10.2832@sha256:62f10f3cd7aa7dd74053ac76057c914b90a8ced07c999e3d862b50544b11bc09 + livenessProbe: + httpGet: + path: /healthz + port: debug + scheme: HTTP + initialDelaySeconds: 60 + timeoutSeconds: 5 + name: precise-code-intel-worker + ports: + - containerPort: 3188 + name: http + - containerPort: 6060 + name: debug + readinessProbe: + httpGet: + path: /ready + port: debug + scheme: HTTP + periodSeconds: 5 + timeoutSeconds: 5 + terminationMessagePolicy: FallbackToLogsOnError + securityContext: + runAsUser: 0 diff --git a/test-cluster/apps_v1_deployment_prometheus.yaml b/test-cluster/apps_v1_deployment_prometheus.yaml new file mode 100644 index 000000000000..9875e93de1d2 --- /dev/null +++ b/test-cluster/apps_v1_deployment_prometheus.yaml @@ -0,0 +1,57 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + description: Collects metrics and aggregates them into graphs. + labels: + app.kubernetes.io/component: prometheus + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: prometheus + namespace: ns-sourcegraph +spec: + minReadySeconds: 10 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: prometheus + strategy: + type: Recreate + template: + metadata: + labels: + app: prometheus + deploy: sourcegraph + spec: + containers: + - image: index.docker.io/sourcegraph/prometheus:5.10.2832@sha256:18023ce87c412b62e3c8f56030247de55f0d545608edefdfc041c5a95d1c4951 + name: prometheus + ports: + - containerPort: 9090 + name: http + readinessProbe: + failureThreshold: 120 + httpGet: + path: /-/ready + port: 9090 + periodSeconds: 5 + timeoutSeconds: 3 + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /prometheus + name: data + - mountPath: /sg_prometheus_add_ons + name: config + securityContext: + runAsUser: 0 + serviceAccountName: prometheus + terminationGracePeriodSeconds: 120 + volumes: + - name: data + persistentVolumeClaim: + claimName: prometheus + - configMap: + defaultMode: 511 + name: prometheus + name: config diff --git a/test-cluster/apps_v1_deployment_redis-cache.yaml b/test-cluster/apps_v1_deployment_redis-cache.yaml new file mode 100644 index 000000000000..0b12b5920d61 --- /dev/null +++ b/test-cluster/apps_v1_deployment_redis-cache.yaml @@ -0,0 +1,73 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + description: Redis for storing short-lived caches. + kubectl.kubernetes.io/default-container: redis-cache + labels: + app.kubernetes.io/component: redis + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: redis-cache + namespace: ns-sourcegraph +spec: + minReadySeconds: 10 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: redis-cache + strategy: + type: Recreate + template: + metadata: + labels: + app: redis-cache + deploy: sourcegraph + spec: + containers: + - image: index.docker.io/sourcegraph/redis-cache:5.10.2832@sha256:7c62920aa1cfbaf4f7ecb216786120a0f880de872669dea5afa0459af5bf36a5 + livenessProbe: + initialDelaySeconds: 30 + tcpSocket: + port: redis + name: redis-cache + ports: + - containerPort: 6379 + name: redis + readinessProbe: + exec: + command: + - /bin/sh + - -c + - | + #!/bin/bash + PASS_CHECK=$(grep -h "requirepass" /etc/redis/redis.conf | cut -d ' ' -f 2) + if [ ! -z "$PASS_CHECK" ]; then + export REDISCLI_AUTH="$PASS_CHECK" + fi + response=$( + redis-cli ping + ) + if [ "$response" != "PONG" ]; then + echo "$response" + exit 1 + fi + initialDelaySeconds: 10 + timeoutSeconds: 5 + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /redis-data + name: redis-data + - image: index.docker.io/sourcegraph/redis_exporter:5.10.2832@sha256:c356c8a4c32f1433d280f3ce43e3fc504dd6b0f07e208d18443adcc44cf5e5ed + name: redis-exporter + ports: + - containerPort: 9121 + name: redisexp + terminationMessagePolicy: FallbackToLogsOnError + securityContext: + runAsUser: 0 + volumes: + - name: redis-data + persistentVolumeClaim: + claimName: redis-cache diff --git a/test-cluster/apps_v1_deployment_redis-store.yaml b/test-cluster/apps_v1_deployment_redis-store.yaml new file mode 100644 index 000000000000..ab35ff68fb5b --- /dev/null +++ b/test-cluster/apps_v1_deployment_redis-store.yaml @@ -0,0 +1,72 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + description: Redis for storing semi-persistent data like user sessions. + labels: + app.kubernetes.io/component: redis + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: redis-store + namespace: ns-sourcegraph +spec: + minReadySeconds: 10 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: redis-store + strategy: + type: Recreate + template: + metadata: + labels: + app: redis-store + deploy: sourcegraph + spec: + containers: + - image: index.docker.io/sourcegraph/redis-store:5.10.2832@sha256:413d44f4cc7ec3625f0dcaac2b2a8faa3c2455e78df7ba0e7485e2f0b09a2a41 + livenessProbe: + initialDelaySeconds: 30 + tcpSocket: + port: redis + name: redis-store + ports: + - containerPort: 6379 + name: redis + readinessProbe: + exec: + command: + - /bin/sh + - -c + - | + #!/bin/bash + PASS_CHECK=$(grep -h "requirepass" /etc/redis/redis.conf | cut -d ' ' -f 2) + if [ ! -z "$PASS_CHECK" ]; then + export REDISCLI_AUTH="$PASS_CHECK" + fi + response=$( + redis-cli ping + ) + if [ "$response" != "PONG" ]; then + echo "$response" + exit 1 + fi + initialDelaySeconds: 10 + timeoutSeconds: 5 + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /redis-data + name: redis-data + - image: index.docker.io/sourcegraph/redis_exporter:5.10.2832@sha256:c356c8a4c32f1433d280f3ce43e3fc504dd6b0f07e208d18443adcc44cf5e5ed + name: redis-exporter + ports: + - containerPort: 9121 + name: redisexp + terminationMessagePolicy: FallbackToLogsOnError + securityContext: + runAsUser: 0 + volumes: + - name: redis-data + persistentVolumeClaim: + claimName: redis-store diff --git a/test-cluster/apps_v1_deployment_repo-updater.yaml b/test-cluster/apps_v1_deployment_repo-updater.yaml new file mode 100644 index 000000000000..6ca549314ff9 --- /dev/null +++ b/test-cluster/apps_v1_deployment_repo-updater.yaml @@ -0,0 +1,65 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + description: Handles repository metadata (not Git data) lookups and updates from + external code hosts and other similar services. + kubectl.kubernetes.io/default-container: repo-updater + labels: + app.kubernetes.io/component: repo-updater + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: repo-updater + namespace: ns-sourcegraph +spec: + minReadySeconds: 10 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: repo-updater + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 0 + type: RollingUpdate + template: + metadata: + labels: + app: repo-updater + deploy: sourcegraph + spec: + containers: + - env: + - name: OTEL_AGENT_HOST + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: OTEL_EXPORTER_OTLP_ENDPOINT + value: http://$(OTEL_AGENT_HOST):4317 + image: index.docker.io/sourcegraph/repo-updater:5.10.2832@sha256:2fc71baa001a842760f219379343e7f89ed144ad8e2d9925ed3f988ba15b9b35 + livenessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: debug + scheme: HTTP + periodSeconds: 1 + timeoutSeconds: 5 + name: repo-updater + ports: + - containerPort: 3182 + name: http + - containerPort: 6060 + name: debug + readinessProbe: + failureThreshold: 3 + httpGet: + path: /ready + port: debug + scheme: HTTP + periodSeconds: 1 + timeoutSeconds: 5 + terminationMessagePolicy: FallbackToLogsOnError + securityContext: + runAsUser: 0 diff --git a/test-cluster/apps_v1_deployment_searcher.yaml b/test-cluster/apps_v1_deployment_searcher.yaml new file mode 100644 index 000000000000..69829a1ff6c2 --- /dev/null +++ b/test-cluster/apps_v1_deployment_searcher.yaml @@ -0,0 +1,74 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + description: Backend for text search operations. + kubectl.kubernetes.io/default-container: searcher + labels: + app.kubernetes.io/component: searcher + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: searcher + namespace: ns-sourcegraph +spec: + minReadySeconds: 10 + replicas: 2 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: searcher + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 1 + type: RollingUpdate + template: + metadata: + labels: + app: searcher + deploy: sourcegraph + spec: + containers: + - env: + - name: SEARCHER_CACHE_SIZE_MB + valueFrom: + resourceFieldRef: + containerName: searcher + divisor: 1M + resource: requests.ephemeral-storage + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: CACHE_DIR + value: /mnt/cache/$(POD_NAME) + - name: OTEL_AGENT_HOST + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: OTEL_EXPORTER_OTLP_ENDPOINT + value: http://$(OTEL_AGENT_HOST):4317 + image: index.docker.io/sourcegraph/searcher:5.10.2832@sha256:cd129b4232059e670d275a1c5b20b46c869b099631014c5980258f608f4b5053 + name: searcher + ports: + - containerPort: 3181 + name: http + - containerPort: 6060 + name: debug + readinessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: http + scheme: HTTP + periodSeconds: 5 + timeoutSeconds: 5 + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /mnt/cache + name: cache-ssd + securityContext: + runAsUser: 0 + volumes: + - emptyDir: {} + name: cache-ssd diff --git a/test-cluster/apps_v1_deployment_sourcegraph-frontend.yaml b/test-cluster/apps_v1_deployment_sourcegraph-frontend.yaml new file mode 100644 index 000000000000..15405cd25e41 --- /dev/null +++ b/test-cluster/apps_v1_deployment_sourcegraph-frontend.yaml @@ -0,0 +1,132 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + description: Serves the frontend of Sourcegraph via HTTP(S). + kubectl.kubernetes.io/default-container: frontend + labels: + app.kubernetes.io/component: frontend + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: sourcegraph-frontend + namespace: ns-sourcegraph +spec: + minReadySeconds: 10 + replicas: 2 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: sourcegraph-frontend + strategy: + rollingUpdate: + maxSurge: 2 + maxUnavailable: 0 + type: RollingUpdate + template: + metadata: + labels: + app: sourcegraph-frontend + deploy: sourcegraph + spec: + containers: + - args: + - serve + env: + - name: PGDATABASE + value: sg + - name: PGHOST + value: pgsql + - name: PGPORT + value: "5432" + - name: PGSSLMODE + value: disable + - name: PGUSER + value: sg + - name: CODEINSIGHTS_PGDATASOURCE + value: postgres://postgres:password@codeinsights-db:5432/postgres + - name: CODEINTEL_PGDATABASE + value: sg + - name: CODEINTEL_PGHOST + value: codeintel-db + - name: CODEINTEL_PGPORT + value: "5432" + - name: CODEINTEL_PGSSLMODE + value: disable + - name: CODEINTEL_PGUSER + value: sg + - name: PRECISE_CODE_INTEL_UPLOAD_BACKEND + value: blobstore + - name: PRECISE_CODE_INTEL_UPLOAD_AWS_ENDPOINT + value: http://blobstore:9000 + - name: GRAFANA_SERVER_URL + value: http://grafana:30070 + - name: PROMETHEUS_URL + value: http://prometheus:30090 + - name: OTEL_AGENT_HOST + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: OTEL_EXPORTER_OTLP_ENDPOINT + value: http://$(OTEL_AGENT_HOST):4317 + image: index.docker.io/sourcegraph/frontend:5.10.2832@sha256:b918b672d858dc6e0c9e48f0669a59bc1a78aed9bfceec020788f689829ad415 + livenessProbe: + httpGet: + path: /healthz + port: debug + scheme: HTTP + initialDelaySeconds: 300 + timeoutSeconds: 5 + name: frontend + ports: + - containerPort: 3080 + name: http + - containerPort: 3090 + name: http-internal + - containerPort: 6060 + name: debug + readinessProbe: + httpGet: + path: /ready + port: debug + scheme: HTTP + periodSeconds: 5 + timeoutSeconds: 5 + terminationMessagePolicy: FallbackToLogsOnError + initContainers: + - args: + - up + env: + - name: PGDATABASE + value: sg + - name: PGHOST + value: pgsql + - name: PGPORT + value: "5432" + - name: PGSSLMODE + value: disable + - name: PGUSER + value: sg + - name: CODEINSIGHTS_PGDATASOURCE + value: postgres://postgres:password@codeinsights-db:5432/postgres + - name: CODEINTEL_PGDATABASE + value: sg + - name: CODEINTEL_PGHOST + value: codeintel-db + - name: CODEINTEL_PGPORT + value: "5432" + - name: CODEINTEL_PGSSLMODE + value: disable + - name: CODEINTEL_PGUSER + value: sg + image: index.docker.io/sourcegraph/migrator:5.10.2832@sha256:4f5e69016f947211ef7d14e88df091550a6472f5281b025f08d234d8acc0d993 + name: migrator + resources: + limits: + cpu: 500m + memory: 100M + requests: + cpu: 100m + memory: 50M + securityContext: + runAsUser: 0 + serviceAccountName: sourcegraph-frontend diff --git a/test-cluster/apps_v1_deployment_symbols.yaml b/test-cluster/apps_v1_deployment_symbols.yaml new file mode 100644 index 000000000000..a3c5b0cc2113 --- /dev/null +++ b/test-cluster/apps_v1_deployment_symbols.yaml @@ -0,0 +1,80 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + description: Backend for symbols operations. + kubectl.kubernetes.io/default-container: symbols + labels: + app.kubernetes.io/component: symbols + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: symbols + namespace: ns-sourcegraph +spec: + minReadySeconds: 10 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: symbols + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 1 + type: RollingUpdate + template: + metadata: + labels: + app: symbols + deploy: sourcegraph + spec: + containers: + - env: + - name: SYMBOLS_CACHE_SIZE_MB + valueFrom: + resourceFieldRef: + containerName: symbols + divisor: 1M + resource: requests.ephemeral-storage + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: CACHE_DIR + value: /mnt/cache/$(POD_NAME) + - name: OTEL_AGENT_HOST + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: OTEL_EXPORTER_OTLP_ENDPOINT + value: http://$(OTEL_AGENT_HOST):4317 + image: index.docker.io/sourcegraph/symbols:5.10.2832@sha256:83b4a9d2c6b14f16adaffcd87578efd132dadcf7307611661e3c6bc61f1c9640 + livenessProbe: + httpGet: + path: /healthz + port: http + scheme: HTTP + initialDelaySeconds: 60 + timeoutSeconds: 5 + name: symbols + ports: + - containerPort: 3184 + name: http + - containerPort: 6060 + name: debug + readinessProbe: + httpGet: + path: /healthz + port: http + scheme: HTTP + periodSeconds: 5 + timeoutSeconds: 5 + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /mnt/cache + name: cache-ssd + securityContext: + runAsUser: 0 + volumes: + - emptyDir: {} + name: cache-ssd diff --git a/test-cluster/apps_v1_deployment_syntect-server.yaml b/test-cluster/apps_v1_deployment_syntect-server.yaml new file mode 100644 index 000000000000..1afc5f39147a --- /dev/null +++ b/test-cluster/apps_v1_deployment_syntect-server.yaml @@ -0,0 +1,49 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + description: Backend for syntax highlighting operations. + labels: + app.kubernetes.io/component: syntect-server + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: syntect-server + namespace: ns-sourcegraph +spec: + minReadySeconds: 10 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: syntect-server + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 0 + type: RollingUpdate + template: + metadata: + labels: + app: syntect-server + deploy: sourcegraph + spec: + containers: + - env: null + image: index.docker.io/sourcegraph/syntax-highlighter:5.10.2832@sha256:6043ae53bb68c84ef466902dce435e2e42f72a6ebb6fbc3c1902554ca946917f + livenessProbe: + httpGet: + path: /health + port: http + scheme: HTTP + initialDelaySeconds: 5 + timeoutSeconds: 5 + name: syntect-server + ports: + - containerPort: 9238 + name: http + readinessProbe: + tcpSocket: + port: http + terminationMessagePolicy: FallbackToLogsOnError + securityContext: + runAsUser: 0 diff --git a/test-cluster/apps_v1_deployment_worker.yaml b/test-cluster/apps_v1_deployment_worker.yaml new file mode 100644 index 000000000000..afcbc456780f --- /dev/null +++ b/test-cluster/apps_v1_deployment_worker.yaml @@ -0,0 +1,75 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + description: Manages background processes. + labels: + app.kubernetes.io/component: worker + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: worker + namespace: ns-sourcegraph +spec: + minReadySeconds: 10 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: worker + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 1 + type: RollingUpdate + template: + metadata: + labels: + app: worker + deploy: sourcegraph + spec: + containers: + - env: + - name: PRECISE_CODE_INTEL_UPLOAD_BACKEND + value: blobstore + - name: PRECISE_CODE_INTEL_UPLOAD_AWS_ENDPOINT + value: http://blobstore:9000 + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OTEL_AGENT_HOST + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: OTEL_EXPORTER_OTLP_ENDPOINT + value: http://$(OTEL_AGENT_HOST):4317 + envFrom: + - configMapRef: + name: embeddings-backend + optional: true + image: index.docker.io/sourcegraph/worker:5.10.2832@sha256:a4a9a4fb88855ce043536e0f694e29327cea881a8ca28a54a99d87d3bc63f783 + livenessProbe: + httpGet: + path: /healthz + port: debug + scheme: HTTP + initialDelaySeconds: 60 + timeoutSeconds: 5 + name: worker + ports: + - containerPort: 3189 + name: http + - containerPort: 6060 + name: debug + - containerPort: 6996 + name: prom + readinessProbe: + httpGet: + path: /ready + port: debug + scheme: HTTP + periodSeconds: 5 + timeoutSeconds: 5 + terminationMessagePolicy: FallbackToLogsOnError + securityContext: + runAsUser: 0 diff --git a/test-cluster/apps_v1_statefulset_gitserver.yaml b/test-cluster/apps_v1_statefulset_gitserver.yaml new file mode 100644 index 000000000000..e9f22968a8fe --- /dev/null +++ b/test-cluster/apps_v1_statefulset_gitserver.yaml @@ -0,0 +1,68 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + annotations: + description: Stores clones of repositories to perform Git operations. + kubectl.kubernetes.io/default-container: gitserver + labels: + app.kubernetes.io/component: gitserver + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: gitserver + namespace: ns-sourcegraph +spec: + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: gitserver + serviceName: gitserver + template: + metadata: + labels: + app: gitserver + deploy: sourcegraph + group: backend + type: gitserver + spec: + containers: + - args: + - run + env: + - name: OTEL_AGENT_HOST + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: OTEL_EXPORTER_OTLP_ENDPOINT + value: http://$(OTEL_AGENT_HOST):4317 + image: index.docker.io/sourcegraph/gitserver:5.10.2832@sha256:da3e193ab6b37ffa9374fb44d727ebfdbe62f88e117c902e488b348c59663ace + livenessProbe: + initialDelaySeconds: 5 + tcpSocket: + port: rpc + timeoutSeconds: 5 + name: gitserver + ports: + - containerPort: 3178 + name: rpc + protocol: TCP + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /data/repos + name: repos + securityContext: + runAsUser: 0 + volumes: + - name: repos + updateStrategy: + type: RollingUpdate + volumeClaimTemplates: + - metadata: + name: repos + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 200Gi + storageClassName: standard diff --git a/test-cluster/apps_v1_statefulset_grafana.yaml b/test-cluster/apps_v1_statefulset_grafana.yaml new file mode 100644 index 000000000000..e9252b62823e --- /dev/null +++ b/test-cluster/apps_v1_statefulset_grafana.yaml @@ -0,0 +1,57 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + annotations: + description: Metrics/monitoring dashboards and alerts. + kubectl.kubernetes.io/default-container: grafana + labels: + app.kubernetes.io/component: grafana + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: grafana + namespace: ns-sourcegraph +spec: + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: grafana + serviceName: grafana + template: + metadata: + labels: + app: grafana + deploy: sourcegraph + spec: + containers: + - image: index.docker.io/sourcegraph/grafana:5.10.2832@sha256:5bbc2a2a9a32490a0ea7969a400ae17af1baa22a8216c45fa14168d560574f79 + name: grafana + ports: + - containerPort: 3370 + name: http + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /var/lib/grafana + name: grafana-data + - mountPath: /sg_config_grafana/provisioning/datasources + name: config + securityContext: + runAsUser: 0 + serviceAccountName: grafana + volumes: + - configMap: + defaultMode: 511 + name: grafana + name: config + updateStrategy: + type: RollingUpdate + volumeClaimTemplates: + - metadata: + name: grafana-data + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 2Gi + storageClassName: standard diff --git a/test-cluster/apps_v1_statefulset_indexed-search.yaml b/test-cluster/apps_v1_statefulset_indexed-search.yaml new file mode 100644 index 000000000000..5a3e924a7493 --- /dev/null +++ b/test-cluster/apps_v1_statefulset_indexed-search.yaml @@ -0,0 +1,87 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + annotations: + description: Backend for indexed text search operations. + labels: + app.kubernetes.io/component: indexed-search + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: indexed-search + namespace: ns-sourcegraph +spec: + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: indexed-search + serviceName: indexed-search + template: + metadata: + labels: + app: indexed-search + deploy: sourcegraph + spec: + containers: + - env: + - name: OTEL_AGENT_HOST + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: OTEL_EXPORTER_OTLP_ENDPOINT + value: http://$(OTEL_AGENT_HOST):4317 + - name: OPENTELEMETRY_DISABLED + value: "false" + image: index.docker.io/sourcegraph/indexed-searcher:5.10.2832@sha256:876a5b31fd55dfcd827329b64e2ba5bcce7ed268e0964736b4527aa8b17a835b + name: zoekt-webserver + ports: + - containerPort: 6070 + name: http + readinessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: http + scheme: HTTP + periodSeconds: 5 + timeoutSeconds: 5 + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /data + name: data + - env: + - name: OTEL_AGENT_HOST + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: OTEL_EXPORTER_OTLP_ENDPOINT + value: http://$(OTEL_AGENT_HOST):4317 + - name: OPENTELEMETRY_DISABLED + value: "false" + image: index.docker.io/sourcegraph/search-indexer:5.10.2832@sha256:deedce4cb9a7c01105904c427d615a23e34301e52728af8f08c73fda4eecbee1 + name: zoekt-indexserver + ports: + - containerPort: 6072 + name: index-http + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /data + name: data + securityContext: + runAsUser: 0 + volumes: + - name: data + updateStrategy: + type: RollingUpdate + volumeClaimTemplates: + - metadata: + labels: + deploy: sourcegraph + name: data + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 200Gi + storageClassName: standard diff --git a/test-cluster/networking.k8s.io_v1_ingress_sourcegraph-frontend.yaml b/test-cluster/networking.k8s.io_v1_ingress_sourcegraph-frontend.yaml new file mode 100644 index 000000000000..8eaeeb46e8ae --- /dev/null +++ b/test-cluster/networking.k8s.io_v1_ingress_sourcegraph-frontend.yaml @@ -0,0 +1,24 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + kubernetes.io/ingress.class: nginx + nginx.ingress.kubernetes.io/proxy-body-size: 150m + labels: + app: sourcegraph-frontend + app.kubernetes.io/component: frontend + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: sourcegraph-frontend + namespace: ns-sourcegraph +spec: + rules: + - http: + paths: + - backend: + service: + name: sourcegraph-frontend + port: + number: 30080 + path: / + pathType: Prefix diff --git a/test-cluster/rbac.authorization.k8s.io_v1_clusterrole_prometheus.yaml b/test-cluster/rbac.authorization.k8s.io_v1_clusterrole_prometheus.yaml new file mode 100644 index 000000000000..f9a86cfbb01d --- /dev/null +++ b/test-cluster/rbac.authorization.k8s.io_v1_clusterrole_prometheus.yaml @@ -0,0 +1,34 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/component: prometheus + category: rbac + deploy: sourcegraph + sourcegraph-resource-requires: cluster-admin + name: prometheus +rules: +- apiGroups: + - "" + resources: + - endpoints + - namespaces + - nodes + - nodes/metrics + - nodes/proxy + - pods + - services + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get +- nonResourceURLs: + - /metrics + verbs: + - get diff --git a/test-cluster/rbac.authorization.k8s.io_v1_clusterrolebinding_prometheus.yaml b/test-cluster/rbac.authorization.k8s.io_v1_clusterrolebinding_prometheus.yaml new file mode 100644 index 000000000000..80501143fa9a --- /dev/null +++ b/test-cluster/rbac.authorization.k8s.io_v1_clusterrolebinding_prometheus.yaml @@ -0,0 +1,17 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app.kubernetes.io/component: prometheus + category: rbac + deploy: sourcegraph + sourcegraph-resource-requires: cluster-admin + name: prometheus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: prometheus +subjects: +- kind: ServiceAccount + name: prometheus + namespace: ns-sourcegraph diff --git a/test-cluster/rbac.authorization.k8s.io_v1_role_sourcegraph-frontend.yaml b/test-cluster/rbac.authorization.k8s.io_v1_role_sourcegraph-frontend.yaml new file mode 100644 index 000000000000..80564628e8ff --- /dev/null +++ b/test-cluster/rbac.authorization.k8s.io_v1_role_sourcegraph-frontend.yaml @@ -0,0 +1,28 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + labels: + app.kubernetes.io/component: frontend + category: rbac + deploy: sourcegraph + sourcegraph-resource-requires: cluster-admin + name: sourcegraph-frontend + namespace: ns-sourcegraph +rules: +- apiGroups: + - "" + resources: + - endpoints + - services + verbs: + - get + - list + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - get + - list + - watch diff --git a/test-cluster/rbac.authorization.k8s.io_v1_rolebinding_sourcegraph-frontend.yaml b/test-cluster/rbac.authorization.k8s.io_v1_rolebinding_sourcegraph-frontend.yaml new file mode 100644 index 000000000000..b8112d084295 --- /dev/null +++ b/test-cluster/rbac.authorization.k8s.io_v1_rolebinding_sourcegraph-frontend.yaml @@ -0,0 +1,18 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + labels: + app.kubernetes.io/component: frontend + category: rbac + deploy: sourcegraph + sourcegraph-resource-requires: cluster-admin + name: sourcegraph-frontend + namespace: ns-sourcegraph +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: sourcegraph-frontend +subjects: +- kind: ServiceAccount + name: sourcegraph-frontend + namespace: ns-sourcegraph diff --git a/test-cluster/v1_configmap_codeinsights-db-conf.yaml b/test-cluster/v1_configmap_codeinsights-db-conf.yaml new file mode 100644 index 000000000000..25b9a03c4068 --- /dev/null +++ b/test-cluster/v1_configmap_codeinsights-db-conf.yaml @@ -0,0 +1,763 @@ +apiVersion: v1 +data: + postgresql.conf: | + # ----------------------------- + # PostgreSQL configuration file + # ----------------------------- + # + # This file consists of lines of the form: + # + # name = value + # + # (The "=" is optional.) Whitespace may be used. Comments are introduced with + # "#" anywhere on a line. The complete list of parameter names and allowed + # values can be found in the PostgreSQL documentation. + # + # The commented-out settings shown in this file represent the default values. + # Re-commenting a setting is NOT sufficient to revert it to the default value; + # you need to reload the server. + # + # This file is read on server startup and when the server receives a SIGHUP + # signal. If you edit the file on a running system, you have to SIGHUP the + # server for the changes to take effect, run "pg_ctl reload", or execute + # "SELECT pg_reload_conf()". Some parameters, which are marked below, + # require a server shutdown and restart to take effect. + # + # Any parameter can also be given as a command-line option to the server, e.g., + # "postgres -c log_connections=on". Some parameters can be changed at run time + # with the "SET" SQL command. + # + # Memory units: kB = kilobytes Time units: ms = milliseconds + # MB = megabytes s = seconds + # GB = gigabytes min = minutes + # TB = terabytes h = hours + # d = days + + + #------------------------------------------------------------------------------ + # FILE LOCATIONS + #------------------------------------------------------------------------------ + + # The default values of these variables are driven from the -D command-line + # option or PGDATA environment variable, represented here as ConfigDir. + + #data_directory = 'ConfigDir' # use data in another directory + # (change requires restart) + #hba_file = 'ConfigDir/pg_hba.conf' # host-based authentication file + # (change requires restart) + #ident_file = 'ConfigDir/pg_ident.conf' # ident configuration file + # (change requires restart) + + # If external_pid_file is not explicitly set, no extra PID file is written. + #external_pid_file = '' # write an extra PID file + # (change requires restart) + + + #------------------------------------------------------------------------------ + # CONNECTIONS AND AUTHENTICATION + #------------------------------------------------------------------------------ + + # - Connection Settings - + + listen_addresses = '*' + # comma-separated list of addresses; + # defaults to 'localhost'; use '*' for all + # (change requires restart) + #port = 5432 # (change requires restart) + max_connections = 20 # (change requires restart) + #superuser_reserved_connections = 3 # (change requires restart) + #unix_socket_directories = '/var/run/postgresql' # comma-separated list of directories + # (change requires restart) + #unix_socket_group = '' # (change requires restart) + #unix_socket_permissions = 0777 # begin with 0 to use octal notation + # (change requires restart) + #bonjour = off # advertise server via Bonjour + # (change requires restart) + #bonjour_name = '' # defaults to the computer name + # (change requires restart) + + # - TCP settings - + # see "man 7 tcp" for details + + #tcp_keepalives_idle = 0 # TCP_KEEPIDLE, in seconds; + # 0 selects the system default + #tcp_keepalives_interval = 0 # TCP_KEEPINTVL, in seconds; + # 0 selects the system default + #tcp_keepalives_count = 0 # TCP_KEEPCNT; + # 0 selects the system default + #tcp_user_timeout = 0 # TCP_USER_TIMEOUT, in milliseconds; + # 0 selects the system default + + # - Authentication - + + #authentication_timeout = 1min # 1s-600s + #password_encryption = md5 # md5 or scram-sha-256 + #db_user_namespace = off + + # GSSAPI using Kerberos + #krb_server_keyfile = '' + #krb_caseins_users = off + + # - SSL - + + #ssl = off + #ssl_ca_file = '' + #ssl_cert_file = 'server.crt' + #ssl_crl_file = '' + #ssl_key_file = 'server.key' + #ssl_ciphers = 'HIGH:MEDIUM:+3DES:!aNULL' # allowed SSL ciphers + #ssl_prefer_server_ciphers = on + #ssl_ecdh_curve = 'prime256v1' + #ssl_min_protocol_version = 'TLSv1' + #ssl_max_protocol_version = '' + #ssl_dh_params_file = '' + #ssl_passphrase_command = '' + #ssl_passphrase_command_supports_reload = off + + + #------------------------------------------------------------------------------ + # RESOURCE USAGE (except WAL) + #------------------------------------------------------------------------------ + + # - Memory - + + shared_buffers = 509546kB # min 128kB + # (change requires restart) + #huge_pages = try # on, off, or try + # (change requires restart) + #temp_buffers = 8MB # min 800kB + #max_prepared_transactions = 0 # zero disables the feature + # (change requires restart) + # Caution: it is not advisable to set max_prepared_transactions nonzero unless + # you actively intend to use prepared transactions. + work_mem = 3184kB # min 64kB + maintenance_work_mem = 254773kB # min 1MB + #autovacuum_work_mem = -1 # min 1MB, or -1 to use maintenance_work_mem + #max_stack_depth = 2MB # min 100kB + #shared_memory_type = mmap # the default is the first option + # supported by the operating system: + # mmap + # sysv + # windows + # (change requires restart) + dynamic_shared_memory_type = posix # the default is the first option + # supported by the operating system: + # posix + # sysv + # windows + # mmap + # (change requires restart) + + # - Disk - + + #temp_file_limit = -1 # limits per-process temp file space + # in kB, or -1 for no limit + + # - Kernel Resources - + + #max_files_per_process = 1000 # min 25 + # (change requires restart) + + # - Cost-Based Vacuum Delay - + + #vacuum_cost_delay = 0 # 0-100 milliseconds (0 disables) + #vacuum_cost_page_hit = 1 # 0-10000 credits + #vacuum_cost_page_miss = 10 # 0-10000 credits + #vacuum_cost_page_dirty = 20 # 0-10000 credits + #vacuum_cost_limit = 200 # 1-10000 credits + + # - Background Writer - + + #bgwriter_delay = 200ms # 10-10000ms between rounds + #bgwriter_lru_maxpages = 100 # max buffers written/round, 0 disables + #bgwriter_lru_multiplier = 2.0 # 0-10.0 multiplier on buffers scanned/round + #bgwriter_flush_after = 512kB # measured in pages, 0 disables + + # - Asynchronous Behavior - + + effective_io_concurrency = 200 # 1-1000; 0 disables prefetching + max_worker_processes = 19 # (change requires restart) + #max_parallel_maintenance_workers = 2 # taken from max_parallel_workers + max_parallel_workers_per_gather = 4 # taken from max_parallel_workers + #parallel_leader_participation = on + max_parallel_workers = 8 # maximum number of max_worker_processes that + # can be used in parallel operations + #old_snapshot_threshold = -1 # 1min-60d; -1 disables; 0 is immediate + # (change requires restart) + #backend_flush_after = 0 # measured in pages, 0 disables + + + #------------------------------------------------------------------------------ + # WRITE-AHEAD LOG + #------------------------------------------------------------------------------ + + # - Settings - + + #wal_level = replica # minimal, replica, or logical + # (change requires restart) + #fsync = on # flush data to disk for crash safety + # (turning this off can cause + # unrecoverable data corruption) + #synchronous_commit = on # synchronization level; + # off, local, remote_write, remote_apply, or on + #wal_sync_method = fsync # the default is the first option + # supported by the operating system: + # open_datasync + # fdatasync (default on Linux) + # fsync + # fsync_writethrough + # open_sync + #full_page_writes = on # recover from partial page writes + #wal_compression = off # enable compression of full-page writes + #wal_log_hints = off # also do full page writes of non-critical updates + # (change requires restart) + #wal_init_zero = on # zero-fill new WAL files + #wal_recycle = on # recycle WAL files + wal_buffers = 15285kB # min 32kB, -1 sets based on shared_buffers + # (change requires restart) + #wal_writer_delay = 200ms # 1-10000 milliseconds + #wal_writer_flush_after = 1MB # measured in pages, 0 disables + + #commit_delay = 0 # range 0-100000, in microseconds + #commit_siblings = 5 # range 1-1000 + + # - Checkpoints - + + #checkpoint_timeout = 5min # range 30s-1d + max_wal_size = 1GB + min_wal_size = 512MB + checkpoint_completion_target = 0.9 # checkpoint target duration, 0.0 - 1.0 + #checkpoint_flush_after = 256kB # measured in pages, 0 disables + #checkpoint_warning = 30s # 0 disables + + # - Archiving - + + #archive_mode = off # enables archiving; off, on, or always + # (change requires restart) + #archive_command = '' # command to use to archive a logfile segment + # placeholders: %p = path of file to archive + # %f = file name only + # e.g. 'test ! -f /mnt/server/archivedir/%f && cp %p /mnt/server/archivedir/%f' + #archive_timeout = 0 # force a logfile segment switch after this + # number of seconds; 0 disables + + # - Archive Recovery - + + # These are only used in recovery mode. + + #restore_command = '' # command to use to restore an archived logfile segment + # placeholders: %p = path of file to restore + # %f = file name only + # e.g. 'cp /mnt/server/archivedir/%f %p' + # (change requires restart) + #archive_cleanup_command = '' # command to execute at every restartpoint + #recovery_end_command = '' # command to execute at completion of recovery + + # - Recovery Target - + + # Set these only when performing a targeted recovery. + + #recovery_target = '' # 'immediate' to end recovery as soon as a + # consistent state is reached + # (change requires restart) + #recovery_target_name = '' # the named restore point to which recovery will proceed + # (change requires restart) + #recovery_target_time = '' # the time stamp up to which recovery will proceed + # (change requires restart) + #recovery_target_xid = '' # the transaction ID up to which recovery will proceed + # (change requires restart) + #recovery_target_lsn = '' # the WAL LSN up to which recovery will proceed + # (change requires restart) + #recovery_target_inclusive = on # Specifies whether to stop: + # just after the specified recovery target (on) + # just before the recovery target (off) + # (change requires restart) + #recovery_target_timeline = 'latest' # 'current', 'latest', or timeline ID + # (change requires restart) + #recovery_target_action = 'pause' # 'pause', 'promote', 'shutdown' + # (change requires restart) + + + #------------------------------------------------------------------------------ + # REPLICATION + #------------------------------------------------------------------------------ + + # - Sending Servers - + + # Set these on the master and on any standby that will send replication data. + + #max_wal_senders = 10 # max number of walsender processes + # (change requires restart) + #wal_keep_segments = 0 # in logfile segments; 0 disables + #wal_sender_timeout = 60s # in milliseconds; 0 disables + + #max_replication_slots = 10 # max number of replication slots + # (change requires restart) + #track_commit_timestamp = off # collect timestamp of transaction commit + # (change requires restart) + + # - Master Server - + + # These settings are ignored on a standby server. + + #synchronous_standby_names = '' # standby servers that provide sync rep + # method to choose sync standbys, number of sync standbys, + # and comma-separated list of application_name + # from standby(s); '*' = all + #vacuum_defer_cleanup_age = 0 # number of xacts by which cleanup is delayed + + # - Standby Servers - + + # These settings are ignored on a master server. + + #primary_conninfo = '' # connection string to sending server + # (change requires restart) + #primary_slot_name = '' # replication slot on sending server + # (change requires restart) + #promote_trigger_file = '' # file name whose presence ends recovery + #hot_standby = on # "off" disallows queries during recovery + # (change requires restart) + #max_standby_archive_delay = 30s # max delay before canceling queries + # when reading WAL from archive; + # -1 allows indefinite delay + #max_standby_streaming_delay = 30s # max delay before canceling queries + # when reading streaming WAL; + # -1 allows indefinite delay + #wal_receiver_status_interval = 10s # send replies at least this often + # 0 disables + #hot_standby_feedback = off # send info from standby to prevent + # query conflicts + #wal_receiver_timeout = 60s # time that receiver waits for + # communication from master + # in milliseconds; 0 disables + #wal_retrieve_retry_interval = 5s # time to wait before retrying to + # retrieve WAL after a failed attempt + #recovery_min_apply_delay = 0 # minimum delay for applying changes during recovery + + # - Subscribers - + + # These settings are ignored on a publisher. + + #max_logical_replication_workers = 4 # taken from max_worker_processes + # (change requires restart) + #max_sync_workers_per_subscription = 2 # taken from max_logical_replication_workers + + + #------------------------------------------------------------------------------ + # QUERY TUNING + #------------------------------------------------------------------------------ + + # - Planner Method Configuration - + + #enable_bitmapscan = on + #enable_hashagg = on + #enable_hashjoin = on + #enable_indexscan = on + #enable_indexonlyscan = on + #enable_material = on + #enable_mergejoin = on + #enable_nestloop = on + #enable_parallel_append = on + #enable_seqscan = on + #enable_sort = on + #enable_tidscan = on + #enable_partitionwise_join = off + #enable_partitionwise_aggregate = off + #enable_parallel_hash = on + #enable_partition_pruning = on + + # - Planner Cost Constants - + + #seq_page_cost = 1.0 # measured on an arbitrary scale + random_page_cost = 1.1 # same scale as above + #cpu_tuple_cost = 0.01 # same scale as above + #cpu_index_tuple_cost = 0.005 # same scale as above + #cpu_operator_cost = 0.0025 # same scale as above + #parallel_tuple_cost = 0.1 # same scale as above + #parallel_setup_cost = 1000.0 # same scale as above + + #jit_above_cost = 100000 # perform JIT compilation if available + # and query more expensive than this; + # -1 disables + #jit_inline_above_cost = 500000 # inline small functions if query is + # more expensive than this; -1 disables + #jit_optimize_above_cost = 500000 # use expensive JIT optimizations if + # query is more expensive than this; + # -1 disables + + #min_parallel_table_scan_size = 8MB + #min_parallel_index_scan_size = 512kB + effective_cache_size = 1492MB + + # - Genetic Query Optimizer - + + #geqo = on + #geqo_threshold = 12 + #geqo_effort = 5 # range 1-10 + #geqo_pool_size = 0 # selects default based on effort + #geqo_generations = 0 # selects default based on effort + #geqo_selection_bias = 2.0 # range 1.5-2.0 + #geqo_seed = 0.0 # range 0.0-1.0 + + # - Other Planner Options - + + default_statistics_target = 500 # range 1-10000 + #constraint_exclusion = partition # on, off, or partition + #cursor_tuple_fraction = 0.1 # range 0.0-1.0 + #from_collapse_limit = 8 + #join_collapse_limit = 8 # 1 disables collapsing of explicit + # JOIN clauses + #force_parallel_mode = off + #jit = on # allow JIT compilation + #plan_cache_mode = auto # auto, force_generic_plan or + # force_custom_plan + + + #------------------------------------------------------------------------------ + # REPORTING AND LOGGING + #------------------------------------------------------------------------------ + + # - Where to Log - + + #log_destination = 'stderr' # Valid values are combinations of + # stderr, csvlog, syslog, and eventlog, + # depending on platform. csvlog + # requires logging_collector to be on. + + # This is used when logging to stderr: + #logging_collector = off # Enable capturing of stderr and csvlog + # into log files. Required to be on for + # csvlogs. + # (change requires restart) + + # These are only used if logging_collector is on: + #log_directory = 'log' # directory where log files are written, + # can be absolute or relative to PGDATA + #log_filename = 'postgresql-%Y-%m-%d_%H%M%S.log' # log file name pattern, + # can include strftime() escapes + #log_file_mode = 0600 # creation mode for log files, + # begin with 0 to use octal notation + #log_truncate_on_rotation = off # If on, an existing log file with the + # same name as the new log file will be + # truncated rather than appended to. + # But such truncation only occurs on + # time-driven rotation, not on restarts + # or size-driven rotation. Default is + # off, meaning append to existing files + # in all cases. + #log_rotation_age = 1d # Automatic rotation of logfiles will + # happen after that time. 0 disables. + #log_rotation_size = 10MB # Automatic rotation of logfiles will + # happen after that much log output. + # 0 disables. + + # These are relevant when logging to syslog: + #syslog_facility = 'LOCAL0' + #syslog_ident = 'postgres' + #syslog_sequence_numbers = on + #syslog_split_messages = on + + # This is only relevant when logging to eventlog (win32): + # (change requires restart) + #event_source = 'PostgreSQL' + + # - When to Log - + + #log_min_messages = warning # values in order of decreasing detail: + # debug5 + # debug4 + # debug3 + # debug2 + # debug1 + # info + # notice + # warning + # error + # log + # fatal + # panic + + #log_min_error_statement = error # values in order of decreasing detail: + # debug5 + # debug4 + # debug3 + # debug2 + # debug1 + # info + # notice + # warning + # error + # log + # fatal + # panic (effectively off) + + #log_min_duration_statement = -1 # -1 is disabled, 0 logs all statements + # and their durations, > 0 logs only + # statements running at least this number + # of milliseconds + + #log_transaction_sample_rate = 0.0 # Fraction of transactions whose statements + # are logged regardless of their duration. 1.0 logs all + # statements from all transactions, 0.0 never logs. + + # - What to Log - + + #debug_print_parse = off + #debug_print_rewritten = off + #debug_print_plan = off + #debug_pretty_print = on + #log_checkpoints = off + #log_connections = off + #log_disconnections = off + #log_duration = off + #log_error_verbosity = default # terse, default, or verbose messages + #log_hostname = off + #log_line_prefix = '%m [%p] ' # special values: + # %a = application name + # %u = user name + # %d = database name + # %r = remote host and port + # %h = remote host + # %p = process ID + # %t = timestamp without milliseconds + # %m = timestamp with milliseconds + # %n = timestamp with milliseconds (as a Unix epoch) + # %i = command tag + # %e = SQL state + # %c = session ID + # %l = session line number + # %s = session start timestamp + # %v = virtual transaction ID + # %x = transaction ID (0 if none) + # %q = stop here in non-session + # processes + # %% = '%' + # e.g. '<%u%%%d> ' + #log_lock_waits = off # log lock waits >= deadlock_timeout + #log_statement = 'none' # none, ddl, mod, all + #log_replication_commands = off + #log_temp_files = -1 # log temporary files equal or larger + # than the specified size in kilobytes; + # -1 disables, 0 logs all temp files + log_timezone = 'UTC' + + #------------------------------------------------------------------------------ + # PROCESS TITLE + #------------------------------------------------------------------------------ + + #cluster_name = '' # added to process titles if nonempty + # (change requires restart) + #update_process_title = on + + + #------------------------------------------------------------------------------ + # STATISTICS + #------------------------------------------------------------------------------ + + # - Query and Index Statistics Collector - + + #track_activities = on + #track_counts = on + #track_io_timing = off + #track_functions = none # none, pl, all + #track_activity_query_size = 1024 # (change requires restart) + #stats_temp_directory = 'pg_stat_tmp' + + + # - Monitoring - + + #log_parser_stats = off + #log_planner_stats = off + #log_executor_stats = off + #log_statement_stats = off + + + #------------------------------------------------------------------------------ + # AUTOVACUUM + #------------------------------------------------------------------------------ + + #autovacuum = on # Enable autovacuum subprocess? 'on' + # requires track_counts to also be on. + #log_autovacuum_min_duration = -1 # -1 disables, 0 logs all actions and + # their durations, > 0 logs only + # actions running at least this number + # of milliseconds. + autovacuum_max_workers = 10 # max number of autovacuum subprocesses + # (change requires restart) + autovacuum_naptime = 10 # time between autovacuum runs + #autovacuum_vacuum_threshold = 50 # min number of row updates before + # vacuum + #autovacuum_analyze_threshold = 50 # min number of row updates before + # analyze + #autovacuum_vacuum_scale_factor = 0.2 # fraction of table size before vacuum + #autovacuum_analyze_scale_factor = 0.1 # fraction of table size before analyze + #autovacuum_freeze_max_age = 200000000 # maximum XID age before forced vacuum + # (change requires restart) + #autovacuum_multixact_freeze_max_age = 400000000 # maximum multixact age + # before forced vacuum + # (change requires restart) + #autovacuum_vacuum_cost_delay = 2ms # default vacuum cost delay for + # autovacuum, in milliseconds; + # -1 means use vacuum_cost_delay + #autovacuum_vacuum_cost_limit = -1 # default vacuum cost limit for + # autovacuum, -1 means use + # vacuum_cost_limit + + + #------------------------------------------------------------------------------ + # CLIENT CONNECTION DEFAULTS + #------------------------------------------------------------------------------ + + # - Statement Behavior - + + #client_min_messages = notice # values in order of decreasing detail: + # debug5 + # debug4 + # debug3 + # debug2 + # debug1 + # log + # notice + # warning + # error + #search_path = '"$user", public' # schema names + #row_security = on + #default_tablespace = '' # a tablespace name, '' uses the default + #temp_tablespaces = '' # a list of tablespace names, '' uses + # only default tablespace + #default_table_access_method = 'heap' + #check_function_bodies = on + #default_transaction_isolation = 'read committed' + #default_transaction_read_only = off + #default_transaction_deferrable = off + #session_replication_role = 'origin' + #statement_timeout = 0 # in milliseconds, 0 is disabled + #lock_timeout = 0 # in milliseconds, 0 is disabled + #idle_in_transaction_session_timeout = 0 # in milliseconds, 0 is disabled + #vacuum_freeze_min_age = 50000000 + #vacuum_freeze_table_age = 150000000 + #vacuum_multixact_freeze_min_age = 5000000 + #vacuum_multixact_freeze_table_age = 150000000 + #vacuum_cleanup_index_scale_factor = 0.1 # fraction of total number of tuples + # before index cleanup, 0 always performs + # index cleanup + #bytea_output = 'hex' # hex, escape + #xmlbinary = 'base64' + #xmloption = 'content' + #gin_fuzzy_search_limit = 0 + #gin_pending_list_limit = 4MB + + # - Locale and Formatting - + + datestyle = 'iso, mdy' + #intervalstyle = 'postgres' + timezone = 'UTC' + #timezone_abbreviations = 'Default' # Select the set of available time zone + # abbreviations. Currently, there are + # Default + # Australia (historical usage) + # India + # You can create your own file in + # share/timezonesets/. + #extra_float_digits = 1 # min -15, max 3; any value >0 actually + # selects precise output mode + #client_encoding = sql_ascii # actually, defaults to database + # encoding + + # These settings are initialized by initdb, but they can be changed. + lc_messages = 'en_US.utf8' # locale for system error message + # strings + lc_monetary = 'en_US.utf8' # locale for monetary formatting + lc_numeric = 'en_US.utf8' # locale for number formatting + lc_time = 'en_US.utf8' # locale for time formatting + + # default configuration for text search + default_text_search_config = 'pg_catalog.english' + + # - Shared Library Preloading - + + shared_preload_libraries = '' # (change requires restart) + #local_preload_libraries = '' + #session_preload_libraries = '' + #jit_provider = 'llvmjit' # JIT library to use + + # - Other Defaults - + + #dynamic_library_path = '$libdir' + + + #------------------------------------------------------------------------------ + # LOCK MANAGEMENT + #------------------------------------------------------------------------------ + + #deadlock_timeout = 1s + max_locks_per_transaction = 64 # min 10 + # (change requires restart) + #max_pred_locks_per_transaction = 64 # min 10 + # (change requires restart) + #max_pred_locks_per_relation = -2 # negative values mean + # (max_pred_locks_per_transaction + # / -max_pred_locks_per_relation) - 1 + #max_pred_locks_per_page = 2 # min 0 + + + #------------------------------------------------------------------------------ + # VERSION AND PLATFORM COMPATIBILITY + #------------------------------------------------------------------------------ + + # - Previous PostgreSQL Versions - + + #array_nulls = on + #backslash_quote = safe_encoding # on, off, or safe_encoding + #escape_string_warning = on + #lo_compat_privileges = off + #operator_precedence_warning = off + #quote_all_identifiers = off + #standard_conforming_strings = on + #synchronize_seqscans = on + + # - Other Platforms and Clients - + + #transform_null_equals = off + + + #------------------------------------------------------------------------------ + # ERROR HANDLING + #------------------------------------------------------------------------------ + + #exit_on_error = off # terminate session on any error? + #restart_after_crash = on # reinitialize after backend crash? + #data_sync_retry = off # retry or panic on failure to fsync + # data? + # (change requires restart) + + + #------------------------------------------------------------------------------ + # CONFIG FILE INCLUDES + #------------------------------------------------------------------------------ + + # These options allow settings to be loaded from files other than the + # default postgresql.conf. Note that these are directives, not variable + # assignments, so they can usefully be given more than once. + + #include_dir = '...' # include files ending in '.conf' from + # a directory, e.g., 'conf.d' + #include_if_exists = '...' # include file only if it exists + #include = '...' # include file + + + #------------------------------------------------------------------------------ + # CUSTOMIZED OPTIONS + #------------------------------------------------------------------------------ + + # Add settings for extensions here +kind: ConfigMap +metadata: + annotations: + description: Configuration for CodeInsightsDB + labels: + app.kubernetes.io/component: codeinsights-db + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: codeinsights-db-conf + namespace: ns-sourcegraph diff --git a/test-cluster/v1_configmap_codeintel-db-conf.yaml b/test-cluster/v1_configmap_codeintel-db-conf.yaml new file mode 100644 index 000000000000..b2c106c8e40d --- /dev/null +++ b/test-cluster/v1_configmap_codeintel-db-conf.yaml @@ -0,0 +1,705 @@ +apiVersion: v1 +data: + postgresql.conf: | + # ----------------------------- + # PostgreSQL configuration file + # ----------------------------- + # SOURCEGRAPH CUSTOMIZATIONS CONTAIN "# SG CUSTOM" in the comment + # + # This file consists of lines of the form: + # + # name = value + # + # (The "=" is optional.) Whitespace may be used. Comments are introduced with + # "#" anywhere on a line. The complete list of parameter names and allowed + # values can be found in the PostgreSQL documentation. + # + # The commented-out settings shown in this file represent the default values. + # Re-commenting a setting is NOT sufficient to revert it to the default value; + # you need to reload the server. + # + # This file is read on server startup and when the server receives a SIGHUP + # signal. If you edit the file on a running system, you have to SIGHUP the + # server for the changes to take effect, run "pg_ctl reload", or execute + # "SELECT pg_reload_conf()". Some parameters, which are marked below, + # require a server shutdown and restart to take effect. + # + # Any parameter can also be given as a command-line option to the server, e.g., + # "postgres -c log_connections=on". Some parameters can be changed at run time + # with the "SET" SQL command. + # + # Memory units: kB = kilobytes Time units: ms = milliseconds + # MB = megabytes s = seconds + # GB = gigabytes min = minutes + # TB = terabytes h = hours + # d = days + + + #------------------------------------------------------------------------------ + # FILE LOCATIONS + #------------------------------------------------------------------------------ + + # The default values of these variables are driven from the -D command-line + # option or PGDATA environment variable, represented here as ConfigDir. + + #data_directory = 'ConfigDir' # use data in another directory + # (change requires restart) + #hba_file = 'ConfigDir/pg_hba.conf' # host-based authentication file + # (change requires restart) + #ident_file = 'ConfigDir/pg_ident.conf' # ident configuration file + # (change requires restart) + + # If external_pid_file is not explicitly set, no extra PID file is written. + #external_pid_file = '' # write an extra PID file + # (change requires restart) + + + #------------------------------------------------------------------------------ + # CONNECTIONS AND AUTHENTICATION + #------------------------------------------------------------------------------ + + # - Connection Settings - + + listen_addresses = '*' + # comma-separated list of addresses; + # defaults to 'localhost'; use '*' for all + # (change requires restart) + #port = 5432 # (change requires restart) + max_connections = 100 # (change requires restart) + #superuser_reserved_connections = 3 # (change requires restart) + #unix_socket_directories = '/var/run/postgresql' # comma-separated list of directories + # (change requires restart) + #unix_socket_group = '' # (change requires restart) + #unix_socket_permissions = 0777 # begin with 0 to use octal notation + # (change requires restart) + #bonjour = off # advertise server via Bonjour + # (change requires restart) + #bonjour_name = '' # defaults to the computer name + # (change requires restart) + + # - TCP Keepalives - + # see "man 7 tcp" for details + + #tcp_keepalives_idle = 0 # TCP_KEEPIDLE, in seconds; + # 0 selects the system default + #tcp_keepalives_interval = 0 # TCP_KEEPINTVL, in seconds; + # 0 selects the system default + #tcp_keepalives_count = 0 # TCP_KEEPCNT; + # 0 selects the system default + + # - Authentication - + + #authentication_timeout = 1min # 1s-600s + #password_encryption = md5 # md5 or scram-sha-256 + #db_user_namespace = off + + # GSSAPI using Kerberos + #krb_server_keyfile = '' + #krb_caseins_users = off + + # - SSL - + + #ssl = off + #ssl_ca_file = '' + #ssl_cert_file = 'server.crt' + #ssl_crl_file = '' + #ssl_key_file = 'server.key' + #ssl_ciphers = 'HIGH:MEDIUM:+3DES:!aNULL' # allowed SSL ciphers + #ssl_prefer_server_ciphers = on + #ssl_ecdh_curve = 'prime256v1' + #ssl_dh_params_file = '' + #ssl_passphrase_command = '' + #ssl_passphrase_command_supports_reload = off + + + #------------------------------------------------------------------------------ + # RESOURCE USAGE (except WAL) + #------------------------------------------------------------------------------ + + # - Memory - + + shared_buffers = 1GB # SG CUSTOM min 128kB + # (change requires restart) + #huge_pages = try # on, off, or try + # (change requires restart) + #temp_buffers = 8MB # min 800kB + #max_prepared_transactions = 0 # zero disables the feature + # (change requires restart) + # Caution: it is not advisable to set max_prepared_transactions nonzero unless + # you actively intend to use prepared transactions. + work_mem = 5MB # SG CUSTOM min 64kB + maintenance_work_mem = 250MB # SG CUSTOM min 1MB + #autovacuum_work_mem = -1 # min 1MB, or -1 to use maintenance_work_mem + #max_stack_depth = 2MB # min 100kB + dynamic_shared_memory_type = posix # the default is the first option + # supported by the operating system: + # posix + # sysv + # windows + # mmap + # use none to disable dynamic shared memory + # (change requires restart) + + # - Disk - + + temp_file_limit = 20GB # SG CUSTOM limits per-process temp file space + # in kB, or -1 for no limit + + # - Kernel Resources - + + #max_files_per_process = 1000 # min 25 + # (change requires restart) + + # - Cost-Based Vacuum Delay - + + #vacuum_cost_delay = 0 # 0-100 milliseconds + #vacuum_cost_page_hit = 1 # 0-10000 credits + #vacuum_cost_page_miss = 10 # 0-10000 credits + #vacuum_cost_page_dirty = 20 # 0-10000 credits + #vacuum_cost_limit = 200 # 1-10000 credits + + # - Background Writer - + + bgwriter_delay = 50ms # SG CUSTOM 10-10000ms between rounds + bgwriter_lru_maxpages = 200 # SG CUSTOM max buffers written/round, 0 disables + + #bgwriter_lru_multiplier = 2.0 # 0-10.0 multiplier on buffers scanned/round + #bgwriter_flush_after = 512kB # measured in pages, 0 disables + + # - Asynchronous Behavior - + + effective_io_concurrency = 200 # 1-1000; 0 disables prefetching + max_worker_processes = 4 # SG CUSTOM (change requires restart) + max_parallel_maintenance_workers = 4 # SG CUSTOM taken from max_parallel_workers + max_parallel_workers_per_gather = 2 # SG CUSTOM taken from max_parallel_workers + #parallel_leader_participation = on + max_parallel_workers = 4 # SG CUSTOM maximum number of max_worker_processes that + # can be used in parallel operations + #old_snapshot_threshold = -1 # 1min-60d; -1 disables; 0 is immediate + # (change requires restart) + #backend_flush_after = 0 # measured in pages, 0 disables + + + #------------------------------------------------------------------------------ + # WRITE-AHEAD LOG + #------------------------------------------------------------------------------ + + # - Settings - + + #wal_level = replica # minimal, replica, or logical + # (change requires restart) + #fsync = on # flush data to disk for crash safety + # (turning this off can cause + # unrecoverable data corruption) + #synchronous_commit = on # synchronization level; + # off, local, remote_write, remote_apply, or on + #wal_sync_method = fsync # the default is the first option + # supported by the operating system: + # open_datasync + # fdatasync (default on Linux) + # fsync + # fsync_writethrough + # open_sync + #full_page_writes = on # recover from partial page writes + #wal_compression = off # enable compression of full-page writes + #wal_log_hints = off # also do full page writes of non-critical updates + # (change requires restart) + wal_buffers = 16MB # SG CUSTOM min 32kB, -1 sets based on shared_buffers + # (change requires restart) + #wal_writer_delay = 200ms # 1-10000 milliseconds + #wal_writer_flush_after = 1MB # measured in pages, 0 disables + + #commit_delay = 0 # range 0-100000, in microseconds + #commit_siblings = 5 # range 1-1000 + + # - Checkpoints - + + #checkpoint_timeout = 5min # range 30s-1d + max_wal_size = 8GB # SG CUSTOM + min_wal_size = 2GB # SG CUSTOM + #checkpoint_completion_target = 0.5 # checkpoint target duration, 0.0 - 1.0 + #checkpoint_flush_after = 256kB # measured in pages, 0 disables + #checkpoint_warning = 30s # 0 disables + + # - Archiving - + + #archive_mode = off # enables archiving; off, on, or always + # (change requires restart) + #archive_command = '' # command to use to archive a logfile segment + # placeholders: %p = path of file to archive + # %f = file name only + # e.g. 'test ! -f /mnt/server/archivedir/%f && cp %p /mnt/server/archivedir/%f' + #archive_timeout = 0 # force a logfile segment switch after this + # number of seconds; 0 disables + + + #------------------------------------------------------------------------------ + # REPLICATION + #------------------------------------------------------------------------------ + + # - Sending Servers - + + # Set these on the master and on any standby that will send replication data. + + #max_wal_senders = 10 # max number of walsender processes + # (change requires restart) + #wal_keep_segments = 0 # in logfile segments; 0 disables + #wal_sender_timeout = 60s # in milliseconds; 0 disables + + #max_replication_slots = 10 # max number of replication slots + # (change requires restart) + #track_commit_timestamp = off # collect timestamp of transaction commit + # (change requires restart) + + # - Master Server - + + # These settings are ignored on a standby server. + + #synchronous_standby_names = '' # standby servers that provide sync rep + # method to choose sync standbys, number of sync standbys, + # and comma-separated list of application_name + # from standby(s); '*' = all + #vacuum_defer_cleanup_age = 0 # number of xacts by which cleanup is delayed + + # - Standby Servers - + + # These settings are ignored on a master server. + + #hot_standby = on # "off" disallows queries during recovery + # (change requires restart) + #max_standby_archive_delay = 30s # max delay before canceling queries + # when reading WAL from archive; + # -1 allows indefinite delay + #max_standby_streaming_delay = 30s # max delay before canceling queries + # when reading streaming WAL; + # -1 allows indefinite delay + #wal_receiver_status_interval = 10s # send replies at least this often + # 0 disables + #hot_standby_feedback = off # send info from standby to prevent + # query conflicts + #wal_receiver_timeout = 60s # time that receiver waits for + # communication from master + # in milliseconds; 0 disables + #wal_retrieve_retry_interval = 5s # time to wait before retrying to + # retrieve WAL after a failed attempt + + # - Subscribers - + + # These settings are ignored on a publisher. + + #max_logical_replication_workers = 4 # taken from max_worker_processes + # (change requires restart) + #max_sync_workers_per_subscription = 2 # taken from max_logical_replication_workers + + + #------------------------------------------------------------------------------ + # QUERY TUNING + #------------------------------------------------------------------------------ + + # - Planner Method Configuration - + + #enable_bitmapscan = on + #enable_hashagg = on + #enable_hashjoin = on + #enable_indexscan = on + #enable_indexonlyscan = on + #enable_material = on + #enable_mergejoin = on + #enable_nestloop = on + #enable_parallel_append = on + #enable_seqscan = on + #enable_sort = on + #enable_tidscan = on + #enable_partitionwise_join = off + #enable_partitionwise_aggregate = off + #enable_parallel_hash = on + #enable_partition_pruning = on + + # - Planner Cost Constants - + + #seq_page_cost = 1.0 # measured on an arbitrary scale + random_page_cost = 1.1 # SG CUSTOM same scale as above + #cpu_tuple_cost = 0.01 # same scale as above + #cpu_index_tuple_cost = 0.005 # same scale as above + #cpu_operator_cost = 0.0025 # same scale as above + #parallel_tuple_cost = 0.1 # same scale as above + #parallel_setup_cost = 1000.0 # same scale as above + + #jit_above_cost = 100000 # perform JIT compilation if available + # and query more expensive than this; + # -1 disables + #jit_inline_above_cost = 500000 # inline small functions if query is + # more expensive than this; -1 disables + #jit_optimize_above_cost = 500000 # use expensive JIT optimizations if + # query is more expensive than this; + # -1 disables + + #min_parallel_table_scan_size = 8MB + #min_parallel_index_scan_size = 512kB + effective_cache_size = 3GB # SG CUSTOM + + # - Genetic Query Optimizer - + + #geqo = on + #geqo_threshold = 12 + #geqo_effort = 5 # range 1-10 + #geqo_pool_size = 0 # selects default based on effort + #geqo_generations = 0 # selects default based on effort + #geqo_selection_bias = 2.0 # range 1.5-2.0 + #geqo_seed = 0.0 # range 0.0-1.0 + + # - Other Planner Options - + + #default_statistics_target = 100 # range 1-10000 + #constraint_exclusion = partition # on, off, or partition + #cursor_tuple_fraction = 0.1 # range 0.0-1.0 + #from_collapse_limit = 8 + #join_collapse_limit = 8 # 1 disables collapsing of explicit + # JOIN clauses + #force_parallel_mode = off + #jit = off # allow JIT compilation + + + #------------------------------------------------------------------------------ + # REPORTING AND LOGGING + #------------------------------------------------------------------------------ + + # - Where to Log - + + #log_destination = 'stderr' # Valid values are combinations of + # stderr, csvlog, syslog, and eventlog, + # depending on platform. csvlog + # requires logging_collector to be on. + + # This is used when logging to stderr: + #logging_collector = off # Enable capturing of stderr and csvlog + # into log files. Required to be on for + # csvlogs. + # (change requires restart) + + # These are only used if logging_collector is on: + #log_directory = 'log' # directory where log files are written, + # can be absolute or relative to PGDATA + #log_filename = 'postgresql-%Y-%m-%d_%H%M%S.log' # log file name pattern, + # can include strftime() escapes + #log_file_mode = 0600 # creation mode for log files, + # begin with 0 to use octal notation + #log_truncate_on_rotation = off # If on, an existing log file with the + # same name as the new log file will be + # truncated rather than appended to. + # But such truncation only occurs on + # time-driven rotation, not on restarts + # or size-driven rotation. Default is + # off, meaning append to existing files + # in all cases. + #log_rotation_age = 1d # Automatic rotation of logfiles will + # happen after that time. 0 disables. + #log_rotation_size = 10MB # Automatic rotation of logfiles will + # happen after that much log output. + # 0 disables. + + # These are relevant when logging to syslog: + #syslog_facility = 'LOCAL0' + #syslog_ident = 'postgres' + #syslog_sequence_numbers = on + #syslog_split_messages = on + + # This is only relevant when logging to eventlog (win32): + # (change requires restart) + #event_source = 'PostgreSQL' + + # - When to Log - + + #log_min_messages = warning # values in order of decreasing detail: + # debug5 + # debug4 + # debug3 + # debug2 + # debug1 + # info + # notice + # warning + # error + # log + # fatal + # panic + + #log_min_error_statement = error # values in order of decreasing detail: + # debug5 + # debug4 + # debug3 + # debug2 + # debug1 + # info + # notice + # warning + # error + # log + # fatal + # panic (effectively off) + + #log_min_duration_statement = -1 # -1 is disabled, 0 logs all statements + # and their durations, > 0 logs only + # statements running at least this number + # of milliseconds + + + # - What to Log - + + #debug_print_parse = off + #debug_print_rewritten = off + #debug_print_plan = off + #debug_pretty_print = on + #log_checkpoints = off + #log_connections = off + #log_disconnections = off + #log_duration = off + #log_error_verbosity = default # terse, default, or verbose messages + #log_hostname = off + #log_line_prefix = '%m [%p] ' # special values: + # %a = application name + # %u = user name + # %d = database name + # %r = remote host and port + # %h = remote host + # %p = process ID + # %t = timestamp without milliseconds + # %m = timestamp with milliseconds + # %n = timestamp with milliseconds (as a Unix epoch) + # %i = command tag + # %e = SQL state + # %c = session ID + # %l = session line number + # %s = session start timestamp + # %v = virtual transaction ID + # %x = transaction ID (0 if none) + # %q = stop here in non-session + # processes + # %% = '%' + # e.g. '<%u%%%d> ' + #log_lock_waits = off # log lock waits >= deadlock_timeout + #log_statement = 'none' # none, ddl, mod, all + #log_replication_commands = off + #log_temp_files = -1 # log temporary files equal or larger + # than the specified size in kilobytes; + # -1 disables, 0 logs all temp files + log_timezone = 'Etc/UTC' + + #------------------------------------------------------------------------------ + # PROCESS TITLE + #------------------------------------------------------------------------------ + + #cluster_name = '' # added to process titles if nonempty + # (change requires restart) + #update_process_title = on + + + #------------------------------------------------------------------------------ + # STATISTICS + #------------------------------------------------------------------------------ + + # - Query and Index Statistics Collector - + + #track_activities = on + #track_counts = on + #track_io_timing = off + #track_functions = none # none, pl, all + #track_activity_query_size = 1024 # (change requires restart) + #stats_temp_directory = 'pg_stat_tmp' + + + # - Monitoring - + + #log_parser_stats = off + #log_planner_stats = off + #log_executor_stats = off + #log_statement_stats = off + + + #------------------------------------------------------------------------------ + # AUTOVACUUM + #------------------------------------------------------------------------------ + + #autovacuum = on # Enable autovacuum subprocess? 'on' + # requires track_counts to also be on. + #log_autovacuum_min_duration = -1 # -1 disables, 0 logs all actions and + # their durations, > 0 logs only + # actions running at least this number + # of milliseconds. + #autovacuum_max_workers = 3 # max number of autovacuum subprocesses + # (change requires restart) + #autovacuum_naptime = 1min # time between autovacuum runs + #autovacuum_vacuum_threshold = 50 # min number of row updates before + # vacuum + #autovacuum_analyze_threshold = 50 # min number of row updates before + # analyze + #autovacuum_vacuum_scale_factor = 0.2 # fraction of table size before vacuum + #autovacuum_analyze_scale_factor = 0.1 # fraction of table size before analyze + #autovacuum_freeze_max_age = 200000000 # maximum XID age before forced vacuum + # (change requires restart) + #autovacuum_multixact_freeze_max_age = 400000000 # maximum multixact age + # before forced vacuum + # (change requires restart) + #autovacuum_vacuum_cost_delay = 20ms # default vacuum cost delay for + # autovacuum, in milliseconds; + # -1 means use vacuum_cost_delay + #autovacuum_vacuum_cost_limit = -1 # default vacuum cost limit for + # autovacuum, -1 means use + # vacuum_cost_limit + + + #------------------------------------------------------------------------------ + # CLIENT CONNECTION DEFAULTS + #------------------------------------------------------------------------------ + + # - Statement Behavior - + + #client_min_messages = notice # values in order of decreasing detail: + # debug5 + # debug4 + # debug3 + # debug2 + # debug1 + # log + # notice + # warning + # error + #search_path = '"$user", public' # schema names + #row_security = on + #default_tablespace = '' # a tablespace name, '' uses the default + #temp_tablespaces = '' # a list of tablespace names, '' uses + # only default tablespace + #check_function_bodies = on + #default_transaction_isolation = 'read committed' + #default_transaction_read_only = off + #default_transaction_deferrable = off + #session_replication_role = 'origin' + #statement_timeout = 0 # in milliseconds, 0 is disabled + #lock_timeout = 0 # in milliseconds, 0 is disabled + #idle_in_transaction_session_timeout = 0 # in milliseconds, 0 is disabled + #vacuum_freeze_min_age = 50000000 + #vacuum_freeze_table_age = 150000000 + #vacuum_multixact_freeze_min_age = 5000000 + #vacuum_multixact_freeze_table_age = 150000000 + #vacuum_cleanup_index_scale_factor = 0.1 # fraction of total number of tuples + # before index cleanup, 0 always performs + # index cleanup + #bytea_output = 'hex' # hex, escape + #xmlbinary = 'base64' + #xmloption = 'content' + #gin_fuzzy_search_limit = 0 + #gin_pending_list_limit = 4MB + + # - Locale and Formatting - + + datestyle = 'iso, mdy' + #intervalstyle = 'postgres' + timezone = 'Etc/UTC' + #timezone_abbreviations = 'Default' # Select the set of available time zone + # abbreviations. Currently, there are + # Default + # Australia (historical usage) + # India + # You can create your own file in + # share/timezonesets/. + #extra_float_digits = 0 # min -15, max 3 + #client_encoding = sql_ascii # actually, defaults to database + # encoding + + # These settings are initialized by initdb, but they can be changed. + lc_messages = 'en_US.utf8' # locale for system error message + # strings + lc_monetary = 'en_US.utf8' # locale for monetary formatting + lc_numeric = 'en_US.utf8' # locale for number formatting + lc_time = 'en_US.utf8' # locale for time formatting + + # default configuration for text search + default_text_search_config = 'pg_catalog.english' + + # - Shared Library Preloading - + + #shared_preload_libraries = '' # (change requires restart) + #local_preload_libraries = '' + #session_preload_libraries = '' + #jit_provider = 'llvmjit' # JIT library to use + + # - Other Defaults - + + #dynamic_library_path = '$libdir' + + + #------------------------------------------------------------------------------ + # LOCK MANAGEMENT + #------------------------------------------------------------------------------ + + #deadlock_timeout = 1s + #max_locks_per_transaction = 64 # min 10 + # (change requires restart) + #max_pred_locks_per_transaction = 64 # min 10 + # (change requires restart) + #max_pred_locks_per_relation = -2 # negative values mean + # (max_pred_locks_per_transaction + # / -max_pred_locks_per_relation) - 1 + #max_pred_locks_per_page = 2 # min 0 + + + #------------------------------------------------------------------------------ + # VERSION AND PLATFORM COMPATIBILITY + #------------------------------------------------------------------------------ + + # - Previous PostgreSQL Versions - + + #array_nulls = on + #backslash_quote = safe_encoding # on, off, or safe_encoding + #default_with_oids = off + #escape_string_warning = on + #lo_compat_privileges = off + #operator_precedence_warning = off + #quote_all_identifiers = off + #standard_conforming_strings = on + #synchronize_seqscans = on + + # - Other Platforms and Clients - + + #transform_null_equals = off + + + #------------------------------------------------------------------------------ + # ERROR HANDLING + #------------------------------------------------------------------------------ + + #exit_on_error = off # terminate session on any error? + #restart_after_crash = on # reinitialize after backend crash? + #data_sync_retry = off # retry or panic on failure to fsync + # data? + # (change requires restart) + + + #------------------------------------------------------------------------------ + # CONFIG FILE INCLUDES + #------------------------------------------------------------------------------ + + # These options allow settings to be loaded from files other than the + # default postgresql.conf. + + #include_dir = '' # include files ending in '.conf' from + # a directory, e.g., 'conf.d' + #include_if_exists = '' # include file only if it exists + #include = '' # include file + + + #------------------------------------------------------------------------------ + # CUSTOMIZED OPTIONS + #------------------------------------------------------------------------------ + + # Add settings for extensions here +kind: ConfigMap +metadata: + annotations: + description: Configuration for PostgreSQL + labels: + app.kubernetes.io/component: codeintel-db + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: codeintel-db-conf + namespace: ns-sourcegraph diff --git a/test-cluster/v1_configmap_grafana.yaml b/test-cluster/v1_configmap_grafana.yaml new file mode 100644 index 000000000000..bf26fc5ce974 --- /dev/null +++ b/test-cluster/v1_configmap_grafana.yaml @@ -0,0 +1,20 @@ +apiVersion: v1 +data: + datasources.yml: | + apiVersion: 1 + + datasources: + - name: Prometheus + type: prometheus + access: proxy + url: http://prometheus:30090 + isDefault: true + editable: false +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/component: grafana + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: grafana + namespace: ns-sourcegraph diff --git a/test-cluster/v1_configmap_otel-agent.yaml b/test-cluster/v1_configmap_otel-agent.yaml new file mode 100644 index 000000000000..c49c15add61a --- /dev/null +++ b/test-cluster/v1_configmap_otel-agent.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +data: + config.yaml: "receivers:\n otlp:\n protocols:\n grpc: # port 4317\n http: + # port 4318\n\nexporters:\n otlp:\n endpoint: \"otel-collector:4317\"\n tls:\n + \ insecure: true\n sending_queue:\n num_consumers: 4\n queue_size: + 100\n retry_on_failure:\n enabled: true\n\nextensions:\n health_check:\n + \ endpoint: \":13133\"\n zpages:\n endpoint: \"localhost:55679\"\n\nservice:\n + \ extensions:\n - zpages\n - health_check\n pipelines:\n traces:\n receivers:\n + \ - otlp\n exporters:\n - otlp\n \n" +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/component: otel-collector + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: otel-agent + namespace: ns-sourcegraph diff --git a/test-cluster/v1_configmap_otel-collector.yaml b/test-cluster/v1_configmap_otel-collector.yaml new file mode 100644 index 000000000000..c10740478e75 --- /dev/null +++ b/test-cluster/v1_configmap_otel-collector.yaml @@ -0,0 +1,47 @@ +apiVersion: v1 +data: + config.yaml: | + # This is the template configuration for OpenTelemetry collector, and is not used by default. + # It is mounted to '/etc/otel-collector/config.yaml' in the otel-collector container. + # + # To learn more, see https://docs.sourcegraph.com/admin/deploy/kubernetes/configure#configure-a-tracing-backend + + exporters: + # Add your exporter(s) configuration here. For each exporter, make sure it is enabled + # in the service configuration below. + # Refer to our OpenTelemetry docs for information on how to configure different exporters: + # https://docs.sourcegraph.com/admin/observability/opentelemetry + + service: + pipelines: + traces: + exporters: + # Add the name of your exporter(s) here, e.g.: + # - logging + receivers: + - otlp # Do not remove this receiver + extensions: + # Do not remove these extensions + - health_check + - zpages + + receivers: + # Do not modify this receiver, as it is configured to accept data from OpenTelemetry agents. + otlp: + protocols: + grpc: # port 4317 + http: # port 4318 + + extensions: + health_check: + port: 13133 + zpages: + endpoint: "localhost:55679" +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/component: otel-collector + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: otel-collector + namespace: ns-sourcegraph diff --git a/test-cluster/v1_configmap_pgsql-conf.yaml b/test-cluster/v1_configmap_pgsql-conf.yaml new file mode 100644 index 000000000000..d9ac3218fa7e --- /dev/null +++ b/test-cluster/v1_configmap_pgsql-conf.yaml @@ -0,0 +1,705 @@ +apiVersion: v1 +data: + postgresql.conf: | + # ----------------------------- + # PostgreSQL configuration file + # ----------------------------- + # SOURCEGRAPH CUSTOMIZATIONS CONTAIN "# SG CUSTOM" in the comment + # + # This file consists of lines of the form: + # + # name = value + # + # (The "=" is optional.) Whitespace may be used. Comments are introduced with + # "#" anywhere on a line. The complete list of parameter names and allowed + # values can be found in the PostgreSQL documentation. + # + # The commented-out settings shown in this file represent the default values. + # Re-commenting a setting is NOT sufficient to revert it to the default value; + # you need to reload the server. + # + # This file is read on server startup and when the server receives a SIGHUP + # signal. If you edit the file on a running system, you have to SIGHUP the + # server for the changes to take effect, run "pg_ctl reload", or execute + # "SELECT pg_reload_conf()". Some parameters, which are marked below, + # require a server shutdown and restart to take effect. + # + # Any parameter can also be given as a command-line option to the server, e.g., + # "postgres -c log_connections=on". Some parameters can be changed at run time + # with the "SET" SQL command. + # + # Memory units: kB = kilobytes Time units: ms = milliseconds + # MB = megabytes s = seconds + # GB = gigabytes min = minutes + # TB = terabytes h = hours + # d = days + + + #------------------------------------------------------------------------------ + # FILE LOCATIONS + #------------------------------------------------------------------------------ + + # The default values of these variables are driven from the -D command-line + # option or PGDATA environment variable, represented here as ConfigDir. + + #data_directory = 'ConfigDir' # use data in another directory + # (change requires restart) + #hba_file = 'ConfigDir/pg_hba.conf' # host-based authentication file + # (change requires restart) + #ident_file = 'ConfigDir/pg_ident.conf' # ident configuration file + # (change requires restart) + + # If external_pid_file is not explicitly set, no extra PID file is written. + #external_pid_file = '' # write an extra PID file + # (change requires restart) + + + #------------------------------------------------------------------------------ + # CONNECTIONS AND AUTHENTICATION + #------------------------------------------------------------------------------ + + # - Connection Settings - + + listen_addresses = '*' + # comma-separated list of addresses; + # defaults to 'localhost'; use '*' for all + # (change requires restart) + #port = 5432 # (change requires restart) + max_connections = 100 # (change requires restart) + #superuser_reserved_connections = 3 # (change requires restart) + #unix_socket_directories = '/var/run/postgresql' # comma-separated list of directories + # (change requires restart) + #unix_socket_group = '' # (change requires restart) + #unix_socket_permissions = 0777 # begin with 0 to use octal notation + # (change requires restart) + #bonjour = off # advertise server via Bonjour + # (change requires restart) + #bonjour_name = '' # defaults to the computer name + # (change requires restart) + + # - TCP Keepalives - + # see "man 7 tcp" for details + + #tcp_keepalives_idle = 0 # TCP_KEEPIDLE, in seconds; + # 0 selects the system default + #tcp_keepalives_interval = 0 # TCP_KEEPINTVL, in seconds; + # 0 selects the system default + #tcp_keepalives_count = 0 # TCP_KEEPCNT; + # 0 selects the system default + + # - Authentication - + + #authentication_timeout = 1min # 1s-600s + #password_encryption = md5 # md5 or scram-sha-256 + #db_user_namespace = off + + # GSSAPI using Kerberos + #krb_server_keyfile = '' + #krb_caseins_users = off + + # - SSL - + + #ssl = off + #ssl_ca_file = '' + #ssl_cert_file = 'server.crt' + #ssl_crl_file = '' + #ssl_key_file = 'server.key' + #ssl_ciphers = 'HIGH:MEDIUM:+3DES:!aNULL' # allowed SSL ciphers + #ssl_prefer_server_ciphers = on + #ssl_ecdh_curve = 'prime256v1' + #ssl_dh_params_file = '' + #ssl_passphrase_command = '' + #ssl_passphrase_command_supports_reload = off + + + #------------------------------------------------------------------------------ + # RESOURCE USAGE (except WAL) + #------------------------------------------------------------------------------ + + # - Memory - + + shared_buffers = 1GB # SG CUSTOM min 128kB + # (change requires restart) + #huge_pages = try # on, off, or try + # (change requires restart) + #temp_buffers = 8MB # min 800kB + #max_prepared_transactions = 0 # zero disables the feature + # (change requires restart) + # Caution: it is not advisable to set max_prepared_transactions nonzero unless + # you actively intend to use prepared transactions. + work_mem = 5MB # SG CUSTOM min 64kB + maintenance_work_mem = 250MB # SG CUSTOM min 1MB + #autovacuum_work_mem = -1 # min 1MB, or -1 to use maintenance_work_mem + #max_stack_depth = 2MB # min 100kB + dynamic_shared_memory_type = posix # the default is the first option + # supported by the operating system: + # posix + # sysv + # windows + # mmap + # use none to disable dynamic shared memory + # (change requires restart) + + # - Disk - + + temp_file_limit = 20GB # SG CUSTOM limits per-process temp file space + # in kB, or -1 for no limit + + # - Kernel Resources - + + #max_files_per_process = 1000 # min 25 + # (change requires restart) + + # - Cost-Based Vacuum Delay - + + #vacuum_cost_delay = 0 # 0-100 milliseconds + #vacuum_cost_page_hit = 1 # 0-10000 credits + #vacuum_cost_page_miss = 10 # 0-10000 credits + #vacuum_cost_page_dirty = 20 # 0-10000 credits + #vacuum_cost_limit = 200 # 1-10000 credits + + # - Background Writer - + + bgwriter_delay = 50ms # SG CUSTOM 10-10000ms between rounds + bgwriter_lru_maxpages = 200 # SG CUSTOM max buffers written/round, 0 disables + + #bgwriter_lru_multiplier = 2.0 # 0-10.0 multiplier on buffers scanned/round + #bgwriter_flush_after = 512kB # measured in pages, 0 disables + + # - Asynchronous Behavior - + + effective_io_concurrency = 200 # 1-1000; 0 disables prefetching + max_worker_processes = 4 # SG CUSTOM (change requires restart) + max_parallel_maintenance_workers = 4 # SG CUSTOM taken from max_parallel_workers + max_parallel_workers_per_gather = 2 # SG CUSTOM taken from max_parallel_workers + #parallel_leader_participation = on + max_parallel_workers = 4 # SG CUSTOM maximum number of max_worker_processes that + # can be used in parallel operations + #old_snapshot_threshold = -1 # 1min-60d; -1 disables; 0 is immediate + # (change requires restart) + #backend_flush_after = 0 # measured in pages, 0 disables + + + #------------------------------------------------------------------------------ + # WRITE-AHEAD LOG + #------------------------------------------------------------------------------ + + # - Settings - + + #wal_level = replica # minimal, replica, or logical + # (change requires restart) + #fsync = on # flush data to disk for crash safety + # (turning this off can cause + # unrecoverable data corruption) + #synchronous_commit = on # synchronization level; + # off, local, remote_write, remote_apply, or on + #wal_sync_method = fsync # the default is the first option + # supported by the operating system: + # open_datasync + # fdatasync (default on Linux) + # fsync + # fsync_writethrough + # open_sync + #full_page_writes = on # recover from partial page writes + #wal_compression = off # enable compression of full-page writes + #wal_log_hints = off # also do full page writes of non-critical updates + # (change requires restart) + wal_buffers = 16MB # SG CUSTOM min 32kB, -1 sets based on shared_buffers + # (change requires restart) + #wal_writer_delay = 200ms # 1-10000 milliseconds + #wal_writer_flush_after = 1MB # measured in pages, 0 disables + + #commit_delay = 0 # range 0-100000, in microseconds + #commit_siblings = 5 # range 1-1000 + + # - Checkpoints - + + #checkpoint_timeout = 5min # range 30s-1d + max_wal_size = 8GB # SG CUSTOM + min_wal_size = 2GB # SG CUSTOM + #checkpoint_completion_target = 0.5 # checkpoint target duration, 0.0 - 1.0 + #checkpoint_flush_after = 256kB # measured in pages, 0 disables + #checkpoint_warning = 30s # 0 disables + + # - Archiving - + + #archive_mode = off # enables archiving; off, on, or always + # (change requires restart) + #archive_command = '' # command to use to archive a logfile segment + # placeholders: %p = path of file to archive + # %f = file name only + # e.g. 'test ! -f /mnt/server/archivedir/%f && cp %p /mnt/server/archivedir/%f' + #archive_timeout = 0 # force a logfile segment switch after this + # number of seconds; 0 disables + + + #------------------------------------------------------------------------------ + # REPLICATION + #------------------------------------------------------------------------------ + + # - Sending Servers - + + # Set these on the master and on any standby that will send replication data. + + #max_wal_senders = 10 # max number of walsender processes + # (change requires restart) + #wal_keep_segments = 0 # in logfile segments; 0 disables + #wal_sender_timeout = 60s # in milliseconds; 0 disables + + #max_replication_slots = 10 # max number of replication slots + # (change requires restart) + #track_commit_timestamp = off # collect timestamp of transaction commit + # (change requires restart) + + # - Master Server - + + # These settings are ignored on a standby server. + + #synchronous_standby_names = '' # standby servers that provide sync rep + # method to choose sync standbys, number of sync standbys, + # and comma-separated list of application_name + # from standby(s); '*' = all + #vacuum_defer_cleanup_age = 0 # number of xacts by which cleanup is delayed + + # - Standby Servers - + + # These settings are ignored on a master server. + + #hot_standby = on # "off" disallows queries during recovery + # (change requires restart) + #max_standby_archive_delay = 30s # max delay before canceling queries + # when reading WAL from archive; + # -1 allows indefinite delay + #max_standby_streaming_delay = 30s # max delay before canceling queries + # when reading streaming WAL; + # -1 allows indefinite delay + #wal_receiver_status_interval = 10s # send replies at least this often + # 0 disables + #hot_standby_feedback = off # send info from standby to prevent + # query conflicts + #wal_receiver_timeout = 60s # time that receiver waits for + # communication from master + # in milliseconds; 0 disables + #wal_retrieve_retry_interval = 5s # time to wait before retrying to + # retrieve WAL after a failed attempt + + # - Subscribers - + + # These settings are ignored on a publisher. + + #max_logical_replication_workers = 4 # taken from max_worker_processes + # (change requires restart) + #max_sync_workers_per_subscription = 2 # taken from max_logical_replication_workers + + + #------------------------------------------------------------------------------ + # QUERY TUNING + #------------------------------------------------------------------------------ + + # - Planner Method Configuration - + + #enable_bitmapscan = on + #enable_hashagg = on + #enable_hashjoin = on + #enable_indexscan = on + #enable_indexonlyscan = on + #enable_material = on + #enable_mergejoin = on + #enable_nestloop = on + #enable_parallel_append = on + #enable_seqscan = on + #enable_sort = on + #enable_tidscan = on + #enable_partitionwise_join = off + #enable_partitionwise_aggregate = off + #enable_parallel_hash = on + #enable_partition_pruning = on + + # - Planner Cost Constants - + + #seq_page_cost = 1.0 # measured on an arbitrary scale + random_page_cost = 1.1 # SG CUSTOM same scale as above + #cpu_tuple_cost = 0.01 # same scale as above + #cpu_index_tuple_cost = 0.005 # same scale as above + #cpu_operator_cost = 0.0025 # same scale as above + #parallel_tuple_cost = 0.1 # same scale as above + #parallel_setup_cost = 1000.0 # same scale as above + + #jit_above_cost = 100000 # perform JIT compilation if available + # and query more expensive than this; + # -1 disables + #jit_inline_above_cost = 500000 # inline small functions if query is + # more expensive than this; -1 disables + #jit_optimize_above_cost = 500000 # use expensive JIT optimizations if + # query is more expensive than this; + # -1 disables + + #min_parallel_table_scan_size = 8MB + #min_parallel_index_scan_size = 512kB + effective_cache_size = 3GB # SG CUSTOM + + # - Genetic Query Optimizer - + + #geqo = on + #geqo_threshold = 12 + #geqo_effort = 5 # range 1-10 + #geqo_pool_size = 0 # selects default based on effort + #geqo_generations = 0 # selects default based on effort + #geqo_selection_bias = 2.0 # range 1.5-2.0 + #geqo_seed = 0.0 # range 0.0-1.0 + + # - Other Planner Options - + + #default_statistics_target = 100 # range 1-10000 + #constraint_exclusion = partition # on, off, or partition + #cursor_tuple_fraction = 0.1 # range 0.0-1.0 + #from_collapse_limit = 8 + #join_collapse_limit = 8 # 1 disables collapsing of explicit + # JOIN clauses + #force_parallel_mode = off + #jit = off # allow JIT compilation + + + #------------------------------------------------------------------------------ + # REPORTING AND LOGGING + #------------------------------------------------------------------------------ + + # - Where to Log - + + #log_destination = 'stderr' # Valid values are combinations of + # stderr, csvlog, syslog, and eventlog, + # depending on platform. csvlog + # requires logging_collector to be on. + + # This is used when logging to stderr: + #logging_collector = off # Enable capturing of stderr and csvlog + # into log files. Required to be on for + # csvlogs. + # (change requires restart) + + # These are only used if logging_collector is on: + #log_directory = 'log' # directory where log files are written, + # can be absolute or relative to PGDATA + #log_filename = 'postgresql-%Y-%m-%d_%H%M%S.log' # log file name pattern, + # can include strftime() escapes + #log_file_mode = 0600 # creation mode for log files, + # begin with 0 to use octal notation + #log_truncate_on_rotation = off # If on, an existing log file with the + # same name as the new log file will be + # truncated rather than appended to. + # But such truncation only occurs on + # time-driven rotation, not on restarts + # or size-driven rotation. Default is + # off, meaning append to existing files + # in all cases. + #log_rotation_age = 1d # Automatic rotation of logfiles will + # happen after that time. 0 disables. + #log_rotation_size = 10MB # Automatic rotation of logfiles will + # happen after that much log output. + # 0 disables. + + # These are relevant when logging to syslog: + #syslog_facility = 'LOCAL0' + #syslog_ident = 'postgres' + #syslog_sequence_numbers = on + #syslog_split_messages = on + + # This is only relevant when logging to eventlog (win32): + # (change requires restart) + #event_source = 'PostgreSQL' + + # - When to Log - + + #log_min_messages = warning # values in order of decreasing detail: + # debug5 + # debug4 + # debug3 + # debug2 + # debug1 + # info + # notice + # warning + # error + # log + # fatal + # panic + + #log_min_error_statement = error # values in order of decreasing detail: + # debug5 + # debug4 + # debug3 + # debug2 + # debug1 + # info + # notice + # warning + # error + # log + # fatal + # panic (effectively off) + + #log_min_duration_statement = -1 # -1 is disabled, 0 logs all statements + # and their durations, > 0 logs only + # statements running at least this number + # of milliseconds + + + # - What to Log - + + #debug_print_parse = off + #debug_print_rewritten = off + #debug_print_plan = off + #debug_pretty_print = on + #log_checkpoints = off + #log_connections = off + #log_disconnections = off + #log_duration = off + #log_error_verbosity = default # terse, default, or verbose messages + #log_hostname = off + #log_line_prefix = '%m [%p] ' # special values: + # %a = application name + # %u = user name + # %d = database name + # %r = remote host and port + # %h = remote host + # %p = process ID + # %t = timestamp without milliseconds + # %m = timestamp with milliseconds + # %n = timestamp with milliseconds (as a Unix epoch) + # %i = command tag + # %e = SQL state + # %c = session ID + # %l = session line number + # %s = session start timestamp + # %v = virtual transaction ID + # %x = transaction ID (0 if none) + # %q = stop here in non-session + # processes + # %% = '%' + # e.g. '<%u%%%d> ' + #log_lock_waits = off # log lock waits >= deadlock_timeout + #log_statement = 'none' # none, ddl, mod, all + #log_replication_commands = off + #log_temp_files = -1 # log temporary files equal or larger + # than the specified size in kilobytes; + # -1 disables, 0 logs all temp files + log_timezone = 'Etc/UTC' + + #------------------------------------------------------------------------------ + # PROCESS TITLE + #------------------------------------------------------------------------------ + + #cluster_name = '' # added to process titles if nonempty + # (change requires restart) + #update_process_title = on + + + #------------------------------------------------------------------------------ + # STATISTICS + #------------------------------------------------------------------------------ + + # - Query and Index Statistics Collector - + + #track_activities = on + #track_counts = on + #track_io_timing = off + #track_functions = none # none, pl, all + #track_activity_query_size = 1024 # (change requires restart) + #stats_temp_directory = 'pg_stat_tmp' + + + # - Monitoring - + + #log_parser_stats = off + #log_planner_stats = off + #log_executor_stats = off + #log_statement_stats = off + + + #------------------------------------------------------------------------------ + # AUTOVACUUM + #------------------------------------------------------------------------------ + + #autovacuum = on # Enable autovacuum subprocess? 'on' + # requires track_counts to also be on. + #log_autovacuum_min_duration = -1 # -1 disables, 0 logs all actions and + # their durations, > 0 logs only + # actions running at least this number + # of milliseconds. + #autovacuum_max_workers = 3 # max number of autovacuum subprocesses + # (change requires restart) + #autovacuum_naptime = 1min # time between autovacuum runs + #autovacuum_vacuum_threshold = 50 # min number of row updates before + # vacuum + #autovacuum_analyze_threshold = 50 # min number of row updates before + # analyze + #autovacuum_vacuum_scale_factor = 0.2 # fraction of table size before vacuum + #autovacuum_analyze_scale_factor = 0.1 # fraction of table size before analyze + #autovacuum_freeze_max_age = 200000000 # maximum XID age before forced vacuum + # (change requires restart) + #autovacuum_multixact_freeze_max_age = 400000000 # maximum multixact age + # before forced vacuum + # (change requires restart) + #autovacuum_vacuum_cost_delay = 20ms # default vacuum cost delay for + # autovacuum, in milliseconds; + # -1 means use vacuum_cost_delay + #autovacuum_vacuum_cost_limit = -1 # default vacuum cost limit for + # autovacuum, -1 means use + # vacuum_cost_limit + + + #------------------------------------------------------------------------------ + # CLIENT CONNECTION DEFAULTS + #------------------------------------------------------------------------------ + + # - Statement Behavior - + + #client_min_messages = notice # values in order of decreasing detail: + # debug5 + # debug4 + # debug3 + # debug2 + # debug1 + # log + # notice + # warning + # error + #search_path = '"$user", public' # schema names + #row_security = on + #default_tablespace = '' # a tablespace name, '' uses the default + #temp_tablespaces = '' # a list of tablespace names, '' uses + # only default tablespace + #check_function_bodies = on + #default_transaction_isolation = 'read committed' + #default_transaction_read_only = off + #default_transaction_deferrable = off + #session_replication_role = 'origin' + #statement_timeout = 0 # in milliseconds, 0 is disabled + #lock_timeout = 0 # in milliseconds, 0 is disabled + #idle_in_transaction_session_timeout = 0 # in milliseconds, 0 is disabled + #vacuum_freeze_min_age = 50000000 + #vacuum_freeze_table_age = 150000000 + #vacuum_multixact_freeze_min_age = 5000000 + #vacuum_multixact_freeze_table_age = 150000000 + #vacuum_cleanup_index_scale_factor = 0.1 # fraction of total number of tuples + # before index cleanup, 0 always performs + # index cleanup + #bytea_output = 'hex' # hex, escape + #xmlbinary = 'base64' + #xmloption = 'content' + #gin_fuzzy_search_limit = 0 + #gin_pending_list_limit = 4MB + + # - Locale and Formatting - + + datestyle = 'iso, mdy' + #intervalstyle = 'postgres' + timezone = 'Etc/UTC' + #timezone_abbreviations = 'Default' # Select the set of available time zone + # abbreviations. Currently, there are + # Default + # Australia (historical usage) + # India + # You can create your own file in + # share/timezonesets/. + #extra_float_digits = 0 # min -15, max 3 + #client_encoding = sql_ascii # actually, defaults to database + # encoding + + # These settings are initialized by initdb, but they can be changed. + lc_messages = 'en_US.utf8' # locale for system error message + # strings + lc_monetary = 'en_US.utf8' # locale for monetary formatting + lc_numeric = 'en_US.utf8' # locale for number formatting + lc_time = 'en_US.utf8' # locale for time formatting + + # default configuration for text search + default_text_search_config = 'pg_catalog.english' + + # - Shared Library Preloading - + + #shared_preload_libraries = '' # (change requires restart) + #local_preload_libraries = '' + #session_preload_libraries = '' + #jit_provider = 'llvmjit' # JIT library to use + + # - Other Defaults - + + #dynamic_library_path = '$libdir' + + + #------------------------------------------------------------------------------ + # LOCK MANAGEMENT + #------------------------------------------------------------------------------ + + #deadlock_timeout = 1s + #max_locks_per_transaction = 64 # min 10 + # (change requires restart) + #max_pred_locks_per_transaction = 64 # min 10 + # (change requires restart) + #max_pred_locks_per_relation = -2 # negative values mean + # (max_pred_locks_per_transaction + # / -max_pred_locks_per_relation) - 1 + #max_pred_locks_per_page = 2 # min 0 + + + #------------------------------------------------------------------------------ + # VERSION AND PLATFORM COMPATIBILITY + #------------------------------------------------------------------------------ + + # - Previous PostgreSQL Versions - + + #array_nulls = on + #backslash_quote = safe_encoding # on, off, or safe_encoding + #default_with_oids = off + #escape_string_warning = on + #lo_compat_privileges = off + #operator_precedence_warning = off + #quote_all_identifiers = off + #standard_conforming_strings = on + #synchronize_seqscans = on + + # - Other Platforms and Clients - + + #transform_null_equals = off + + + #------------------------------------------------------------------------------ + # ERROR HANDLING + #------------------------------------------------------------------------------ + + #exit_on_error = off # terminate session on any error? + #restart_after_crash = on # reinitialize after backend crash? + #data_sync_retry = off # retry or panic on failure to fsync + # data? + # (change requires restart) + + + #------------------------------------------------------------------------------ + # CONFIG FILE INCLUDES + #------------------------------------------------------------------------------ + + # These options allow settings to be loaded from files other than the + # default postgresql.conf. + + #include_dir = '' # include files ending in '.conf' from + # a directory, e.g., 'conf.d' + #include_if_exists = '' # include file only if it exists + #include = '' # include file + + + #------------------------------------------------------------------------------ + # CUSTOMIZED OPTIONS + #------------------------------------------------------------------------------ + + # Add settings for extensions here +kind: ConfigMap +metadata: + annotations: + description: Configuration for PostgreSQL + labels: + app.kubernetes.io/component: pgsql + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: pgsql-conf + namespace: ns-sourcegraph diff --git a/test-cluster/v1_configmap_prometheus.yaml b/test-cluster/v1_configmap_prometheus.yaml new file mode 100644 index 000000000000..f267f1aceaed --- /dev/null +++ b/test-cluster/v1_configmap_prometheus.yaml @@ -0,0 +1,147 @@ +apiVersion: v1 +data: + extra_rules.yml: "" + prometheus.yml: "global:\n scrape_interval: 30s\n evaluation_interval: 30s\n\nalerting:\n + \ alertmanagers:\n # Bundled Alertmanager, started by prom-wrapper\n - static_configs:\n + \ - targets: ['127.0.0.1:9093']\n path_prefix: /alertmanager\n # + Uncomment the following to have alerts delivered to additional Alertmanagers discovered\n + \ # in the cluster. This configuration is not required if you use Sourcegraph's + built-in alerting:\n # https://docs.sourcegraph.com/admin/observability/alerting\n + \ # - kubernetes_sd_configs:\n # - role: endpoints\n # relabel_configs:\n + \ # - source_labels: [__meta_kubernetes_service_name]\n # regex: + alertmanager\n # action: keep\n\nrule_files:\n - '*_rules.yml'\n - \"/sg_config_prometheus/*_rules.yml\"\n + \ - \"/sg_prometheus_add_ons/*_rules.yml\"\n\n# A scrape configuration for running + Prometheus on a Kubernetes cluster.\n# This uses separate scrape configs for cluster + components (i.e. API server, node)\n# and services to allow each to use different + authentication configs.\n#\n# Kubernetes labels will be added as Prometheus labels + on metrics via the\n# `labelmap` relabeling action.\n\n# Scrape config for API + servers.\n#\n# Kubernetes exposes API servers as endpoints to the default/kubernetes\n# + service so this uses `endpoints` role and uses relabelling to only keep\n# the + endpoints associated with the default/kubernetes service using the\n# default + named port `https`. This works for single API server deployments as\n# well as + HA API server deployments.\nscrape_configs:\n- job_name: 'kubernetes-apiservers'\n\n + \ kubernetes_sd_configs:\n - role: endpoints\n\n # Default to scraping over + https. If required, just disable this or change to\n # `http`.\n scheme: https\n\n + \ # This TLS & bearer token file config is used to connect to the actual scrape\n + \ # endpoints for cluster components. This is separate to discovery auth\n # + configuration because discovery & scraping are two separate concerns in\n # Prometheus. + The discovery auth config is automatic if Prometheus runs inside\n # the cluster. + Otherwise, more config options have to be provided within the\n # .\n + \ tls_config:\n ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt\n + \ # If your node certificates are self-signed or use a different CA to the\n + \ # master CA, then disable certificate verification below. Note that\n # + certificate verification is an integral part of a secure infrastructure\n # + so this should only be disabled in a controlled environment. You can\n # disable + certificate verification by uncommenting the line below.\n #\n # insecure_skip_verify: + true\n bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token\n\n + \ # Keep only the default/kubernetes service endpoints for the https port. This\n + \ # will add targets for each API server which Kubernetes adds an endpoint to\n + \ # the default/kubernetes service.\n relabel_configs:\n - source_labels: [__meta_kubernetes_namespace, + __meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name]\n action: + keep\n regex: default;kubernetes;https\n\n- job_name: 'kubernetes-nodes'\n\n + \ # Default to scraping over https. If required, just disable this or change to\n + \ # `http`.\n scheme: https\n\n # This TLS & bearer token file config is used + to connect to the actual scrape\n # endpoints for cluster components. This is + separate to discovery auth\n # configuration because discovery & scraping are + two separate concerns in\n # Prometheus. The discovery auth config is automatic + if Prometheus runs inside\n # the cluster. Otherwise, more config options have + to be provided within the\n # .\n tls_config:\n ca_file: + /var/run/secrets/kubernetes.io/serviceaccount/ca.crt\n # If your node certificates + are self-signed or use a different CA to the\n # master CA, then disable certificate + verification below. Note that\n # certificate verification is an integral part + of a secure infrastructure\n # so this should only be disabled in a controlled + environment. You can\n # disable certificate verification by uncommenting the + line below.\n #\n insecure_skip_verify: true\n bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token\n\n + \ kubernetes_sd_configs:\n - role: node\n\n relabel_configs:\n - action: labelmap\n + \ regex: __meta_kubernetes_node_label_(.+)\n - target_label: __address__\n + \ replacement: kubernetes.default.svc:443\n - source_labels: [__meta_kubernetes_node_name]\n + \ regex: (.+)\n target_label: __metrics_path__\n replacement: /api/v1/nodes/${1}/proxy/metrics\n\n# + Scrape config for service endpoints.\n#\n# The relabeling allows the actual service + scrape endpoint to be configured\n# via the following annotations:\n#\n# * `sourcegraph.prometheus/scrape`: + Only scrape services that have a value of `true`\n# * `prometheus.io/scheme`: + If the metrics endpoint is secured then you will need\n# to set this to `https` + & most likely set the `tls_config` of the scrape config.\n# * `prometheus.io/path`: + If the metrics path is not `/metrics` override this.\n# * `prometheus.io/port`: + If the metrics are exposed on a different port to the\n# service then set this + appropriately.\n- job_name: 'kubernetes-service-endpoints'\n\n kubernetes_sd_configs:\n + \ - role: endpoints\n\n relabel_configs:\n # Sourcegraph specific customization, + only scrape pods with our annotation\n - source_labels: [__meta_kubernetes_service_annotation_sourcegraph_prometheus_scrape]\n + \ action: keep\n regex: true\n - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scheme]\n + \ action: replace\n target_label: __scheme__\n regex: (https?)\n - source_labels: + [__meta_kubernetes_service_annotation_prometheus_io_path]\n action: replace\n + \ target_label: __metrics_path__\n regex: (.+)\n - source_labels: [__address__, + __meta_kubernetes_service_annotation_prometheus_io_port]\n action: replace\n + \ target_label: __address__\n regex: (.+)(?::\\d+);(\\d+)\n replacement: + $1:$2\n - action: labelmap\n regex: __meta_kubernetes_service_label_(.+)\n + \ - source_labels: [__meta_kubernetes_namespace]\n action: replace\n # Sourcegraph + specific customization. We want a more convenient to type label.\n # target_label: + kubernetes_namespace\n target_label: ns\n - source_labels: [__meta_kubernetes_service_name]\n + \ action: replace\n target_label: kubernetes_name\n # Sourcegraph specific + customization. We want a nicer name for job\n - source_labels: [app]\n action: + replace\n target_label: job\n # Sourcegraph specific customization. We want + a nicer name for instance\n - source_labels: [__meta_kubernetes_pod_name]\n action: + replace\n target_label: instance\n # Sourcegraph specific customization. We + want to add a label to every \n # metric that indicates the node it came from.\n + \ - source_labels: [__meta_kubernetes_endpoint_node_name]\n action: replace\n + \ target_label: nodename\n metric_relabel_configs:\n # Sourcegraph specific + customization. Drop metrics with empty nodename responses from the k8s API\n - + source_labels: [nodename]\n regex: ^$\n action: drop\n\n# Example scrape + config for probing services via the Blackbox Exporter.\n#\n# The relabeling allows + the actual service scrape endpoint to be configured\n# via the following annotations:\n#\n# + * `prometheus.io/probe`: Only probe services that have a value of `true`\n- job_name: + 'kubernetes-services'\n\n metrics_path: /probe\n params:\n module: [http_2xx]\n\n + \ kubernetes_sd_configs:\n - role: service\n\n relabel_configs:\n - source_labels: + [__meta_kubernetes_service_annotation_prometheus_io_probe]\n action: keep\n + \ regex: true\n - source_labels: [__address__]\n target_label: __param_target\n + \ - target_label: __address__\n replacement: blackbox\n - source_labels: [__param_target]\n + \ target_label: instance\n - action: labelmap\n regex: __meta_kubernetes_service_label_(.+)\n + \ - source_labels: [__meta_kubernetes_service_namespace]\n # Sourcegraph specific + customization. We want a more convenient to type label.\n # target_label: kubernetes_namespace\n + \ target_label: ns\n - source_labels: [__meta_kubernetes_service_name]\n target_label: + kubernetes_name\n\n# Example scrape config for pods\n#\n# The relabeling allows + the actual pod scrape endpoint to be configured via the\n# following annotations:\n#\n# + * `sourcegraph.prometheus/scrape`: Only scrape pods that have a value of `true`\n# + * `prometheus.io/path`: If the metrics path is not `/metrics` override this.\n# + * `prometheus.io/port`: Scrape the pod on the indicated port instead of the default + of `9102`.\n- job_name: 'kubernetes-pods'\n\n kubernetes_sd_configs:\n - role: + pod\n\n relabel_configs:\n # Sourcegraph specific customization, only scrape + pods with our annotation\n - source_labels: [__meta_kubernetes_pod_annotation_sourcegraph_prometheus_scrape]\n + \ action: keep\n regex: true\n - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_path]\n + \ action: replace\n target_label: __metrics_path__\n regex: (.+)\n - + source_labels: [__address__, __meta_kubernetes_pod_annotation_prometheus_io_port]\n + \ action: replace\n regex: (.+):(?:\\d+);(\\d+)\n replacement: ${1}:${2}\n + \ target_label: __address__\n - action: labelmap\n regex: __meta_kubernetes_pod_label_(.+)\n + \ - source_labels: [__meta_kubernetes_pod_name]\n action: replace\n target_label: + kubernetes_pod_name\n # Sourcegraph specific customization. We want a more convenient + to type label.\n # target_label: kubernetes_namespace\n - source_labels: [__meta_kubernetes_namespace]\n + \ action: replace\n target_label: ns\n # Sourcegraph specific customization. + We want to add a label to every \n # metric that indicates the node it came from.\n + \ - source_labels: [__meta_kubernetes_pod_node_name]\n action: replace\n target_label: + nodename\n\n metric_relabel_configs:\n # cAdvisor-specific customization. Drop + container metrics exported by cAdvisor\n # not in the same namespace as Sourcegraph.\n + \ # Uncomment this if you have problems with certain dashboards or cAdvisor itself\n + \ # picking up non-Sourcegraph services. Ensure all Sourcegraph services are running\n + \ # within the Sourcegraph namespace you have defined.\n # The regex must keep + matches on '^$' (empty string) to ensure other metrics do not\n # get dropped.\n + \ # - source_labels: [container_label_io_kubernetes_pod_namespace]\n # regex: + ^$|ns-sourcegraph # ensure this matches with namespace declarations\n # action: + keep\n # cAdvisor-specific customization. We want container metrics to be named + after their container name label.\n # Note that 'io.kubernetes.container.name' + and 'io.kubernetes.pod.name' must be provided in cAdvisor\n # '--whitelisted_container_labels' + (see cadvisor.DaemonSet.yaml)\n - source_labels: [container_label_io_kubernetes_container_name, + container_label_io_kubernetes_pod_name]\n regex: (.+)\n action: replace\n + \ target_label: name\n separator: '-'\n # Sourcegraph specific customization. + Drop metrics with empty nodename responses from the k8s API\n - source_labels: + [nodename]\n regex: ^$\n action: drop\n\n# Scrape prometheus itself for + metrics.\n- job_name: 'builtin-prometheus'\n static_configs:\n - targets: + ['127.0.0.1:9092']\n labels:\n app: prometheus\n- job_name: 'builtin-alertmanager'\n + \ metrics_path: /alertmanager/metrics\n static_configs:\n - targets: ['127.0.0.1:9093']\n + \ labels:\n app: alertmanager\n" +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/component: prometheus + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: prometheus + namespace: ns-sourcegraph diff --git a/test-cluster/v1_persistentvolumeclaim_blobstore.yaml b/test-cluster/v1_persistentvolumeclaim_blobstore.yaml new file mode 100644 index 000000000000..97e338949ac2 --- /dev/null +++ b/test-cluster/v1_persistentvolumeclaim_blobstore.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app.kubernetes.io/component: blobstore + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: blobstore + namespace: ns-sourcegraph +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi + storageClassName: standard diff --git a/test-cluster/v1_persistentvolumeclaim_codeinsights-db.yaml b/test-cluster/v1_persistentvolumeclaim_codeinsights-db.yaml new file mode 100644 index 000000000000..bdcdc51ae144 --- /dev/null +++ b/test-cluster/v1_persistentvolumeclaim_codeinsights-db.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app.kubernetes.io/component: codeinsights-db + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: codeinsights-db + namespace: ns-sourcegraph +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi + storageClassName: standard diff --git a/test-cluster/v1_persistentvolumeclaim_codeintel-db.yaml b/test-cluster/v1_persistentvolumeclaim_codeintel-db.yaml new file mode 100644 index 000000000000..6b7deb87e7c9 --- /dev/null +++ b/test-cluster/v1_persistentvolumeclaim_codeintel-db.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app.kubernetes.io/component: codeintel-db + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: codeintel-db + namespace: ns-sourcegraph +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi + storageClassName: standard diff --git a/test-cluster/v1_persistentvolumeclaim_pgsql.yaml b/test-cluster/v1_persistentvolumeclaim_pgsql.yaml new file mode 100644 index 000000000000..4d84d37bfe4a --- /dev/null +++ b/test-cluster/v1_persistentvolumeclaim_pgsql.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app.kubernetes.io/component: pgsql + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: pgsql + namespace: ns-sourcegraph +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi + storageClassName: standard diff --git a/test-cluster/v1_persistentvolumeclaim_prometheus.yaml b/test-cluster/v1_persistentvolumeclaim_prometheus.yaml new file mode 100644 index 000000000000..c5f580a69414 --- /dev/null +++ b/test-cluster/v1_persistentvolumeclaim_prometheus.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app.kubernetes.io/component: prometheus + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: prometheus + namespace: ns-sourcegraph +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi + storageClassName: standard diff --git a/test-cluster/v1_persistentvolumeclaim_redis-cache.yaml b/test-cluster/v1_persistentvolumeclaim_redis-cache.yaml new file mode 100644 index 000000000000..ced30e3dd2ec --- /dev/null +++ b/test-cluster/v1_persistentvolumeclaim_redis-cache.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app.kubernetes.io/component: redis + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: redis-cache + namespace: ns-sourcegraph +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi + storageClassName: standard diff --git a/test-cluster/v1_persistentvolumeclaim_redis-store.yaml b/test-cluster/v1_persistentvolumeclaim_redis-store.yaml new file mode 100644 index 000000000000..70a330c00354 --- /dev/null +++ b/test-cluster/v1_persistentvolumeclaim_redis-store.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app.kubernetes.io/component: redis + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: redis-store + namespace: ns-sourcegraph +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi + storageClassName: standard diff --git a/test-cluster/v1_service_blobstore.yaml b/test-cluster/v1_service_blobstore.yaml new file mode 100644 index 000000000000..16a036a551be --- /dev/null +++ b/test-cluster/v1_service_blobstore.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app: blobstore + app.kubernetes.io/component: blobstore + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: blobstore + namespace: ns-sourcegraph +spec: + ports: + - name: blobstore + port: 9000 + targetPort: blobstore + selector: + app: blobstore + type: ClusterIP diff --git a/test-cluster/v1_service_codeinsights-db.yaml b/test-cluster/v1_service_codeinsights-db.yaml new file mode 100644 index 000000000000..1fdadd028fb0 --- /dev/null +++ b/test-cluster/v1_service_codeinsights-db.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/port: "9187" + sourcegraph.prometheus/scrape: "true" + labels: + app: codeinsights-db + app.kubernetes.io/component: codeinsights-db + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: codeinsights-db + namespace: ns-sourcegraph +spec: + ports: + - name: codeinsights-db + port: 5432 + targetPort: codeinsights-db + selector: + app: codeinsights-db + type: ClusterIP diff --git a/test-cluster/v1_service_codeintel-db.yaml b/test-cluster/v1_service_codeintel-db.yaml new file mode 100644 index 000000000000..da6dc799d673 --- /dev/null +++ b/test-cluster/v1_service_codeintel-db.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/port: "9187" + sourcegraph.prometheus/scrape: "true" + labels: + app: codeintel-db + app.kubernetes.io/component: codeintel-db + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: codeintel-db + namespace: ns-sourcegraph +spec: + ports: + - name: pgsql + port: 5432 + targetPort: pgsql + selector: + app: codeintel-db + type: ClusterIP diff --git a/test-cluster/v1_service_gitserver.yaml b/test-cluster/v1_service_gitserver.yaml new file mode 100644 index 000000000000..c24ef8f004fe --- /dev/null +++ b/test-cluster/v1_service_gitserver.yaml @@ -0,0 +1,26 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + description: Headless service that provides a stable network identity for the + gitserver stateful set. + prometheus.io/port: "6060" + sourcegraph.prometheus/scrape: "true" + labels: + app: gitserver + app.kubernetes.io/component: gitserver + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + type: gitserver + name: gitserver + namespace: ns-sourcegraph +spec: + clusterIP: None + ports: + - name: unused + port: 10811 + targetPort: 10811 + selector: + app: gitserver + type: gitserver + type: ClusterIP diff --git a/test-cluster/v1_service_grafana.yaml b/test-cluster/v1_service_grafana.yaml new file mode 100644 index 000000000000..7d5483d89786 --- /dev/null +++ b/test-cluster/v1_service_grafana.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app: grafana + app.kubernetes.io/component: grafana + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: grafana + namespace: ns-sourcegraph +spec: + ports: + - name: http + port: 30070 + targetPort: http + selector: + app: grafana + type: ClusterIP diff --git a/test-cluster/v1_service_indexed-search-indexer.yaml b/test-cluster/v1_service_indexed-search-indexer.yaml new file mode 100644 index 000000000000..04c1a921809a --- /dev/null +++ b/test-cluster/v1_service_indexed-search-indexer.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + description: Headless service that provides a stable network identity for the + indexed-search stateful set. + prometheus.io/port: "6072" + sourcegraph.prometheus/scrape: "true" + labels: + app: indexed-search-indexer + app.kubernetes.io/component: indexed-search + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: indexed-search-indexer + namespace: ns-sourcegraph +spec: + clusterIP: None + ports: + - port: 6072 + targetPort: 6072 + selector: + app: indexed-search + type: ClusterIP diff --git a/test-cluster/v1_service_indexed-search.yaml b/test-cluster/v1_service_indexed-search.yaml new file mode 100644 index 000000000000..7ed09ab00f53 --- /dev/null +++ b/test-cluster/v1_service_indexed-search.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + description: Headless service that provides a stable network identity for the + indexed-search stateful set. + prometheus.io/port: "6070" + sourcegraph.prometheus/scrape: "true" + labels: + app: indexed-search + app.kubernetes.io/component: indexed-search + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: indexed-search + namespace: ns-sourcegraph +spec: + clusterIP: None + ports: + - port: 6070 + selector: + app: indexed-search + type: ClusterIP diff --git a/test-cluster/v1_service_node-exporter.yaml b/test-cluster/v1_service_node-exporter.yaml new file mode 100644 index 000000000000..e87e2b1fe609 --- /dev/null +++ b/test-cluster/v1_service_node-exporter.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + description: Prometheus exporter for hardware and OS metrics. + prometheus.io/port: "9100" + sourcegraph.prometheus/scrape: "true" + url: https://github.com/prometheus/node_exporter + labels: + app: node-exporter + app.kubernetes.io/component: node-exporter + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: node-exporter + namespace: ns-sourcegraph +spec: + ports: + - name: metrics + port: 9100 + targetPort: metrics + selector: + app: node-exporter + type: ClusterIP diff --git a/test-cluster/v1_service_otel-collector.yaml b/test-cluster/v1_service_otel-collector.yaml new file mode 100644 index 000000000000..1b8fba770d27 --- /dev/null +++ b/test-cluster/v1_service_otel-collector.yaml @@ -0,0 +1,28 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/port: "8888" + sourcegraph.prometheus/scrape: "true" + labels: + app: otel-collector + app.kubernetes.io/component: otel-collector + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: otel-collector + namespace: ns-sourcegraph +spec: + ports: + - name: otlp-grpc + port: 4317 + protocol: TCP + targetPort: 4317 + - name: otlp-http + port: 4318 + protocol: TCP + targetPort: 4318 + - name: metrics + port: 8888 + selector: + app: otel-collector + type: ClusterIP diff --git a/test-cluster/v1_service_pgsql.yaml b/test-cluster/v1_service_pgsql.yaml new file mode 100644 index 000000000000..f8472818c8d7 --- /dev/null +++ b/test-cluster/v1_service_pgsql.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/port: "9187" + sourcegraph.prometheus/scrape: "true" + labels: + app: pgsql + app.kubernetes.io/component: pgsql + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: pgsql + namespace: ns-sourcegraph +spec: + ports: + - name: pgsql + port: 5432 + targetPort: pgsql + selector: + app: pgsql + type: ClusterIP diff --git a/test-cluster/v1_service_precise-code-intel-worker.yaml b/test-cluster/v1_service_precise-code-intel-worker.yaml new file mode 100644 index 000000000000..245696d0b863 --- /dev/null +++ b/test-cluster/v1_service_precise-code-intel-worker.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/port: "6060" + sourcegraph.prometheus/scrape: "true" + labels: + app: precise-code-intel-worker + app.kubernetes.io/component: precise-code-intel + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: precise-code-intel-worker + namespace: ns-sourcegraph +spec: + ports: + - name: http + port: 3188 + targetPort: http + - name: debug + port: 6060 + targetPort: debug + selector: + app: precise-code-intel-worker + type: ClusterIP diff --git a/test-cluster/v1_service_prometheus.yaml b/test-cluster/v1_service_prometheus.yaml new file mode 100644 index 000000000000..e6dc2ce4ba3e --- /dev/null +++ b/test-cluster/v1_service_prometheus.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app: prometheus + app.kubernetes.io/component: prometheus + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: prometheus + namespace: ns-sourcegraph +spec: + ports: + - name: http + port: 30090 + targetPort: http + selector: + app: prometheus + type: ClusterIP diff --git a/test-cluster/v1_service_redis-cache.yaml b/test-cluster/v1_service_redis-cache.yaml new file mode 100644 index 000000000000..f506f3f98d0b --- /dev/null +++ b/test-cluster/v1_service_redis-cache.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/port: "9121" + sourcegraph.prometheus/scrape: "true" + labels: + app: redis-cache + app.kubernetes.io/component: redis + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: redis-cache + namespace: ns-sourcegraph +spec: + ports: + - name: redis + port: 6379 + targetPort: redis + selector: + app: redis-cache + type: ClusterIP diff --git a/test-cluster/v1_service_redis-store.yaml b/test-cluster/v1_service_redis-store.yaml new file mode 100644 index 000000000000..93fac11977f8 --- /dev/null +++ b/test-cluster/v1_service_redis-store.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/port: "9121" + sourcegraph.prometheus/scrape: "true" + labels: + app: redis-store + app.kubernetes.io/component: redis + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: redis-store + namespace: ns-sourcegraph +spec: + ports: + - name: redis + port: 6379 + targetPort: redis + selector: + app: redis-store + type: ClusterIP diff --git a/test-cluster/v1_service_repo-updater.yaml b/test-cluster/v1_service_repo-updater.yaml new file mode 100644 index 000000000000..3582580fcd2f --- /dev/null +++ b/test-cluster/v1_service_repo-updater.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/port: "6060" + sourcegraph.prometheus/scrape: "true" + labels: + app: repo-updater + app.kubernetes.io/component: repo-updater + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: repo-updater + namespace: ns-sourcegraph +spec: + ports: + - name: http + port: 3182 + targetPort: http + selector: + app: repo-updater + type: ClusterIP diff --git a/test-cluster/v1_service_searcher.yaml b/test-cluster/v1_service_searcher.yaml new file mode 100644 index 000000000000..b2e44df99174 --- /dev/null +++ b/test-cluster/v1_service_searcher.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/port: "6060" + sourcegraph.prometheus/scrape: "true" + labels: + app: searcher + app.kubernetes.io/component: searcher + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: searcher + namespace: ns-sourcegraph +spec: + ports: + - name: http + port: 3181 + targetPort: http + - name: debug + port: 6060 + targetPort: debug + selector: + app: searcher + type: ClusterIP diff --git a/test-cluster/v1_service_sourcegraph-frontend-internal.yaml b/test-cluster/v1_service_sourcegraph-frontend-internal.yaml new file mode 100644 index 000000000000..e061d0719269 --- /dev/null +++ b/test-cluster/v1_service_sourcegraph-frontend-internal.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app: sourcegraph-frontend + app.kubernetes.io/component: frontend + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: sourcegraph-frontend-internal + namespace: ns-sourcegraph +spec: + ports: + - name: http-internal + port: 80 + targetPort: http-internal + selector: + app: sourcegraph-frontend + type: ClusterIP diff --git a/test-cluster/v1_service_sourcegraph-frontend.yaml b/test-cluster/v1_service_sourcegraph-frontend.yaml new file mode 100644 index 000000000000..44a4fe2eb74f --- /dev/null +++ b/test-cluster/v1_service_sourcegraph-frontend.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/port: "6060" + sourcegraph.prometheus/scrape: "true" + labels: + app: sourcegraph-frontend + app.kubernetes.io/component: frontend + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: sourcegraph-frontend + namespace: ns-sourcegraph +spec: + ports: + - name: http + port: 30080 + targetPort: http + selector: + app: sourcegraph-frontend + type: ClusterIP diff --git a/test-cluster/v1_service_symbols.yaml b/test-cluster/v1_service_symbols.yaml new file mode 100644 index 000000000000..f395b62efdbd --- /dev/null +++ b/test-cluster/v1_service_symbols.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/port: "6060" + sourcegraph.prometheus/scrape: "true" + labels: + app: symbols + app.kubernetes.io/component: symbols + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: symbols + namespace: ns-sourcegraph +spec: + ports: + - name: http + port: 3184 + targetPort: http + - name: debug + port: 6060 + targetPort: debug + selector: + app: symbols + type: ClusterIP diff --git a/test-cluster/v1_service_syntect-server.yaml b/test-cluster/v1_service_syntect-server.yaml new file mode 100644 index 000000000000..f30cb8120c79 --- /dev/null +++ b/test-cluster/v1_service_syntect-server.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app: syntect-server + app.kubernetes.io/component: syntect-server + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: syntect-server + namespace: ns-sourcegraph +spec: + ports: + - name: http + port: 9238 + targetPort: http + selector: + app: syntect-server + type: ClusterIP diff --git a/test-cluster/v1_service_worker-executors.yaml b/test-cluster/v1_service_worker-executors.yaml new file mode 100644 index 000000000000..641f1d3c87b0 --- /dev/null +++ b/test-cluster/v1_service_worker-executors.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/port: "6996" + sourcegraph.prometheus/scrape: "true" + labels: + app: worker + app.kubernetes.io/component: worker + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: worker-executors + namespace: ns-sourcegraph +spec: + ports: + - name: prom + port: 6996 + targetPort: prom + selector: + app: worker + type: ClusterIP diff --git a/test-cluster/v1_service_worker.yaml b/test-cluster/v1_service_worker.yaml new file mode 100644 index 000000000000..0404d1f04f59 --- /dev/null +++ b/test-cluster/v1_service_worker.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/port: "6060" + sourcegraph.prometheus/scrape: "true" + labels: + app: worker + app.kubernetes.io/component: worker + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: worker + namespace: ns-sourcegraph +spec: + ports: + - name: http + port: 3189 + targetPort: http + - name: debug + port: 6060 + targetPort: debug + selector: + app: worker + type: ClusterIP diff --git a/test-cluster/v1_serviceaccount_cadvisor.yaml b/test-cluster/v1_serviceaccount_cadvisor.yaml new file mode 100644 index 000000000000..126d4ff83375 --- /dev/null +++ b/test-cluster/v1_serviceaccount_cadvisor.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app: cadvisor + app.kubernetes.io/component: cadvisor + category: rbac + deploy: sourcegraph + sourcegraph-resource-requires: cluster-admin + name: cadvisor + namespace: ns-sourcegraph diff --git a/test-cluster/v1_serviceaccount_grafana.yaml b/test-cluster/v1_serviceaccount_grafana.yaml new file mode 100644 index 000000000000..3171ada89a16 --- /dev/null +++ b/test-cluster/v1_serviceaccount_grafana.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +imagePullSecrets: +- name: docker-registry +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/component: grafana + category: rbac + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: grafana + namespace: ns-sourcegraph diff --git a/test-cluster/v1_serviceaccount_prometheus.yaml b/test-cluster/v1_serviceaccount_prometheus.yaml new file mode 100644 index 000000000000..57b9998f706f --- /dev/null +++ b/test-cluster/v1_serviceaccount_prometheus.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/component: prometheus + category: rbac + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: prometheus + namespace: ns-sourcegraph diff --git a/test-cluster/v1_serviceaccount_sourcegraph-frontend.yaml b/test-cluster/v1_serviceaccount_sourcegraph-frontend.yaml new file mode 100644 index 000000000000..f0b20f0ecdad --- /dev/null +++ b/test-cluster/v1_serviceaccount_sourcegraph-frontend.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +imagePullSecrets: +- name: docker-registry +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/component: frontend + category: rbac + deploy: sourcegraph + sourcegraph-resource-requires: no-cluster-admin + name: sourcegraph-frontend + namespace: ns-sourcegraph