cluster/kube: refactor rook.io object store configuration
diff --git a/cluster/kube/cluster.jsonnet b/cluster/kube/cluster.jsonnet
index a57c897..a4d8680 100644
--- a/cluster/kube/cluster.jsonnet
+++ b/cluster/kube/cluster.jsonnet
@@ -122,8 +122,7 @@
},
},
},
- cephWaw1Object: kube._Object("ceph.rook.io/v1", "CephObjectStore", "waw-hdd-redundant-1-object") {
- metadata+: cluster.cephWaw1.metadata,
+ cephWaw1Object: rook.S3ObjectStore(cluster.cephWaw1, "waw-hdd-redundant-1-object") {
spec: {
metadataPool: {
failureDomain: "host",
@@ -136,13 +135,6 @@
codingChunks: 1,
},
},
- gateway: {
- type: "s3",
- port: 80,
- #securePort:
- instances: 1,
- allNodes: false,
- },
},
},
};
diff --git a/cluster/kube/lib/rook.libsonnet b/cluster/kube/lib/rook.libsonnet
index b553ca4..de1bf7a 100644
--- a/cluster/kube/lib/rook.libsonnet
+++ b/cluster/kube/lib/rook.libsonnet
@@ -495,4 +495,54 @@
reclaimPolicy: "Retain",
},
},
+
+ S3ObjectStore(cluster, name):: {
+ local store = self,
+ spec:: error "spec must be specified",
+ objectStore: kube._Object("ceph.rook.io/v1", "CephObjectStore", name) {
+ metadata+: cluster.metadata,
+ spec: store.spec {
+ gateway: {
+ type: "s3",
+ port: 80,
+ instances: 1,
+ allNodes: false,
+ },
+ },
+ },
+
+ objectIngress: kube.Ingress(name) {
+ metadata+: cluster.metadata {
+ annotations+: {
+ "kubernetes.io/tls-acme": "true",
+ "certmanager.k8s.io/cluster-issuer": "letsencrypt-prod",
+ "nginx.ingress.kubernetes.io/proxy-body-size": "0",
+ },
+ },
+ spec+: {
+ tls: [
+ {
+ hosts: ["object.%s.hswaw.net" % [cluster.metadata.namespace]],
+ secretName: "%s-tls" % [name],
+ },
+ ],
+ rules: [
+ {
+ host: "object.%s.hswaw.net" % [cluster.metadata.namespace],
+ http: {
+ paths: [
+ {
+ path: "/",
+ backend: {
+ serviceName: "rook-ceph-rgw-%s" % [name],
+ servicePort: 80,
+ },
+ },
+ ]
+ },
+ }
+ ],
+ },
+ },
+ },
}