diff --git a/backend/cmd/db/values.yaml b/backend/cmd/db/values.yaml deleted file mode 100644 index 2c0f0e7f3..000000000 --- a/backend/cmd/db/values.yaml +++ /dev/null @@ -1,92 +0,0 @@ -chalice: - env: - jwt_secret: SetARandomStringHere -clickhouse: - enabled: false -fromVersion: v1.6.0 -global: - domainName: openreplay.local - email: - emailFrom: OpenReplay - emailHost: "" - emailPassword: "" - emailPort: "587" - emailSslCert: "" - emailSslKey: "" - emailUseSsl: "false" - emailUseTls: "true" - emailUser: "" - enterpriseEditionLicense: "" - ingress: - controller: - config: - enable-real-ip: true - force-ssl-redirect: false - max-worker-connections: 0 - proxy-body-size: 10m - ssl-redirect: false - extraArgs: - default-ssl-certificate: app/openreplay-ssl - ingressClass: openreplay - ingressClassResource: - name: openreplay - service: - externalTrafficPolicy: Local - kafka: - kafkaHost: kafka.db.svc.cluster.local - kafkaPort: "9092" - kafkaUseSsl: "false" - zookeeperHost: databases-zookeeper.svc.cluster.local - zookeeperNonTLSPort: 2181 - postgresql: - postgresqlDatabase: postgres - postgresqlHost: postgresql.db.svc.cluster.local - postgresqlPassword: changeMePassword - postgresqlPort: "5432" - postgresqlUser: postgres - redis: - redisHost: redis-master.db.svc.cluster.local - redisPort: "6379" - s3: - accessKey: changeMeMinioAccessKey - assetsBucket: sessions-assets - endpoint: http://minio.db.svc.cluster.local:9000 - recordingsBucket: mobs - region: us-east-1 - secretKey: changeMeMinioPassword - sourcemapsBucket: sourcemaps -ingress-nginx: - controller: - config: - enable-real-ip: true - force-ssl-redirect: false - max-worker-connections: 0 - proxy-body-size: 10m - ssl-redirect: false - extraArgs: - default-ssl-certificate: app/openreplay-ssl - ingressClass: openreplay - ingressClassResource: - name: openreplay - service: - externalTrafficPolicy: Local -kafka: - kafkaHost: kafka.db.svc.cluster.local - kafkaPort: "9092" - kafkaUseSsl: "false" - zookeeperHost: databases-zookeeper.svc.cluster.local - zookeeperNonTLSPort: 2181 -minio: - global: - minio: - accessKey: changeMeMinioAccessKey - secretKey: changeMeMinioPassword -postgresql: - postgresqlDatabase: postgres - postgresqlHost: postgresql.db.svc.cluster.local - postgresqlPassword: changeMePassword - postgresqlPort: "5432" - postgresqlUser: postgres -redis: - redisHost: redis-master.db.svc.cluster.local - redisPort: "6379" diff --git a/scripts/helmcharts/databases/values.yaml b/scripts/helmcharts/databases/values.yaml index 0bd1ad02d..bd2731942 100644 --- a/scripts/helmcharts/databases/values.yaml +++ b/scripts/helmcharts/databases/values.yaml @@ -143,5 +143,6 @@ clickhouse: postgreql: enabled: true +# For enterpriseEdition Only vault: enabled: false diff --git a/scripts/helmcharts/init.sh b/scripts/helmcharts/init.sh index fe088fc51..ebbfd60c3 100644 --- a/scripts/helmcharts/init.sh +++ b/scripts/helmcharts/init.sh @@ -67,6 +67,8 @@ usr=`whoami` fi } +sleep 10 + # ## Installing openssl # sudo apt update &> /dev/null # sudo apt install openssl -y &> /dev/null @@ -106,6 +108,7 @@ sed_i_wrapper -i "s/accessKey: \"changeMeMinioAccessKey\"/accessKey: \"$(randomP sed_i_wrapper -i "s/secretKey: \"changeMeMinioPassword\"/secretKey: \"$(randomPass)\"/g" vars.yaml sed_i_wrapper -i "s/jwt_secret: \"SetARandomStringHere\"/jwt_secret: \"$(randomPass)\"/g" vars.yaml sed_i_wrapper -i "s/assistKey: \"SetARandomStringHere\"/assistKey: \"$(randomPass)\"/g" vars.yaml +sed_i_wrapper -i "s/assistJWTSecret: \"SetARandomStringHere\"/assistJWTSecret: \"$(randomPass)\"/g" vars.yaml sed_i_wrapper -i "s/domainName: \"\"/domainName: \"${DOMAIN_NAME}\"/g" vars.yaml info "Setting proper permission for shared folder" diff --git a/scripts/helmcharts/openreplay/charts/alerts/templates/deployment.yaml b/scripts/helmcharts/openreplay/charts/alerts/templates/deployment.yaml index 57ee8af1b..24d40bf21 100644 --- a/scripts/helmcharts/openreplay/charts/alerts/templates/deployment.yaml +++ b/scripts/helmcharts/openreplay/charts/alerts/templates/deployment.yaml @@ -51,6 +51,10 @@ spec: value: "5432" - name: pg_dbname value: "{{ .Values.global.postgresql.postgresqlDatabase }}" + - name: ch_host + value: "{{ .Values.global.clickhouse.chHost }}" + - name: ch_port + value: "{{ .Values.global.clickhouse.service.webPort }}" - name: pg_user value: '{{ .Values.global.postgresql.postgresqlUser }}' - name: pg_password @@ -58,7 +62,7 @@ spec: - name: SITE_URL value: 'https://{{ .Values.global.domainName }}' - name: S3_HOST - {{- if eq .Values.global.s3.endpoint "http://minio.db.svc.cluster.local:9000" }} + {{- if contains "minio" .Values.global.s3.endpoint }} value: 'https://{{ .Values.global.domainName }}:{{ .Values.global.ingress.controller.service.ports.https}}' {{- else}} value: '{{ .Values.global.s3.endpoint }}' diff --git a/scripts/helmcharts/openreplay/charts/alerts/values.yaml b/scripts/helmcharts/openreplay/charts/alerts/values.yaml index a27fc9117..a54418a9f 100644 --- a/scripts/helmcharts/openreplay/charts/alerts/values.yaml +++ b/scripts/helmcharts/openreplay/charts/alerts/values.yaml @@ -98,8 +98,6 @@ autoscaling: # targetMemoryUtilizationPercentage: 80 env: - ch_host: clickhouse-openreplay-clickhouse.db.svc.cluster.local - ch_port: 9000 PYTHONUNBUFFERED: '0' diff --git a/scripts/helmcharts/openreplay/charts/assets/templates/deployment.yaml b/scripts/helmcharts/openreplay/charts/assets/templates/deployment.yaml index 3a60c45f1..47a79be24 100644 --- a/scripts/helmcharts/openreplay/charts/assets/templates/deployment.yaml +++ b/scripts/helmcharts/openreplay/charts/assets/templates/deployment.yaml @@ -69,7 +69,7 @@ spec: # 4. Using AWS itself. # AWS uses bucketname.endpoint/object while others use endpoint/bucketname/object - name: ASSETS_ORIGIN - {{- if eq .Values.global.s3.endpoint "http://minio.db.svc.cluster.local:9000" }} + {{- if contains "minio" .Values.global.s3.endpoint }} # Local minio Installation value: 'https://{{ .Values.global.domainName }}:{{.Values.global.ingress.controller.service.ports.https}}/{{.Values.global.s3.assetsBucket}}' {{- else if contains "amazonaws.com" .Values.global.s3.endpoint }} diff --git a/scripts/helmcharts/openreplay/charts/assist/templates/deployment.yaml b/scripts/helmcharts/openreplay/charts/assist/templates/deployment.yaml index a0fe1563e..eb6ada0da 100644 --- a/scripts/helmcharts/openreplay/charts/assist/templates/deployment.yaml +++ b/scripts/helmcharts/openreplay/charts/assist/templates/deployment.yaml @@ -50,7 +50,7 @@ spec: - name: AWS_DEFAULT_REGION value: "{{ .Values.global.s3.region }}" - name: S3_HOST - {{- if eq .Values.global.s3.endpoint "http://minio.db.svc.cluster.local:9000" }} + {{- if contains "minio" .Values.global.s3.endpoint }} value: 'https://{{ .Values.global.domainName }}:{{ .Values.global.ingress.controller.service.ports.https}}' {{- else}} value: '{{ .Values.global.s3.endpoint }}' @@ -59,6 +59,8 @@ spec: value: {{ .Values.global.s3.accessKey }} - name: S3_SECRET value: {{ .Values.global.s3.secretKey }} + - name: REDIS_URL + value: {{ .Values.global.redis.redisHost }} {{- range $key, $val := .Values.env }} - name: {{ $key }} value: '{{ $val }}' diff --git a/scripts/helmcharts/openreplay/charts/assist/values.yaml b/scripts/helmcharts/openreplay/charts/assist/values.yaml index 056854751..8ff07d2d0 100644 --- a/scripts/helmcharts/openreplay/charts/assist/values.yaml +++ b/scripts/helmcharts/openreplay/charts/assist/values.yaml @@ -94,7 +94,6 @@ autoscaling: # targetMemoryUtilizationPercentage: 80 env: - REDIS_URL: "redis://redis-master.db.svc.cluster.local:6379" debug: 0 uws: false redis: false diff --git a/scripts/helmcharts/openreplay/charts/chalice/templates/deployment.yaml b/scripts/helmcharts/openreplay/charts/chalice/templates/deployment.yaml index 6dd840d57..f4c04f4ad 100644 --- a/scripts/helmcharts/openreplay/charts/chalice/templates/deployment.yaml +++ b/scripts/helmcharts/openreplay/charts/chalice/templates/deployment.yaml @@ -43,6 +43,14 @@ spec: {{- .Values.healthCheck | toYaml | nindent 10}} {{- end}} env: + - name: ch_host + value: "{{ .Values.global.clickhouse.chHost }}" + - name: ch_port + value: "{{ .Values.global.clickhouse.service.webPort }}" + - name: sourcemaps_reader + value: "http://sourcemaps-reader-openreplay.{{.Release.Namespace}}.{{.Values.global.clusterDomain}}:9000/sourcemaps/%s/sourcemaps" + - name: ASSIST_URL + value: "http://assist-openreplay.{{.Release.Namespace}}.{{.Values.global.clusterDomain}}:9001/assist/%s" - name: ASSIST_JWT_SECRET value: {{ .Values.global.assistJWTSecret }} - name: ASSIST_KEY @@ -64,7 +72,7 @@ spec: - name: SITE_URL value: 'https://{{ .Values.global.domainName }}' - name: S3_HOST - {{- if eq .Values.global.s3.endpoint "http://minio.db.svc.cluster.local:9000" }} + {{- if contains "minio" .Values.global.s3.endpoint }} value: 'https://{{ .Values.global.domainName }}:{{ .Values.global.ingress.controller.service.ports.https}}' {{- else}} value: '{{ .Values.global.s3.endpoint }}' diff --git a/scripts/helmcharts/openreplay/charts/chalice/values.yaml b/scripts/helmcharts/openreplay/charts/chalice/values.yaml index 05802a9a6..801dd26f7 100644 --- a/scripts/helmcharts/openreplay/charts/chalice/values.yaml +++ b/scripts/helmcharts/openreplay/charts/chalice/values.yaml @@ -91,8 +91,6 @@ autoscaling: # targetMemoryUtilizationPercentage: 80 env: - ch_host: clickhouse-openreplay-clickhouse.db.svc.cluster.local - ch_port: 9000 captcha_server: '' captcha_key: '' async_Token: '' diff --git a/scripts/helmcharts/openreplay/charts/db/templates/deployment.yaml b/scripts/helmcharts/openreplay/charts/db/templates/deployment.yaml index 21b9c5c6e..3ffd981a9 100644 --- a/scripts/helmcharts/openreplay/charts/db/templates/deployment.yaml +++ b/scripts/helmcharts/openreplay/charts/db/templates/deployment.yaml @@ -43,6 +43,8 @@ spec: {{- .Values.healthCheck | toYaml | nindent 10}} {{- end}} env: + - name: CLICKHOUSE_STRING + value: '{{ .Values.global.clickhouse.chHost }}:{{.Values.global.clickhouse.service.webPort}}/{{.Values.env.ch_db}}' - name: LICENSE_KEY value: '{{ .Values.global.enterpriseEditionLicense }}' - name: REDIS_STRING diff --git a/scripts/helmcharts/openreplay/charts/db/values.yaml b/scripts/helmcharts/openreplay/charts/db/values.yaml index d03e000ef..fe34eecc9 100644 --- a/scripts/helmcharts/openreplay/charts/db/values.yaml +++ b/scripts/helmcharts/openreplay/charts/db/values.yaml @@ -98,7 +98,7 @@ autoscaling: # targetMemoryUtilizationPercentage: 80 env: - CLICKHOUSE_STRING: tcp://clickhouse-openreplay-clickhouse.db.svc.cluster.local:9000/default + ch_db: default nodeSelector: {} diff --git a/scripts/helmcharts/openreplay/charts/frontend/templates/deployment.yaml b/scripts/helmcharts/openreplay/charts/frontend/templates/deployment.yaml index 90501f5c7..92d1b7002 100644 --- a/scripts/helmcharts/openreplay/charts/frontend/templates/deployment.yaml +++ b/scripts/helmcharts/openreplay/charts/frontend/templates/deployment.yaml @@ -67,7 +67,7 @@ spec: # 4. Using AWS itself. # AWS uses bucketname.endpoint/object while others use endpoint/bucketname/object - name: ASSETS_ORIGIN - {{- if eq .Values.global.s3.endpoint "frontend://minio.db.svc.cluster.local:9000" }} + {{- if contains "minio" .Values.global.s3.endpoint }} # Local minio Installation value: 'frontends://{{ .Values.global.domainName }}:{{.Values.global.ingress.controller.service.ports.https}}/{{.Values.global.s3.assetsBucket}}' {{- else if contains "amazonaws.com" .Values.global.s3.endpoint }} diff --git a/scripts/helmcharts/openreplay/charts/http/templates/deployment.yaml b/scripts/helmcharts/openreplay/charts/http/templates/deployment.yaml index 4475e0d0d..d0f18cba6 100644 --- a/scripts/helmcharts/openreplay/charts/http/templates/deployment.yaml +++ b/scripts/helmcharts/openreplay/charts/http/templates/deployment.yaml @@ -67,7 +67,7 @@ spec: # 4. Using AWS itself. # AWS uses bucketname.endpoint/object while others use endpoint/bucketname/object - name: ASSETS_ORIGIN - {{- if eq .Values.global.s3.endpoint "http://minio.db.svc.cluster.local:9000" }} + {{- if contains "minio" .Values.global.s3.endpoint }} # Local minio Installation value: 'https://{{ .Values.global.domainName }}:{{.Values.global.ingress.controller.service.ports.https}}/{{.Values.global.s3.assetsBucket}}' {{- else if contains "amazonaws.com" .Values.global.s3.endpoint }} diff --git a/scripts/helmcharts/openreplay/charts/http/templates/ingress.yaml b/scripts/helmcharts/openreplay/charts/http/templates/ingress.yaml index 2097fb1cd..5188285a3 100644 --- a/scripts/helmcharts/openreplay/charts/http/templates/ingress.yaml +++ b/scripts/helmcharts/openreplay/charts/http/templates/ingress.yaml @@ -36,7 +36,7 @@ spec: path: /ingest/(.*) {{- end }} -{{- if eq .Values.global.s3.endpoint "http://minio.db.svc.cluster.local:9000" }} +{{- if contains "minio" .Values.global.s3.endpoint }} ## TODO: ## Frontend service from minio will be migrated to nginx atomic container. ## This ingress is just a workaround. @@ -45,7 +45,7 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: minio - namespace: db + namespace: "{{(split "." .Values.global.s3.endpoint)._1}}" spec: ingressClassName: "{{ tpl .Values.ingress.className . }}" rules: diff --git a/scripts/helmcharts/openreplay/charts/quickwit/templates/deployment.yaml b/scripts/helmcharts/openreplay/charts/quickwit/templates/deployment.yaml index 539dd78b2..3ac58c215 100644 --- a/scripts/helmcharts/openreplay/charts/quickwit/templates/deployment.yaml +++ b/scripts/helmcharts/openreplay/charts/quickwit/templates/deployment.yaml @@ -48,9 +48,8 @@ spec: env: - name: AWS_DEFAULT_REGION value: "{{ .Values.global.s3.region }}" - {{- if eq .Values.global.s3.endpoint "http://minio.db.svc.cluster.local:9000" }} - name: QW_S3_ENDPOINT - value: 'http://minio.db.svc.cluster.local:9000' + value: '{{ .Values.global.s3.endpoint }}' {{- end}} - name: AWS_ACCESS_KEY_ID value: {{ .Values.global.s3.accessKey }} diff --git a/scripts/helmcharts/openreplay/charts/quickwit/templates/init.yaml b/scripts/helmcharts/openreplay/charts/quickwit/templates/init.yaml index 6739de1af..b9d102765 100644 --- a/scripts/helmcharts/openreplay/charts/quickwit/templates/init.yaml +++ b/scripts/helmcharts/openreplay/charts/quickwit/templates/init.yaml @@ -19,10 +19,8 @@ spec: env: - name: AWS_DEFAULT_REGION value: "{{ .Values.global.s3.region }}" - {{- if eq .Values.global.s3.endpoint "http://minio.db.svc.cluster.local:9000" }} - name: QW_S3_ENDPOINT - value: 'http://minio.db.svc.cluster.local:9000' - {{- end}} + value: '{{.Values.global.s3.endpoint}}' - name: AWS_ACCESS_KEY_ID value: {{ .Values.global.s3.accessKey }} - name: AWS_SECRET_ACCESS_KEY diff --git a/scripts/helmcharts/openreplay/charts/quickwit/values.yaml b/scripts/helmcharts/openreplay/charts/quickwit/values.yaml index 0e91a4a58..561af61ce 100644 --- a/scripts/helmcharts/openreplay/charts/quickwit/values.yaml +++ b/scripts/helmcharts/openreplay/charts/quickwit/values.yaml @@ -96,7 +96,6 @@ autoscaling: # targetMemoryUtilizationPercentage: 80 env: - REDIS_URL: "redis://redis-master.db.svc.cluster.local:6379" debug: 0 uws: false redis: false diff --git a/scripts/helmcharts/openreplay/charts/sink/templates/deployment.yaml b/scripts/helmcharts/openreplay/charts/sink/templates/deployment.yaml index d3d092a8d..20806f4a1 100644 --- a/scripts/helmcharts/openreplay/charts/sink/templates/deployment.yaml +++ b/scripts/helmcharts/openreplay/charts/sink/templates/deployment.yaml @@ -59,7 +59,7 @@ spec: # 4. Using AWS itself. # AWS uses bucketname.endpoint/object while others use endpoint/bucketname/object - name: ASSETS_ORIGIN - {{- if eq .Values.global.s3.endpoint "http://minio.db.svc.cluster.local:9000" }} + {{- if contains "minio" .Values.global.s3.endpoint }} # Local minio Installation value: 'https://{{ .Values.global.domainName }}:{{.Values.global.ingress.controller.service.ports.https}}/{{.Values.global.s3.assetsBucket}}' {{- else if contains "amazonaws.com" .Values.global.s3.endpoint }} diff --git a/scripts/helmcharts/openreplay/charts/sourcemapreader/templates/deployment.yaml b/scripts/helmcharts/openreplay/charts/sourcemapreader/templates/deployment.yaml index d15cf7c8f..7abca821c 100644 --- a/scripts/helmcharts/openreplay/charts/sourcemapreader/templates/deployment.yaml +++ b/scripts/helmcharts/openreplay/charts/sourcemapreader/templates/deployment.yaml @@ -67,9 +67,9 @@ spec: # 4. Using AWS itself. # AWS uses bucketname.endpoint/object while others use endpoint/bucketname/object - name: ASSETS_ORIGIN - {{- if eq .Values.global.s3.endpoint "sourcemapreader://minio.db.svc.cluster.local:9000" }} + {{- if contains "minio" .Values.global.s3.endpoint }} # Local minio Installation - value: 'sourcemapreaders://{{ .Values.global.domainName }}:{{.Values.global.controller.service.ports.https}}/{{.Values.global.s3.assetsBucket}}' + value: 'sourcemapreaders://{{ .Values.global.domainName }}:{{.Values.global.ingress.controller.service.ports.https}}/{{.Values.global.s3.assetsBucket}}' {{- else if contains "amazonaws.com" .Values.global.s3.endpoint }} # AWS S3 # Ref: sourcemapreaders://stackoverflow.com/questions/53634583/go-template-split-string-by-delimiter diff --git a/scripts/helmcharts/openreplay/charts/utilities/templates/report-cron.yaml b/scripts/helmcharts/openreplay/charts/utilities/templates/report-cron.yaml index 0685c7ad2..0126ba37f 100644 --- a/scripts/helmcharts/openreplay/charts/utilities/templates/report-cron.yaml +++ b/scripts/helmcharts/openreplay/charts/utilities/templates/report-cron.yaml @@ -35,7 +35,7 @@ spec: - name: SITE_URL value: 'https://{{ .Values.global.domainName }}' - name: S3_HOST - {{- if eq .Values.global.s3.endpoint "http://minio.db.svc.cluster.local:9000" }} + {{- if contains "minio" .Values.global.s3.endpoint }} value: 'https://{{ .Values.global.domainName }}:{{ .Values.global.ingress.controller.service.ports.https}}' {{- else}} value: '{{ .Values.global.s3.endpoint }}' diff --git a/scripts/helmcharts/openreplay/charts/utilities/templates/sessions-cleaner-cron.yaml b/scripts/helmcharts/openreplay/charts/utilities/templates/sessions-cleaner-cron.yaml index 7441ca106..8043fdaea 100644 --- a/scripts/helmcharts/openreplay/charts/utilities/templates/sessions-cleaner-cron.yaml +++ b/scripts/helmcharts/openreplay/charts/utilities/templates/sessions-cleaner-cron.yaml @@ -35,7 +35,7 @@ spec: - name: SITE_URL value: 'https://{{ .Values.global.domainName }}' - name: S3_HOST - {{- if eq .Values.global.s3.endpoint "http://minio.db.svc.cluster.local:9000" }} + {{- if contains "minio" .Values.global.s3.endpoint }} value: 'https://{{ .Values.global.domainName }}:{{ .Values.global.ingress.controller.service.ports.https}}' {{- else}} value: '{{ .Values.global.s3.endpoint }}' diff --git a/scripts/helmcharts/openreplay/charts/utilities/templates/telemetry-cron.yaml b/scripts/helmcharts/openreplay/charts/utilities/templates/telemetry-cron.yaml index 92ed861ff..0183d106f 100644 --- a/scripts/helmcharts/openreplay/charts/utilities/templates/telemetry-cron.yaml +++ b/scripts/helmcharts/openreplay/charts/utilities/templates/telemetry-cron.yaml @@ -35,7 +35,7 @@ spec: - name: SITE_URL value: 'https://{{ .Values.global.domainName }}' - name: S3_HOST - {{- if eq .Values.global.s3.endpoint "http://minio.db.svc.cluster.local:9000" }} + {{- if contains "minio" .Values.global.s3.endpoint }} value: 'https://{{ .Values.global.domainName }}:{{ .Values.global.ingress.controller.service.ports.https}}' {{- else}} value: '{{ .Values.global.s3.endpoint }}' diff --git a/scripts/helmcharts/openreplay/charts/utilities/values.yaml b/scripts/helmcharts/openreplay/charts/utilities/values.yaml index 670427b8b..2076f8349 100644 --- a/scripts/helmcharts/openreplay/charts/utilities/values.yaml +++ b/scripts/helmcharts/openreplay/charts/utilities/values.yaml @@ -55,7 +55,6 @@ sessionsCleaner: # Common env values are from chalice for the crons chalice: env: - ch_host: clickhouse-openreplay-clickhouse.db.svc.cluster.local ch_port: 9000 captcha_server: '' captcha_key: '' diff --git a/scripts/helmcharts/openreplay/files/clickhouse.sh b/scripts/helmcharts/openreplay/files/clickhouse.sh index 8a420e6a9..5b11f4e91 100644 --- a/scripts/helmcharts/openreplay/files/clickhouse.sh +++ b/scripts/helmcharts/openreplay/files/clickhouse.sh @@ -11,7 +11,7 @@ function migrate() { echo "Migrating clickhouse version $version" # For now, we can ignore the clickhouse db inject errors. # TODO: Better error handling in script - clickhouse-client -h clickhouse-openreplay-clickhouse.db.svc.cluster.local --port 9000 --multiquery < ${clickhousedir}/${version}/${version}.sql || true + clickhouse-client -h ${CH_HOST} --port ${CH_PORT} --multiquery < ${clickhousedir}/${version}/${version}.sql || true done } @@ -19,7 +19,7 @@ function init() { echo "Initializing clickhouse" for file in `ls ${clickhousedir}/create/*.sql`; do echo "Injecting $file" - clickhouse-client -h clickhouse-openreplay-clickhouse.db.svc.cluster.local --port 9000 --multiquery < $file || true + clickhouse-client -h ${CH_HOST} --port ${CH_PORT} --multiquery < $file || true done } diff --git a/scripts/helmcharts/openreplay/files/minio.sh b/scripts/helmcharts/openreplay/files/minio.sh index fc0a7238f..34229572c 100644 --- a/scripts/helmcharts/openreplay/files/minio.sh +++ b/scripts/helmcharts/openreplay/files/minio.sh @@ -7,7 +7,8 @@ cd /tmp buckets=("mobs" "sessions-assets" "sourcemaps" "sessions-mobile-assets" "quickwit" "vault-data") -mc alias set minio http://minio.db.svc.cluster.local:9000 $MINIO_ACCESS_KEY $MINIO_SECRET_KEY + +mc alias set minio $MINIO_HOST $MINIO_ACCESS_KEY $MINIO_SECRET_KEY function init() { echo "Initializing minio" diff --git a/scripts/helmcharts/openreplay/files/vault.sh b/scripts/helmcharts/openreplay/files/vault.sh index 159693f28..87670acde 100644 --- a/scripts/helmcharts/openreplay/files/vault.sh +++ b/scripts/helmcharts/openreplay/files/vault.sh @@ -7,7 +7,7 @@ if [ "x$VERBOSE" == "x1" ]; then set -x fi -export VAULT_ADDR=http://databases-vault.db.svc.cluster.local:8200 +export VAULT_ADDR=${VAULT_ADDR} # Check vault is already initialized, if so return diff --git a/scripts/helmcharts/openreplay/templates/job.yaml b/scripts/helmcharts/openreplay/templates/job.yaml index 127809765..d77a1b962 100644 --- a/scripts/helmcharts/openreplay/templates/job.yaml +++ b/scripts/helmcharts/openreplay/templates/job.yaml @@ -50,7 +50,7 @@ spec: error_connection=1 while [ $exit_count -le 20 ];do - nc -zv clickhouse-openreplay-clickhouse.db.svc.cluster.local 9000 -w 1 + nc -zv {{.Values.global.clickhouse.chHost}} 9000 -w 1 if [ $? -ne 0 ]; then echo "[info] clickhouse is not up; retrying in 5 seconds" sleep 4 @@ -103,7 +103,7 @@ spec: mountPath: /opt/openreplay - name: dbmigrationscript mountPath: /opt/migrations/ - {{- if eq .Values.global.s3.endpoint "http://minio.db.svc.cluster.local:9000" }} + {{- if contains "minio" .Values.global.s3.endpoint }} - name: minio image: bitnami/minio:2020.10.9-debian-10-r6 env: @@ -119,6 +119,8 @@ spec: value: "{{ .Values.minio.global.minio.accessKey }}" - name: MINIO_SECRET_KEY value: "{{ .Values.minio.global.minio.secretKey }}" + - name: MINIO_HOST + value: "{{ .Values.global.s3.endpoint }}" command: - /bin/bash - /opt/migrations/dbops.sh @@ -147,6 +149,8 @@ spec: value: "{{ .Values.global.postgresql.postgresqlUser }}" - name: PGPASSWORD value: "{{ .Values.global.postgresql.postgresqlPassword }}" + - name: VAULT_ADDR + value: "{{ .Values.global.vault.vaultHost }}" image: hashicorp/vault:1.12.0 command: - /bin/sh @@ -208,6 +212,10 @@ spec: value: "{{ .Values.fromVersion }}" - name: CHART_APP_VERSION value: "{{ .Chart.AppVersion }}" + - name: CH_HOST + value: "{{.Values.global.clickhouse.chHost}}" + - name: CH_PORT + value: "{{.Values.global.clickhouse.service.webPort}}" command: - /bin/bash - /opt/migrations/dbops.sh diff --git a/scripts/helmcharts/openreplay/values.yaml b/scripts/helmcharts/openreplay/values.yaml index f836866fe..33cc3e178 100644 --- a/scripts/helmcharts/openreplay/values.yaml +++ b/scripts/helmcharts/openreplay/values.yaml @@ -81,3 +81,26 @@ ingress-nginx: ## repository: tag: "v1.3.0" digest: "" + +# For enterpriseEdition Only +vault: &vault + vaultHost: databases-vault.db.svc.cluster.local:8200 + annotations: + vault.hashicorp.com/agent-cache-enable: "true" + vault.hashicorp.com/agent-inject: "true" + vault.hashicorp.com/agent-inject-token: "true" + vault.hashicorp.com/template-static-secret-render-interval: 2m + # vault.hashicorp.com/log-level: debug + vault.hashicorp.com/agent-run-as-same-user: "true" + vault.hashicorp.com/agent-inject-command-processor.properties: | + pkill -TERM openreplay + vault.hashicorp.com/role: pgaccess + vault.hashicorp.com/agent-inject-secret-processor.properties: database/creds/db-app + vault.hashicorp.com/agent-inject-template-processor.properties: | + {{- with secret "database/creds/db-app" -}} + POSTGRES_STRING=postgres://{{.Data.username}}:{{.Data.password}}@postgresql.db.svc.cluster.local:5432/postgres + {{- end -}} + +global: + vault: *vault + clusterDomain: "svc.cluster.local" diff --git a/scripts/helmcharts/vars.yaml b/scripts/helmcharts/vars.yaml index 956d29b73..c77881963 100644 --- a/scripts/helmcharts/vars.yaml +++ b/scripts/helmcharts/vars.yaml @@ -17,9 +17,12 @@ postgresql: &postgres # asdf # cpu: 2 -clickhouse: +clickhouse: &clickhouse # For enterpriseEdition enabled: false + chHost: clickhouse-openreplay-clickhouse.db.svc.cluster.local + service: + webPort: 9000 quickwit: &quickwit # For enterpriseEdition @@ -91,6 +94,7 @@ ingress-nginx: &ingress-nginx force-ssl-redirect: false proxy-body-size: 10m + # Application specific variables global: ingress: *ingress-nginx @@ -98,6 +102,8 @@ global: kafka: *kafka redis: *redis quickwit: *quickwit + clickhouse: *clickhouse + # Registry URL from where the OR images should be pulled. openReplayContainerRegistry: "public.ecr.aws/p1t3u8a3" # secret key to inject to assist and peers service assistKey: "SetARandomStringHere" @@ -172,21 +178,3 @@ chalice: # cpu: 512m # memory: 2056Mi -# For enterpriseEdition Only -vault: - enabled: false - annotations: - vault.hashicorp.com/agent-cache-enable: "true" - vault.hashicorp.com/agent-inject: "true" - vault.hashicorp.com/agent-inject-token: "true" - vault.hashicorp.com/template-static-secret-render-interval: 2m - # vault.hashicorp.com/log-level: debug - vault.hashicorp.com/agent-run-as-same-user: "true" - vault.hashicorp.com/agent-inject-command-processor.properties: | - pkill -TERM openreplay - vault.hashicorp.com/role: pgaccess - vault.hashicorp.com/agent-inject-secret-processor.properties: database/creds/db-app - vault.hashicorp.com/agent-inject-template-processor.properties: | - {{- with secret "database/creds/db-app" -}} - POSTGRES_STRING=postgres://{{.Data.username}}:{{.Data.password}}@postgresql.db.svc.cluster.local:5432/postgres - {{- end -}}