From 8d8b23628a2bf89245fa9392eb4b02e38aac4859 Mon Sep 17 00:00:00 2001 From: Rub21 Date: Thu, 16 Oct 2025 16:25:50 -0500 Subject: [PATCH 01/10] Add affinity config - web --- .../templates/cgimap/cgimap-deployment.yaml | 25 ++++++++++++-- .../memcached/memcached-deployment.yml | 24 +++++++++++-- osm-seed/templates/web/web-deployment.yaml | 34 +++++++++++++++++-- 3 files changed, 74 insertions(+), 9 deletions(-) diff --git a/osm-seed/templates/cgimap/cgimap-deployment.yaml b/osm-seed/templates/cgimap/cgimap-deployment.yaml index 9ce70584..52078055 100644 --- a/osm-seed/templates/cgimap/cgimap-deployment.yaml +++ b/osm-seed/templates/cgimap/cgimap-deployment.yaml @@ -68,8 +68,27 @@ spec: value: {{ .Values.web.env.WEBSITE_STATUS }} - name: MEMCACHE_SERVER value: {{ .Release.Name }}-memcached:11211 - {{- if .Values.cgimap.nodeSelector.enabled }} - nodeSelector: - {{ .Values.cgimap.nodeSelector.label_key }} : {{ .Values.cgimap.nodeSelector.label_value }} + # {{- if .Values.cgimap.nodeSelector.enabled }} + # nodeSelector: + # {{ .Values.cgimap.nodeSelector.label_key }} : {{ .Values.cgimap.nodeSelector.label_value }} + # {{- end }} + + # Affinity settings + {{- if .Values.cgimap.nodeAffinity.enabled }} + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: {{ .Values.cgimap.nodeAffinity.key }} + operator: In + values: + {{- range .Values.cgimap.nodeAffinity.values }} + - {{ . | quote }} + {{- end }} + {{- end }} + {{- if .Values.cgimap.tolerations }} + tolerations: +{{ toYaml .Values.cgimap.tolerations | indent 8 }} {{- end }} {{- end }} diff --git a/osm-seed/templates/memcached/memcached-deployment.yml b/osm-seed/templates/memcached/memcached-deployment.yml index cebad86e..8f6b032b 100644 --- a/osm-seed/templates/memcached/memcached-deployment.yml +++ b/osm-seed/templates/memcached/memcached-deployment.yml @@ -39,8 +39,26 @@ spec: memory: {{ .Values.memcached.resources.limits.memory }} cpu: {{ .Values.memcached.resources.limits.cpu }} {{- end }} - {{- if .Values.memcached.nodeSelector.enabled }} - nodeSelector: - {{ .Values.memcached.nodeSelector.label_key }} : {{ .Values.memcached.nodeSelector.label_value }} + # {{- if .Values.memcached.nodeSelector.enabled }} + # nodeSelector: + # {{ .Values.memcached.nodeSelector.label_key }} : {{ .Values.memcached.nodeSelector.label_value }} + # {{- end }} + # Affinity settings + {{- if .Values.cgimap.nodeAffinity.enabled }} + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: {{ .Values.cgimap.nodeAffinity.key }} + operator: In + values: + {{- range .Values.cgimap.nodeAffinity.values }} + - {{ . | quote }} + {{- end }} + {{- end }} + {{- if .Values.cgimap.tolerations }} + tolerations: +{{ toYaml .Values.cgimap.tolerations | indent 8 }} {{- end }} {{- end }} \ No newline at end of file diff --git a/osm-seed/templates/web/web-deployment.yaml b/osm-seed/templates/web/web-deployment.yaml index dca9eca3..cea50cb7 100644 --- a/osm-seed/templates/web/web-deployment.yaml +++ b/osm-seed/templates/web/web-deployment.yaml @@ -22,6 +22,9 @@ spec: release: {{ .Release.Name }} run: {{ .Release.Name }}-web spec: + {{- if .Values.web.serviceAccount.enable }} + serviceAccountName: {{ .Values.web.serviceAccount.name }} + {{- end }} priorityClassName: {{ .Release.Name }}-{{ .Values.web.priorityClass | default "high-priority" }} containers: - name: {{ .Chart.Name }}-web @@ -186,8 +189,33 @@ spec: medium: Memory sizeLimit: {{ .Values.web.sharedMemorySize }} name: shared-memory - {{- if .Values.web.nodeSelector.enabled }} - nodeSelector: - {{ .Values.web.nodeSelector.label_key }} : {{ .Values.web.nodeSelector.label_value }} + + # Node affinity + {{- if .Values.web.nodeAffinity.enabled }} + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: {{ .Values.web.nodeAffinity.key }} + operator: In + values: + {{- range .Values.web.nodeAffinity.values }} + - {{ . | quote }} + {{- end }} + # Pod anti-affinity, to set that no two pods are scheduled on the same node + {{- if .Values.web.podAntiAffinity.enabled }} + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + app: {{ template "osm-seed.name" . }} + component: web-deployment + topologyKey: "kubernetes.io/hostname" + {{- end }} + {{- end }} + {{- if .Values.web.tolerations }} + tolerations: +{{ toYaml .Values.web.tolerations | indent 8 }} {{- end }} {{- end }} From b231e2d8b6f644bd9f300a932c9c7fb21913872f Mon Sep 17 00:00:00 2001 From: Rub21 Date: Thu, 16 Oct 2025 17:30:37 -0500 Subject: [PATCH 02/10] update config for nodeAffinity and tolerations --- .../templates/cgimap/cgimap-deployment.yaml | 5 +- osm-seed/templates/db/db-statefulset.yaml | 23 ++++++-- .../memcached/memcached-deployment.yml | 10 ++-- osm-seed/templates/web/web-deployment.yaml | 4 +- osm-seed/templates/web/web-hpa.yaml | 4 +- osm-seed/values.yaml | 53 ++++++++++++++++++- 6 files changed, 82 insertions(+), 17 deletions(-) diff --git a/osm-seed/templates/cgimap/cgimap-deployment.yaml b/osm-seed/templates/cgimap/cgimap-deployment.yaml index 52078055..6c49a764 100644 --- a/osm-seed/templates/cgimap/cgimap-deployment.yaml +++ b/osm-seed/templates/cgimap/cgimap-deployment.yaml @@ -72,7 +72,6 @@ spec: # nodeSelector: # {{ .Values.cgimap.nodeSelector.label_key }} : {{ .Values.cgimap.nodeSelector.label_value }} # {{- end }} - # Affinity settings {{- if .Values.cgimap.nodeAffinity.enabled }} affinity: @@ -87,8 +86,8 @@ spec: - {{ . | quote }} {{- end }} {{- end }} - {{- if .Values.cgimap.tolerations }} + {{- if and .Values.cgimap.tolerations .Values.cgimap.tolerations.enabled }} tolerations: -{{ toYaml .Values.cgimap.tolerations | indent 8 }} +{{ toYaml .Values.cgimap.tolerations.config | indent 8 }} {{- end }} {{- end }} diff --git a/osm-seed/templates/db/db-statefulset.yaml b/osm-seed/templates/db/db-statefulset.yaml index dee980ef..17377c73 100644 --- a/osm-seed/templates/db/db-statefulset.yaml +++ b/osm-seed/templates/db/db-statefulset.yaml @@ -114,8 +114,25 @@ spec: configMap: name: {{ .Release.Name }}-db-postgresql-config {{- end }} - {{- if .Values.db.nodeSelector.enabled }} - nodeSelector: - {{ .Values.db.nodeSelector.label_key }} : {{ .Values.db.nodeSelector.label_value }} + # {{- if .Values.db.nodeSelector.enabled }} + # nodeSelector: + # {{ .Values.db.nodeSelector.label_key }} : {{ .Values.db.nodeSelector.label_value }} + # {{- end }} + {{- if .Values.db.nodeAffinity.enabled }} + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: {{ .Values.db.nodeAffinity.key }} + operator: In + values: + {{- range .Values.db.nodeAffinity.values }} + - {{ . | quote }} + {{- end }} + {{- end }} + {{- if and .Values.db.tolerations .Values.db.tolerations.enabled }} + tolerations: +{{ toYaml .Values.db.tolerations.config | indent 8 }} {{- end }} {{- end }} diff --git a/osm-seed/templates/memcached/memcached-deployment.yml b/osm-seed/templates/memcached/memcached-deployment.yml index 8f6b032b..2cc3b4cf 100644 --- a/osm-seed/templates/memcached/memcached-deployment.yml +++ b/osm-seed/templates/memcached/memcached-deployment.yml @@ -44,21 +44,21 @@ spec: # {{ .Values.memcached.nodeSelector.label_key }} : {{ .Values.memcached.nodeSelector.label_value }} # {{- end }} # Affinity settings - {{- if .Values.cgimap.nodeAffinity.enabled }} + {{- if .Values.memcached.nodeAffinity.enabled }} affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - - key: {{ .Values.cgimap.nodeAffinity.key }} + - key: {{ .Values.memcached.nodeAffinity.key }} operator: In values: - {{- range .Values.cgimap.nodeAffinity.values }} + {{- range .Values.memcached.nodeAffinity.values }} - {{ . | quote }} {{- end }} {{- end }} - {{- if .Values.cgimap.tolerations }} + {{- if and .Values.memcached.tolerations .Values.memcached.tolerations.enabled }} tolerations: -{{ toYaml .Values.cgimap.tolerations | indent 8 }} +{{ toYaml .Values.memcached.tolerations.config | indent 8 }} {{- end }} {{- end }} \ No newline at end of file diff --git a/osm-seed/templates/web/web-deployment.yaml b/osm-seed/templates/web/web-deployment.yaml index cea50cb7..d2a24ef8 100644 --- a/osm-seed/templates/web/web-deployment.yaml +++ b/osm-seed/templates/web/web-deployment.yaml @@ -214,8 +214,8 @@ spec: topologyKey: "kubernetes.io/hostname" {{- end }} {{- end }} - {{- if .Values.web.tolerations }} + {{- if and .Values.web.tolerations .Values.web.tolerations.enabled }} tolerations: -{{ toYaml .Values.web.tolerations | indent 8 }} +{{ toYaml .Values.web.tolerations.config | indent 8 }} {{- end }} {{- end }} diff --git a/osm-seed/templates/web/web-hpa.yaml b/osm-seed/templates/web/web-hpa.yaml index 82684065..91c702fb 100644 --- a/osm-seed/templates/web/web-hpa.yaml +++ b/osm-seed/templates/web/web-hpa.yaml @@ -11,7 +11,7 @@ spec: minReplicas: {{ .Values.web.autoscaling.minReplicas }} maxReplicas: {{ .Values.web.autoscaling.maxReplicas }} metrics: - {{- if .Values.web.autoscaling.cpuUtilization.enable }} + {{- if .Values.web.autoscaling.cpuUtilization.enabled }} - type: Resource resource: name: cpu @@ -19,7 +19,7 @@ spec: type: Utilization averageUtilization: {{ .Values.web.autoscaling.cpuUtilization.value }} {{- end }} - {{- if .Values.web.autoscaling.memoryUtilization.enable }} + {{- if .Values.web.autoscaling.memoryUtilization.enabled }} - type: Resource resource: name: memory diff --git a/osm-seed/values.yaml b/osm-seed/values.yaml index 7158b8f2..039c3d1a 100644 --- a/osm-seed/values.yaml +++ b/osm-seed/values.yaml @@ -135,7 +135,17 @@ db: max_worker_processes = 4 max_parallel_workers_per_gather = 2 max_parallel_workers = 4 - + nodeAffinity: + enabled: false + key: "nodegroup_type" + values: ["karpenter"] + tolerations: + enabled: false + config: + - key: "nodegroup_type" + operator: "Equal" + value: "karpenter" + effect: "NoSchedule" # ==================================================================================================== # Variables for osm-seed website # ==================================================================================================== @@ -144,6 +154,10 @@ web: image: name: "" tag: "" + serviceAccount: + enabled: false + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::123456789012:role/osm-seed-web-s3-sqs-role priorityClass: "high-priority" replicaCount: 1 ingressDomain: www.dev.osmseed.org @@ -206,6 +220,20 @@ web: periodSeconds: 60 sharedMemorySize: 256Mi livenessProbeExec: true + + nodeAffinity: + enabled: false + key: "nodegroup_type" + values: ["karpenter"] + podAntiAffinity: # To set that no two pods are scheduled on the same node + enabled: false + tolerations: + enabled: false + config: + - key: "nodegroup_type" + operator: "Equal" + value: "karpenter" + effect: "NoSchedule" # ==================================================================================================== # Variables for memcached. Memcached is used to store session cookies # ==================================================================================================== @@ -226,7 +254,17 @@ memcached: enabled: false memory: "2Gi" cpu: "2" - + nodeAffinity: + enabled: false + key: "nodegroup_type" + values: ["karpenter"] + tolerations: + enabled: false + config: + - key: "nodegroup_type" + operator: "Equal" + value: "karpenter" + effect: "NoSchedule" # ==================================================================================================== # Cgimap # ==================================================================================================== @@ -254,6 +292,17 @@ cgimap: maxReplicas: 4 cpuUtilization: 60 memoryUtilization: 60 + nodeAffinity: + enabled: false + key: "nodegroup_type" + values: ["karpenter"] + tolerations: + enabled: false + config: + - key: "nodegroup_type" + operator: "Equal" + value: "karpenter" + effect: "NoSchedule" # ==================================================================================================== # Variables for full-history container # ==================================================================================================== From c91534960a5ee53a0f29ef4aa2b7db37cc5ffddd Mon Sep 17 00:00:00 2001 From: Rub21 Date: Fri, 17 Oct 2025 14:54:51 -0500 Subject: [PATCH 03/10] Remove tolerations --- .../templates/cgimap/cgimap-deployment.yaml | 4 -- osm-seed/templates/db/db-statefulset.yaml | 8 ---- .../memcached/memcached-deployment.yml | 4 -- osm-seed/templates/web/web-deployment.yaml | 4 -- osm-seed/values.yaml | 38 +++---------------- 5 files changed, 5 insertions(+), 53 deletions(-) diff --git a/osm-seed/templates/cgimap/cgimap-deployment.yaml b/osm-seed/templates/cgimap/cgimap-deployment.yaml index 6c49a764..c594a7eb 100644 --- a/osm-seed/templates/cgimap/cgimap-deployment.yaml +++ b/osm-seed/templates/cgimap/cgimap-deployment.yaml @@ -86,8 +86,4 @@ spec: - {{ . | quote }} {{- end }} {{- end }} - {{- if and .Values.cgimap.tolerations .Values.cgimap.tolerations.enabled }} - tolerations: -{{ toYaml .Values.cgimap.tolerations.config | indent 8 }} - {{- end }} {{- end }} diff --git a/osm-seed/templates/db/db-statefulset.yaml b/osm-seed/templates/db/db-statefulset.yaml index 17377c73..664e03ed 100644 --- a/osm-seed/templates/db/db-statefulset.yaml +++ b/osm-seed/templates/db/db-statefulset.yaml @@ -114,10 +114,6 @@ spec: configMap: name: {{ .Release.Name }}-db-postgresql-config {{- end }} - # {{- if .Values.db.nodeSelector.enabled }} - # nodeSelector: - # {{ .Values.db.nodeSelector.label_key }} : {{ .Values.db.nodeSelector.label_value }} - # {{- end }} {{- if .Values.db.nodeAffinity.enabled }} affinity: nodeAffinity: @@ -131,8 +127,4 @@ spec: - {{ . | quote }} {{- end }} {{- end }} - {{- if and .Values.db.tolerations .Values.db.tolerations.enabled }} - tolerations: -{{ toYaml .Values.db.tolerations.config | indent 8 }} - {{- end }} {{- end }} diff --git a/osm-seed/templates/memcached/memcached-deployment.yml b/osm-seed/templates/memcached/memcached-deployment.yml index 2cc3b4cf..ba06e609 100644 --- a/osm-seed/templates/memcached/memcached-deployment.yml +++ b/osm-seed/templates/memcached/memcached-deployment.yml @@ -57,8 +57,4 @@ spec: - {{ . | quote }} {{- end }} {{- end }} - {{- if and .Values.memcached.tolerations .Values.memcached.tolerations.enabled }} - tolerations: -{{ toYaml .Values.memcached.tolerations.config | indent 8 }} - {{- end }} {{- end }} \ No newline at end of file diff --git a/osm-seed/templates/web/web-deployment.yaml b/osm-seed/templates/web/web-deployment.yaml index d2a24ef8..0530c217 100644 --- a/osm-seed/templates/web/web-deployment.yaml +++ b/osm-seed/templates/web/web-deployment.yaml @@ -214,8 +214,4 @@ spec: topologyKey: "kubernetes.io/hostname" {{- end }} {{- end }} - {{- if and .Values.web.tolerations .Values.web.tolerations.enabled }} - tolerations: -{{ toYaml .Values.web.tolerations.config | indent 8 }} - {{- end }} {{- end }} diff --git a/osm-seed/values.yaml b/osm-seed/values.yaml index 039c3d1a..bc2dfa02 100644 --- a/osm-seed/values.yaml +++ b/osm-seed/values.yaml @@ -138,14 +138,7 @@ db: nodeAffinity: enabled: false key: "nodegroup_type" - values: ["karpenter"] - tolerations: - enabled: false - config: - - key: "nodegroup_type" - operator: "Equal" - value: "karpenter" - effect: "NoSchedule" + values: ["database"] # ==================================================================================================== # Variables for osm-seed website # ==================================================================================================== @@ -222,18 +215,11 @@ web: livenessProbeExec: true nodeAffinity: - enabled: false + enabled: true key: "nodegroup_type" - values: ["karpenter"] + values: ["web"] podAntiAffinity: # To set that no two pods are scheduled on the same node enabled: false - tolerations: - enabled: false - config: - - key: "nodegroup_type" - operator: "Equal" - value: "karpenter" - effect: "NoSchedule" # ==================================================================================================== # Variables for memcached. Memcached is used to store session cookies # ==================================================================================================== @@ -257,14 +243,7 @@ memcached: nodeAffinity: enabled: false key: "nodegroup_type" - values: ["karpenter"] - tolerations: - enabled: false - config: - - key: "nodegroup_type" - operator: "Equal" - value: "karpenter" - effect: "NoSchedule" + values: ["web"] # ==================================================================================================== # Cgimap # ==================================================================================================== @@ -295,14 +274,7 @@ cgimap: nodeAffinity: enabled: false key: "nodegroup_type" - values: ["karpenter"] - tolerations: - enabled: false - config: - - key: "nodegroup_type" - operator: "Equal" - value: "karpenter" - effect: "NoSchedule" + values: ["web"] # ==================================================================================================== # Variables for full-history container # ==================================================================================================== From 4c4782da727ea31b46846c122b1b9bd90dd8e575 Mon Sep 17 00:00:00 2001 From: Rub21 Date: Fri, 17 Oct 2025 14:59:24 -0500 Subject: [PATCH 04/10] Keep nodeselector just in case --- osm-seed/templates/cgimap/cgimap-deployment.yaml | 8 ++++---- osm-seed/templates/db/db-statefulset.yaml | 4 ++++ osm-seed/templates/memcached/memcached-deployment.yml | 8 ++++---- osm-seed/templates/web/web-deployment.yaml | 5 ++++- 4 files changed, 16 insertions(+), 9 deletions(-) diff --git a/osm-seed/templates/cgimap/cgimap-deployment.yaml b/osm-seed/templates/cgimap/cgimap-deployment.yaml index c594a7eb..c3f452d6 100644 --- a/osm-seed/templates/cgimap/cgimap-deployment.yaml +++ b/osm-seed/templates/cgimap/cgimap-deployment.yaml @@ -68,10 +68,10 @@ spec: value: {{ .Values.web.env.WEBSITE_STATUS }} - name: MEMCACHE_SERVER value: {{ .Release.Name }}-memcached:11211 - # {{- if .Values.cgimap.nodeSelector.enabled }} - # nodeSelector: - # {{ .Values.cgimap.nodeSelector.label_key }} : {{ .Values.cgimap.nodeSelector.label_value }} - # {{- end }} + {{- if .Values.cgimap.nodeSelector.enabled }} + nodeSelector: + {{ .Values.cgimap.nodeSelector.label_key }} : {{ .Values.cgimap.nodeSelector.label_value }} + {{- end }} # Affinity settings {{- if .Values.cgimap.nodeAffinity.enabled }} affinity: diff --git a/osm-seed/templates/db/db-statefulset.yaml b/osm-seed/templates/db/db-statefulset.yaml index 664e03ed..c999445f 100644 --- a/osm-seed/templates/db/db-statefulset.yaml +++ b/osm-seed/templates/db/db-statefulset.yaml @@ -114,6 +114,10 @@ spec: configMap: name: {{ .Release.Name }}-db-postgresql-config {{- end }} + {{- if .Values.db.nodeSelector.enabled }} + nodeSelector: + {{ .Values.db.nodeSelector.label_key }} : {{ .Values.db.nodeSelector.label_value }} + {{- end }} {{- if .Values.db.nodeAffinity.enabled }} affinity: nodeAffinity: diff --git a/osm-seed/templates/memcached/memcached-deployment.yml b/osm-seed/templates/memcached/memcached-deployment.yml index ba06e609..cf9ed54e 100644 --- a/osm-seed/templates/memcached/memcached-deployment.yml +++ b/osm-seed/templates/memcached/memcached-deployment.yml @@ -39,10 +39,10 @@ spec: memory: {{ .Values.memcached.resources.limits.memory }} cpu: {{ .Values.memcached.resources.limits.cpu }} {{- end }} - # {{- if .Values.memcached.nodeSelector.enabled }} - # nodeSelector: - # {{ .Values.memcached.nodeSelector.label_key }} : {{ .Values.memcached.nodeSelector.label_value }} - # {{- end }} + {{- if .Values.memcached.nodeSelector.enabled }} + nodeSelector: + {{ .Values.memcached.nodeSelector.label_key }} : {{ .Values.memcached.nodeSelector.label_value }} + {{- end }} # Affinity settings {{- if .Values.memcached.nodeAffinity.enabled }} affinity: diff --git a/osm-seed/templates/web/web-deployment.yaml b/osm-seed/templates/web/web-deployment.yaml index 0530c217..b649c4dd 100644 --- a/osm-seed/templates/web/web-deployment.yaml +++ b/osm-seed/templates/web/web-deployment.yaml @@ -189,7 +189,10 @@ spec: medium: Memory sizeLimit: {{ .Values.web.sharedMemorySize }} name: shared-memory - + {{- if .Values.web.nodeSelector.enabled }} + nodeSelector: + {{ .Values.web.nodeSelector.label_key }} : {{ .Values.web.nodeSelector.label_value }} + {{- end }} # Node affinity {{- if .Values.web.nodeAffinity.enabled }} affinity: From 8656416ff3118e0083b543a3c6e2133bf6b7d011 Mon Sep 17 00:00:00 2001 From: Rub21 Date: Fri, 17 Oct 2025 15:26:59 -0500 Subject: [PATCH 05/10] Add affinity config --- .../changeset-replication-job-deployment.yaml | 14 ++ osm-seed/templates/jobs/full-history-job.yaml | 14 ++ .../jobs/osm-simple-metrics-job.yaml | 14 ++ osm-seed/templates/jobs/planet-dump-job.yaml | 22 +- .../templates/jobs/populate-apidb-job.yaml | 14 ++ .../jobs/replication-job-deployment.yaml | 14 ++ .../jobs/replication-monitoring-job.yaml | 22 +- .../nominatim-api/nominatim-statefulset.yaml | 14 ++ osm-seed/templates/osmcha-app/deployment.yaml | 14 ++ .../osmcha-db/osmcha-db-statefulset.yaml | 14 ++ .../overpass-api-statefulset.yaml | 14 ++ .../templates/taginfo/taginfo-deployment.yaml | 14 ++ .../tasking-manager-api/tm-deployment.yaml | 14 ++ .../tasking-manager-db/tm-db-statefulset.yaml | 14 ++ .../tiler-db/tiler-db-statefulset.yaml | 14 ++ .../tiler-imposm-statefulset.yaml | 14 ++ .../tiler-server/tiler-server-deployment.yaml | 14 ++ .../tiler-server-statefulset.yaml | 14 ++ osm-seed/values.yaml | 188 ++++++++++++++---- 19 files changed, 414 insertions(+), 42 deletions(-) diff --git a/osm-seed/templates/jobs/changeset-replication-job-deployment.yaml b/osm-seed/templates/jobs/changeset-replication-job-deployment.yaml index 0f672714..d0614909 100644 --- a/osm-seed/templates/jobs/changeset-replication-job-deployment.yaml +++ b/osm-seed/templates/jobs/changeset-replication-job-deployment.yaml @@ -72,4 +72,18 @@ spec: nodeSelector: {{ .Values.changesetReplicationJob.nodeSelector.label_key }} : {{ .Values.changesetReplicationJob.nodeSelector.label_value }} {{- end }} + # Affinity settings + {{- if .Values.changesetReplicationJob.nodeAffinity.enabled }} + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: {{ .Values.changesetReplicationJob.nodeAffinity.key }} + operator: In + values: + {{- range .Values.changesetReplicationJob.nodeAffinity.values }} + - {{ . | quote }} + {{- end }} + {{- end }} {{- end }} \ No newline at end of file diff --git a/osm-seed/templates/jobs/full-history-job.yaml b/osm-seed/templates/jobs/full-history-job.yaml index a0812929..f9cab3dc 100644 --- a/osm-seed/templates/jobs/full-history-job.yaml +++ b/osm-seed/templates/jobs/full-history-job.yaml @@ -82,5 +82,19 @@ spec: nodeSelector: {{ .Values.fullHistory.nodeSelector.label_key }} : {{ .Values.fullHistory.nodeSelector.label_value }} {{- end }} + # Affinity settings + {{- if .Values.fullHistory.nodeAffinity.enabled }} + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: {{ .Values.fullHistory.nodeAffinity.key }} + operator: In + values: + {{- range .Values.fullHistory.nodeAffinity.values }} + - {{ . | quote }} + {{- end }} + {{- end }} backoffLimit: 3 {{- end }} \ No newline at end of file diff --git a/osm-seed/templates/jobs/osm-simple-metrics-job.yaml b/osm-seed/templates/jobs/osm-simple-metrics-job.yaml index 5090d038..77019be5 100644 --- a/osm-seed/templates/jobs/osm-simple-metrics-job.yaml +++ b/osm-seed/templates/jobs/osm-simple-metrics-job.yaml @@ -66,4 +66,18 @@ spec: nodeSelector: {{ .Values.osmSimpleMetrics.nodeSelector.label_key }}: {{ .Values.osmSimpleMetrics.nodeSelector.label_value }} {{- end }} + # Affinity settings + {{- if .Values.osmSimpleMetrics.nodeAffinity.enabled }} + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: {{ .Values.osmSimpleMetrics.nodeAffinity.key }} + operator: In + values: + {{- range .Values.osmSimpleMetrics.nodeAffinity.values }} + - {{ . | quote }} + {{- end }} + {{- end }} {{- end }} diff --git a/osm-seed/templates/jobs/planet-dump-job.yaml b/osm-seed/templates/jobs/planet-dump-job.yaml index 21a75be9..a026b36f 100644 --- a/osm-seed/templates/jobs/planet-dump-job.yaml +++ b/osm-seed/templates/jobs/planet-dump-job.yaml @@ -19,10 +19,6 @@ spec: ttlSecondsAfterFinished: 300 template: spec: - {{- if .Values.planetDump.nodeSelector.enabled }} - nodeSelector: - {{ .Values.planetDump.nodeSelector.label_key }} : {{ .Values.planetDump.nodeSelector.label_value }} - {{- end }} containers: - name: {{ .Release.Name }}-planet-dump-job image: {{ .Values.planetDump.image.name }}:{{ .Values.planetDump.image.tag }} @@ -82,5 +78,23 @@ spec: value: {{ .Values.planetDump.resources.requests.memory | default "2Gi" | quote}} {{- end }} restartPolicy: OnFailure + {{- if .Values.planetDump.nodeSelector.enabled }} + nodeSelector: + {{ .Values.planetDump.nodeSelector.label_key }} : {{ .Values.planetDump.nodeSelector.label_value }} + {{- end }} + # Affinity settings + {{- if .Values.planetDump.nodeAffinity.enabled }} + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: {{ .Values.planetDump.nodeAffinity.key }} + operator: In + values: + {{- range .Values.planetDump.nodeAffinity.values }} + - {{ . | quote }} + {{- end }} + {{- end }} backoffLimit: 3 {{- end }} \ No newline at end of file diff --git a/osm-seed/templates/jobs/populate-apidb-job.yaml b/osm-seed/templates/jobs/populate-apidb-job.yaml index 5377718a..03de59f7 100644 --- a/osm-seed/templates/jobs/populate-apidb-job.yaml +++ b/osm-seed/templates/jobs/populate-apidb-job.yaml @@ -44,4 +44,18 @@ spec: nodeSelector: {{ .Values.populateApidb.nodeSelector.label_key }} : {{ .Values.populateApidb.nodeSelector.label_value }} {{- end }} + # Affinity settings + {{- if .Values.populateApidb.nodeAffinity.enabled }} + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: {{ .Values.populateApidb.nodeAffinity.key }} + operator: In + values: + {{- range .Values.populateApidb.nodeAffinity.values }} + - {{ . | quote }} + {{- end }} + {{- end }} {{- end }} \ No newline at end of file diff --git a/osm-seed/templates/jobs/replication-job-deployment.yaml b/osm-seed/templates/jobs/replication-job-deployment.yaml index 1851906c..5f40a383 100644 --- a/osm-seed/templates/jobs/replication-job-deployment.yaml +++ b/osm-seed/templates/jobs/replication-job-deployment.yaml @@ -89,4 +89,18 @@ spec: nodeSelector: {{ .Values.replicationJob.nodeSelector.label_key }} : {{ .Values.replicationJob.nodeSelector.label_value }} {{- end }} + # Affinity settings + {{- if .Values.replicationJob.nodeAffinity.enabled }} + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: {{ .Values.replicationJob.nodeAffinity.key }} + operator: In + values: + {{- range .Values.replicationJob.nodeAffinity.values }} + - {{ . | quote }} + {{- end }} + {{- end }} {{- end }} \ No newline at end of file diff --git a/osm-seed/templates/jobs/replication-monitoring-job.yaml b/osm-seed/templates/jobs/replication-monitoring-job.yaml index ff07c7e6..b6db4fbd 100644 --- a/osm-seed/templates/jobs/replication-monitoring-job.yaml +++ b/osm-seed/templates/jobs/replication-monitoring-job.yaml @@ -19,10 +19,6 @@ spec: ttlSecondsAfterFinished: 60 template: spec: - {{- if .Values.monitoringReplication.nodeSelector.enabled }} - nodeSelector: - {{ .Values.monitoringReplication.nodeSelector.label_key }} : {{ .Values.monitoringReplication.nodeSelector.label_value }} - {{- end }} containers: - name: {{ .Release.Name }}-replication-monitoring-job image: {{ .Values.monitoringReplication.image.name }}:{{ .Values.monitoringReplication.image.tag }} @@ -78,5 +74,23 @@ spec: value: {{ .Values.monitoringReplication.resources.requests.memory | default "2Gi" | quote}} {{- end }} restartPolicy: OnFailure + {{- if .Values.monitoringReplication.nodeSelector.enabled }} + nodeSelector: + {{ .Values.monitoringReplication.nodeSelector.label_key }} : {{ .Values.monitoringReplication.nodeSelector.label_value }} + {{- end }} + # Affinity settings + {{- if .Values.monitoringReplication.nodeAffinity.enabled }} + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: {{ .Values.monitoringReplication.nodeAffinity.key }} + operator: In + values: + {{- range .Values.monitoringReplication.nodeAffinity.values }} + - {{ . | quote }} + {{- end }} + {{- end }} backoffLimit: 3 {{- end }} \ No newline at end of file diff --git a/osm-seed/templates/nominatim-api/nominatim-statefulset.yaml b/osm-seed/templates/nominatim-api/nominatim-statefulset.yaml index fc0aaa5b..bf83a75e 100644 --- a/osm-seed/templates/nominatim-api/nominatim-statefulset.yaml +++ b/osm-seed/templates/nominatim-api/nominatim-statefulset.yaml @@ -124,4 +124,18 @@ spec: nodeSelector: {{ .Values.nominatimApi.nodeSelector.label_key }} : {{ .Values.nominatimApi.nodeSelector.label_value }} {{- end }} + # Affinity settings + {{- if .Values.nominatimApi.nodeAffinity.enabled }} + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: {{ .Values.nominatimApi.nodeAffinity.key }} + operator: In + values: + {{- range .Values.nominatimApi.nodeAffinity.values }} + - {{ . | quote }} + {{- end }} + {{- end }} {{- end }} diff --git a/osm-seed/templates/osmcha-app/deployment.yaml b/osm-seed/templates/osmcha-app/deployment.yaml index 52475326..51ad624f 100644 --- a/osm-seed/templates/osmcha-app/deployment.yaml +++ b/osm-seed/templates/osmcha-app/deployment.yaml @@ -88,5 +88,19 @@ spec: nodeSelector: {{ .Values.osmchaApi.nodeSelector.label_key }} : {{ .Values.osmchaApi.nodeSelector.label_value }} {{- end }} + # Affinity settings + {{- if .Values.osmchaApi.nodeAffinity.enabled }} + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: {{ .Values.osmchaApi.nodeAffinity.key }} + operator: In + values: + {{- range .Values.osmchaApi.nodeAffinity.values }} + - {{ . | quote }} + {{- end }} + {{- end }} {{- end }} diff --git a/osm-seed/templates/osmcha-db/osmcha-db-statefulset.yaml b/osm-seed/templates/osmcha-db/osmcha-db-statefulset.yaml index c196ce25..25088c40 100644 --- a/osm-seed/templates/osmcha-db/osmcha-db-statefulset.yaml +++ b/osm-seed/templates/osmcha-db/osmcha-db-statefulset.yaml @@ -96,4 +96,18 @@ spec: nodeSelector: {{ .Values.osmchaDb.nodeSelector.label_key }} : {{ .Values.osmchaDb.nodeSelector.label_value }} {{- end }} + # Affinity settings + {{- if .Values.osmchaDb.nodeAffinity.enabled }} + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: {{ .Values.osmchaDb.nodeAffinity.key }} + operator: In + values: + {{- range .Values.osmchaDb.nodeAffinity.values }} + - {{ . | quote }} + {{- end }} + {{- end }} {{- end }} diff --git a/osm-seed/templates/overpass-api/overpass-api-statefulset.yaml b/osm-seed/templates/overpass-api/overpass-api-statefulset.yaml index b04e1f96..f4ea9a15 100644 --- a/osm-seed/templates/overpass-api/overpass-api-statefulset.yaml +++ b/osm-seed/templates/overpass-api/overpass-api-statefulset.yaml @@ -92,4 +92,18 @@ spec: nodeSelector: {{ .Values.overpassApi.nodeSelector.label_key }} : {{ .Values.overpassApi.nodeSelector.label_value }} {{- end }} + # Affinity settings + {{- if .Values.overpassApi.nodeAffinity.enabled }} + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: {{ .Values.overpassApi.nodeAffinity.key }} + operator: In + values: + {{- range .Values.overpassApi.nodeAffinity.values }} + - {{ . | quote }} + {{- end }} + {{- end }} {{- end }} diff --git a/osm-seed/templates/taginfo/taginfo-deployment.yaml b/osm-seed/templates/taginfo/taginfo-deployment.yaml index 2acf87df..f321f716 100644 --- a/osm-seed/templates/taginfo/taginfo-deployment.yaml +++ b/osm-seed/templates/taginfo/taginfo-deployment.yaml @@ -61,4 +61,18 @@ spec: nodeSelector: {{ .Values.taginfo.nodeSelector.label_key }} : {{ .Values.taginfo.nodeSelector.label_value }} {{- end }} + # Affinity settings + {{- if .Values.taginfo.nodeAffinity.enabled }} + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: {{ .Values.taginfo.nodeAffinity.key }} + operator: In + values: + {{- range .Values.taginfo.nodeAffinity.values }} + - {{ . | quote }} + {{- end }} + {{- end }} {{- end }} diff --git a/osm-seed/templates/tasking-manager-api/tm-deployment.yaml b/osm-seed/templates/tasking-manager-api/tm-deployment.yaml index 8ba044da..3a04c211 100644 --- a/osm-seed/templates/tasking-manager-api/tm-deployment.yaml +++ b/osm-seed/templates/tasking-manager-api/tm-deployment.yaml @@ -69,4 +69,18 @@ spec: nodeSelector: {{ .Values.tmApi.nodeSelector.label_key }} : {{ .Values.tmApi.nodeSelector.label_value }} {{- end }} + # Affinity settings + {{- if .Values.tmApi.nodeAffinity.enabled }} + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: {{ .Values.tmApi.nodeAffinity.key }} + operator: In + values: + {{- range .Values.tmApi.nodeAffinity.values }} + - {{ . | quote }} + {{- end }} + {{- end }} {{- end }} \ No newline at end of file diff --git a/osm-seed/templates/tasking-manager-db/tm-db-statefulset.yaml b/osm-seed/templates/tasking-manager-db/tm-db-statefulset.yaml index 1774d3a0..a1dd3b63 100644 --- a/osm-seed/templates/tasking-manager-db/tm-db-statefulset.yaml +++ b/osm-seed/templates/tasking-manager-db/tm-db-statefulset.yaml @@ -103,4 +103,18 @@ spec: nodeSelector: {{ .Values.tmDb.nodeSelector.label_key }} : {{ .Values.tmDb.nodeSelector.label_value }} {{- end }} + # Affinity settings + {{- if .Values.tmDb.nodeAffinity.enabled }} + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: {{ .Values.tmDb.nodeAffinity.key }} + operator: In + values: + {{- range .Values.tmDb.nodeAffinity.values }} + - {{ . | quote }} + {{- end }} + {{- end }} {{- end }} diff --git a/osm-seed/templates/tiler-db/tiler-db-statefulset.yaml b/osm-seed/templates/tiler-db/tiler-db-statefulset.yaml index f9ccd242..ef37697e 100644 --- a/osm-seed/templates/tiler-db/tiler-db-statefulset.yaml +++ b/osm-seed/templates/tiler-db/tiler-db-statefulset.yaml @@ -106,5 +106,19 @@ spec: nodeSelector: {{ .Values.tilerDb.nodeSelector.label_key }} : {{ .Values.tilerDb.nodeSelector.label_value }} {{- end }} + # Affinity settings + {{- if .Values.tilerDb.nodeAffinity.enabled }} + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: {{ .Values.tilerDb.nodeAffinity.key }} + operator: In + values: + {{- range .Values.tilerDb.nodeAffinity.values }} + - {{ . | quote }} + {{- end }} + {{- end }} {{- end }} {{- end }} diff --git a/osm-seed/templates/tiler-imposm/tiler-imposm-statefulset.yaml b/osm-seed/templates/tiler-imposm/tiler-imposm-statefulset.yaml index ade99bd9..c0dacba0 100644 --- a/osm-seed/templates/tiler-imposm/tiler-imposm-statefulset.yaml +++ b/osm-seed/templates/tiler-imposm/tiler-imposm-statefulset.yaml @@ -98,4 +98,18 @@ spec: nodeSelector: {{ .Values.tilerImposm.nodeSelector.label_key }} : {{ .Values.tilerImposm.nodeSelector.label_value }} {{- end }} + # Affinity settings + {{- if .Values.tilerImposm.nodeAffinity.enabled }} + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: {{ .Values.tilerImposm.nodeAffinity.key }} + operator: In + values: + {{- range .Values.tilerImposm.nodeAffinity.values }} + - {{ . | quote }} + {{- end }} + {{- end }} {{- end }} diff --git a/osm-seed/templates/tiler-server/tiler-server-deployment.yaml b/osm-seed/templates/tiler-server/tiler-server-deployment.yaml index 883ea298..d6ac557a 100644 --- a/osm-seed/templates/tiler-server/tiler-server-deployment.yaml +++ b/osm-seed/templates/tiler-server/tiler-server-deployment.yaml @@ -60,5 +60,19 @@ spec: nodeSelector: {{ .Values.tilerServer.nodeSelector.label_key }} : {{ .Values.tilerServer.nodeSelector.label_value }} {{- end }} + # Affinity settings + {{- if .Values.tilerServer.nodeAffinity.enabled }} + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: {{ .Values.tilerServer.nodeAffinity.key }} + operator: In + values: + {{- range .Values.tilerServer.nodeAffinity.values }} + - {{ . | quote }} + {{- end }} + {{- end }} {{- end }} {{- end }} diff --git a/osm-seed/templates/tiler-server/tiler-server-statefulset.yaml b/osm-seed/templates/tiler-server/tiler-server-statefulset.yaml index 40cea078..6fd8c2c4 100644 --- a/osm-seed/templates/tiler-server/tiler-server-statefulset.yaml +++ b/osm-seed/templates/tiler-server/tiler-server-statefulset.yaml @@ -73,5 +73,19 @@ spec: nodeSelector: {{ .Values.tilerServer.nodeSelector.label_key }} : {{ .Values.tilerServer.nodeSelector.label_value }} {{- end }} + # Affinity settings + {{- if .Values.tilerServer.nodeAffinity.enabled }} + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: {{ .Values.tilerServer.nodeAffinity.key }} + operator: In + values: + {{- range .Values.tilerServer.nodeAffinity.values }} + - {{ . | quote }} + {{- end }} + {{- end }} {{- end }} {{- end }} diff --git a/osm-seed/values.yaml b/osm-seed/values.yaml index bc2dfa02..3cec5ac4 100644 --- a/osm-seed/values.yaml +++ b/osm-seed/values.yaml @@ -226,10 +226,6 @@ web: memcached: enabled: false priorityClass: "high-priority" - nodeSelector: - enabled: false - label_key: nodegroup_type - label_value: web resources: enabled: false requests: @@ -240,6 +236,10 @@ memcached: enabled: false memory: "2Gi" cpu: "2" + nodeSelector: + enabled: false + label_key: nodegroup_type + label_value: web nodeAffinity: enabled: false key: "nodegroup_type" @@ -263,14 +263,16 @@ cgimap: enabled: false memory: "2Gi" cpu: "2" - nodeSelector: - enabled: false autoscaling: enabled: false minReplicas: 2 maxReplicas: 4 cpuUtilization: 60 memoryUtilization: 60 + nodeSelector: + enabled: false + label_key: nodegroup_type + label_value: web nodeAffinity: enabled: false key: "nodegroup_type" @@ -284,10 +286,6 @@ fullHistory: image: name: "" tag: "" - nodeSelector: - enabled: false - label_key: nodegroup-type - label_value: ohm-non-tiler schedule: "* * * * *" env: OVERWRITE_FHISTORY_FILE: false @@ -305,6 +303,14 @@ fullHistory: enabled: false memory: "2Gi" cpu: "2" + nodeSelector: + enabled: false + label_key: nodegroup_type + label_value: web + nodeAffinity: + enabled: false + key: "nodegroup_type" + values: ["web"] # ==================================================================================================== # Variables for osm-seed database backup and restore # ==================================================================================================== @@ -339,6 +345,12 @@ dbBackupRestore: cpu: "2" nodeSelector: enabled: false + label_key: nodegroup_type + label_value: web + nodeAffinity: + enabled: false + key: "nodegroup_type" + values: ["web"] - name: osmcha-db enabled: false schedule: "* * * * *" @@ -365,6 +377,12 @@ dbBackupRestore: cpu: "2" nodeSelector: enabled: false + label_key: nodegroup_type + label_value: web + nodeAffinity: + enabled: false + key: "nodegroup_type" + values: ["web"] # ==================================================================================================== # Variables for osm-seed for osmosis, this configuration os to get the planet dump files from apidb # ==================================================================================================== @@ -393,6 +411,12 @@ planetDump: cpu: "2" nodeSelector: enabled: false + label_key: nodegroup_type + label_value: web + nodeAffinity: + enabled: false + key: "nodegroup_type" + values: ["web"] # ==================================================================================================== # Variables for replication-job, Configuration to create the replication files by, minute, hour, or day # ==================================================================================================== @@ -417,6 +441,12 @@ replicationJob: cpu: "2" nodeSelector: enabled: false + label_key: nodegroup_type + label_value: web + nodeAffinity: + enabled: false + key: "nodegroup_type" + values: ["web"] # ==================================================================================================== # Variables for osm-seed to pupulate the apidb # ==================================================================================================== @@ -438,6 +468,14 @@ populateApidb: enabled: false memory: "2Gi" cpu: "2" + nodeSelector: + enabled: false + label_key: nodegroup_type + label_value: web + nodeAffinity: + enabled: false + key: "nodegroup_type" + values: ["web"] # ==================================================================================================== # Variables to start a pod to process osm files # ==================================================================================================== @@ -507,10 +545,6 @@ tilerDb: enabled: false memory: "2Gi" cpu: "2" - nodeSelector: - enabled: false - label_key: nodegroup_type - label_value: tiler # To use postgresqlConfig, you need to have already $PGDATA set up in a persistent disk postgresqlConfig: enabled: false @@ -531,6 +565,15 @@ tilerDb: max_worker_processes = 4 max_parallel_workers_per_gather = 2 max_parallel_workers = 4 + nodeSelector: + enabled: false + label_key: nodegroup_type + label_value: web + nodeAffinity: + enabled: false + key: "nodegroup_type" + values: ["web"] + # ==================================================================================================== # Variables for tiler-imposm # ==================================================================================================== @@ -576,7 +619,11 @@ tilerImposm: nodeSelector: enabled: false label_key: nodegroup_type - label_value: tiler + label_value: web + nodeAffinity: + enabled: false + key: "nodegroup_type" + values: ["web"] # ==================================================================================================== # Variables for tiler-server # ==================================================================================================== @@ -633,9 +680,12 @@ tilerServer: nodeSelector: enabled: false label_key: nodegroup_type - label_value: tiler - autoscaling: + label_value: web + nodeAffinity: enabled: false + key: "nodegroup_type" + values: ["web"] + # ==================================================================================================== # Variables for tiler-server cache cleaner, only avaliable in case the TILER_CACHE_TYPE = s3 # ==================================================================================================== @@ -658,15 +708,19 @@ tilerServerCacheCleaner: KILL_PROCESS: manually MAX_NUM_PS: 3 PROCESS_NAME: tegola - nodeSelector: - enabled: false - label_key: nodegroup_type - label_value: tiler autoscaling: enabled: false minReplicas: 1 maxReplicas: 2 cpuUtilization: 60 + nodeSelector: + enabled: false + label_key: nodegroup_type + label_value: web + nodeAffinity: + enabled: false + key: "nodegroup_type" + values: ["web"] tilerCacheCleanerJob: enabled: false @@ -685,6 +739,14 @@ tilerCacheCleanerJob: enabled: false memory: "2Gi" cpu: "2" + nodeSelector: + enabled: false + label_key: nodegroup_type + label_value: web + nodeAffinity: + enabled: false + key: "nodegroup_type" + values: ["web"] # ==================================================================================================== # Variables for Tasking Manager DB # ==================================================================================================== @@ -694,10 +756,6 @@ tmDb: name: "postgres" tag: "11" priorityClass: "medium-priority" - nodeSelector: - enabled: false - label_key: nodegroup_type - label_value: web env: POSTGRES_DB: tm POSTGRES_PASSWORD: tm @@ -716,6 +774,14 @@ tmDb: enabled: false memory: "2Gi" cpu: "2" + nodeSelector: + enabled: false + label_key: nodegroup_type + label_value: web + nodeAffinity: + enabled: false + key: "nodegroup_type" + values: ["web"] # ==================================================================================================== # Variables for Tasking Manager API # ==================================================================================================== @@ -726,8 +792,6 @@ tmApi: name: "" tag: "" priorityClass: "medium-priority" - nodeSelector: - enabled: false replicaCount: 1 ingressDomain: tm-api.dev.osmseed.org serviceAnnotations: {} @@ -770,7 +834,14 @@ tmApi: enabled: false memory: "2Gi" cpu: "2" - + nodeSelector: + enabled: false + label_key: nodegroup_type + label_value: web + nodeAffinity: + enabled: false + key: "nodegroup_type" + values: ["web"] # ==================================================================================================== # Nominatim UI, The image need to be update with your own docker image # ==================================================================================================== @@ -834,6 +905,13 @@ nominatimApi: GCP_gcePersistentDisk_size: 50Gi nodeSelector: enabled: false + label_key: nodegroup_type + label_value: web + nodeAffinity: + enabled: false + key: "nodegroup_type" + values: ["web"] + # ==================================================================================================== # Variables for overpass-api # ==================================================================================================== @@ -884,6 +962,12 @@ overpassApi: cpu: "2" nodeSelector: enabled: false + label_key: nodegroup_type + label_value: web + nodeAffinity: + enabled: false + key: "nodegroup_type" + values: ["web"] # ==================================================================================================== # Variables for taginfo # ==================================================================================================== @@ -922,16 +1006,16 @@ taginfo: memory: "2Gi" cpu: "2" nodeSelector: - enabled: true + enabled: false label_key: nodegroup_type label_value: web + nodeAffinity: + enabled: false + key: "nodegroup_type" + values: ["web"] cronjob: enabled: true schedule: "0 2 */3 * *" - nodeSelector: - enabled: true - label_key: nodegroup_type - label_value: job_xlarge resources: enabled: false requests: @@ -940,6 +1024,14 @@ taginfo: limits: memory: "14Gi" cpu: "3800m" + nodeSelector: + enabled: false + label_key: nodegroup_type + label_value: web + nodeAffinity: + enabled: false + key: "nodegroup_type" + values: ["web"] # ==================================================================================================== # Variables for osm-simple-metrics # ==================================================================================================== @@ -962,6 +1054,12 @@ osmSimpleMetrics: cpu: "2" nodeSelector: enabled: false + label_key: nodegroup_type + label_value: web + nodeAffinity: + enabled: false + key: "nodegroup_type" + values: ["web"] # ==================================================================================================== # Variables for osm-simple-metrics # ==================================================================================================== @@ -987,6 +1085,12 @@ monitoringReplication: cpu: "2" nodeSelector: enabled: false + label_key: nodegroup_type + label_value: web + nodeAffinity: + enabled: false + key: "nodegroup_type" + values: ["web"] # ==================================================================================================== # Variables for changeset-replication-job, Configuration to create the replication files by, minute, hour, or day # ==================================================================================================== @@ -1008,6 +1112,12 @@ changesetReplicationJob: cpu: "2" nodeSelector: enabled: false + label_key: nodegroup_type + label_value: web + nodeAffinity: + enabled: false + key: "nodegroup_type" + values: ["web"] # ==================================================================================================== # Variables for osmcha web builder @@ -1061,7 +1171,11 @@ osmchaApi: nodeSelector: enabled: false label_key: nodegroup_type - label_value: db + label_value: web + nodeAffinity: + enabled: false + key: "nodegroup_type" + values: ["web"] fetch_changesets_cronjob: "*/2 * * * *" process_changesets_cronjob: "*/2 * * * *" # ==================================================================================================== @@ -1102,6 +1216,12 @@ osmchaDb: GCP_gcePersistentDisk_size: 50Gi nodeSelector: enabled: false + label_key: nodegroup_type + label_value: web + nodeAffinity: + enabled: false + key: "nodegroup_type" + values: ["web"] # ==================================================================================================== # Planet server files From 8cd42fe5e5814c4379892f5993902f1bf5cef510 Mon Sep 17 00:00:00 2001 From: Rub21 Date: Fri, 17 Oct 2025 16:59:24 -0500 Subject: [PATCH 06/10] Add serviceAccount config --- osm-seed/templates/db/db-backup-job.yaml | 16 +++++ .../changeset-replication-job-deployment.yaml | 3 + osm-seed/templates/jobs/full-history-job.yaml | 3 + .../jobs/osm-simple-metrics-job.yaml | 3 + osm-seed/templates/jobs/planet-dump-job.yaml | 3 + .../templates/jobs/populate-apidb-job.yaml | 3 + .../jobs/replication-job-deployment.yaml | 3 + .../jobs/replication-monitoring-job.yaml | 3 + .../templates/taginfo/taginfo-deployment.yaml | 3 + .../tiler-imposm-statefulset.yaml | 3 + ...tiler-server-cache-cleaner-deployment.yaml | 17 +++++ osm-seed/values.yaml | 62 ++++++++++++------- 12 files changed, 98 insertions(+), 24 deletions(-) diff --git a/osm-seed/templates/db/db-backup-job.yaml b/osm-seed/templates/db/db-backup-job.yaml index 08df17c5..9fb72e3c 100644 --- a/osm-seed/templates/db/db-backup-job.yaml +++ b/osm-seed/templates/db/db-backup-job.yaml @@ -19,6 +19,9 @@ spec: ttlSecondsAfterFinished: 300 template: spec: + {{- if $job.serviceAccount.enable }} + serviceAccountName: {{ $job.serviceAccount.name }} + {{- end }} containers: - name: {{ $job.name }}-backup-job image: {{ $.Values.dbBackupRestore.image.name }}:{{ $.Values.dbBackupRestore.image.tag }} @@ -155,6 +158,19 @@ spec: nodeSelector: {{ $job.nodeSelector.label_key }} : {{ $job.nodeSelector.label_value }} {{- end }} + {{- if $job.nodeAffinity.enabled }} + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: {{ $job.nodeAffinity.key }} + operator: In + values: + {{- range $job.nodeAffinity.values }} + - {{ . | quote }} + {{- end }} + {{- end }} --- {{- end }} {{- end }} diff --git a/osm-seed/templates/jobs/changeset-replication-job-deployment.yaml b/osm-seed/templates/jobs/changeset-replication-job-deployment.yaml index d0614909..d71ea17f 100644 --- a/osm-seed/templates/jobs/changeset-replication-job-deployment.yaml +++ b/osm-seed/templates/jobs/changeset-replication-job-deployment.yaml @@ -18,6 +18,9 @@ spec: labels: app: {{ template "osm-seed.name" . }} spec: + {{- if .Values.changesetReplicationJob.serviceAccount.enable }} + serviceAccountName: {{ .Values.changesetReplicationJob.serviceAccount.name }} + {{- end }} containers: - name: {{ .Release.Name }}-changeset-replication-job-deployment image: {{ .Values.changesetReplicationJob.image.name }}:{{ .Values.changesetReplicationJob.image.tag }} diff --git a/osm-seed/templates/jobs/full-history-job.yaml b/osm-seed/templates/jobs/full-history-job.yaml index f9cab3dc..cd6b4013 100644 --- a/osm-seed/templates/jobs/full-history-job.yaml +++ b/osm-seed/templates/jobs/full-history-job.yaml @@ -19,6 +19,9 @@ spec: ttlSecondsAfterFinished: 300 template: spec: + {{- if .Values.fullHistory.serviceAccount.enable }} + serviceAccountName: {{ .Values.fullHistory.serviceAccount.name }} + {{- end }} containers: - name: {{ .Release.Name }}-full-history-job image: {{ .Values.fullHistory.image.name }}:{{ .Values.fullHistory.image.tag }} diff --git a/osm-seed/templates/jobs/osm-simple-metrics-job.yaml b/osm-seed/templates/jobs/osm-simple-metrics-job.yaml index 77019be5..a1a3284b 100644 --- a/osm-seed/templates/jobs/osm-simple-metrics-job.yaml +++ b/osm-seed/templates/jobs/osm-simple-metrics-job.yaml @@ -19,6 +19,9 @@ spec: ttlSecondsAfterFinished: 300 template: spec: + {{- if .Values.osmSimpleMetrics.serviceAccount.enable }} + serviceAccountName: {{ .Values.osmSimpleMetrics.serviceAccount.name }} + {{- end }} containers: - name: {{ .Release.Name }}-osm-simple-metrics-job image: {{ .Values.osmSimpleMetrics.image.name }}:{{ .Values.osmSimpleMetrics.image.tag }} diff --git a/osm-seed/templates/jobs/planet-dump-job.yaml b/osm-seed/templates/jobs/planet-dump-job.yaml index a026b36f..6245476f 100644 --- a/osm-seed/templates/jobs/planet-dump-job.yaml +++ b/osm-seed/templates/jobs/planet-dump-job.yaml @@ -19,6 +19,9 @@ spec: ttlSecondsAfterFinished: 300 template: spec: + {{- if .Values.planetDump.serviceAccount.enable }} + serviceAccountName: {{ .Values.planetDump.serviceAccount.name }} + {{- end }} containers: - name: {{ .Release.Name }}-planet-dump-job image: {{ .Values.planetDump.image.name }}:{{ .Values.planetDump.image.tag }} diff --git a/osm-seed/templates/jobs/populate-apidb-job.yaml b/osm-seed/templates/jobs/populate-apidb-job.yaml index 03de59f7..9d970450 100644 --- a/osm-seed/templates/jobs/populate-apidb-job.yaml +++ b/osm-seed/templates/jobs/populate-apidb-job.yaml @@ -11,6 +11,9 @@ metadata: spec: template: spec: + {{- if .Values.populateApidb.serviceAccount.enable }} + serviceAccountName: {{ .Values.populateApidb.serviceAccount.name }} + {{- end }} containers: - name: {{ .Release.Name }}-populate-apidb-job image: {{ .Values.populateApidb.image.name }}:{{ .Values.populateApidb.image.tag }} diff --git a/osm-seed/templates/jobs/replication-job-deployment.yaml b/osm-seed/templates/jobs/replication-job-deployment.yaml index 5f40a383..d4449b51 100644 --- a/osm-seed/templates/jobs/replication-job-deployment.yaml +++ b/osm-seed/templates/jobs/replication-job-deployment.yaml @@ -18,6 +18,9 @@ spec: labels: app: {{ template "osm-seed.name" . }} spec: + {{- if .Values.replicationJob.serviceAccount.enable }} + serviceAccountName: {{ .Values.replicationJob.serviceAccount.name }} + {{- end }} priorityClassName: {{ .Release.Name }}-{{ .Values.replicationJob.priorityClass | default "high-priority" }} containers: - name: {{ .Release.Name }}-replication-job-deployment diff --git a/osm-seed/templates/jobs/replication-monitoring-job.yaml b/osm-seed/templates/jobs/replication-monitoring-job.yaml index b6db4fbd..aeb36738 100644 --- a/osm-seed/templates/jobs/replication-monitoring-job.yaml +++ b/osm-seed/templates/jobs/replication-monitoring-job.yaml @@ -19,6 +19,9 @@ spec: ttlSecondsAfterFinished: 60 template: spec: + {{- if .Values.monitoringReplication.serviceAccount.enable }} + serviceAccountName: {{ .Values.monitoringReplication.serviceAccount.name }} + {{- end }} containers: - name: {{ .Release.Name }}-replication-monitoring-job image: {{ .Values.monitoringReplication.image.name }}:{{ .Values.monitoringReplication.image.tag }} diff --git a/osm-seed/templates/taginfo/taginfo-deployment.yaml b/osm-seed/templates/taginfo/taginfo-deployment.yaml index f321f716..61cd7c6a 100644 --- a/osm-seed/templates/taginfo/taginfo-deployment.yaml +++ b/osm-seed/templates/taginfo/taginfo-deployment.yaml @@ -22,6 +22,9 @@ spec: release: {{ .Release.Name }} run: {{ .Release.Name }}-taginfo-web spec: + {{- if .Values.taginfo.serviceAccount.enable }} + serviceAccountName: {{ .Values.taginfo.serviceAccount.name }} + {{- end }} priorityClassName: {{ .Release.Name }}-{{ .Values.taginfo.priorityClass | default "medium-priority" }} containers: - name: {{ .Chart.Name }}-taginfo diff --git a/osm-seed/templates/tiler-imposm/tiler-imposm-statefulset.yaml b/osm-seed/templates/tiler-imposm/tiler-imposm-statefulset.yaml index c0dacba0..931f95e4 100644 --- a/osm-seed/templates/tiler-imposm/tiler-imposm-statefulset.yaml +++ b/osm-seed/templates/tiler-imposm/tiler-imposm-statefulset.yaml @@ -19,6 +19,9 @@ spec: labels: app: {{ .Release.Name }}-tiler-imposm-sts spec: + {{- if .Values.tilerImposm.serviceAccount.enable }} + serviceAccountName: {{ .Values.tilerImposm.serviceAccount.name }} + {{- end }} priorityClassName: {{ .Release.Name }}-{{ .Values.tilerImposm.priorityClass | default "medium-priority" }} containers: - name: {{ .Release.Name }}-tiler-imposm-sts diff --git a/osm-seed/templates/tiler-server/tiler-server-cache-cleaner-deployment.yaml b/osm-seed/templates/tiler-server/tiler-server-cache-cleaner-deployment.yaml index 3ec0915f..71f9a9b9 100644 --- a/osm-seed/templates/tiler-server/tiler-server-cache-cleaner-deployment.yaml +++ b/osm-seed/templates/tiler-server/tiler-server-cache-cleaner-deployment.yaml @@ -20,6 +20,9 @@ spec: labels: app: {{ template "osm-seed.name" . }} spec: + {{- if .Values.tilerServerCacheCleaner.serviceAccount.enable }} + serviceAccountName: {{ .Values.tilerServerCacheCleaner.serviceAccount.name }} + {{- end }} containers: - name: {{ .Release.Name }}-tiler-server-cache-cleaner-deployment image: {{ .Values.tilerServer.image.name }}:{{ .Values.tilerServer.image.tag }} @@ -40,6 +43,20 @@ spec: nodeSelector: {{ .Values.tilerServerCacheCleaner.nodeSelector.label_key }} : {{ .Values.tilerServerCacheCleaner.nodeSelector.label_value }} {{- end }} + # Affinity settings + {{- if .Values.tilerServerCacheCleaner.nodeAffinity.enabled }} + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: {{ .Values.tilerServerCacheCleaner.nodeAffinity.key }} + operator: In + values: + {{- range .Values.tilerServerCacheCleaner.nodeAffinity.values }} + - {{ . | quote }} + {{- end }} + {{- end }} {{- end }} {{- end }} {{- end }} \ No newline at end of file diff --git a/osm-seed/values.yaml b/osm-seed/values.yaml index 3cec5ac4..82dabd14 100644 --- a/osm-seed/values.yaml +++ b/osm-seed/values.yaml @@ -148,9 +148,8 @@ web: name: "" tag: "" serviceAccount: - enabled: false - annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::123456789012:role/osm-seed-web-s3-sqs-role + enabled: true + name: ohm-web-s3-bucket-access-staging priorityClass: "high-priority" replicaCount: 1 ingressDomain: www.dev.osmseed.org @@ -283,6 +282,9 @@ cgimap: fullHistory: enabled: false priorityClass: "low-priority" + serviceAccount: + enabled: true + name: ohm-web-s3-bucket-access-staging image: name: "" tag: "" @@ -320,6 +322,9 @@ dbBackupRestore: tag: "0.1.0-0.dev.git.942.h994af82" cronjobs: - name: web-db + serviceAccount: + enabled: true + name: ohm-web-s3-bucket-access-staging enabled: false schedule: "* * * * *" env: @@ -353,6 +358,9 @@ dbBackupRestore: values: ["web"] - name: osmcha-db enabled: false + serviceAccount: + enabled: true + name: ohm-web-s3-bucket-access-staging schedule: "* * * * *" env: # DB action: backup/restore @@ -388,9 +396,9 @@ dbBackupRestore: # ==================================================================================================== planetDump: enabled: false - image: - name: "" - tag: "" + serviceAccount: + enabled: true + name: ohm-web-s3-bucket-access-staging priorityClass: "medium-priority" schedule: "* * * * *" env: @@ -422,9 +430,9 @@ planetDump: # ==================================================================================================== replicationJob: enabled: false - image: - name: "" - tag: "" + serviceAccount: + enabled: true + name: ohm-web-s3-bucket-access-staging priorityClass: "medium-priority" env: ENABLE_SEND_SLACK_MESSAGE: "false" @@ -453,9 +461,9 @@ replicationJob: populateApidb: enabled: false priorityClass: "medium-priority" - image: - name: "" - tag: "" + serviceAccount: + enabled: true + name: ohm-web-s3-bucket-access-staging env: URL_FILE_TO_IMPORT: "http://download.geofabrik.de/europe/monaco-latest.osm.pbf" resources: @@ -579,9 +587,9 @@ tilerDb: # ==================================================================================================== tilerImposm: enabled: false - image: - name: "" - tag: "" + serviceAccount: + enabled: true + name: ohm-web-s3-bucket-access-staging priorityClass: "medium-priority" env: TILER_IMPORT_FROM: osm @@ -692,6 +700,9 @@ tilerServer: tilerServerCacheCleaner: enabled: false priorityClass: "medium-priority" + serviceAccount: + enabled: true + name: ohm-web-s3-bucket-access-staging replicaCount: 1 command: "./tile_cache_downloader.sh & ./expire-watcher.sh" resources: @@ -973,9 +984,9 @@ overpassApi: # ==================================================================================================== taginfo: enabled: false - image: - name: "" - tag: "" + serviceAccount: + enabled: true + name: ohm-web-s3-bucket-access-staging priorityClass: "medium-priority" serviceAnnotations: {} ingressDomain: taginfo-dev.staging.openhistoricalmap.org @@ -1037,9 +1048,9 @@ taginfo: # ==================================================================================================== osmSimpleMetrics: enabled: false - image: - name: "" - tag: "" + serviceAccount: + enabled: true + name: ohm-web-s3-bucket-access-staging priorityClass: "medium-priority" schedule: "* */1 * * *" resources: @@ -1069,6 +1080,9 @@ monitoringReplication: name: "developmentseed/osmseed-replication-job" tag: "0.1.0-n770.hd15c9f2" priorityClass: "medium-priority" + serviceAccount: + enabled: true + name: ohm-web-s3-bucket-access-staging schedule: "* */1 * * *" env: CREATE_MISSING_FILES: empty @@ -1096,9 +1110,9 @@ monitoringReplication: # ==================================================================================================== changesetReplicationJob: enabled: false - image: - name: "" - tag: "" + serviceAccount: + enabled: true + name: ohm-web-s3-bucket-access-staging priorityClass: "medium-priority" resources: enabled: false From 2987b79a465843f4de066b9586f5b3e4d5a61f8e Mon Sep 17 00:00:00 2001 From: Rub21 Date: Fri, 17 Oct 2025 17:07:46 -0500 Subject: [PATCH 07/10] Fix image value --- osm-seed/values.yaml | 45 +++++++++++++++++++++++++++++++++++--------- 1 file changed, 36 insertions(+), 9 deletions(-) diff --git a/osm-seed/values.yaml b/osm-seed/values.yaml index 82dabd14..0b8c7a24 100644 --- a/osm-seed/values.yaml +++ b/osm-seed/values.yaml @@ -281,13 +281,13 @@ cgimap: # ==================================================================================================== fullHistory: enabled: false + image: + name: "" + tag: "" priorityClass: "low-priority" serviceAccount: enabled: true name: ohm-web-s3-bucket-access-staging - image: - name: "" - tag: "" schedule: "* * * * *" env: OVERWRITE_FHISTORY_FILE: false @@ -396,6 +396,9 @@ dbBackupRestore: # ==================================================================================================== planetDump: enabled: false + image: + name: "" + tag: "" serviceAccount: enabled: true name: ohm-web-s3-bucket-access-staging @@ -430,6 +433,9 @@ planetDump: # ==================================================================================================== replicationJob: enabled: false + image: + name: "" + tag: "" serviceAccount: enabled: true name: ohm-web-s3-bucket-access-staging @@ -460,6 +466,9 @@ replicationJob: # ==================================================================================================== populateApidb: enabled: false + image: + name: "" + tag: "" priorityClass: "medium-priority" serviceAccount: enabled: true @@ -587,6 +596,9 @@ tilerDb: # ==================================================================================================== tilerImposm: enabled: false + image: + name: "" + tag: "" serviceAccount: enabled: true name: ohm-web-s3-bucket-access-staging @@ -637,13 +649,13 @@ tilerImposm: # ==================================================================================================== tilerServer: enabled: false + image: + name: "" + tag: "" externalService: enabled: true ip: "37.1.1.5" port: 9090 - image: - name: "" - tag: "" priorityClass: "medium-priority" replicaCount: 1 serviceAnnotations: {} @@ -699,6 +711,9 @@ tilerServer: # ==================================================================================================== tilerServerCacheCleaner: enabled: false + image: + name: "" + tag: "" priorityClass: "medium-priority" serviceAccount: enabled: true @@ -735,6 +750,9 @@ tilerServerCacheCleaner: tilerCacheCleanerJob: enabled: false + image: + name: "" + tag: "" priorityClass: "medium-priority" tilesFile: imposm/imposm3_expire_dir/latest.tiles minZoom: 0 @@ -928,13 +946,13 @@ nominatimApi: # ==================================================================================================== overpassApi: enabled: false + image: + name: "" + tag: "" externalService: enabled: true ip: "37.1.1.5" port: 9090 - image: - name: "" - tag: "" priorityClass: "medium-priority" serviceAnnotations: {} ingressDomain: overpass-api.dev.osmseed.org @@ -984,6 +1002,9 @@ overpassApi: # ==================================================================================================== taginfo: enabled: false + image: + name: "" + tag: "" serviceAccount: enabled: true name: ohm-web-s3-bucket-access-staging @@ -1048,6 +1069,9 @@ taginfo: # ==================================================================================================== osmSimpleMetrics: enabled: false + image: + name: "" + tag: "" serviceAccount: enabled: true name: ohm-web-s3-bucket-access-staging @@ -1110,6 +1134,9 @@ monitoringReplication: # ==================================================================================================== changesetReplicationJob: enabled: false + image: + name: "" + tag: "" serviceAccount: enabled: true name: ohm-web-s3-bucket-access-staging From d7506ef992bb8fb4c2a812ea70077b5e42a254e3 Mon Sep 17 00:00:00 2001 From: Rub21 Date: Fri, 17 Oct 2025 17:17:43 -0500 Subject: [PATCH 08/10] Update service account for tiler server --- osm-seed/templates/tiler-server/tiler-server-deployment.yaml | 3 +++ osm-seed/templates/tiler-server/tiler-server-statefulset.yaml | 3 +++ osm-seed/values.yaml | 3 +++ 3 files changed, 9 insertions(+) diff --git a/osm-seed/templates/tiler-server/tiler-server-deployment.yaml b/osm-seed/templates/tiler-server/tiler-server-deployment.yaml index d6ac557a..fec6f7b4 100644 --- a/osm-seed/templates/tiler-server/tiler-server-deployment.yaml +++ b/osm-seed/templates/tiler-server/tiler-server-deployment.yaml @@ -24,6 +24,9 @@ spec: run: {{ .Release.Name }}-tiler-server spec: priorityClassName: {{ .Release.Name }}-{{ .Values.tilerServer.priorityClass | default "medium-priority" }} + {{- if .Values.tilerServer.serviceAccount.enable }} + serviceAccountName: {{ .Values.tilerServer.serviceAccount.name }} + {{- end }} containers: - name: {{ .Chart.Name }}-tiler-server image: "{{ .Values.tilerServer.image.name }}:{{ .Values.tilerServer.image.tag }}" diff --git a/osm-seed/templates/tiler-server/tiler-server-statefulset.yaml b/osm-seed/templates/tiler-server/tiler-server-statefulset.yaml index 6fd8c2c4..45208ef1 100644 --- a/osm-seed/templates/tiler-server/tiler-server-statefulset.yaml +++ b/osm-seed/templates/tiler-server/tiler-server-statefulset.yaml @@ -25,6 +25,9 @@ spec: run: {{ .Release.Name }}-tiler-server spec: priorityClassName: {{ .Release.Name }}-{{ .Values.tilerServer.priorityClass | default "medium-priority" }} + {{- if .Values.tilerServer.serviceAccount.enable }} + serviceAccountName: {{ .Values.tilerServer.serviceAccount.name }} + {{- end }} containers: - name: {{ .Chart.Name }}-tiler-server image: "{{ .Values.tilerServer.image.name }}:{{ .Values.tilerServer.image.tag }}" diff --git a/osm-seed/values.yaml b/osm-seed/values.yaml index 0b8c7a24..b6e76723 100644 --- a/osm-seed/values.yaml +++ b/osm-seed/values.yaml @@ -657,6 +657,9 @@ tilerServer: ip: "37.1.1.5" port: 9090 priorityClass: "medium-priority" + serviceAccount: + enabled: true + name: ohm-s3-bucket-access-staging replicaCount: 1 serviceAnnotations: {} ingressDomain: tiler2.dev.openhistoricalmap.org From 2bedf5573c872e3781a9a44731c4f601f536bf0e Mon Sep 17 00:00:00 2001 From: Rub21 Date: Fri, 17 Oct 2025 17:40:40 -0500 Subject: [PATCH 09/10] Fix typo --- osm-seed/templates/db/db-backup-job.yaml | 2 +- .../templates/jobs/changeset-replication-job-deployment.yaml | 2 +- osm-seed/templates/jobs/full-history-job.yaml | 2 +- osm-seed/templates/jobs/osm-simple-metrics-job.yaml | 2 +- osm-seed/templates/jobs/planet-dump-job.yaml | 2 +- osm-seed/templates/jobs/populate-apidb-job.yaml | 2 +- osm-seed/templates/jobs/replication-job-deployment.yaml | 2 +- osm-seed/templates/jobs/replication-monitoring-job.yaml | 2 +- osm-seed/templates/taginfo/taginfo-deployment.yaml | 2 +- osm-seed/templates/tiler-imposm/tiler-imposm-statefulset.yaml | 2 +- .../tiler-server/tiler-server-cache-cleaner-deployment.yaml | 2 +- osm-seed/templates/tiler-server/tiler-server-deployment.yaml | 2 +- osm-seed/templates/tiler-server/tiler-server-statefulset.yaml | 2 +- osm-seed/templates/web/web-deployment.yaml | 2 +- 14 files changed, 14 insertions(+), 14 deletions(-) diff --git a/osm-seed/templates/db/db-backup-job.yaml b/osm-seed/templates/db/db-backup-job.yaml index 9fb72e3c..9bea146f 100644 --- a/osm-seed/templates/db/db-backup-job.yaml +++ b/osm-seed/templates/db/db-backup-job.yaml @@ -19,7 +19,7 @@ spec: ttlSecondsAfterFinished: 300 template: spec: - {{- if $job.serviceAccount.enable }} + {{- if $job.serviceAccount.enabled }} serviceAccountName: {{ $job.serviceAccount.name }} {{- end }} containers: diff --git a/osm-seed/templates/jobs/changeset-replication-job-deployment.yaml b/osm-seed/templates/jobs/changeset-replication-job-deployment.yaml index d71ea17f..490be81d 100644 --- a/osm-seed/templates/jobs/changeset-replication-job-deployment.yaml +++ b/osm-seed/templates/jobs/changeset-replication-job-deployment.yaml @@ -18,7 +18,7 @@ spec: labels: app: {{ template "osm-seed.name" . }} spec: - {{- if .Values.changesetReplicationJob.serviceAccount.enable }} + {{- if .Values.changesetReplicationJob.serviceAccount.enabled }} serviceAccountName: {{ .Values.changesetReplicationJob.serviceAccount.name }} {{- end }} containers: diff --git a/osm-seed/templates/jobs/full-history-job.yaml b/osm-seed/templates/jobs/full-history-job.yaml index cd6b4013..0e66c587 100644 --- a/osm-seed/templates/jobs/full-history-job.yaml +++ b/osm-seed/templates/jobs/full-history-job.yaml @@ -19,7 +19,7 @@ spec: ttlSecondsAfterFinished: 300 template: spec: - {{- if .Values.fullHistory.serviceAccount.enable }} + {{- if .Values.fullHistory.serviceAccount.enabled }} serviceAccountName: {{ .Values.fullHistory.serviceAccount.name }} {{- end }} containers: diff --git a/osm-seed/templates/jobs/osm-simple-metrics-job.yaml b/osm-seed/templates/jobs/osm-simple-metrics-job.yaml index a1a3284b..7af2c287 100644 --- a/osm-seed/templates/jobs/osm-simple-metrics-job.yaml +++ b/osm-seed/templates/jobs/osm-simple-metrics-job.yaml @@ -19,7 +19,7 @@ spec: ttlSecondsAfterFinished: 300 template: spec: - {{- if .Values.osmSimpleMetrics.serviceAccount.enable }} + {{- if .Values.osmSimpleMetrics.serviceAccount.enabled }} serviceAccountName: {{ .Values.osmSimpleMetrics.serviceAccount.name }} {{- end }} containers: diff --git a/osm-seed/templates/jobs/planet-dump-job.yaml b/osm-seed/templates/jobs/planet-dump-job.yaml index 6245476f..104667d3 100644 --- a/osm-seed/templates/jobs/planet-dump-job.yaml +++ b/osm-seed/templates/jobs/planet-dump-job.yaml @@ -19,7 +19,7 @@ spec: ttlSecondsAfterFinished: 300 template: spec: - {{- if .Values.planetDump.serviceAccount.enable }} + {{- if .Values.planetDump.serviceAccount.enabled }} serviceAccountName: {{ .Values.planetDump.serviceAccount.name }} {{- end }} containers: diff --git a/osm-seed/templates/jobs/populate-apidb-job.yaml b/osm-seed/templates/jobs/populate-apidb-job.yaml index 9d970450..d2092f8a 100644 --- a/osm-seed/templates/jobs/populate-apidb-job.yaml +++ b/osm-seed/templates/jobs/populate-apidb-job.yaml @@ -11,7 +11,7 @@ metadata: spec: template: spec: - {{- if .Values.populateApidb.serviceAccount.enable }} + {{- if .Values.populateApidb.serviceAccount.enabled }} serviceAccountName: {{ .Values.populateApidb.serviceAccount.name }} {{- end }} containers: diff --git a/osm-seed/templates/jobs/replication-job-deployment.yaml b/osm-seed/templates/jobs/replication-job-deployment.yaml index d4449b51..0cc5fac6 100644 --- a/osm-seed/templates/jobs/replication-job-deployment.yaml +++ b/osm-seed/templates/jobs/replication-job-deployment.yaml @@ -18,7 +18,7 @@ spec: labels: app: {{ template "osm-seed.name" . }} spec: - {{- if .Values.replicationJob.serviceAccount.enable }} + {{- if .Values.replicationJob.serviceAccount.enabled }} serviceAccountName: {{ .Values.replicationJob.serviceAccount.name }} {{- end }} priorityClassName: {{ .Release.Name }}-{{ .Values.replicationJob.priorityClass | default "high-priority" }} diff --git a/osm-seed/templates/jobs/replication-monitoring-job.yaml b/osm-seed/templates/jobs/replication-monitoring-job.yaml index aeb36738..d5b4bb1b 100644 --- a/osm-seed/templates/jobs/replication-monitoring-job.yaml +++ b/osm-seed/templates/jobs/replication-monitoring-job.yaml @@ -19,7 +19,7 @@ spec: ttlSecondsAfterFinished: 60 template: spec: - {{- if .Values.monitoringReplication.serviceAccount.enable }} + {{- if .Values.monitoringReplication.serviceAccount.enabled }} serviceAccountName: {{ .Values.monitoringReplication.serviceAccount.name }} {{- end }} containers: diff --git a/osm-seed/templates/taginfo/taginfo-deployment.yaml b/osm-seed/templates/taginfo/taginfo-deployment.yaml index 61cd7c6a..2291ffb3 100644 --- a/osm-seed/templates/taginfo/taginfo-deployment.yaml +++ b/osm-seed/templates/taginfo/taginfo-deployment.yaml @@ -22,7 +22,7 @@ spec: release: {{ .Release.Name }} run: {{ .Release.Name }}-taginfo-web spec: - {{- if .Values.taginfo.serviceAccount.enable }} + {{- if .Values.taginfo.serviceAccount.enabled }} serviceAccountName: {{ .Values.taginfo.serviceAccount.name }} {{- end }} priorityClassName: {{ .Release.Name }}-{{ .Values.taginfo.priorityClass | default "medium-priority" }} diff --git a/osm-seed/templates/tiler-imposm/tiler-imposm-statefulset.yaml b/osm-seed/templates/tiler-imposm/tiler-imposm-statefulset.yaml index 931f95e4..9a61071e 100644 --- a/osm-seed/templates/tiler-imposm/tiler-imposm-statefulset.yaml +++ b/osm-seed/templates/tiler-imposm/tiler-imposm-statefulset.yaml @@ -19,7 +19,7 @@ spec: labels: app: {{ .Release.Name }}-tiler-imposm-sts spec: - {{- if .Values.tilerImposm.serviceAccount.enable }} + {{- if .Values.tilerImposm.serviceAccount.enabled }} serviceAccountName: {{ .Values.tilerImposm.serviceAccount.name }} {{- end }} priorityClassName: {{ .Release.Name }}-{{ .Values.tilerImposm.priorityClass | default "medium-priority" }} diff --git a/osm-seed/templates/tiler-server/tiler-server-cache-cleaner-deployment.yaml b/osm-seed/templates/tiler-server/tiler-server-cache-cleaner-deployment.yaml index 71f9a9b9..7fb34ddb 100644 --- a/osm-seed/templates/tiler-server/tiler-server-cache-cleaner-deployment.yaml +++ b/osm-seed/templates/tiler-server/tiler-server-cache-cleaner-deployment.yaml @@ -20,7 +20,7 @@ spec: labels: app: {{ template "osm-seed.name" . }} spec: - {{- if .Values.tilerServerCacheCleaner.serviceAccount.enable }} + {{- if .Values.tilerServerCacheCleaner.serviceAccount.enabled }} serviceAccountName: {{ .Values.tilerServerCacheCleaner.serviceAccount.name }} {{- end }} containers: diff --git a/osm-seed/templates/tiler-server/tiler-server-deployment.yaml b/osm-seed/templates/tiler-server/tiler-server-deployment.yaml index fec6f7b4..0f24442d 100644 --- a/osm-seed/templates/tiler-server/tiler-server-deployment.yaml +++ b/osm-seed/templates/tiler-server/tiler-server-deployment.yaml @@ -24,7 +24,7 @@ spec: run: {{ .Release.Name }}-tiler-server spec: priorityClassName: {{ .Release.Name }}-{{ .Values.tilerServer.priorityClass | default "medium-priority" }} - {{- if .Values.tilerServer.serviceAccount.enable }} + {{- if .Values.tilerServer.serviceAccount.enabled }} serviceAccountName: {{ .Values.tilerServer.serviceAccount.name }} {{- end }} containers: diff --git a/osm-seed/templates/tiler-server/tiler-server-statefulset.yaml b/osm-seed/templates/tiler-server/tiler-server-statefulset.yaml index 45208ef1..644aaa2e 100644 --- a/osm-seed/templates/tiler-server/tiler-server-statefulset.yaml +++ b/osm-seed/templates/tiler-server/tiler-server-statefulset.yaml @@ -25,7 +25,7 @@ spec: run: {{ .Release.Name }}-tiler-server spec: priorityClassName: {{ .Release.Name }}-{{ .Values.tilerServer.priorityClass | default "medium-priority" }} - {{- if .Values.tilerServer.serviceAccount.enable }} + {{- if .Values.tilerServer.serviceAccount.enabled }} serviceAccountName: {{ .Values.tilerServer.serviceAccount.name }} {{- end }} containers: diff --git a/osm-seed/templates/web/web-deployment.yaml b/osm-seed/templates/web/web-deployment.yaml index b649c4dd..dee7e2e2 100644 --- a/osm-seed/templates/web/web-deployment.yaml +++ b/osm-seed/templates/web/web-deployment.yaml @@ -22,7 +22,7 @@ spec: release: {{ .Release.Name }} run: {{ .Release.Name }}-web spec: - {{- if .Values.web.serviceAccount.enable }} + {{- if .Values.web.serviceAccount.enabled }} serviceAccountName: {{ .Values.web.serviceAccount.name }} {{- end }} priorityClassName: {{ .Release.Name }}-{{ .Values.web.priorityClass | default "high-priority" }} From 79caf47a21d86290004831b1ed6281b3b4a8bae1 Mon Sep 17 00:00:00 2001 From: Rub21 Date: Fri, 17 Oct 2025 21:05:33 -0500 Subject: [PATCH 10/10] Add automountServiceAccountToken for serviceAccountName --- osm-seed/templates/db/db-backup-job.yaml | 1 + .../templates/jobs/changeset-replication-job-deployment.yaml | 1 + osm-seed/templates/jobs/full-history-job.yaml | 1 + osm-seed/templates/jobs/osm-simple-metrics-job.yaml | 1 + osm-seed/templates/jobs/planet-dump-job.yaml | 1 + osm-seed/templates/jobs/populate-apidb-job.yaml | 1 + osm-seed/templates/jobs/replication-job-deployment.yaml | 1 + osm-seed/templates/jobs/replication-monitoring-job.yaml | 1 + osm-seed/templates/taginfo/taginfo-deployment.yaml | 1 + osm-seed/templates/tiler-imposm/tiler-imposm-statefulset.yaml | 1 + .../tiler-server/tiler-server-cache-cleaner-deployment.yaml | 1 + osm-seed/templates/tiler-server/tiler-server-deployment.yaml | 1 + osm-seed/templates/tiler-server/tiler-server-statefulset.yaml | 1 + osm-seed/templates/web/web-deployment.yaml | 1 + 14 files changed, 14 insertions(+) diff --git a/osm-seed/templates/db/db-backup-job.yaml b/osm-seed/templates/db/db-backup-job.yaml index 9bea146f..c1595bcf 100644 --- a/osm-seed/templates/db/db-backup-job.yaml +++ b/osm-seed/templates/db/db-backup-job.yaml @@ -21,6 +21,7 @@ spec: spec: {{- if $job.serviceAccount.enabled }} serviceAccountName: {{ $job.serviceAccount.name }} + automountServiceAccountToken: true {{- end }} containers: - name: {{ $job.name }}-backup-job diff --git a/osm-seed/templates/jobs/changeset-replication-job-deployment.yaml b/osm-seed/templates/jobs/changeset-replication-job-deployment.yaml index 490be81d..10fc1645 100644 --- a/osm-seed/templates/jobs/changeset-replication-job-deployment.yaml +++ b/osm-seed/templates/jobs/changeset-replication-job-deployment.yaml @@ -20,6 +20,7 @@ spec: spec: {{- if .Values.changesetReplicationJob.serviceAccount.enabled }} serviceAccountName: {{ .Values.changesetReplicationJob.serviceAccount.name }} + automountServiceAccountToken: true {{- end }} containers: - name: {{ .Release.Name }}-changeset-replication-job-deployment diff --git a/osm-seed/templates/jobs/full-history-job.yaml b/osm-seed/templates/jobs/full-history-job.yaml index 0e66c587..f7a7d897 100644 --- a/osm-seed/templates/jobs/full-history-job.yaml +++ b/osm-seed/templates/jobs/full-history-job.yaml @@ -21,6 +21,7 @@ spec: spec: {{- if .Values.fullHistory.serviceAccount.enabled }} serviceAccountName: {{ .Values.fullHistory.serviceAccount.name }} + automountServiceAccountToken: true {{- end }} containers: - name: {{ .Release.Name }}-full-history-job diff --git a/osm-seed/templates/jobs/osm-simple-metrics-job.yaml b/osm-seed/templates/jobs/osm-simple-metrics-job.yaml index 7af2c287..7df68664 100644 --- a/osm-seed/templates/jobs/osm-simple-metrics-job.yaml +++ b/osm-seed/templates/jobs/osm-simple-metrics-job.yaml @@ -21,6 +21,7 @@ spec: spec: {{- if .Values.osmSimpleMetrics.serviceAccount.enabled }} serviceAccountName: {{ .Values.osmSimpleMetrics.serviceAccount.name }} + automountServiceAccountToken: true {{- end }} containers: - name: {{ .Release.Name }}-osm-simple-metrics-job diff --git a/osm-seed/templates/jobs/planet-dump-job.yaml b/osm-seed/templates/jobs/planet-dump-job.yaml index 104667d3..e378b3b9 100644 --- a/osm-seed/templates/jobs/planet-dump-job.yaml +++ b/osm-seed/templates/jobs/planet-dump-job.yaml @@ -21,6 +21,7 @@ spec: spec: {{- if .Values.planetDump.serviceAccount.enabled }} serviceAccountName: {{ .Values.planetDump.serviceAccount.name }} + automountServiceAccountToken: true {{- end }} containers: - name: {{ .Release.Name }}-planet-dump-job diff --git a/osm-seed/templates/jobs/populate-apidb-job.yaml b/osm-seed/templates/jobs/populate-apidb-job.yaml index d2092f8a..706ef954 100644 --- a/osm-seed/templates/jobs/populate-apidb-job.yaml +++ b/osm-seed/templates/jobs/populate-apidb-job.yaml @@ -13,6 +13,7 @@ spec: spec: {{- if .Values.populateApidb.serviceAccount.enabled }} serviceAccountName: {{ .Values.populateApidb.serviceAccount.name }} + automountServiceAccountToken: true {{- end }} containers: - name: {{ .Release.Name }}-populate-apidb-job diff --git a/osm-seed/templates/jobs/replication-job-deployment.yaml b/osm-seed/templates/jobs/replication-job-deployment.yaml index 0cc5fac6..9e0ba5bd 100644 --- a/osm-seed/templates/jobs/replication-job-deployment.yaml +++ b/osm-seed/templates/jobs/replication-job-deployment.yaml @@ -20,6 +20,7 @@ spec: spec: {{- if .Values.replicationJob.serviceAccount.enabled }} serviceAccountName: {{ .Values.replicationJob.serviceAccount.name }} + automountServiceAccountToken: true {{- end }} priorityClassName: {{ .Release.Name }}-{{ .Values.replicationJob.priorityClass | default "high-priority" }} containers: diff --git a/osm-seed/templates/jobs/replication-monitoring-job.yaml b/osm-seed/templates/jobs/replication-monitoring-job.yaml index d5b4bb1b..d0b054c4 100644 --- a/osm-seed/templates/jobs/replication-monitoring-job.yaml +++ b/osm-seed/templates/jobs/replication-monitoring-job.yaml @@ -21,6 +21,7 @@ spec: spec: {{- if .Values.monitoringReplication.serviceAccount.enabled }} serviceAccountName: {{ .Values.monitoringReplication.serviceAccount.name }} + automountServiceAccountToken: true {{- end }} containers: - name: {{ .Release.Name }}-replication-monitoring-job diff --git a/osm-seed/templates/taginfo/taginfo-deployment.yaml b/osm-seed/templates/taginfo/taginfo-deployment.yaml index 2291ffb3..03465c83 100644 --- a/osm-seed/templates/taginfo/taginfo-deployment.yaml +++ b/osm-seed/templates/taginfo/taginfo-deployment.yaml @@ -24,6 +24,7 @@ spec: spec: {{- if .Values.taginfo.serviceAccount.enabled }} serviceAccountName: {{ .Values.taginfo.serviceAccount.name }} + automountServiceAccountToken: true {{- end }} priorityClassName: {{ .Release.Name }}-{{ .Values.taginfo.priorityClass | default "medium-priority" }} containers: diff --git a/osm-seed/templates/tiler-imposm/tiler-imposm-statefulset.yaml b/osm-seed/templates/tiler-imposm/tiler-imposm-statefulset.yaml index 9a61071e..ffb71e04 100644 --- a/osm-seed/templates/tiler-imposm/tiler-imposm-statefulset.yaml +++ b/osm-seed/templates/tiler-imposm/tiler-imposm-statefulset.yaml @@ -21,6 +21,7 @@ spec: spec: {{- if .Values.tilerImposm.serviceAccount.enabled }} serviceAccountName: {{ .Values.tilerImposm.serviceAccount.name }} + automountServiceAccountToken: true {{- end }} priorityClassName: {{ .Release.Name }}-{{ .Values.tilerImposm.priorityClass | default "medium-priority" }} containers: diff --git a/osm-seed/templates/tiler-server/tiler-server-cache-cleaner-deployment.yaml b/osm-seed/templates/tiler-server/tiler-server-cache-cleaner-deployment.yaml index 7fb34ddb..b84ff55c 100644 --- a/osm-seed/templates/tiler-server/tiler-server-cache-cleaner-deployment.yaml +++ b/osm-seed/templates/tiler-server/tiler-server-cache-cleaner-deployment.yaml @@ -22,6 +22,7 @@ spec: spec: {{- if .Values.tilerServerCacheCleaner.serviceAccount.enabled }} serviceAccountName: {{ .Values.tilerServerCacheCleaner.serviceAccount.name }} + automountServiceAccountToken: true {{- end }} containers: - name: {{ .Release.Name }}-tiler-server-cache-cleaner-deployment diff --git a/osm-seed/templates/tiler-server/tiler-server-deployment.yaml b/osm-seed/templates/tiler-server/tiler-server-deployment.yaml index 0f24442d..6efc0ec5 100644 --- a/osm-seed/templates/tiler-server/tiler-server-deployment.yaml +++ b/osm-seed/templates/tiler-server/tiler-server-deployment.yaml @@ -26,6 +26,7 @@ spec: priorityClassName: {{ .Release.Name }}-{{ .Values.tilerServer.priorityClass | default "medium-priority" }} {{- if .Values.tilerServer.serviceAccount.enabled }} serviceAccountName: {{ .Values.tilerServer.serviceAccount.name }} + automountServiceAccountToken: true {{- end }} containers: - name: {{ .Chart.Name }}-tiler-server diff --git a/osm-seed/templates/tiler-server/tiler-server-statefulset.yaml b/osm-seed/templates/tiler-server/tiler-server-statefulset.yaml index 644aaa2e..c7078ce9 100644 --- a/osm-seed/templates/tiler-server/tiler-server-statefulset.yaml +++ b/osm-seed/templates/tiler-server/tiler-server-statefulset.yaml @@ -27,6 +27,7 @@ spec: priorityClassName: {{ .Release.Name }}-{{ .Values.tilerServer.priorityClass | default "medium-priority" }} {{- if .Values.tilerServer.serviceAccount.enabled }} serviceAccountName: {{ .Values.tilerServer.serviceAccount.name }} + automountServiceAccountToken: true {{- end }} containers: - name: {{ .Chart.Name }}-tiler-server diff --git a/osm-seed/templates/web/web-deployment.yaml b/osm-seed/templates/web/web-deployment.yaml index dee7e2e2..d51eed99 100644 --- a/osm-seed/templates/web/web-deployment.yaml +++ b/osm-seed/templates/web/web-deployment.yaml @@ -24,6 +24,7 @@ spec: spec: {{- if .Values.web.serviceAccount.enabled }} serviceAccountName: {{ .Values.web.serviceAccount.name }} + automountServiceAccountToken: true {{- end }} priorityClassName: {{ .Release.Name }}-{{ .Values.web.priorityClass | default "high-priority" }} containers: