From 8ee1896a55d836d31556bbe36675feabd7cbb32d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lauri=20V=C3=B5sandi?= Date: Tue, 4 Oct 2022 13:39:25 +0300 Subject: [PATCH] harbor: Move to storage nodes --- harbor/application.yml | 115 ++++++++++++++++++----------------------- 1 file changed, 50 insertions(+), 65 deletions(-) diff --git a/harbor/application.yml b/harbor/application.yml index 449efb2..c2bbdbf 100644 --- a/harbor/application.yml +++ b/harbor/application.yml @@ -397,7 +397,6 @@ spec: containers: - name: core image: goharbor/harbor-core:v2.4.2 - imagePullPolicy: IfNotPresent startupProbe: httpGet: path: /api/v2.0/ping @@ -406,16 +405,9 @@ spec: failureThreshold: 360 initialDelaySeconds: 10 periodSeconds: 10 - livenessProbe: - httpGet: - path: /api/v2.0/ping - scheme: HTTP - port: 8080 - failureThreshold: 2 - periodSeconds: 10 readinessProbe: httpGet: - path: /api/v2.0/ping + path: /api/v2.0/projects scheme: HTTP port: 8080 failureThreshold: 2 @@ -472,6 +464,13 @@ spec: secret: - name: psc emptyDir: {} + nodeSelector: + dedicated: storage + tolerations: + - key: dedicated + operator: Equal + value: storage + effect: NoSchedule --- # Source: harbor/templates/jobservice/jobservice-dpl.yaml apiVersion: apps/v1 @@ -502,14 +501,6 @@ spec: containers: - name: jobservice image: goharbor/harbor-jobservice:v2.4.2 - imagePullPolicy: IfNotPresent - livenessProbe: - httpGet: - path: /api/v1/stats - scheme: HTTP - port: 8080 - initialDelaySeconds: 300 - periodSeconds: 10 readinessProbe: httpGet: path: /api/v1/stats @@ -544,6 +535,13 @@ spec: - name: job-logs persistentVolumeClaim: claimName: harbor-jobservice + nodeSelector: + dedicated: storage + tolerations: + - key: dedicated + operator: Equal + value: storage + effect: NoSchedule --- # Source: harbor/templates/portal/deployment.yaml apiVersion: apps/v1 @@ -574,14 +572,6 @@ spec: containers: - name: portal image: goharbor/harbor-portal:v2.4.2 - imagePullPolicy: IfNotPresent - livenessProbe: - httpGet: - path: / - scheme: HTTP - port: 8080 - initialDelaySeconds: 300 - periodSeconds: 10 readinessProbe: httpGet: path: / @@ -599,6 +589,13 @@ spec: - name: portal-config configMap: name: "harbor-portal" + nodeSelector: + dedicated: storage + tolerations: + - key: dedicated + operator: Equal + value: storage + effect: NoSchedule --- # Source: harbor/templates/registry/registry-dpl.yaml apiVersion: apps/v1 @@ -629,14 +626,6 @@ spec: containers: - name: registry image: goharbor/registry-photon:v2.4.2 - imagePullPolicy: IfNotPresent - livenessProbe: - httpGet: - path: / - scheme: HTTP - port: 5000 - initialDelaySeconds: 300 - periodSeconds: 10 readinessProbe: httpGet: path: / @@ -664,14 +653,6 @@ spec: subPath: config.yml - name: registryctl image: goharbor/harbor-registryctl:v2.4.2 - imagePullPolicy: IfNotPresent - livenessProbe: - httpGet: - path: /api/health - scheme: HTTP - port: 8080 - initialDelaySeconds: 300 - periodSeconds: 10 readinessProbe: httpGet: path: /api/health @@ -722,6 +703,13 @@ spec: - name: registry-data persistentVolumeClaim: claimName: harbor-registry + nodeSelector: + dedicated: storage + tolerations: + - key: dedicated + operator: Equal + value: storage + effect: NoSchedule --- # Source: harbor/templates/database/database-ss.yaml apiVersion: apps/v1 @@ -756,7 +744,6 @@ spec: # we may remove it after several releases - name: "data-migrator" image: goharbor/harbor-db:v2.4.2 - imagePullPolicy: IfNotPresent command: ["/bin/sh"] args: ["-c", "[ -e /var/lib/postgresql/data/postgresql.conf ] && [ ! -d /var/lib/postgresql/data/pgdata ] && mkdir -m 0700 /var/lib/postgresql/data/pgdata && mv /var/lib/postgresql/data/* /var/lib/postgresql/data/pgdata/ || true"] volumeMounts: @@ -769,7 +756,6 @@ spec: # as "fsGroup" applied before the init container running, the container has enough permission to execute the command - name: "data-permissions-ensurer" image: goharbor/harbor-db:v2.4.2 - imagePullPolicy: IfNotPresent command: ["/bin/sh"] args: ["-c", "chmod -R 700 /var/lib/postgresql/data/pgdata || true"] volumeMounts: @@ -779,13 +765,6 @@ spec: containers: - name: database image: goharbor/harbor-db:v2.4.2 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - /docker-healthcheck.sh - initialDelaySeconds: 300 - periodSeconds: 10 readinessProbe: exec: command: @@ -811,6 +790,13 @@ spec: emptyDir: medium: Memory sizeLimit: 512Mi + nodeSelector: + dedicated: storage + tolerations: + - key: dedicated + operator: Equal + value: storage + effect: NoSchedule volumeClaimTemplates: - metadata: name: "database-data" @@ -853,12 +839,6 @@ spec: containers: - name: redis image: goharbor/redis-photon:v2.4.2 - imagePullPolicy: IfNotPresent - livenessProbe: - tcpSocket: - port: 6379 - initialDelaySeconds: 300 - periodSeconds: 10 readinessProbe: tcpSocket: port: 6379 @@ -868,6 +848,13 @@ spec: - name: data mountPath: /var/lib/redis subPath: + nodeSelector: + dedicated: storage + tolerations: + - key: dedicated + operator: Equal + value: storage + effect: NoSchedule volumeClaimTemplates: - metadata: name: data @@ -970,15 +957,6 @@ spec: mountPath: /home/scanner/.cache subPath: readOnly: false - livenessProbe: - httpGet: - scheme: HTTP - path: /probe/healthy - port: api-server - initialDelaySeconds: 5 - periodSeconds: 10 - successThreshold: 1 - failureThreshold: 10 readinessProbe: httpGet: scheme: HTTP @@ -995,6 +973,13 @@ spec: requests: cpu: 200m memory: 512Mi + nodeSelector: + dedicated: storage + tolerations: + - key: dedicated + operator: Equal + value: storage + effect: NoSchedule volumeClaimTemplates: - metadata: name: data