Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: remove mode flag #347

Merged
merged 6 commits into from
Jan 4, 2024
+29 −60
Merged

chore: remove mode flag #347

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
61f2c64
chore: remove flag in CLI code
guilhem-barthes Dec 22, 2023
f8aabd0
chore: remove from charts
guilhem-barthes Dec 22, 2023
2e28d8c
chore: update config.md
guilhem-barthes Dec 22, 2023
feca658
chore: update config.md
guilhem-barthes Dec 22, 2023
f902677
chore: bump chart version
guilhem-barthes Dec 22, 2023
49fa51c
docs: update changelog
guilhem-barthes Jan 4, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 0 additions & 1 deletion .github/workflows/end2end.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,6 @@ jobs:
ORCHESTRATOR_DATABASE_URL: postgresql://postgres:postgres@localhost:5432/postgres?sslmode=disable
ORCHESTRATOR_MIGRATION_DIR: file://./server/standalone/migration/
ORCHESTRATOR_TLS_ENABLED: false
ORCHESTRATOR_MODE: standalone
ORCHESTRATOR_VERIFY_CLIENT_MSP_ID: false
ORCHESTRATOR_TX_RETRY_BUDGET: 500ms
DB_DUMPS_BUCKET_NAME: substra-orchestrator-dumps
Expand Down
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
- BREAKING: remove all code related to the `distributed` mode, and mentions in schemas and documentation ([#341](https://github.com/Substra/orchestrator/pull/341))
- BREAKING: `distributed` Skaffold profile and mentions in doc ([#319](https://github.com/Substra/orchestrator/pull/319))
- BREAKING: `chaincode-init` and `chaincode` Dockerfiles ([#319](https://github.com/Substra/orchestrator/pull/319))
- Flag & environment variables to choose between `standalone` and `distributed` mode ([#347](https://github.com/Substra/orchestrator/pull/347))

### Added

Expand Down
2 changes: 1 addition & 1 deletion charts/orchestrator/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ name: orchestrator
description: substra orchestration

type: application
version: 8.0.1
version: 8.1.0
appVersion: 0.37.0
kubeVersion: ">= 1.19.0-0"
icon: https://avatars.githubusercontent.com/u/84009910?s=400
Expand Down
1 change: 0 additions & 1 deletion charts/orchestrator/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,6 @@ See Bitnami documentation: https://bitnami.com/stack/postgresql/helm
| `orchestrator.fullnameOverride` | String to fully override the `orchestrator.server.fullname` | `""` |
| `orchestrator.logLevel` | Orchestrator log level | `INFO` |
| `orchestrator.logSQLVerbose` | Log SQL statements with debug verbosity | `false` |
| `orchestrator.mode` | Orchestrator mode, "standalone" | `standalone` |
| `orchestrator.verifyClientMSPID` | If true, validates incoming gRPC requests by checking the `mspid` header matches the subject organization of the client SSL certificate. See [MSPID check](#MSPID-check) | `false` |
| `orchestrator.txRetryBudget` | Duration ([go format](https://golang.org/pkg/time/#ParseDuration)) during which the transaction can be retried in case of conflicting writes | `500ms` |
| `orchestrator.tls.createCertificates.enabled` | If true creates a cert-manager _Certificate_ resource for the Orchestrator | `false` |
Expand Down
2 changes: 0 additions & 2 deletions charts/orchestrator/templates/configmap-database.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
{{- if eq .Values.orchestrator.mode "standalone" }}
apiVersion: v1
kind: ConfigMap
metadata:
Expand All @@ -10,4 +9,3 @@ data:
DATABASE_PORT: !!str {{ .Values.database.port }}
DATABASE_DATABASE: !!str {{ .Values.database.auth.database }}
DATABASE_CONNECTION_PARAMETERS: !!str {{ include "substra-orc.database.connectionParameters" . }}
{{- end }}
3 changes: 0 additions & 3 deletions charts/orchestrator/templates/configmap-env-orchestrator.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,15 +6,12 @@ metadata:
{{- include "orchestrator.server.labels" . | nindent 4 }}
data:
# Global settings
ORCHESTRATOR_MODE: {{ .Values.orchestrator.mode }}
ORCHESTRATOR_VERIFY_CLIENT_MSP_ID: "{{ and $.Values.orchestrator.tls.enabled $.Values.orchestrator.tls.mtls.enabled $.Values.orchestrator.verifyClientMSPID }}"
ORCHESTRATOR_CHANNEL_CONFIG: /var/orchestrator/config.yaml
ORCHESTRATOR_TX_RETRY_BUDGET: "{{ .Values.orchestrator.txRetryBudget }}"

# Standalone settings
{{- if eq .Values.orchestrator.mode "standalone" }}
LOG_SQL_VERBOSE: "{{ .Values.orchestrator.logSQLVerbose }}"
{{- end }}

# TLS settings
ORCHESTRATOR_TLS_ENABLED: "{{ $.Values.orchestrator.tls.enabled }}"
Expand Down
6 changes: 0 additions & 6 deletions charts/orchestrator/templates/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,10 +25,8 @@ spec:
serviceAccountName: {{ include "orchestrator.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
{{- if eq .Values.orchestrator.mode "standalone" }}
initContainers:
{{- include "substra-orc.waitPostgresqlInitContainer" . | nindent 8 }}
{{- end }}
containers:
- name: {{ .Chart.Name }}
securityContext:
Expand All @@ -39,14 +37,12 @@ spec:
- sh
- -c
- |
{{- if eq .Values.orchestrator.mode "standalone" }}
set -eu
DATABASE_URI="postgres://$DATABASE_USERNAME:$DATABASE_PASSWORD@$DATABASE_HOSTNAME:$DATABASE_PORT/$DATABASE_DATABASE"
if [ -n $DATABASE_CONNECTION_PARAMETERS ]; then
DATABASE_URI="$DATABASE_URI?$DATABASE_CONNECTION_PARAMETERS"
fi
export ORCHESTRATOR_DATABASE_URL="$DATABASE_URI"
{{- end }}
/app/orchestrator
ports:
- name: grpc
Expand Down Expand Up @@ -100,12 +96,10 @@ spec:
envFrom:
- configMapRef:
name: {{ template "orchestrator.server.fullname" . }}-env
{{- if eq .Values.orchestrator.mode "standalone" }}
- configMapRef:
name: {{ template "orchestrator.server.fullname" . }}-database
- secretRef:
name: {{ template "substra-orc.database.secret-name" . }}
{{- end }}
env:
- name: LOG_LEVEL
value: {{ .Values.orchestrator.logLevel | default "INFO" }}
Expand Down
2 changes: 0 additions & 2 deletions charts/orchestrator/templates/job-migrations.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
{{- if eq .Values.orchestrator.mode "standalone" }}
apiVersion: batch/v1
kind: Job
metadata:
Expand Down Expand Up @@ -38,4 +37,3 @@ spec:
name: {{ template "orchestrator.server.fullname" . }}-database
- secretRef:
name: {{ template "substra-orc.database.secret-name" . }}
{{- end }}
5 changes: 1 addition & 4 deletions charts/orchestrator/templates/secret-database.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,4 @@
{{- if and
(eq .Values.orchestrator.mode "standalone")
(not .Values.database.auth.credentialsSecretName)
}}
{{- if not .Values.database.auth.credentialsSecretName }}
apiVersion: v1
kind: Secret
metadata:
Expand Down
3 changes: 0 additions & 3 deletions charts/orchestrator/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -242,9 +242,6 @@ orchestrator:
## @param orchestrator.logSQLVerbose Log SQL statements with debug verbosity
##
logSQLVerbose: false
## @param orchestrator.mode Orchestrator mode, "standalone"
##
mode: standalone
## @param orchestrator.verifyClientMSPID If true, validates incoming gRPC requests by checking the `mspid` header matches the subject organization of the client SSL certificate. See [MSPID check](#MSPID-check)
##
verifyClientMSPID: false
Expand Down
51 changes: 25 additions & 26 deletions docs/config.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,32 +6,31 @@ Unless specified, all settings are mandatory.

## Server settings

| Env Var | mode | type | usage |
|------------------------------------------------------------|-------------------------|--------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------|
| `ORCHESTRATOR_MODE` | standalone | enum: `standalone` | specify in which mode to run the orchestrator (defaults to `standalone`) |
| `TLS_ENABLED` | standalone | bool: `true`/`false` | whether to add TLS on transport |
| `TLS_CERT_PATH` | standalone | string (path) | path of the certificate to use |
| `TLS_KEY_PATH` | standalone | string (path) | path of the key to use |
| `MTLS_ENABLED` | standalone | bool: `true`/`false` | whether to enable mutual TLS |
| `TLS_SERVER_CA_CERT` | standalone | string (path) | path of the CA certificate to use |
| `TLS_CLIENT_CA_CERT_DIR` | standalone | string (path) | directory containing CA certificates of the client |
| `TX_RETRY_BUDGET` | standalone | duration ([go format](https://golang.org/pkg/time/#ParseDuration)) | duration during which the transaction can be retried in case of unserializable read/write dependencies |
| `DATABASE_CONNECTION_STRING` | standalone | string | [postgresql connection string](http://www.postgresql.cn/docs/13/libpq-connect.html#LIBPQ-CONNSTRING); takes precedence over other PostgreSQL settings |
| `DATABASE_HOSTNAME` | standalone | string | |
| `DATABASE_PORT` | standalone | int | |
| `DATABASE_DATABASE` | standalone | string | |
| `DATABASE_USERNAME` | standalone | string | |
| `DATABASE_PASSWORD` | standalone | string | |
| `DATABASE_CONNECTION_PARAMETERS` | standalone | string | connection parameters in space-separated `key=value` format |
| `VERIFY_CLIENT_MSP_ID` | standalone | bool: `true`/`false` | whether to check that client certificate matches the MSPID header |
| `CHANNEL_CONFIG` | standalone | string (path) | where to find the [application configuration](#orchestration-configuration) |
| `REPLAY_EVENTS_BATCH_SIZE` | standalone | integer | the size of the batch of events used by the `SubscribeToEvents` method to replay existing events (default to `100`) |
| `GRPC_KEEPALIVE_POLICY_MIN_TIME` | standalone | duration | the minimum amount of time a client should wait before sending a keepalive ping (default to `30s`). |
| `GRPC_KEEPALIVE_POLICY_PERMIT_WITHOUT_STREAM` | standalone | bool: `true`/`false` | if true, server allows keepalive pings even when there are no active RPCs (default to `false`). |
| `LOG_LEVEL` | standalone | string (INFO, WARN, NOTICE, ERROR, etc) | log verbosity (default to INFO) |
| `NO_COLOR` | standalone | presence (regardless of its value) | disable log color (see [no-color](https://no-color.org/)) |
| `LOG_SQL_VERBOSE` | standalone | bool: `true`/`false` | log SQL statements with debug verbosity. |
| `METRICS_ENABLED` | standalone | bool: `true`/`false` | whether to enable prometheus metrics. |
| Env Var | type | usage |
| --------------------------------------------- | ------------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------- |
| `TLS_ENABLED` | bool: `true`/`false` | whether to add TLS on transport |
| `TLS_CERT_PATH` | string (path) | path of the certificate to use |
| `TLS_KEY_PATH` | string (path) | path of the key to use |
| `MTLS_ENABLED` | bool: `true`/`false` | whether to enable mutual TLS |
| `TLS_SERVER_CA_CERT` | string (path) | path of the CA certificate to use |
| `TLS_CLIENT_CA_CERT_DIR` | string (path) | directory containing CA certificates of the client |
| `TX_RETRY_BUDGET` | duration ([go format](https://golang.org/pkg/time/#ParseDuration)) | duration during which the transaction can be retried in case of unserializable read/write dependencies |
| `DATABASE_CONNECTION_STRING` | string | [postgresql connection string](http://www.postgresql.cn/docs/13/libpq-connect.html#LIBPQ-CONNSTRING); takes precedence over other PostgreSQL settings |
| `DATABASE_HOSTNAME` | string | |
| `DATABASE_PORT` | int | |
| `DATABASE_DATABASE` | string | |
| `DATABASE_USERNAME` | string | |
| `DATABASE_PASSWORD` | string | |
| `DATABASE_CONNECTION_PARAMETERS` | string | connection parameters in space-separated `key=value` format |
| `VERIFY_CLIENT_MSP_ID` | bool: `true`/`false` | whether to check that client certificate matches the MSPID header |
| `CHANNEL_CONFIG` | string (path) | where to find the [application configuration](#orchestration-configuration) |
| `REPLAY_EVENTS_BATCH_SIZE` | integer | the size of the batch of events used by the `SubscribeToEvents` method to replay existing events (default to `100`) |
| `GRPC_KEEPALIVE_POLICY_MIN_TIME` | duration | the minimum amount of time a client should wait before sending a keepalive ping (default to `30s`). |
| `GRPC_KEEPALIVE_POLICY_PERMIT_WITHOUT_STREAM` | bool: `true`/`false` | if true, server allows keepalive pings even when there are no active RPCs (default to `false`). |
| `LOG_LEVEL` | string (INFO, WARN, NOTICE, ERROR, etc) | log verbosity (default to INFO) |
| `NO_COLOR` | presence (regardless of its value) | disable log color (see [no-color](https://no-color.org/)) |
| `LOG_SQL_VERBOSE` | bool: `true`/`false` | log SQL statements with debug verbosity. |
| `METRICS_ENABLED` | bool: `true`/`false` | whether to enable prometheus metrics. |

Here is a configuration example:
```yaml
Expand Down
1 change: 0 additions & 1 deletion examples/values/orchestrator-org-1.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
---
orchestrator:
mode: standalone
logLevel: DEBUG
logSQLVerbose: true
tls:
Expand Down
Loading
Loading