commit 7adc0eb998194b9f3740add2dd84fe3b78ffd4b4
author Piotr Dobrowolski <admin@tastycode.pl> Tue Apr 09 22:39:42 2019 +0200
committer Piotr Dobrowolski <admin@tastycode.pl> Tue Apr 09 22:39:42 2019 +0200
tree 746d3302c9a0cb1b7d8fca83be75eed569a77c21
parent 5ac85c6e739f465435c01e938ceca00f1d83a2c2

app/registry: migrate to ceph object storage

app/registry/prod.jsonnet

diff --git a/app/registry/prod.jsonnet b/app/registry/prod.jsonnet
index 5fc2172..65b2413 100644
--- a/app/registry/prod.jsonnet
+++ b/app/registry/prod.jsonnet
@@ -1,6 +1,7 @@
 # registry.k0.hswaw.net, a private docker registry
 # This needs an oauth2 secret provisioned, create with:
 #    kubectl -n registry create secret generic auth --from-literal=oauth2_secret=...
+#    kubectl get secrets rook-ceph-object-user-waw-hdd-redundant-1-object-registry -n ceph-waw1 -o yaml --export | kubectl replace -f - -n registry
 
 local kube = import "../../kube/kube.libsonnet";
 local cm = import "../../cluster/kube/lib/cert-manager.libsonnet";
@@ -68,8 +69,10 @@
                     cache: {
                         blobdescriptor: "inmemory",
                     },
-                    filesystem: {
-                        rootdirectory: "/var/lib/registry",
+                    s3: {
+                        regionendpoint: "https://object.ceph-waw1.hswaw.net",
+                        bucket: "registry",
+                        region: "waw-hdd-redunant-1-object:default-placement",
                     },
                 },
                 http: {
@@ -81,6 +84,9 @@
                         certificate: "/certs/tls.crt",
                         key: "/certs/tls.key",
                     },
+                    debug: {
+                        addr: "localhost:5001",
+                    },
                 },
                 health: {
                     storagedriver: {
@@ -224,6 +230,16 @@
                                 certs: { mountPath: "/certs" },
                                 authcerts: { mountPath: "/authcerts" },
                             },
+                            env_: {
+                                REGISTRY_STORAGE_S3_ACCESSKEY: { secretKeyRef: {
+                                    name: "rook-ceph-object-user-waw-hdd-redundant-1-object-registry",
+                                    key: "AccessKey"
+                                }},
+                                REGISTRY_STORAGE_S3_SECRETKEY: { secretKeyRef: {
+                                    name: "rook-ceph-object-user-waw-hdd-redundant-1-object-registry",
+                                    key: "SecretKey",
+                                }},
+                            },
                         },
                     },
                 },