From 6e0da55a4e4c2896837399db7aaf19713717651a Mon Sep 17 00:00:00 2001 From: James Cotter Date: Tue, 16 May 2023 22:54:18 +0100 Subject: [PATCH 1/3] Update embeddings configuration to align with code intel storage --- .../templates/embeddings/embeddings.Deployment.yaml | 10 +++++++--- .../templates/worker/worker.Deployment.yaml | 10 ++++++---- charts/sourcegraph/values.yaml | 6 ++---- 3 files changed, 15 insertions(+), 11 deletions(-) diff --git a/charts/sourcegraph/templates/embeddings/embeddings.Deployment.yaml b/charts/sourcegraph/templates/embeddings/embeddings.Deployment.yaml index 93a6a5f4..dbfd29da 100644 --- a/charts/sourcegraph/templates/embeddings/embeddings.Deployment.yaml +++ b/charts/sourcegraph/templates/embeddings/embeddings.Deployment.yaml @@ -55,9 +55,13 @@ spec: - name: {{ $name }} {{- $item | toYaml | nindent 10 }} {{- end }} - {{- range $name, $item := .Values.embeddings.backend }} - - name: {{ $name }} - value: {{ $item | quote }} + {{- if not .Values.embeddings.env.EMBEDDINGS_UPLOAD_BACKEND }} + - name: EMBEDDINGS_UPLOAD_BACKEND + value: blobstore + {{- end }} + {{- if not .Values.embeddings.env.EMBEDDINGS_UPLOAD_AWS_ENDPOINT }} + - name: EMBEDDINGS_UPLOAD_AWS_ENDPOINT + value: http://blobstore:9000 {{- end }} ports: - containerPort: 9991 diff --git a/charts/sourcegraph/templates/worker/worker.Deployment.yaml b/charts/sourcegraph/templates/worker/worker.Deployment.yaml index d2f8908a..a7ced177 100644 --- a/charts/sourcegraph/templates/worker/worker.Deployment.yaml +++ b/charts/sourcegraph/templates/worker/worker.Deployment.yaml @@ -60,11 +60,13 @@ spec: - name: PRECISE_CODE_INTEL_UPLOAD_AWS_ENDPOINT value: http://blobstore:9000 {{- end }} - {{- if .Values.embeddings.enabled }} - {{- range $name, $item := .Values.embeddings.backend }} - - name: {{ $name }} - value: {{ $item | quote }} + {{- if and .Values.embeddings.enabled (not .Values.worker.env.EMBEDDINGS_UPLOAD_BACKEND) }} + - name: EMBEDDINGS_UPLOAD_BACKEND + value: blobstore {{- end }} + {{- if and .Values.embeddings.enabled (not .Values.worker.env.EMBEDDINGS_UPLOAD_AWS_ENDPOINT) }} + - name: EMBEDDINGS_UPLOAD_AWS_ENDPOINT + value: http://blobstore:9000 {{- end }} - name: POD_NAME valueFrom: diff --git a/charts/sourcegraph/values.yaml b/charts/sourcegraph/values.yaml index 12918d79..54ab7082 100644 --- a/charts/sourcegraph/values.yaml +++ b/charts/sourcegraph/values.yaml @@ -301,10 +301,6 @@ embeddings: requests: cpu: "4" memory: 32G - # -- Configure the storage backend for embeddings - backend: - EMBEDDINGS_UPLOAD_BACKEND: "blobstore" - EMBEDDINGS_UPLOAD_AWS_ENDPOINT: "http://blobstore:9000" # -- Environment variables for the `embeddings` container env: {} # -- Security context for the `worker` container, @@ -1283,6 +1279,8 @@ worker: readOnlyRootFilesystem: true # -- Name used by resources. Does not affect service names or PVCs. name: "worker" + # -- Environment variables for the `worker` container + env: {} # -- Security context for the `worker` pod, # learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) podSecurityContext: {} From eb78d41815813e335ae24b548a4a411fcba367c1 Mon Sep 17 00:00:00 2001 From: James Cotter Date: Tue, 16 May 2023 23:12:07 +0100 Subject: [PATCH 2/3] Add example for embeddings config --- .../override.yaml | 36 +++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 charts/sourcegraph/examples/external-object-storage-embeddings/override.yaml diff --git a/charts/sourcegraph/examples/external-object-storage-embeddings/override.yaml b/charts/sourcegraph/examples/external-object-storage-embeddings/override.yaml new file mode 100644 index 00000000..8d058fae --- /dev/null +++ b/charts/sourcegraph/examples/external-object-storage-embeddings/override.yaml @@ -0,0 +1,36 @@ +# Override file demonstrating the use of external Object Storage services +# Learn more from the tutorial below +# - https://docs.sourcegraph.com/cody/explanations/code_graph_context#storing-embedding-indexes + +# Disable deployment of the built-in object storage +# Only disable if also using external storage for SCIP indexes +blobstore: + enabled: false + +# we use YAML anchors and alias to keep override file clean +objectStorageEnv: &objectStorageEnv + EMBEDDINGS_UPLOAD_BACKEND: + value: S3 # external object stoage type, one of "S3" or "GCS" + EMBEDDINGS_UPLOAD_BUCKET: + value: embedings-uploads # external object storage bucket name + EMBEDDINGS_UPLOAD_AWS_ENDPOINT: + value: https://s3.us-east-1.amazonaws.com + EMBEDDINGS_UPLOAD_AWS_REGION: + value: us-east-1 + EMBEDDINGS_UPLOAD_AWS_ACCESS_KEY_ID: + secretKeyRef: # Pre-existing secret, not created by this chart + name: sourcegraph-s3-credentials + key: EMBEDDINGS_UPLOAD_AWS_ACCESS_KEY_ID + EMBEDDINGS_UPLOAD_AWS_SECRET_ACCESS_KEY: + secretKeyRef: # Pre-existing secret, not created by this chart + name: sourcegraph-s3-credentials + key: EMBEDDINGS_UPLOAD_AWS_SECRET_ACCESS_KEY + +embeddings: + enabled: true + env: + <<: *objectStorageEnv + +worker: + env: + <<: *objectStorageEnv From c585d657ec1f365e4273ea3da6c4cd72b20d9516 Mon Sep 17 00:00:00 2001 From: James Cotter Date: Tue, 16 May 2023 23:15:27 +0100 Subject: [PATCH 3/3] Docs --- charts/sourcegraph/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/sourcegraph/README.md b/charts/sourcegraph/README.md index ed1d92e0..f464758d 100644 --- a/charts/sourcegraph/README.md +++ b/charts/sourcegraph/README.md @@ -90,7 +90,6 @@ In addition to the documented values, all services also support the following va | codeIntelDB.serviceAccount.create | bool | `false` | Enable creation of ServiceAccount for `codeintel-db` | | codeIntelDB.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | | codeIntelDB.storageSize | string | `"200Gi"` | PVC Storage Request for `codeintel-db` data volume | -| embeddings.backend | object | `{"EMBEDDINGS_UPLOAD_AWS_ENDPOINT":"http://blobstore:9000","EMBEDDINGS_UPLOAD_BACKEND":"blobstore"}` | Configure the storage backend for embeddings | | embeddings.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `worker` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | embeddings.enabled | bool | `false` | Enable `embeddings` | | embeddings.env | object | `{}` | Environment variables for the `embeddings` container | @@ -352,6 +351,7 @@ In addition to the documented values, all services also support the following va | syntectServer.serviceAccount.create | bool | `false` | Enable creation of ServiceAccount for `syntect-server` | | syntectServer.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | | worker.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `worker` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | +| worker.env | object | `{}` | Environment variables for the `worker` container | | worker.image.defaultTag | string | `"5.0.2@sha256:83f1e1d30bad33a311e8e0c0c9e7995ef7b7df9a1135ac0ff5e5c9561c7b74c4"` | Docker image tag for the `worker` image | | worker.image.name | string | `"worker"` | Docker image name for the `worker` image | | worker.name | string | `"worker"` | Name used by resources. Does not affect service names or PVCs. |