diff options
| -rw-r--r-- | k8s/README.md | 26 | ||||
| -rw-r--r-- | k8s/seaweedfs/templates/seaweedfs-s3-secret.yaml | 21 |
2 files changed, 41 insertions, 6 deletions
diff --git a/k8s/README.md b/k8s/README.md index 6a1eb7a05..36230f7b2 100644 --- a/k8s/README.md +++ b/k8s/README.md @@ -9,18 +9,32 @@ and backup/HA memsql can provide. with ENV. * cert config exists and can be enabled, but not been tested. -### current instances config (AIO): -1 instance for each type (master/filer/volume/s3) +### prerequisites +kubernetes node have labels which help to define which node(Host) will run which pod. + +s3/filer/master needs the label **sw-backend=true** -To avoid multiple volume servers on the same node, apply these node labels: -* sw-volume: true (for volume instance, specific tag) -* sw-backend: true (for all others, as they less resource demanding) +volume need the label **sw-volume=true** + +to label a node to be able to run all pod types in k8s: ``` kubectl label node YOUR_NODE_NAME sw-volume=true,sw-backend=true ``` +on production k8s deployment you will want each pod to have a different host, +especially the volume server & the masters, currently all pods (master/volume/filer) +have anti-affinity rule to disallow running multiple pod type on the same host. +if you still want to run multiple pods of the same type (master/volume/filer) on the same host +please set/update the corresponding affinity rule in values.yaml to an empty one: + +```affinity: ""``` + + +### current instances config (AIO): +1 instance for each type (master/filer+s3/volume) + you can update the replicas count for each node type in values.yaml, -need to add more nodes with the corresponding label. +need to add more nodes with the corresponding labels. most of the configuration are available through values.yaml diff --git a/k8s/seaweedfs/templates/seaweedfs-s3-secret.yaml b/k8s/seaweedfs/templates/seaweedfs-s3-secret.yaml new file mode 100644 index 000000000..66fd5f28e --- /dev/null +++ b/k8s/seaweedfs/templates/seaweedfs-s3-secret.yaml @@ -0,0 +1,21 @@ +{{- if not (or .Values.filer.s3.skipAuthSecretCreation .Values.s3.skipAuthSecretCreation) }} +{{- $access_key_admin := randAlphaNum 16 -}} +{{- $secret_key_admin := randAlphaNum 32 -}} +{{- $access_key_read := randAlphaNum 16 -}} +{{- $secret_key_read := randAlphaNum 32 -}} +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: seaweedfs-s3-secret + namespace: {{ .Release.Namespace }} + annotations: + "helm.sh/resource-policy": keep + "helm.sh/hook": "pre-install" +stringData: + admin_access_key_id: {{ $access_key_admin }} + admin_secret_access_key: {{ $secret_key_admin }} + read_access_key_id: {{ $access_key_read }} + read_secret_access_key: {{ $secret_key_read }} + seaweedfs_s3_config: '{"identities":[{"name":"anvAdmin","credentials":[{"accessKey":"{{ $access_key_admin }}","secretKey":"{{ $secret_key_admin }}"}],"actions":["Admin","Read","Write"]},{"name":"anvReadOnly","credentials":[{"accessKey":"{{ $access_key_read }}","secretKey":"{{ $secret_key_read }}"}],"actions":["Read"]}]}' +{{- end }}
\ No newline at end of file |