diff --git a/helm-values/traction/values-production.yaml b/helm-values/traction/values-production.yaml index b71d0c9a..16059301 100644 --- a/helm-values/traction/values-production.yaml +++ b/helm-values/traction/values-production.yaml @@ -73,8 +73,9 @@ ui: active: true showInnkeeperAdminLogin: true showWritableComponents: false - authority: https://loginproxy.gov.bc.ca/auth/realms/digitaltrust-nrm - jwksUri: https://loginproxy.gov.bc.ca/auth/realms/digitaltrust-nrm/protocol/openid-connect/certs + authority: https://loginproxy.gov.bc.ca/auth/realms/digitaltrust-citz + jwksUri: https://loginproxy.gov.bc.ca/auth/realms/digitaltrust-citz/protocol/openid-connect/certs + realm: "digitaltrust-citz" reservationForm: >- { "formDataSchema": { diff --git a/helm-values/traction/values-sandbox.yaml b/helm-values/traction/values-sandbox.yaml index 881b66cc..e51e5b40 100644 --- a/helm-values/traction/values-sandbox.yaml +++ b/helm-values/traction/values-sandbox.yaml @@ -68,8 +68,9 @@ ui: active: false showInnkeeperAdminLogin: true showWritableComponents: true - authority: "" - jwksUri: "" + authority: https://dev.loginproxy.gov.bc.ca/auth/realms/digitaltrust-citz + jwksUri: https://dev.loginproxy.gov.bc.ca/auth/realms/digitaltrust-citz/protocol/openid-connect/certs + realm: "digitaltrust-citz" reservationForm: >- { "formDataSchema": { @@ -115,10 +116,13 @@ ingress: annotations: route.openshift.io/termination: edge postgresql: - resources: - limits: - cpu: 400m - memory: 1600Mi - requests: - cpu: 200m - memory: 820Mi + primary: + persistence: + size: 5Gi + resources: + limits: + cpu: 2 + memory: 4000Mi + requests: + cpu: 200m + memory: 820Mi diff --git a/helm-values/traction/values-test.yaml b/helm-values/traction/values-test.yaml index 80aaaad4..5a9a54ec 100644 --- a/helm-values/traction/values-test.yaml +++ b/helm-values/traction/values-test.yaml @@ -88,8 +88,9 @@ ui: oidc: active: true showInnkeeperAdminLogin: true - authority: https://test.loginproxy.gov.bc.ca/auth/realms/digitaltrust-nrm - jwksUri: https://test.loginproxy.gov.bc.ca/auth/realms/digitaltrust-nrm/protocol/openid-connect/certs + authority: https://test.loginproxy.gov.bc.ca/auth/realms/digitaltrust-citz + jwksUri: https://test.loginproxy.gov.bc.ca/auth/realms/digitaltrust-citz/protocol/openid-connect/certs + realm: "digitaltrust-citz" reservationForm: >- { "formDataSchema": { diff --git a/openshift/settings.idim-preprod.sh b/openshift/settings.idim-preprod.sh new file mode 100644 index 00000000..79ce1706 --- /dev/null +++ b/openshift/settings.idim-preprod.sh @@ -0,0 +1,11 @@ +# Description: IDIM-PreProd (test only environment) Issuer Profile - Using ephemeral queue +export SKIP_PIPELINE_PROCESSING=1 + +# Switched away from persistent queue implementation until it is more stable +# export include_templates="issuer-agent-pq-deploy issuer-wallet-deploy delivery-service-inbound-deploy delivery-service-outbound-deploy" + +export include_templates="issuer-agent-deploy issuer-wallet-deploy" +export ignore_templates="" + +# IDIM-PreProd is a test environment. +export DEPLOYMENT_ENV_NAME="test" \ No newline at end of file diff --git a/openshift/templates/backup/backup-deploy.param b/openshift/templates/backup/backup-deploy.param index bb476ae5..f59155ff 100644 --- a/openshift/templates/backup/backup-deploy.param +++ b/openshift/templates/backup/backup-deploy.param @@ -20,6 +20,7 @@ IDIM_WALLET_DB_HOST=wallet-idim IDIM_SIT_WALLET_DB_HOST=wallet-idim-sit IDIM_QA_WALLET_DB_HOST=wallet-idim-qa LCRB_WALLET_DB_HOST=wallet-lcrb +IDIM_PREPROD_WALLET_DB_HOST=wallet-idim-preprod DB_USER_KEY_NAME=database-user DB_PASSWORD_KEY_NAME=database-password BACKUP_STRATEGY=rolling diff --git a/openshift/templates/backup/backup-deploy.yaml b/openshift/templates/backup/backup-deploy.yaml index db78ac12..8b30b254 100644 --- a/openshift/templates/backup/backup-deploy.yaml +++ b/openshift/templates/backup/backup-deploy.yaml @@ -239,6 +239,16 @@ objects: secretKeyRef: name: ${PREFIX}${LCRB_WALLET_DB_HOST} key: ${DB_PASSWORD_KEY_NAME} + - name: WALLET_IDIM_PREPROD_USER + valueFrom: + secretKeyRef: + name: ${PREFIX}${IDIM_PREPROD_WALLET_DB_HOST} + key: ${DB_USER_KEY_NAME} + - name: WALLET_IDIM_PREPROD_PASSWORD + valueFrom: + secretKeyRef: + name: ${PREFIX}${IDIM_PREPROD_WALLET_DB_HOST} + key: ${DB_PASSWORD_KEY_NAME} - name: WEBHOOK_URL valueFrom: secretKeyRef: @@ -371,6 +381,13 @@ parameters: particular, this is used to wire up the credentials associated to the database. required: true value: wallet-lcrb + - name: IDIM_PREPROD_WALLET_DB_HOST + displayName: Wallet Database Hostname + description: + The name associated to the wallet database deployment resources. In + particular, this is used to wire up the credentials associated to the database. + required: true + value: wallet-idim-preprod - name: DB_USER_KEY_NAME displayName: Database User Key Name description: diff --git a/openshift/templates/backup/config/dev/backup.conf b/openshift/templates/backup/config/dev/backup.conf index 329e174f..15194ced 100644 --- a/openshift/templates/backup/config/dev/backup.conf +++ b/openshift/templates/backup/config/dev/backup.conf @@ -46,11 +46,11 @@ # 0 1 * * * default ./backup.sh -s # 0 4 * * * default ./backup.sh -s -v all # ============================================================ -postgres=vc-authn-database/vc_authn +# postgres=vc-authn-database/vc_authn postgres=wallet-lsbc/agent_lsbc_wallet postgres=wallet-buybc/agent_buybc_wallet -postgres=vc-authn-wallet/vc_authn_agent_rev_wallet -postgres=vc-authn-wallet/vc_authn_agent_wallet +# postgres=vc-authn-wallet/vc_authn_agent_rev_wallet +# postgres=vc-authn-wallet/vc_authn_agent_wallet postgres=wallet-idim/agent_idim_wallet postgres=wallet-idim-sit/agent_idim_sit_wallet postgres=wallet-lcrb/agent_lcrb_wallet diff --git a/openshift/templates/backup/config/prod/backup.conf b/openshift/templates/backup/config/prod/backup.conf index a5927da4..e2baf43e 100644 --- a/openshift/templates/backup/config/prod/backup.conf +++ b/openshift/templates/backup/config/prod/backup.conf @@ -25,7 +25,7 @@ # Cron Scheduling: # ----------------------------------------------------------- # List your backup and verification schedule(s) here as well. -# The schedule(s) must be listed as cron tabs that +# The schedule(s) must be listed as cron tabs that # execute the script in 'scheduled' mode: # - ./backup.sh -s # @@ -46,11 +46,11 @@ # 0 1 * * * default ./backup.sh -s # 0 4 * * * default ./backup.sh -s -v all # ============================================================ -postgres=vc-authn-database/vc_authn +# postgres=vc-authn-database/vc_authn postgres=wallet-lsbc/agent_lsbc_wallet postgres=wallet-buybc/agent_buybc_wallet -postgres=vc-authn-wallet/vc_authn_agent_rev_wallet -postgres=vc-authn-wallet/vc_authn_agent_wallet +# postgres=vc-authn-wallet/vc_authn_agent_rev_wallet +# postgres=vc-authn-wallet/vc_authn_agent_wallet postgres=wallet-idim/agent_idim_wallet postgres=wallet-lcrb/agent_lcrb_wallet diff --git a/openshift/templates/backup/config/test/backup.conf b/openshift/templates/backup/config/test/backup.conf index 623ce5dc..80c1ca19 100644 --- a/openshift/templates/backup/config/test/backup.conf +++ b/openshift/templates/backup/config/test/backup.conf @@ -25,7 +25,7 @@ # Cron Scheduling: # ----------------------------------------------------------- # List your backup and verification schedule(s) here as well. -# The schedule(s) must be listed as cron tabs that +# The schedule(s) must be listed as cron tabs that # execute the script in 'scheduled' mode: # - ./backup.sh -s # @@ -46,13 +46,14 @@ # 0 1 * * * default ./backup.sh -s # 0 4 * * * default ./backup.sh -s -v all # ============================================================ -postgres=vc-authn-database/vc_authn +# postgres=vc-authn-database/vc_authn postgres=wallet-lsbc/agent_lsbc_wallet postgres=wallet-buybc/agent_buybc_wallet -postgres=vc-authn-wallet/vc_authn_agent_rev_wallet -postgres=vc-authn-wallet/vc_authn_agent_wallet +# postgres=vc-authn-wallet/vc_authn_agent_rev_wallet +# postgres=vc-authn-wallet/vc_authn_agent_wallet postgres=wallet-idim-qa/agent_idim_qa_wallet postgres=wallet-lcrb/agent_lcrb_wallet +postgres=wallet-idim-preprod/agent_idim_preprod_wallet # Schedule backup for 1am PST; system TZ is PST 0 1 * * * default ./backup.sh -s diff --git a/openshift/templates/issuer-agent/issuer-agent-deploy.a2a.param b/openshift/templates/issuer-agent/issuer-agent-deploy.a2a.param index 0fde149f..83da1e02 100644 --- a/openshift/templates/issuer-agent/issuer-agent-deploy.a2a.param +++ b/openshift/templates/issuer-agent/issuer-agent-deploy.a2a.param @@ -15,6 +15,7 @@ ROUTE_TIMEOUT=120s IMAGE_NAMESPACE=a99fd4-tools NAMESPACE_NAME=a99fd4 SOURCE_IMAGE_NAME=issuer-kit-agent +TAG_PREFIX=a2a- TAG_NAME=dev APP_CONFIG_MAP_NAME=agent-config APP_CONFIG_MOUNT_PATH=/home/indy/ @@ -50,6 +51,8 @@ TAILS_FILES_DIR=/home/indy/.indy_client/tails TAILS_FILES_VOLUME_CLASS=netapp-file-standard TAILS_FILES_VOLUME_SIZE=1Gi ACAPY_TAILS_SERVER_BASE_URL=https://tails-dev.vonx.io +MIN_REPLICAS=1 +MAX_REPLICAS=2 CPU_REQUEST=10m CPU_LIMIT=300m MEMORY_REQUEST=10Mi diff --git a/openshift/templates/issuer-agent/issuer-agent-deploy.a2a.test.param b/openshift/templates/issuer-agent/issuer-agent-deploy.a2a.test.param index 78efe08d..99093d5c 100644 --- a/openshift/templates/issuer-agent/issuer-agent-deploy.a2a.test.param +++ b/openshift/templates/issuer-agent/issuer-agent-deploy.a2a.test.param @@ -15,6 +15,7 @@ ADMIN_APPLICATION_DOMAIN=a2a-agent-admin-test.apps.silver.devops.gov.bc.ca # IMAGE_NAMESPACE=a99fd4-tools # NAMESPACE_NAME=a99fd4 # SOURCE_IMAGE_NAME=issuer-kit-agent +TAG_PREFIX= TAG_NAME=test # APP_CONFIG_MAP_NAME=agent-config # APP_CONFIG_MOUNT_PATH=/home/indy/ @@ -50,8 +51,9 @@ AGENT_BASE_URL=https://a2a-agent-test.apps.silver.devops.gov.bc.ca # TAILS_FILES_VOLUME_CLASS=netapp-file-standard # TAILS_FILES_VOLUME_SIZE=1Gi ACAPY_TAILS_SERVER_BASE_URL=https://tails-test.vonx.io +# MIN_REPLICAS=1 +# MAX_REPLICAS=2 # CPU_REQUEST=10m # CPU_LIMIT=300m # MEMORY_REQUEST=10Mi -# MEMORY_LIMIT=512Mi -# \ No newline at end of file +# MEMORY_LIMIT=512Mi \ No newline at end of file diff --git a/openshift/templates/issuer-agent/issuer-agent-deploy.bcreg.param b/openshift/templates/issuer-agent/issuer-agent-deploy.bcreg.param index fe0744c3..80a63703 100644 --- a/openshift/templates/issuer-agent/issuer-agent-deploy.bcreg.param +++ b/openshift/templates/issuer-agent/issuer-agent-deploy.bcreg.param @@ -44,6 +44,8 @@ TAILS_FILES_DIR=/home/indy/.indy_client/tails TAILS_FILES_VOLUME_CLASS=netapp-file-standard TAILS_FILES_VOLUME_SIZE=1Gi ACAPY_TAILS_SERVER_BASE_URL=https://tails-dev.vonx.io +MIN_REPLICAS=1 +MAX_REPLICAS=2 CPU_REQUEST=10m CPU_LIMIT=300m MEMORY_REQUEST=10Mi diff --git a/openshift/templates/issuer-agent/issuer-agent-deploy.bcreg.prod.param b/openshift/templates/issuer-agent/issuer-agent-deploy.bcreg.prod.param index a21aa658..fb603946 100644 --- a/openshift/templates/issuer-agent/issuer-agent-deploy.bcreg.prod.param +++ b/openshift/templates/issuer-agent/issuer-agent-deploy.bcreg.prod.param @@ -44,8 +44,9 @@ ACAPY_GENESIS_TRANSACTIONS_LIST=ledgers-bcreg.yaml # TAILS_FILES_VOLUME_CLASS=netapp-file-standard # TAILS_FILES_VOLUME_SIZE=1Gi ACAPY_TAILS_SERVER_BASE_URL=https://tails.vonx.io +# MIN_REPLICAS=1 +# MAX_REPLICAS=2 # CPU_REQUEST=10m # CPU_LIMIT=300m # MEMORY_REQUEST=10Mi -# MEMORY_LIMIT=512Mi -# \ No newline at end of file +# MEMORY_LIMIT=512Mi \ No newline at end of file diff --git a/openshift/templates/issuer-agent/issuer-agent-deploy.bcreg.test.param b/openshift/templates/issuer-agent/issuer-agent-deploy.bcreg.test.param index 49b52bf5..6d0d3fd7 100644 --- a/openshift/templates/issuer-agent/issuer-agent-deploy.bcreg.test.param +++ b/openshift/templates/issuer-agent/issuer-agent-deploy.bcreg.test.param @@ -44,8 +44,9 @@ AGENT_BASE_URL=https://bcreg-os-agent-test.apps.silver.devops.gov.bc.ca # TAILS_FILES_VOLUME_CLASS=netapp-file-standard # TAILS_FILES_VOLUME_SIZE=1Gi ACAPY_TAILS_SERVER_BASE_URL=https://tails-test.vonx.io +# MIN_REPLICAS=1 +# MAX_REPLICAS=2 # CPU_REQUEST=10m # CPU_LIMIT=300m # MEMORY_REQUEST=10Mi -# MEMORY_LIMIT=512Mi -# \ No newline at end of file +# MEMORY_LIMIT=512Mi \ No newline at end of file diff --git a/openshift/templates/issuer-agent/issuer-agent-deploy.bcvcpilot.param b/openshift/templates/issuer-agent/issuer-agent-deploy.bcvcpilot.param index 64205511..b42dc094 100644 --- a/openshift/templates/issuer-agent/issuer-agent-deploy.bcvcpilot.param +++ b/openshift/templates/issuer-agent/issuer-agent-deploy.bcvcpilot.param @@ -64,6 +64,8 @@ TAILS_FILES_DIR=/home/indy/.indy_client/tails TAILS_FILES_VOLUME_CLASS=netapp-file-standard TAILS_FILES_VOLUME_SIZE=1Gi ACAPY_TAILS_SERVER_BASE_URL=https://tails-dev.vonx.io +MIN_REPLICAS=1 +MAX_REPLICAS=2 CPU_REQUEST=100m CPU_LIMIT=250m MEMORY_REQUEST=128Mi diff --git a/openshift/templates/issuer-agent/issuer-agent-deploy.bcvcpilot.prod.param b/openshift/templates/issuer-agent/issuer-agent-deploy.bcvcpilot.prod.param index f393457a..0cf6035e 100644 --- a/openshift/templates/issuer-agent/issuer-agent-deploy.bcvcpilot.prod.param +++ b/openshift/templates/issuer-agent/issuer-agent-deploy.bcvcpilot.prod.param @@ -64,6 +64,8 @@ ACAPY_WALLET_TYPE=askar # TAILS_FILES_VOLUME_CLASS=netapp-file-standard # TAILS_FILES_VOLUME_SIZE=1Gi ACAPY_TAILS_SERVER_BASE_URL=https://tails-test.vonx.io +MIN_REPLICAS=2 +MAX_REPLICAS=3 # CPU_REQUEST=100m # CPU_LIMIT=250m # MEMORY_REQUEST=128Mi diff --git a/openshift/templates/issuer-agent/issuer-agent-deploy.bcvcpilot.test.param b/openshift/templates/issuer-agent/issuer-agent-deploy.bcvcpilot.test.param index 7a57753d..a1d9c53e 100644 --- a/openshift/templates/issuer-agent/issuer-agent-deploy.bcvcpilot.test.param +++ b/openshift/templates/issuer-agent/issuer-agent-deploy.bcvcpilot.test.param @@ -64,6 +64,8 @@ ACAPY_WALLET_TYPE=askar # TAILS_FILES_VOLUME_CLASS=netapp-file-standard # TAILS_FILES_VOLUME_SIZE=1Gi ACAPY_TAILS_SERVER_BASE_URL=https://tails-test.vonx.io +# MIN_REPLICAS=1 +# MAX_REPLICAS=2 # CPU_REQUEST=100m # CPU_LIMIT=250m # MEMORY_REQUEST=128Mi diff --git a/openshift/templates/issuer-agent/issuer-agent-deploy.idim-preprod.param b/openshift/templates/issuer-agent/issuer-agent-deploy.idim-preprod.param new file mode 100644 index 00000000..014ca380 --- /dev/null +++ b/openshift/templates/issuer-agent/issuer-agent-deploy.idim-preprod.param @@ -0,0 +1,71 @@ +#========================================================= +# OpenShift template parameters for: +# Component: . +# Template File: ../openshift/templates/issuer-agent/issuer-agent-deploy.yaml +#========================================================= +NAME=agent +APP_NAME=issuer +APP_GROUP=idim-preprod +SUFFIX=-idim-preprod +ROLE=agent +API_ROLE=api +APPLICATION_DOMAIN=idim-preprod-agent-test.apps.silver.devops.gov.bc.ca +ADMIN_APPLICATION_DOMAIN=idim-preprod-agent-admin-test.apps.silver.devops.gov.bc.ca +ROUTE_TIMEOUT=240s +IMAGE_NAMESPACE=e79518-tools +NAMESPACE_NAME=e79518 +SOURCE_IMAGE_NAME=issuer-kit-agent +TAG_PREFIX=idim-preprod- +TAG_NAME=test +APP_CONFIG_MAP_NAME=agent-config +APP_CONFIG_MOUNT_PATH=/home/aries/ +ACAPY_LABEL=IDIM (PreProd) +ACAPY_READ_ONLY_LEDGER=false +AGENT_BASE_URL=https://idim-preprod-agent-test.apps.silver.devops.gov.bc.ca +ACAPY_IMAGE_URL=https://id.gov.bc.ca/static/Gov-2.0/images/favicon.ico +WEBHOOK_URL=to-be-defined +AGENT_ADMIN_PORT=8024 +# ADMIN_API_KEY=[a-zA-Z0-9]{16} +API_HOST=api +AGENT_HTTP_PORT=8021 +ACAPY_GENESIS_TRANSACTIONS_LIST=ledgers-candy.yaml +ACAPY_LOG_LEVEL=WARNING +ACAPY_INVITE_PUBLIC=true +ACAPY_PUBLIC_INVITES=true +ACAPY_REQUESTS_THROUGH_PUBLIC_DID=false +ACAPY_AUTO_ACCEPT_INVITES=false +ACAPY_AUTO_ACCEPT_REQUESTS=false +ACAPY_AUTO_PING_CONNECTION=true +ACAPY_MONITOR_PING=false +ACAPY_AUTO_RESPOND_MESSAGES=false +ACAPY_AUTO_RESPOND_CREDENTIAL_OFFER=false +ACAPY_AUTO_RESPOND_CREDENTIAL_REQUEST=false +ACAPY_AUTO_VERIFY_PRESENTATION=true +ACAPY_AUTO_PROVISION=true +ACAPY_NOTIFY_REVOCATION=false +ACAPY_ENDORSER_ROLE=author +ACAPY_ENDORSER_ALIAS=Endorser +ACAPY_AUTO_REQUEST_ENDORSEMENT=true +ACAPY_AUTO_WRITE_TRANSACTIONS=true +ACAPY_CREATE_REVOCATION_TRANSACTIONS=true +ACAPY_WALLET_TYPE=askar +ACAPY_WALLET_STORAGE_TYPE=postgres_storage +WALLET_HOST=wallet +WALLET_HOST_PORT=5432 +WALLET_STORAGE_CONFIG={\"url\":\"${POSTGRESQL_WALLET_HOST}:${POSTGRESQL_WALLET_PORT}\",\"max_connections\":5} +WALLET_STORAGE_CREDS={\"account\":\"${POSTGRESQL_WALLET_USER}\",\"password\":\"${POSTGRESQL_WALLET_PASSWORD}\",\"admin_account\":\"postgres\",\"admin_password\":\"${POSTGRESQL_WALLET_ADMIN_PASSWORD}\"} +WALLET_CREDENTIAL_STORE_NAME=agent-wallet-credentials +# WALLET_KEY=[a-zA-Z0-9]{10} +# WALLET_SEED=[a-zA-Z0-9]{32} +# WALLET_DID=[a-zA-Z0-9]{16} +WALLET_SUFFIX=-idim-preprod +TAILS_FILES_DIR=/home/aries/.indy_client/tails +TAILS_FILES_VOLUME_CLASS=netapp-file-standard +TAILS_FILES_VOLUME_SIZE=1Gi +ACAPY_TAILS_SERVER_BASE_URL=https://tails-test.vonx.io +MIN_REPLICAS=3 +MAX_REPLICAS=4 +CPU_REQUEST=100m +CPU_LIMIT=1000m +MEMORY_REQUEST=128Mi +MEMORY_LIMIT=512Mi diff --git a/openshift/templates/issuer-agent/issuer-agent-deploy.idim-qa.param b/openshift/templates/issuer-agent/issuer-agent-deploy.idim-qa.param index 4181b8a1..5411ea7c 100644 --- a/openshift/templates/issuer-agent/issuer-agent-deploy.idim-qa.param +++ b/openshift/templates/issuer-agent/issuer-agent-deploy.idim-qa.param @@ -63,6 +63,8 @@ TAILS_FILES_DIR=/home/aries/.indy_client/tails TAILS_FILES_VOLUME_CLASS=netapp-file-standard TAILS_FILES_VOLUME_SIZE=1Gi ACAPY_TAILS_SERVER_BASE_URL=https://tails-test.vonx.io +MIN_REPLICAS=2 +MAX_REPLICAS=3 CPU_REQUEST=100m CPU_LIMIT=250m MEMORY_REQUEST=128Mi diff --git a/openshift/templates/issuer-agent/issuer-agent-deploy.idim-sit.param b/openshift/templates/issuer-agent/issuer-agent-deploy.idim-sit.param index 74e6f140..811042ef 100644 --- a/openshift/templates/issuer-agent/issuer-agent-deploy.idim-sit.param +++ b/openshift/templates/issuer-agent/issuer-agent-deploy.idim-sit.param @@ -63,6 +63,8 @@ TAILS_FILES_DIR=/home/aries/.indy_client/tails TAILS_FILES_VOLUME_CLASS=netapp-file-standard TAILS_FILES_VOLUME_SIZE=1Gi ACAPY_TAILS_SERVER_BASE_URL=https://tails-dev.vonx.io +MIN_REPLICAS=2 +MAX_REPLICAS=3 CPU_REQUEST=100m CPU_LIMIT=250m MEMORY_REQUEST=128Mi diff --git a/openshift/templates/issuer-agent/issuer-agent-deploy.idim.dev.param b/openshift/templates/issuer-agent/issuer-agent-deploy.idim.dev.param index 929e2689..e46e7c79 100644 --- a/openshift/templates/issuer-agent/issuer-agent-deploy.idim.dev.param +++ b/openshift/templates/issuer-agent/issuer-agent-deploy.idim.dev.param @@ -63,6 +63,8 @@ ACAPY_GENESIS_TRANSACTIONS_LIST=ledgers-candy.yaml # TAILS_FILES_VOLUME_CLASS=netapp-file-standard # TAILS_FILES_VOLUME_SIZE=1Gi ACAPY_TAILS_SERVER_BASE_URL=https://tails-dev.vonx.io +MIN_REPLICAS=2 +MAX_REPLICAS=3 # CPU_REQUEST=100m # CPU_LIMIT=250m # MEMORY_REQUEST=128Mi diff --git a/openshift/templates/issuer-agent/issuer-agent-deploy.idim.param b/openshift/templates/issuer-agent/issuer-agent-deploy.idim.param index 98cb3d5e..671a87cc 100644 --- a/openshift/templates/issuer-agent/issuer-agent-deploy.idim.param +++ b/openshift/templates/issuer-agent/issuer-agent-deploy.idim.param @@ -63,6 +63,8 @@ TAILS_FILES_DIR=/home/aries/.indy_client/tails TAILS_FILES_VOLUME_CLASS=netapp-file-standard TAILS_FILES_VOLUME_SIZE=1Gi ACAPY_TAILS_SERVER_BASE_URL=https://tails-dev.vonx.io +MIN_REPLICAS=2 +MAX_REPLICAS=3 CPU_REQUEST=100m CPU_LIMIT=250m MEMORY_REQUEST=128Mi diff --git a/openshift/templates/issuer-agent/issuer-agent-deploy.idim.prod.param b/openshift/templates/issuer-agent/issuer-agent-deploy.idim.prod.param index a688a832..2dc5fee0 100644 --- a/openshift/templates/issuer-agent/issuer-agent-deploy.idim.prod.param +++ b/openshift/templates/issuer-agent/issuer-agent-deploy.idim.prod.param @@ -63,6 +63,8 @@ ACAPY_GENESIS_TRANSACTIONS_LIST=ledgers-candy.yaml # TAILS_FILES_VOLUME_CLASS=netapp-file-standard # TAILS_FILES_VOLUME_SIZE=1Gi ACAPY_TAILS_SERVER_BASE_URL=https://tails.vonx.io +MIN_REPLICAS=3 +MAX_REPLICAS=4 # CPU_REQUEST=100m # CPU_LIMIT=250m # MEMORY_REQUEST=128Mi diff --git a/openshift/templates/issuer-agent/issuer-agent-deploy.idim.test.param b/openshift/templates/issuer-agent/issuer-agent-deploy.idim.test.param index d003b6a1..c985c632 100644 --- a/openshift/templates/issuer-agent/issuer-agent-deploy.idim.test.param +++ b/openshift/templates/issuer-agent/issuer-agent-deploy.idim.test.param @@ -63,6 +63,8 @@ ACAPY_GENESIS_TRANSACTIONS_LIST=ledgers-candy.yaml # TAILS_FILES_VOLUME_CLASS=netapp-file-standard # TAILS_FILES_VOLUME_SIZE=1Gi ACAPY_TAILS_SERVER_BASE_URL=https://tails-test.vonx.io +MIN_REPLICAS=2 +MAX_REPLICAS=3 # CPU_REQUEST=100m # CPU_LIMIT=250m # MEMORY_REQUEST=128Mi diff --git a/openshift/templates/issuer-agent/issuer-agent-deploy.lsbc.param b/openshift/templates/issuer-agent/issuer-agent-deploy.lsbc.param index 18490b7e..7e792846 100644 --- a/openshift/templates/issuer-agent/issuer-agent-deploy.lsbc.param +++ b/openshift/templates/issuer-agent/issuer-agent-deploy.lsbc.param @@ -64,6 +64,8 @@ TAILS_FILES_DIR=/home/aries/.indy_client/tails TAILS_FILES_VOLUME_CLASS=netapp-file-standard TAILS_FILES_VOLUME_SIZE=1Gi ACAPY_TAILS_SERVER_BASE_URL=https://tails-dev.vonx.io +MIN_REPLICAS=1 +MAX_REPLICAS=2 CPU_REQUEST=100m CPU_LIMIT=250m MEMORY_REQUEST=128Mi diff --git a/openshift/templates/issuer-agent/issuer-agent-deploy.lsbc.prod.param b/openshift/templates/issuer-agent/issuer-agent-deploy.lsbc.prod.param index ae294bd5..bdb7350f 100644 --- a/openshift/templates/issuer-agent/issuer-agent-deploy.lsbc.prod.param +++ b/openshift/templates/issuer-agent/issuer-agent-deploy.lsbc.prod.param @@ -64,6 +64,8 @@ AGENT_BASE_URL=https://lsbc-agent.apps.silver.devops.gov.bc.ca # TAILS_FILES_VOLUME_CLASS=netapp-file-standard # TAILS_FILES_VOLUME_SIZE=1Gi ACAPY_TAILS_SERVER_BASE_URL=https://tails.vonx.io +MIN_REPLICAS=3 +MAX_REPLICAS=4 # CPU_REQUEST=100m # CPU_LIMIT=250m # MEMORY_REQUEST=128Mi diff --git a/openshift/templates/issuer-agent/issuer-agent-deploy.lsbc.test.param b/openshift/templates/issuer-agent/issuer-agent-deploy.lsbc.test.param index 34686a77..f086b4a5 100644 --- a/openshift/templates/issuer-agent/issuer-agent-deploy.lsbc.test.param +++ b/openshift/templates/issuer-agent/issuer-agent-deploy.lsbc.test.param @@ -64,6 +64,8 @@ AGENT_BASE_URL=https://lsbc-agent-test.apps.silver.devops.gov.bc.ca # TAILS_FILES_VOLUME_CLASS=netapp-file-standard # TAILS_FILES_VOLUME_SIZE=1Gi ACAPY_TAILS_SERVER_BASE_URL=https://tails-test.vonx.io +MIN_REPLICAS=2 +MAX_REPLICAS=3 # CPU_REQUEST=100m # CPU_LIMIT=250m # MEMORY_REQUEST=128Mi diff --git a/openshift/templates/issuer-agent/issuer-agent-deploy.yaml b/openshift/templates/issuer-agent/issuer-agent-deploy.yaml index f21765c5..d024218b 100644 --- a/openshift/templates/issuer-agent/issuer-agent-deploy.yaml +++ b/openshift/templates/issuer-agent/issuer-agent-deploy.yaml @@ -62,6 +62,7 @@ objects: role: ${ROLE} app: ${APP_NAME}${SUFFIX} env: ${TAG_NAME} + - kind: Service apiVersion: v1 metadata: @@ -190,6 +191,24 @@ objects: webhook-url: ${WEBHOOK_URL} type: Opaque + - kind: HorizontalPodAutoscaler + apiVersion: autoscaling/v1 + metadata: + name: ${NAME}${SUFFIX} + labels: + name: ${NAME}${SUFFIX} + app: ${APP_NAME}${SUFFIX} + app.kubernetes.io/part-of: ${APP_NAME}${SUFFIX} + app-group: ${APP_GROUP} + role: ${ROLE} + env: ${TAG_NAME} + spec: + scaleTargetRef: + kind: DeploymentConfig + name: ${NAME}${SUFFIX} + minReplicas: ${{MIN_REPLICAS}} + maxReplicas: ${{MAX_REPLICAS}} + - kind: DeploymentConfig apiVersion: v1 metadata: @@ -227,6 +246,18 @@ objects: app.openshift.io/connects-to: >- [{"apiVersion":"apps.openshift.io/v1","kind":"DeploymentConfig","name":"wallet${SUFFIX}"}] spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: name + values: + - ${NAME}${SUFFIX} + operator: In + topologyKey: kubernetes.io/hostname volumes: - name: ${NAME}${SUFFIX}-tails persistentVolumeClaim: @@ -779,6 +810,19 @@ parameters: required: true value: https://tails-dev.vonx.io # =============================================================================== + # Horizontal Pod Autoscaler Configuration + #-------------------------------------------------------------------------------- + - name: MIN_REPLICAS + displayName: Minimum Replicas + description: The minimum number of pods to have running. + required: true + value: "3" + - name: MAX_REPLICAS + displayName: Maximum Replicas + description: The maximum number of pods to have running. + required: true + value: "4" + # =============================================================================== - name: CPU_REQUEST displayName: Resources CPU Request description: The resources CPU request (in cores) for this build. diff --git a/openshift/templates/issuer-wallet/issuer-wallet-deploy.idim-preprod.param b/openshift/templates/issuer-wallet/issuer-wallet-deploy.idim-preprod.param new file mode 100644 index 00000000..67c67a42 --- /dev/null +++ b/openshift/templates/issuer-wallet/issuer-wallet-deploy.idim-preprod.param @@ -0,0 +1,28 @@ +#========================================================= +# OpenShift template parameters for: +# Component: . +# Template File: ../openshift/templates/issuer-wallet/issuer-wallet-deploy.yaml +#========================================================= +NAME=wallet +APP_NAME=issuer +APP_GROUP=idim-preprod +SUFFIX=-idim-preprod +ROLE=wallet +AGENT_ROLE=agent +BACKUP=true +IMAGE_NAMESPACE=e79518-tools +NAMESPACE_NAME=e79518 +SOURCE_IMAGE_NAME=issuer-kit-wallet +TAG_PREFIX=idim-preprod- +TAG_NAME=test +POSTGRESQL_DATABASE_NAME=identity_kit_wallet +# POSTGRESQL_USER=[a-zA-Z_][a-zA-Z0-9_]{10} +# POSTGRESQL_PASSWORD=[a-zA-Z0-9_~!@#$%^&*()-=<>,.?;:|]{16} +# POSTGRESQL_ADMIN_PASSWORD=[a-zA-Z0-9_~!@#$%^&*()-=<>,.?;:|]{16} +MOUNT_PATH=/var/lib/pgsql/data +PERSISTENT_VOLUME_SIZE=1Gi +PERSISTENT_VOLUME_CLASS=netapp-file-standard +CPU_REQUEST=100m +CPU_LIMIT=1000m +MEMORY_REQUEST=128Mi +MEMORY_LIMIT=512Mi