Add some missing configuration

- nginx worker processes - containerPool akkaClient - controller and invoker use its own Couchdb username and password
apache · Jul 31, 2020 · 98ba056 · 98ba056
1 parent 59285fe
commit 98ba056
Show file tree

Hide file tree

Showing 8 changed files with 70 additions and 15 deletions.
diff --git a/helm/openwhisk/configMapFiles/initCouchDB/initdb.sh b/helm/openwhisk/configMapFiles/initCouchDB/initdb.sh
@@ -70,6 +70,10 @@ pushd /openwhisk/ansible
                      -e db_host=$DB_HOST \
                      -e db_username=$COUCHDB_USER \
                      -e db_password=$COUCHDB_PASSWORD \
+                     -e db_controller_user=$COUCHDB_CONTROLLER_USERNAME \
+                     -e db_controller_pass=$COUCHDB_CONTROLLER_PASSWORD \
+                     -e db_invoker_user=$COUCHDB_INVOKER_USERNAME \
+                     -e db_invoker_pass=$COUCHDB_INVOKER_PASSWORD \
                      -e db_port=$DB_PORT \
                      -e openwhisk_home=/openwhisk
 
@@ -79,6 +83,10 @@ pushd /openwhisk/ansible
                      -e db_host=$DB_HOST \
                      -e db_username=$COUCHDB_USER \
                      -e db_password=$COUCHDB_PASSWORD \
+                     -e db_controller_user=$COUCHDB_CONTROLLER_USERNAME \
+                     -e db_controller_pass=$COUCHDB_CONTROLLER_PASSWORD \
+                     -e db_invoker_user=$COUCHDB_INVOKER_USERNAME \
+                     -e db_invoker_pass=$COUCHDB_INVOKER_PASSWORD \
                      -e db_port=$DB_PORT \
                      -e openwhisk_home=/openwhisk
 popd

diff --git a/helm/openwhisk/templates/_helpers.tpl b/helm/openwhisk/templates/_helpers.tpl
@@ -52,7 +52,7 @@ app: {{ template "openwhisk.fullname" . }}
 {{- end -}}
 
 {{- define "openwhisk.db_authentication" -}}
-{{ .Values.db.auth.username }}:{{ .Values.db.auth.password }}
+{{ .Values.db.auth.admin.username }}:{{ .Values.db.auth.admin.password }}
 {{- end -}}
 
 {{- define "openwhisk.elasticsearch_authentication" -}}
@@ -114,16 +114,6 @@ app: {{ template "openwhisk.fullname" . }}
 
 {{/* Environment variables required for accessing CouchDB from a pod */}}
 {{- define "openwhisk.dbEnvVars" -}}
-- name: "CONFIG_whisk_couchdb_username"
-  valueFrom:
-    secretKeyRef:
-      name: {{ .Release.Name }}-db.auth
-      key: db_username
-- name: "CONFIG_whisk_couchdb_password"
-  valueFrom:
-    secretKeyRef:
-      name: {{ .Release.Name }}-db.auth
-      key: db_password
 - name: "CONFIG_whisk_couchdb_port"
   valueFrom:
     configMapKeyRef:

diff --git a/helm/openwhisk/templates/controller-pod.yaml b/helm/openwhisk/templates/controller-pod.yaml
@@ -151,6 +151,16 @@ spec:
           value: "{{ include "openwhisk.kafka_connect" . }}"
 {{ include "openwhisk.kafkaConfigEnvVars" . | indent 8 }}
 
+        - name: "CONFIG_whisk_couchdb_username"
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Release.Name }}-db.auth
+              key: db_controller_username
+        - name: "CONFIG_whisk_couchdb_password"
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Release.Name }}-db.auth
+              key: db_controller_password
         # properties for DB connection
 {{ include "openwhisk.dbEnvVars" . | indent 8 }}
 

diff --git a/helm/openwhisk/templates/couchdb-init-job.yaml b/helm/openwhisk/templates/couchdb-init-job.yaml
@@ -83,6 +83,26 @@ spec:
             secretKeyRef:
               name: {{ .Release.Name }}-db.auth
               key: db_password
+        - name: "COUCHDB_CONTROLLER_USERNAME"
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Release.Name }}-db.auth
+              key: db_controller_username
+        - name: "COUCHDB_CONTROLLER_PASSWORD"
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Release.Name }}-db.auth
+              key: db_controller_password
+        - name: "COUCHDB_INVOKER_USERNAME"
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Release.Name }}-db.auth
+              key: db_invoker_username
+        - name: "COUCHDB_INVOKER_PASSWORD"
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Release.Name }}-db.auth
+              key: db_invoker_password
         - name: "NODENAME"
           value: "couchdb0"
 

diff --git a/helm/openwhisk/templates/invoker-pod.yaml b/helm/openwhisk/templates/invoker-pod.yaml
@@ -155,13 +155,26 @@ spec:
           - name: "WHISK_LOGS_DIR"
             value: ""
 
+          - name: "CONFIG_whisk_containerPool_akkaClient"
+            value: "{{ .Values.whisk.containerPool.akkaClient }}"
+
           # this version is the day it is deployed,
           - name:  "CONFIG_whisk_info_date"
             valueFrom:
               configMapKeyRef:
                 name: {{ .Release.Name }}-whisk.config
                 key: whisk_info_date
 
+          - name: "CONFIG_whisk_couchdb_username"
+            valueFrom:
+              secretKeyRef:
+                name: {{ .Release.Name }}-db.auth
+                key: db_invoker_username
+          - name: "CONFIG_whisk_couchdb_password"
+            valueFrom:
+              secretKeyRef:
+                name: {{ .Release.Name }}-db.auth
+                key: db_invoker_password
           # properties for DB connection
 {{ include "openwhisk.dbEnvVars" . | indent 10 }}
 

diff --git a/helm/openwhisk/templates/nginx-cm.yaml b/helm/openwhisk/templates/nginx-cm.yaml
@@ -24,6 +24,7 @@ metadata:
 {{ include "openwhisk.label_boilerplate" . | indent 4 }}
 data:
   nginx.conf: |
+    worker_processes {{ .Values.nginx.workerProcesses }};
     worker_rlimit_nofile 4096;
 
     events {

diff --git a/helm/openwhisk/templates/ow-db-secret.yaml b/helm/openwhisk/templates/ow-db-secret.yaml
@@ -23,5 +23,9 @@ metadata:
 {{ include "openwhisk.label_boilerplate" . | indent 4 }}
 type: Opaque
 data:
-  db_username: {{ .Values.db.auth.username | b64enc }}
-  db_password: {{ .Values.db.auth.password | b64enc }}
+  db_username: {{ .Values.db.auth.admin.username | b64enc }}
+  db_password: {{ .Values.db.auth.admin.password | b64enc }}
+  db_controller_username: {{ .Values.db.auth.controller.username | b64enc }}
+  db_controller_password: {{ .Values.db.auth.controller.password | b64enc }}
+  db_invoker_username: {{ .Values.db.auth.invoker.username | b64enc }}
+  db_invoker_password: {{ .Values.db.auth.invoker.password | b64enc }}
diff --git a/helm/openwhisk/values.yaml b/helm/openwhisk/values.yaml
@@ -123,6 +123,7 @@ whisk:
         retentionMs: ""
   containerPool:
     userMemory: "2048m"
+    akkaClient: false
   runtimes: "runtimes.json"
   testing:
     includeTests: true
@@ -220,8 +221,15 @@ db:
   protocol: "http"
   # Production deployments _MUST_ override the default user/password values
   auth:
-    username: "whisk_admin"
-    password: "some_passw0rd"
+    admin:
+      username: "test_admin"
+      password: "some_passw0rd"
+    controller:
+      username: "test_controller0"
+      password: "some_controller_passw0rd"
+    invoker:
+      username: "test_invoker"
+      password: "some_invoker_passw0rd"
   dbPrefix: "test_"
   activationsTable: "test_activations"
   actionsTable: "test_whisks"
@@ -239,6 +247,7 @@ nginx:
   imagePullPolicy: "IfNotPresent"
   replicaCount: 1
   restartPolicy: "Always"
+  workerProcesses: 1
   httpPort: 80
   httpsPort: 443
   httpsNodePort: 31001