Skip to content

Commit

Permalink
chore: remove mode flag (#347)
Browse files Browse the repository at this point in the history 
## Description

Remove the last references of the orchestrator mode

Closes FL-1331

## How has this been tested?

<!-- Please describe the tests that you ran to verify your changes.  -->

## Checklist

- [ ] [changelog](../CHANGELOG.md) was updated with notable changes
- [ ] documentation was updated

---------

Signed-off-by: Guilhem Barthés <guilhem.barthes@owkin.com>
  • Loading branch information
@guilhem-barthes
guilhem-barthes authored Jan 4, 2024
1 parent c3b6662 commit ed8bd8c
Show file tree
Hide file tree
Showing 13 changed files with 29 additions and 60 deletions.
1 change: 0 additions & 1 deletion .github/workflows/end2end.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,6 @@ jobs:
ORCHESTRATOR_DATABASE_URL: postgresql://postgres:postgres@localhost:5432/postgres?sslmode=disable
ORCHESTRATOR_MIGRATION_DIR: file://./server/standalone/migration/
ORCHESTRATOR_TLS_ENABLED: false
ORCHESTRATOR_MODE: standalone
ORCHESTRATOR_VERIFY_CLIENT_MSP_ID: false
ORCHESTRATOR_TX_RETRY_BUDGET: 500ms
DB_DUMPS_BUCKET_NAME: substra-orchestrator-dumps
Expand Down
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
- BREAKING: remove all code related to the `distributed` mode, and mentions in schemas and documentation ([#341](https://github.com/Substra/orchestrator/pull/341))
- BREAKING: `distributed` Skaffold profile and mentions in doc ([#319](https://github.com/Substra/orchestrator/pull/319))
- BREAKING: `chaincode-init` and `chaincode` Dockerfiles ([#319](https://github.com/Substra/orchestrator/pull/319))
- Flag & environment variables to choose between `standalone` and `distributed` mode ([#347](https://github.com/Substra/orchestrator/pull/347))

### Added

Expand Down
2 changes: 1 addition & 1 deletion charts/orchestrator/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ name: orchestrator
description: substra orchestration

type: application
version: 8.0.1
version: 8.1.0
appVersion: 0.37.0
kubeVersion: ">= 1.19.0-0"
icon: https://avatars.githubusercontent.com/u/84009910?s=400
Expand Down
1 change: 0 additions & 1 deletion charts/orchestrator/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,6 @@ See Bitnami documentation: https://bitnami.com/stack/postgresql/helm
| `orchestrator.fullnameOverride` | String to fully override the `orchestrator.server.fullname` | `""` |
| `orchestrator.logLevel` | Orchestrator log level | `INFO` |
| `orchestrator.logSQLVerbose` | Log SQL statements with debug verbosity | `false` |
| `orchestrator.mode` | Orchestrator mode, "standalone" | `standalone` |
| `orchestrator.verifyClientMSPID` | If true, validates incoming gRPC requests by checking the `mspid` header matches the subject organization of the client SSL certificate. See [MSPID check](#MSPID-check) | `false` |
| `orchestrator.txRetryBudget` | Duration ([go format](https://golang.org/pkg/time/#ParseDuration)) during which the transaction can be retried in case of conflicting writes | `500ms` |
| `orchestrator.tls.createCertificates.enabled` | If true creates a cert-manager _Certificate_ resource for the Orchestrator | `false` |
Expand Down
2 changes: 0 additions & 2 deletions charts/orchestrator/templates/configmap-database.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
{{- if eq .Values.orchestrator.mode "standalone" }}
apiVersion: v1
kind: ConfigMap
metadata:
Expand All @@ -10,4 +9,3 @@ data:
DATABASE_PORT: !!str {{ .Values.database.port }}
DATABASE_DATABASE: !!str {{ .Values.database.auth.database }}
DATABASE_CONNECTION_PARAMETERS: !!str {{ include "substra-orc.database.connectionParameters" . }}
{{- end }}
3 changes: 0 additions & 3 deletions charts/orchestrator/templates/configmap-env-orchestrator.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,15 +6,12 @@ metadata:
{{- include "orchestrator.server.labels" . | nindent 4 }}
data:
# Global settings
ORCHESTRATOR_MODE: {{ .Values.orchestrator.mode }}
ORCHESTRATOR_VERIFY_CLIENT_MSP_ID: "{{ and $.Values.orchestrator.tls.enabled $.Values.orchestrator.tls.mtls.enabled $.Values.orchestrator.verifyClientMSPID }}"
ORCHESTRATOR_CHANNEL_CONFIG: /var/orchestrator/config.yaml
ORCHESTRATOR_TX_RETRY_BUDGET: "{{ .Values.orchestrator.txRetryBudget }}"

# Standalone settings
{{- if eq .Values.orchestrator.mode "standalone" }}
LOG_SQL_VERBOSE: "{{ .Values.orchestrator.logSQLVerbose }}"
{{- end }}

# TLS settings
ORCHESTRATOR_TLS_ENABLED: "{{ $.Values.orchestrator.tls.enabled }}"
Expand Down
6 changes: 0 additions & 6 deletions charts/orchestrator/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,10 +25,8 @@ spec:
serviceAccountName: {{ include "orchestrator.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
{{- if eq .Values.orchestrator.mode "standalone" }}
initContainers:
{{- include "substra-orc.waitPostgresqlInitContainer" . | nindent 8 }}
{{- end }}
containers:
- name: {{ .Chart.Name }}
securityContext:
Expand All @@ -39,14 +37,12 @@ spec:
- sh
- -c
- |
{{- if eq .Values.orchestrator.mode "standalone" }}
set -eu
DATABASE_URI="postgres://$DATABASE_USERNAME:$DATABASE_PASSWORD@$DATABASE_HOSTNAME:$DATABASE_PORT/$DATABASE_DATABASE"
if [ -n $DATABASE_CONNECTION_PARAMETERS ]; then
DATABASE_URI="$DATABASE_URI?$DATABASE_CONNECTION_PARAMETERS"
fi
export ORCHESTRATOR_DATABASE_URL="$DATABASE_URI"
{{- end }}
/app/orchestrator
ports:
- name: grpc
Expand Down Expand Up @@ -100,12 +96,10 @@ spec:
envFrom:
- configMapRef:
name: {{ template "orchestrator.server.fullname" . }}-env
{{- if eq .Values.orchestrator.mode "standalone" }}
- configMapRef:
name: {{ template "orchestrator.server.fullname" . }}-database
- secretRef:
name: {{ template "substra-orc.database.secret-name" . }}
{{- end }}
env:
- name: LOG_LEVEL
value: {{ .Values.orchestrator.logLevel | default "INFO" }}
Expand Down
2 changes: 0 additions & 2 deletions charts/orchestrator/templates/job-migrations.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
{{- if eq .Values.orchestrator.mode "standalone" }}
apiVersion: batch/v1
kind: Job
metadata:
Expand Down Expand Up @@ -38,4 +37,3 @@ spec:
name: {{ template "orchestrator.server.fullname" . }}-database
- secretRef:
name: {{ template "substra-orc.database.secret-name" . }}
{{- end }}
5 changes: 1 addition & 4 deletions charts/orchestrator/templates/secret-database.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,4 @@
{{- if and
(eq .Values.orchestrator.mode "standalone")
(not .Values.database.auth.credentialsSecretName)
}}
{{- if not .Values.database.auth.credentialsSecretName }}
apiVersion: v1
kind: Secret
metadata:
Expand Down
3 changes: 0 additions & 3 deletions charts/orchestrator/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -242,9 +242,6 @@ orchestrator:
## @param orchestrator.logSQLVerbose Log SQL statements with debug verbosity
##
logSQLVerbose: false
## @param orchestrator.mode Orchestrator mode, "standalone"
##
mode: standalone
## @param orchestrator.verifyClientMSPID If true, validates incoming gRPC requests by checking the `mspid` header matches the subject organization of the client SSL certificate. See [MSPID check](#MSPID-check)
##
verifyClientMSPID: false
Expand Down
51 changes: 25 additions & 26 deletions docs/config.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,32 +6,31 @@ Unless specified, all settings are mandatory.

## Server settings

| Env Var | mode | type | usage |
|------------------------------------------------------------|-------------------------|--------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------|
| `ORCHESTRATOR_MODE` | standalone | enum: `standalone` | specify in which mode to run the orchestrator (defaults to `standalone`) |
| `TLS_ENABLED` | standalone | bool: `true`/`false` | whether to add TLS on transport |
| `TLS_CERT_PATH` | standalone | string (path) | path of the certificate to use |
| `TLS_KEY_PATH` | standalone | string (path) | path of the key to use |
| `MTLS_ENABLED` | standalone | bool: `true`/`false` | whether to enable mutual TLS |
| `TLS_SERVER_CA_CERT` | standalone | string (path) | path of the CA certificate to use |
| `TLS_CLIENT_CA_CERT_DIR` | standalone | string (path) | directory containing CA certificates of the client |
| `TX_RETRY_BUDGET` | standalone | duration ([go format](https://golang.org/pkg/time/#ParseDuration)) | duration during which the transaction can be retried in case of unserializable read/write dependencies |
| `DATABASE_CONNECTION_STRING` | standalone | string | [postgresql connection string](http://www.postgresql.cn/docs/13/libpq-connect.html#LIBPQ-CONNSTRING); takes precedence over other PostgreSQL settings |
| `DATABASE_HOSTNAME` | standalone | string | |
| `DATABASE_PORT` | standalone | int | |
| `DATABASE_DATABASE` | standalone | string | |
| `DATABASE_USERNAME` | standalone | string | |
| `DATABASE_PASSWORD` | standalone | string | |
| `DATABASE_CONNECTION_PARAMETERS` | standalone | string | connection parameters in space-separated `key=value` format |
| `VERIFY_CLIENT_MSP_ID` | standalone | bool: `true`/`false` | whether to check that client certificate matches the MSPID header |
| `CHANNEL_CONFIG` | standalone | string (path) | where to find the [application configuration](#orchestration-configuration) |
| `REPLAY_EVENTS_BATCH_SIZE` | standalone | integer | the size of the batch of events used by the `SubscribeToEvents` method to replay existing events (default to `100`) |
| `GRPC_KEEPALIVE_POLICY_MIN_TIME` | standalone | duration | the minimum amount of time a client should wait before sending a keepalive ping (default to `30s`). |
| `GRPC_KEEPALIVE_POLICY_PERMIT_WITHOUT_STREAM` | standalone | bool: `true`/`false` | if true, server allows keepalive pings even when there are no active RPCs (default to `false`). |
| `LOG_LEVEL` | standalone | string (INFO, WARN, NOTICE, ERROR, etc) | log verbosity (default to INFO) |
| `NO_COLOR` | standalone | presence (regardless of its value) | disable log color (see [no-color](https://no-color.org/)) |
| `LOG_SQL_VERBOSE` | standalone | bool: `true`/`false` | log SQL statements with debug verbosity. |
| `METRICS_ENABLED` | standalone | bool: `true`/`false` | whether to enable prometheus metrics. |
| Env Var | type | usage |
| --------------------------------------------- | ------------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------- |
| `TLS_ENABLED` | bool: `true`/`false` | whether to add TLS on transport |
| `TLS_CERT_PATH` | string (path) | path of the certificate to use |
| `TLS_KEY_PATH` | string (path) | path of the key to use |
| `MTLS_ENABLED` | bool: `true`/`false` | whether to enable mutual TLS |
| `TLS_SERVER_CA_CERT` | string (path) | path of the CA certificate to use |
| `TLS_CLIENT_CA_CERT_DIR` | string (path) | directory containing CA certificates of the client |
| `TX_RETRY_BUDGET` | duration ([go format](https://golang.org/pkg/time/#ParseDuration)) | duration during which the transaction can be retried in case of unserializable read/write dependencies |
| `DATABASE_CONNECTION_STRING` | string | [postgresql connection string](http://www.postgresql.cn/docs/13/libpq-connect.html#LIBPQ-CONNSTRING); takes precedence over other PostgreSQL settings |
| `DATABASE_HOSTNAME` | string | |
| `DATABASE_PORT` | int | |
| `DATABASE_DATABASE` | string | |
| `DATABASE_USERNAME` | string | |
| `DATABASE_PASSWORD` | string | |
| `DATABASE_CONNECTION_PARAMETERS` | string | connection parameters in space-separated `key=value` format |
| `VERIFY_CLIENT_MSP_ID` | bool: `true`/`false` | whether to check that client certificate matches the MSPID header |
| `CHANNEL_CONFIG` | string (path) | where to find the [application configuration](#orchestration-configuration) |
| `REPLAY_EVENTS_BATCH_SIZE` | integer | the size of the batch of events used by the `SubscribeToEvents` method to replay existing events (default to `100`) |
| `GRPC_KEEPALIVE_POLICY_MIN_TIME` | duration | the minimum amount of time a client should wait before sending a keepalive ping (default to `30s`). |
| `GRPC_KEEPALIVE_POLICY_PERMIT_WITHOUT_STREAM` | bool: `true`/`false` | if true, server allows keepalive pings even when there are no active RPCs (default to `false`). |
| `LOG_LEVEL` | string (INFO, WARN, NOTICE, ERROR, etc) | log verbosity (default to INFO) |
| `NO_COLOR` | presence (regardless of its value) | disable log color (see [no-color](https://no-color.org/)) |
| `LOG_SQL_VERBOSE` | bool: `true`/`false` | log SQL statements with debug verbosity. |
| `METRICS_ENABLED` | bool: `true`/`false` | whether to enable prometheus metrics. |

Here is a configuration example:
```yaml
Expand Down
1 change: 0 additions & 1 deletion examples/values/orchestrator-org-1.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
---
orchestrator:
mode: standalone
logLevel: DEBUG
logSQLVerbose: true
tls:
Expand Down
Loading

0 comments on commit ed8bd8c

Please sign in to comment.