From d3ae2121b61aab5d793bcfa0154628a478f3f986 Mon Sep 17 00:00:00 2001 From: Camden Cheek Date: Fri, 18 Aug 2023 10:40:16 -0600 Subject: [PATCH 01/16] wip --- .../templates/qdrant/qdrant.Deployment.yaml | 125 ++++++++++++++++++ .../templates/qdrant/qdrant.Service.yaml | 29 ++++ .../qdrant/qdrant.ServiceAccount.yaml | 11 ++ charts/sourcegraph/values.yaml | 42 +++++- 4 files changed, 206 insertions(+), 1 deletion(-) create mode 100644 charts/sourcegraph/templates/qdrant/qdrant.Deployment.yaml create mode 100644 charts/sourcegraph/templates/qdrant/qdrant.Service.yaml create mode 100644 charts/sourcegraph/templates/qdrant/qdrant.ServiceAccount.yaml diff --git a/charts/sourcegraph/templates/qdrant/qdrant.Deployment.yaml b/charts/sourcegraph/templates/qdrant/qdrant.Deployment.yaml new file mode 100644 index 00000000..d2df456d --- /dev/null +++ b/charts/sourcegraph/templates/qdrant/qdrant.Deployment.yaml @@ -0,0 +1,125 @@ +{{- if .Values.embeddings.enabled -}} +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ .Values.embeddings.name }} + annotations: + description: Backend for vector search operations. + labels: + {{- include "sourcegraph.labels" . | nindent 4 }} + {{- if .Values.qdrant.labels }} + {{- toYaml .Values.qdrant.labels | nindent 4 }} + {{- end }} + deploy: sourcegraph + app.kubernetes.io/component: qdrant +spec: + minReadySeconds: 10 + replicas: 1 + revisionHistoryLimit: {{ .Values.sourcegraph.revisionHistoryLimit }} + selector: + matchLabels: + {{- include "sourcegraph.selectorLabels" . | nindent 6 }} + app: {{ .Values.qdrant.name }} + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 0 + type: RollingUpdate + template: + metadata: + annotations: + {{- if .Values.sourcegraph.podAnnotations }} + {{- toYaml .Values.sourcegraph.podAnnotations | nindent 8 }} + {{- end }} + {{- if .Values.qdrant.podAnnotations }} + {{- toYaml .Values.qdrant.podAnnotations | nindent 8 }} + {{- end }} + labels: + app: {{ .Values.embeddings.name }} + app.kubernetes.io/component: qdrant + deploy: sourcegraph + {{- include "sourcegraph.selectorLabels" . | nindent 8 }} + {{- if .Values.sourcegraph.podLabels }} + {{- toYaml .Values.sourcegraph.podLabels | nindent 8 }} + {{- end }} + {{- if .Values.qdrant.podLabels }} + {{- toYaml .Values.qdrant.podLabels | nindent 8 }} + {{- end }} + # TODO: should these live in pod labels? + sourcegraph.prometheus/scrape: "true" + prometheus.io/port: "6333" + spec: + containers: + - name: {{ .Values.embeddings.name }} + image: {{ include "sourcegraph.image" (list . "qdrant") }} + imagePullPolicy: {{ .Values.sourcegraph.image.pullPolicy }} + env: + {{- range $name, $item := .Values.qdrant.env }} + - name: {{ $name }} + {{- $item | toYaml | nindent 10 }} + {{- end }} + ports: + - containerPort: 6333 + name: http + protocol: TCP + - containerPort: 6334 + name: grpc + protocol: TCP + volumeMounts: + {{- if .Values.qdrant.extraVolumeMounts }} + {{- toYaml .Values.qdrant.extraVolumeMounts | nindent 8 }} + {{- end }} + # TODO: move these to extraVolumeMounts? + - mountPath: /data + name: data + - name: config + mountPath: /etc/qdrant/config.yaml + # TODO: what is this? + {{- if not .Values.sourcegraph.localDevMode}} + resources: + {{- toYaml .Values.qdrant.resources | nindent 10 }} + {{- end }} + securityContext: + {{- toYaml .Values.qdrant.containerSecurityContext | nindent 10 }} + resources: + limits: + cpu: "8" + memory: 32Gi + requests: + cpu: "8" + memory: 32Gi + securityContext: + {{- toYaml .Values.embeddings.podSecurityContext | nindent 8 }} + {{- include "sourcegraph.nodeSelector" (list . "qdrant" ) | trim | nindent 6 }} + {{- include "sourcegraph.affinity" (list . "qdrant" ) | trim | nindent 6 }} + {{- include "sourcegraph.tolerations" (list . "qdrant" ) | trim | nindent 6 }} + {{- if .Values.qdrant.serviceAccount.create }} + serviceAccountName: {{ .Values.qdrant.serviceAccount.name }} + {{- end}} + volumes: + {{- if .Values.embeddings.extraVolumes }} + {{- toYaml .Values.embeddings.extraVolumes | nindent 6 }} + {{- end }} + # TODO: move this to extraVolumes? + - name: data + - name: config + configMap: + name: qdrant + items: + - key: config.yaml + path: config.yaml + # TODO: do I need this? + volumeClaimTemplates: + - metadata: + labels: + deploy: sourcegraph + name: data + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + # The size of disk to be used for search indexes. + storage: 2Ti + storageClassName: sourcegraph +{{- end }} diff --git a/charts/sourcegraph/templates/qdrant/qdrant.Service.yaml b/charts/sourcegraph/templates/qdrant/qdrant.Service.yaml new file mode 100644 index 00000000..697747b5 --- /dev/null +++ b/charts/sourcegraph/templates/qdrant/qdrant.Service.yaml @@ -0,0 +1,29 @@ +{{- if .Values.embeddings.enabled -}} +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/port: "6060" + sourcegraph.prometheus/scrape: "true" + {{- if .Values.frontend.serviceAnnotations }} + {{- toYaml .Values.frontend.serviceAnnotations | nindent 4 }} + {{- end }} + labels: + app: {{ .Values.embeddings.name }} + deploy: sourcegraph + app.kubernetes.io/component: embeddings + {{- if .Values.sourcegraph.serviceLabels }} + {{- toYaml .Values.sourcegraph.serviceLabels | nindent 4 }} + {{- end }} + name: {{ .Values.embeddings.name }} +spec: + ports: + - name: http + port: 9991 + protocol: TCP + targetPort: http + selector: + {{- include "sourcegraph.selectorLabels" . | nindent 4 }} + app: {{ .Values.embeddings.name }} + type: {{ .Values.embeddings.serviceType | default "ClusterIP" }} +{{- end }} diff --git a/charts/sourcegraph/templates/qdrant/qdrant.ServiceAccount.yaml b/charts/sourcegraph/templates/qdrant/qdrant.ServiceAccount.yaml new file mode 100644 index 00000000..c1766a11 --- /dev/null +++ b/charts/sourcegraph/templates/qdrant/qdrant.ServiceAccount.yaml @@ -0,0 +1,11 @@ +{{- if and .Values.embeddings.enabled .Values.embeddings.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + category: rbac + deploy: sourcegraph + app.kubernetes.io/component: {{ .Values.embeddings.name }} + {{- include "sourcegraph.serviceAccountAnnotations" (list . "embeddings") | trim | nindent 2 }} + name: {{ include "sourcegraph.serviceAccountName" (list . "embeddings") }} +{{- end }} diff --git a/charts/sourcegraph/values.yaml b/charts/sourcegraph/values.yaml index 3c1739d7..d0384f96 100644 --- a/charts/sourcegraph/values.yaml +++ b/charts/sourcegraph/values.yaml @@ -292,7 +292,7 @@ embeddings: name: "embeddings" # -- Docker image tag for the `embeddings` image defaultTag: "5.1.6@sha256:e849f52e38637882e5d2ba3d7d27a656d897c4b4e2905e1fdb843536d9c948ab" - # -- Resource requests & limits for the `worker` container, + # -- Resource requests & limits for the `qdrant` container, # learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) resources: limits: @@ -322,6 +322,46 @@ embeddings: extraVolumeMounts: {} extraVolumes: {} +qdrant: + # -- Enable `qdrant` + enabled: false + # -- Name of the `qdrant` service + name: qdrant + image: + # -- Docker image name for the `embeddings` image + name: "qdrant" + # -- Docker image tag for the `embeddings` image + defaultTag: "239247_2023-08-18_5.1-433e1b1c997f@sha256:eafcd7af2aca699fa9c9ce8e6aa674cc0470441f794baf031296d5d1cdadd0bc" + # -- Resource requests & limits for the `qdrant` container, + # learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) + resources: + limits: + cpu: "8" + memory: 32G + requests: + cpu: "8" + memory: 32G + # -- Environment variables for the `qdrant` container + env: {} + # -- Security context for the `qdrant` container, + # learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) + containerSecurityContext: + allowPrivilegeEscalation: false + runAsUser: 100 + runAsGroup: 101 + readOnlyRootFilesystem: true + # -- Security context for the `qdrant` container, + # learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) + podSecurityContext: {} + serviceAccount: + # -- Enable creation of ServiceAccount for `embeddings` + create: false + # -- Name of the ServiceAccount to be created or an existing ServiceAccount + name: "" + annotations: {} + extraVolumeMounts: {} + extraVolumes: {} + frontend: # -- Environment variables for the `frontend` container # @default -- the chart will add some default environment values From 4d695938a24e49496257a3bc2c53a7e005f2b937 Mon Sep 17 00:00:00 2001 From: Camden Cheek Date: Fri, 18 Aug 2023 11:17:32 -0600 Subject: [PATCH 02/16] wip maybe complete --- .../qdrant/qdrant.PersistentVolumeClaim.yaml | 19 ++++++ .../templates/qdrant/qdrant.Service.yaml | 28 ++++---- .../qdrant/qdrant.ServiceAccount.yaml | 8 +-- ...eployment.yaml => qdrant.StatefulSet.yaml} | 67 ++++++++++--------- charts/sourcegraph/values.yaml | 2 + 5 files changed, 73 insertions(+), 51 deletions(-) create mode 100644 charts/sourcegraph/templates/qdrant/qdrant.PersistentVolumeClaim.yaml rename charts/sourcegraph/templates/qdrant/{qdrant.Deployment.yaml => qdrant.StatefulSet.yaml} (76%) diff --git a/charts/sourcegraph/templates/qdrant/qdrant.PersistentVolumeClaim.yaml b/charts/sourcegraph/templates/qdrant/qdrant.PersistentVolumeClaim.yaml new file mode 100644 index 00000000..e946ae52 --- /dev/null +++ b/charts/sourcegraph/templates/qdrant/qdrant.PersistentVolumeClaim.yaml @@ -0,0 +1,19 @@ +{{- if .Values.qdrant.enabled -}} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + deploy: sourcegraph + app.kubernetes.io/component: qdrant + name: qdrant +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: {{ .Values.qdrant.storageSize }} + storageClassName: {{ .Values.storageClass.name }} + {{- if .Values.qdrant.volumeName }} + volumeName: {{ .Values.qdrant.volumeName }} + {{- end }} +{{- end }} diff --git a/charts/sourcegraph/templates/qdrant/qdrant.Service.yaml b/charts/sourcegraph/templates/qdrant/qdrant.Service.yaml index 697747b5..12327f73 100644 --- a/charts/sourcegraph/templates/qdrant/qdrant.Service.yaml +++ b/charts/sourcegraph/templates/qdrant/qdrant.Service.yaml @@ -1,29 +1,29 @@ -{{- if .Values.embeddings.enabled -}} +{{- if .Values.qdrant.enabled -}} apiVersion: v1 kind: Service metadata: annotations: - prometheus.io/port: "6060" - sourcegraph.prometheus/scrape: "true" - {{- if .Values.frontend.serviceAnnotations }} - {{- toYaml .Values.frontend.serviceAnnotations | nindent 4 }} + {{- if .Values.qdrant.serviceAnnotations }} + {{- toYaml .Values.qdrant.serviceAnnotations | nindent 4 }} {{- end }} labels: - app: {{ .Values.embeddings.name }} + app: qdrant deploy: sourcegraph - app.kubernetes.io/component: embeddings - {{- if .Values.sourcegraph.serviceLabels }} - {{- toYaml .Values.sourcegraph.serviceLabels | nindent 4 }} + app.kubernetes.io/component: qdrant + {{- if .Values.qdrant.serviceLabels }} + {{- toYaml .Values.qdrant.serviceLabels | nindent 4 }} {{- end }} - name: {{ .Values.embeddings.name }} + name: qdrant spec: ports: + - name: grpc + port: 6333 + targetPort: grpc - name: http - port: 9991 - protocol: TCP + port: 6334 targetPort: http selector: {{- include "sourcegraph.selectorLabels" . | nindent 4 }} - app: {{ .Values.embeddings.name }} - type: {{ .Values.embeddings.serviceType | default "ClusterIP" }} + app: qdrant + type: {{ .Values.qdrant.serviceType | default "ClusterIP" }} {{- end }} diff --git a/charts/sourcegraph/templates/qdrant/qdrant.ServiceAccount.yaml b/charts/sourcegraph/templates/qdrant/qdrant.ServiceAccount.yaml index c1766a11..a8f1014e 100644 --- a/charts/sourcegraph/templates/qdrant/qdrant.ServiceAccount.yaml +++ b/charts/sourcegraph/templates/qdrant/qdrant.ServiceAccount.yaml @@ -1,11 +1,11 @@ -{{- if and .Values.embeddings.enabled .Values.embeddings.serviceAccount.create -}} +{{- if and .Values.qdrant.enabled .Values.qdrant.serviceAccount.create -}} apiVersion: v1 kind: ServiceAccount metadata: labels: category: rbac deploy: sourcegraph - app.kubernetes.io/component: {{ .Values.embeddings.name }} - {{- include "sourcegraph.serviceAccountAnnotations" (list . "embeddings") | trim | nindent 2 }} - name: {{ include "sourcegraph.serviceAccountName" (list . "embeddings") }} + app.kubernetes.io/component: {{ .Values.qdrant.name }} + {{- include "sourcegraph.serviceAccountAnnotations" (list . "qdrant") | trim | nindent 2 }} + name: {{ include "sourcegraph.serviceAccountName" (list . "qdrant") }} {{- end }} diff --git a/charts/sourcegraph/templates/qdrant/qdrant.Deployment.yaml b/charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml similarity index 76% rename from charts/sourcegraph/templates/qdrant/qdrant.Deployment.yaml rename to charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml index d2df456d..64faee12 100644 --- a/charts/sourcegraph/templates/qdrant/qdrant.Deployment.yaml +++ b/charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml @@ -1,8 +1,8 @@ -{{- if .Values.embeddings.enabled -}} +{{- if .Values.qdrant.enabled -}} apiVersion: apps/v1 kind: StatefulSet metadata: - name: {{ .Values.embeddings.name }} + name: {{ .Values.qdrant.name }} annotations: description: Backend for vector search operations. labels: @@ -21,13 +21,11 @@ spec: {{- include "sourcegraph.selectorLabels" . | nindent 6 }} app: {{ .Values.qdrant.name }} strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 0 - type: RollingUpdate + type: Recreate template: metadata: annotations: + kubectl.kubernetes.io/default-container: qdrant {{- if .Values.sourcegraph.podAnnotations }} {{- toYaml .Values.sourcegraph.podAnnotations | nindent 8 }} {{- end }} @@ -35,9 +33,6 @@ spec: {{- toYaml .Values.qdrant.podAnnotations | nindent 8 }} {{- end }} labels: - app: {{ .Values.embeddings.name }} - app.kubernetes.io/component: qdrant - deploy: sourcegraph {{- include "sourcegraph.selectorLabels" . | nindent 8 }} {{- if .Values.sourcegraph.podLabels }} {{- toYaml .Values.sourcegraph.podLabels | nindent 8 }} @@ -45,14 +40,18 @@ spec: {{- if .Values.qdrant.podLabels }} {{- toYaml .Values.qdrant.podLabels | nindent 8 }} {{- end }} + app: {{ .Values.qdrant.name }} + app.kubernetes.io/component: qdrant + deploy: sourcegraph # TODO: should these live in pod labels? sourcegraph.prometheus/scrape: "true" prometheus.io/port: "6333" spec: containers: - - name: {{ .Values.embeddings.name }} + - name: {{ .Values.qdrant.name }} image: {{ include "sourcegraph.image" (list . "qdrant") }} imagePullPolicy: {{ .Values.sourcegraph.image.pullPolicy }} + terminationMessagePolicy: FallbackToLogsOnError env: {{- range $name, $item := .Values.qdrant.env }} - name: {{ $name }} @@ -65,16 +64,24 @@ spec: - containerPort: 6334 name: grpc protocol: TCP + readinessProbe: + grpc: + port: grpc + periodSeconds: 5 + timeoutSeconds: 5 + liveness: + grpc: + port: grpc + initialDelaySeconds: 60 + timeoutSeconds: 5 volumeMounts: - {{- if .Values.qdrant.extraVolumeMounts }} - {{- toYaml .Values.qdrant.extraVolumeMounts | nindent 8 }} - {{- end }} - # TODO: move these to extraVolumeMounts? - mountPath: /data name: data - name: config mountPath: /etc/qdrant/config.yaml - # TODO: what is this? + {{- if .Values.qdrant.extraVolumeMounts }} + {{- toYaml .Values.qdrant.extraVolumeMounts | nindent 8 }} + {{- end }} {{- if not .Values.sourcegraph.localDevMode}} resources: {{- toYaml .Values.qdrant.resources | nindent 10 }} @@ -88,38 +95,32 @@ spec: requests: cpu: "8" memory: 32Gi + {{- if .Values.blobstore.extraContainers }} + {{- toYaml .Values.blobstore.extraContainers | nindent 6 }} + {{- end }} securityContext: - {{- toYaml .Values.embeddings.podSecurityContext | nindent 8 }} + {{- toYaml .Values.qdrant.podSecurityContext | nindent 8 }} {{- include "sourcegraph.nodeSelector" (list . "qdrant" ) | trim | nindent 6 }} {{- include "sourcegraph.affinity" (list . "qdrant" ) | trim | nindent 6 }} {{- include "sourcegraph.tolerations" (list . "qdrant" ) | trim | nindent 6 }} {{- if .Values.qdrant.serviceAccount.create }} serviceAccountName: {{ .Values.qdrant.serviceAccount.name }} {{- end}} + {{- with .Values.sourcegraph.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} volumes: - {{- if .Values.embeddings.extraVolumes }} - {{- toYaml .Values.embeddings.extraVolumes | nindent 6 }} + {{- if .Values.qdrant.extraVolumes }} + {{- toYaml .Values.qdrant.extraVolumes | nindent 6 }} {{- end }} - # TODO: move this to extraVolumes? - name: data + persistentVolumeClaim: + claimName: data - name: config configMap: name: qdrant items: - key: config.yaml path: config.yaml - # TODO: do I need this? - volumeClaimTemplates: - - metadata: - labels: - deploy: sourcegraph - name: data - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - # The size of disk to be used for search indexes. - storage: 2Ti - storageClassName: sourcegraph {{- end }} diff --git a/charts/sourcegraph/values.yaml b/charts/sourcegraph/values.yaml index d0384f96..95beb09f 100644 --- a/charts/sourcegraph/values.yaml +++ b/charts/sourcegraph/values.yaml @@ -361,6 +361,8 @@ qdrant: annotations: {} extraVolumeMounts: {} extraVolumes: {} + # -- PVC Storage Request for `qdrant` data volume + storageSize: 100Gi frontend: # -- Environment variables for the `frontend` container From c94d33390b7b14ed57d6186bab6121113e587cb6 Mon Sep 17 00:00:00 2001 From: Camden Cheek Date: Fri, 18 Aug 2023 12:37:44 -0600 Subject: [PATCH 03/16] fix typo --- TEST.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/TEST.md b/TEST.md index 0ba8de6f..4c645608 100644 --- a/TEST.md +++ b/TEST.md @@ -67,7 +67,7 @@ helm template -f ./override.yaml sourcegraph charts/sourcegraph/. Perform a diff of the rendered helm manifests before and after your change. There're many ways to produce the diff: - Run `helm template` before and after the change, then run `diff bundle.old.yaml bundle.new.yaml`. -- Run `helm install` before the change, then run `helm diff` to inspecth the diff. +- Run `helm install` before the change, then run `helm diff` to inspect the diff. ### Deploy the chart From 4adad9ac4a5636f9f9105edf7163af6a5451720a Mon Sep 17 00:00:00 2001 From: Camden Cheek Date: Fri, 18 Aug 2023 14:08:04 -0600 Subject: [PATCH 04/16] wip permissions failing --- .../templates/qdrant/qdrant.ConfigMap.yaml | 33 +++++++++++++++++++ .../templates/qdrant/qdrant.StatefulSet.yaml | 22 ++++++------- charts/sourcegraph/values.yaml | 16 +++++---- 3 files changed, 54 insertions(+), 17 deletions(-) create mode 100644 charts/sourcegraph/templates/qdrant/qdrant.ConfigMap.yaml diff --git a/charts/sourcegraph/templates/qdrant/qdrant.ConfigMap.yaml b/charts/sourcegraph/templates/qdrant/qdrant.ConfigMap.yaml new file mode 100644 index 00000000..04c151ac --- /dev/null +++ b/charts/sourcegraph/templates/qdrant/qdrant.ConfigMap.yaml @@ -0,0 +1,33 @@ +{{- if .Values.qdrant.enabled -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Values.qdrant.name }} + labels: + deploy: sourcegraph + app.kubernetes.io/component: qdrant +data: + config.yaml: | + debug: true + log_level: INFO + storage: + storage_path: /data + on_disk_payload: true + performance: + max_optimization_threads: 4 + optimizers: + max_optimization_threads: 4 + mmap_threshold_kb: 1 + indexing_threshold_kb: 0 + hnsw_index: + m: 8 + ef_construct: 100 + full_scan_threshold: 10 + max_indexing_threads: 4 + on_disk: true + payload_m: 8 + service: + http_port: 6333 + grpc_port: 6334 + telemetry_disabled: true +{{- end }} diff --git a/charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml b/charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml index 64faee12..a9d4c0b4 100644 --- a/charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml +++ b/charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml @@ -66,19 +66,19 @@ spec: protocol: TCP readinessProbe: grpc: - port: grpc + port: 6334 periodSeconds: 5 timeoutSeconds: 5 liveness: grpc: - port: grpc + port: 6334 initialDelaySeconds: 60 timeoutSeconds: 5 volumeMounts: - - mountPath: /data - name: data + - name: qdrant-data + mountPath: /data - name: config - mountPath: /etc/qdrant/config.yaml + mountPath: /etc/qdrant {{- if .Values.qdrant.extraVolumeMounts }} {{- toYaml .Values.qdrant.extraVolumeMounts | nindent 8 }} {{- end }} @@ -90,11 +90,11 @@ spec: {{- toYaml .Values.qdrant.containerSecurityContext | nindent 10 }} resources: limits: - cpu: "8" - memory: 32Gi + cpu: "1" + memory: 8Gi requests: - cpu: "8" - memory: 32Gi + cpu: "1" + memory: 8Gi {{- if .Values.blobstore.extraContainers }} {{- toYaml .Values.blobstore.extraContainers | nindent 6 }} {{- end }} @@ -114,9 +114,9 @@ spec: {{- if .Values.qdrant.extraVolumes }} {{- toYaml .Values.qdrant.extraVolumes | nindent 6 }} {{- end }} - - name: data + - name: qdrant-data persistentVolumeClaim: - claimName: data + claimName: qdrant - name: config configMap: name: qdrant diff --git a/charts/sourcegraph/values.yaml b/charts/sourcegraph/values.yaml index 95beb09f..b02cb48c 100644 --- a/charts/sourcegraph/values.yaml +++ b/charts/sourcegraph/values.yaml @@ -336,11 +336,11 @@ qdrant: # learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) resources: limits: - cpu: "8" - memory: 32G + cpu: "4" + memory: 16G requests: - cpu: "8" - memory: 32G + cpu: "4" + memory: 16G # -- Environment variables for the `qdrant` container env: {} # -- Security context for the `qdrant` container, @@ -349,10 +349,14 @@ qdrant: allowPrivilegeEscalation: false runAsUser: 100 runAsGroup: 101 - readOnlyRootFilesystem: true + fsGroup: 101 # -- Security context for the `qdrant` container, # learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) - podSecurityContext: {} + podSecurityContext: + runAsUser: 100 + runAsGroup: 101 + fsGroup: 101 + fsGroupChangePolicy: "Always" serviceAccount: # -- Enable creation of ServiceAccount for `embeddings` create: false From f00027b12580d20c55abb6a9cfb2fa9d6aca82de Mon Sep 17 00:00:00 2001 From: Camden Cheek Date: Fri, 18 Aug 2023 15:11:58 -0600 Subject: [PATCH 05/16] working --- .../sourcegraph/templates/qdrant/qdrant.ConfigMap.yaml | 1 + .../templates/qdrant/qdrant.StatefulSet.yaml | 10 ---------- 2 files changed, 1 insertion(+), 10 deletions(-) diff --git a/charts/sourcegraph/templates/qdrant/qdrant.ConfigMap.yaml b/charts/sourcegraph/templates/qdrant/qdrant.ConfigMap.yaml index 04c151ac..6477e845 100644 --- a/charts/sourcegraph/templates/qdrant/qdrant.ConfigMap.yaml +++ b/charts/sourcegraph/templates/qdrant/qdrant.ConfigMap.yaml @@ -12,6 +12,7 @@ data: log_level: INFO storage: storage_path: /data + snapshots_path: /data/storage on_disk_payload: true performance: max_optimization_threads: 4 diff --git a/charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml b/charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml index a9d4c0b4..23bfed30 100644 --- a/charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml +++ b/charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml @@ -64,16 +64,6 @@ spec: - containerPort: 6334 name: grpc protocol: TCP - readinessProbe: - grpc: - port: 6334 - periodSeconds: 5 - timeoutSeconds: 5 - liveness: - grpc: - port: 6334 - initialDelaySeconds: 60 - timeoutSeconds: 5 volumeMounts: - name: qdrant-data mountPath: /data From 766e4d7e726cc3dbd85f69c2e1a912c81ba1dde2 Mon Sep 17 00:00:00 2001 From: Camden Cheek Date: Fri, 18 Aug 2023 15:39:33 -0600 Subject: [PATCH 06/16] add TODO for readiness --- charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml b/charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml index 23bfed30..dd0cc260 100644 --- a/charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml +++ b/charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml @@ -64,6 +64,7 @@ spec: - containerPort: 6334 name: grpc protocol: TCP + # TODO: add readiness probe once this PR lands: https://github.com/qdrant/qdrant/pull/2409 volumeMounts: - name: qdrant-data mountPath: /data From 6d1aed60385d7e7094fa50c33290dd8307e1a532 Mon Sep 17 00:00:00 2001 From: Camden Cheek Date: Fri, 18 Aug 2023 16:02:11 -0600 Subject: [PATCH 07/16] update readme --- charts/sourcegraph/README.md | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/charts/sourcegraph/README.md b/charts/sourcegraph/README.md index 74dc7bf5..232d88a5 100644 --- a/charts/sourcegraph/README.md +++ b/charts/sourcegraph/README.md @@ -99,7 +99,7 @@ In addition to the documented values, all services also support the following va | embeddings.image.name | string | `"embeddings"` | Docker image name for the `embeddings` image | | embeddings.name | string | `"embeddings"` | Name of the `embeddings` service | | embeddings.podSecurityContext | object | `{}` | Security context for the `embeddings` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | -| embeddings.resources | object | `{"limits":{"cpu":"8","memory":"64G"},"requests":{"cpu":"4","memory":"32G"}}` | Resource requests & limits for the `worker` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | +| embeddings.resources | object | `{"limits":{"cpu":"8","memory":"64G"},"requests":{"cpu":"4","memory":"32G"}}` | Resource requests & limits for the `qdrant` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | | embeddings.serviceAccount.annotations | object | `{}` | | | embeddings.serviceAccount.create | bool | `false` | Enable creation of ServiceAccount for `embeddings` | | embeddings.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | @@ -264,6 +264,20 @@ In addition to the documented values, all services also support the following va | prometheus.serviceAccount.create | bool | `true` | Enable creation of ServiceAccount | | prometheus.serviceAccount.name | string | `"prometheus"` | Name of the ServiceAccount to be created or an existing ServiceAccount | | prometheus.storageSize | string | `"200Gi"` | PVC Storage Request for `prometheus` data volume | +| qdrant.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"fsGroup":101,"runAsGroup":101,"runAsUser":100}` | Security context for the `qdrant` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | +| qdrant.enabled | bool | `false` | Enable `qdrant` | +| qdrant.env | object | `{}` | Environment variables for the `qdrant` container | +| qdrant.extraVolumeMounts | object | `{}` | | +| qdrant.extraVolumes | object | `{}` | | +| qdrant.image.defaultTag | string | `"239247_2023-08-18_5.1-433e1b1c997f@sha256:eafcd7af2aca699fa9c9ce8e6aa674cc0470441f794baf031296d5d1cdadd0bc"` | Docker image tag for the `embeddings` image | +| qdrant.image.name | string | `"qdrant"` | Docker image name for the `embeddings` image | +| qdrant.name | string | `"qdrant"` | Name of the `qdrant` service | +| qdrant.podSecurityContext | object | `{"fsGroup":101,"fsGroupChangePolicy":"Always","runAsGroup":101,"runAsUser":100}` | Security context for the `qdrant` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | +| qdrant.resources | object | `{"limits":{"cpu":"4","memory":"16G"},"requests":{"cpu":"4","memory":"16G"}}` | Resource requests & limits for the `qdrant` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | +| qdrant.serviceAccount.annotations | object | `{}` | | +| qdrant.serviceAccount.create | bool | `false` | Enable creation of ServiceAccount for `embeddings` | +| qdrant.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | +| qdrant.storageSize | string | `"100Gi"` | PVC Storage Request for `qdrant` data volume | | redisCache.connection.endpoint | string | `"redis-cache:6379"` | Endpoint to use for redis-cache. Supports either host:port or IANA specification | | redisCache.connection.existingSecret | string | `""` | Name of existing secret to use for Redis endpoint The secret must contain the key `endpoint` and should follow IANA specification learn more from the [Helm docs](https://docs.sourcegraph.com/admin/install/kubernetes/helm#using-external-redis-instances) | | redisCache.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":1000,"runAsUser":999}` | Security context for the `redis-cache` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | From 17b5399f117572a89e03a3f4970c3637f8ec0513 Mon Sep 17 00:00:00 2001 From: Camden Cheek Date: Fri, 18 Aug 2023 16:07:20 -0600 Subject: [PATCH 08/16] make more standard --- charts/sourcegraph/README.md | 6 +++--- charts/sourcegraph/values.yaml | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/sourcegraph/README.md b/charts/sourcegraph/README.md index 232d88a5..3d3d72e2 100644 --- a/charts/sourcegraph/README.md +++ b/charts/sourcegraph/README.md @@ -90,7 +90,7 @@ In addition to the documented values, all services also support the following va | codeIntelDB.serviceAccount.create | bool | `false` | Enable creation of ServiceAccount for `codeintel-db` | | codeIntelDB.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | | codeIntelDB.storageSize | string | `"200Gi"` | PVC Storage Request for `codeintel-db` data volume | -| embeddings.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `worker` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | +| embeddings.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":101,"runAsUser":100}` | Security context for the `embeddings` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | embeddings.enabled | bool | `false` | Enable `embeddings` | | embeddings.env | object | `{}` | Environment variables for the `embeddings` container | | embeddings.extraVolumeMounts | object | `{}` | | @@ -99,7 +99,7 @@ In addition to the documented values, all services also support the following va | embeddings.image.name | string | `"embeddings"` | Docker image name for the `embeddings` image | | embeddings.name | string | `"embeddings"` | Name of the `embeddings` service | | embeddings.podSecurityContext | object | `{}` | Security context for the `embeddings` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | -| embeddings.resources | object | `{"limits":{"cpu":"8","memory":"64G"},"requests":{"cpu":"4","memory":"32G"}}` | Resource requests & limits for the `qdrant` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | +| embeddings.resources | object | `{"limits":{"cpu":"8","memory":"64G"},"requests":{"cpu":"4","memory":"32G"}}` | Resource requests & limits for the `embeddings` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | | embeddings.serviceAccount.annotations | object | `{}` | | | embeddings.serviceAccount.create | bool | `false` | Enable creation of ServiceAccount for `embeddings` | | embeddings.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | @@ -272,7 +272,7 @@ In addition to the documented values, all services also support the following va | qdrant.image.defaultTag | string | `"239247_2023-08-18_5.1-433e1b1c997f@sha256:eafcd7af2aca699fa9c9ce8e6aa674cc0470441f794baf031296d5d1cdadd0bc"` | Docker image tag for the `embeddings` image | | qdrant.image.name | string | `"qdrant"` | Docker image name for the `embeddings` image | | qdrant.name | string | `"qdrant"` | Name of the `qdrant` service | -| qdrant.podSecurityContext | object | `{"fsGroup":101,"fsGroupChangePolicy":"Always","runAsGroup":101,"runAsUser":100}` | Security context for the `qdrant` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | +| qdrant.podSecurityContext | object | `{"fsGroup":101,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":101,"runAsUser":100}` | Security context for the `qdrant` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | qdrant.resources | object | `{"limits":{"cpu":"4","memory":"16G"},"requests":{"cpu":"4","memory":"16G"}}` | Resource requests & limits for the `qdrant` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | | qdrant.serviceAccount.annotations | object | `{}` | | | qdrant.serviceAccount.create | bool | `false` | Enable creation of ServiceAccount for `embeddings` | diff --git a/charts/sourcegraph/values.yaml b/charts/sourcegraph/values.yaml index b02cb48c..e4cdc7db 100644 --- a/charts/sourcegraph/values.yaml +++ b/charts/sourcegraph/values.yaml @@ -292,7 +292,7 @@ embeddings: name: "embeddings" # -- Docker image tag for the `embeddings` image defaultTag: "5.1.6@sha256:e849f52e38637882e5d2ba3d7d27a656d897c4b4e2905e1fdb843536d9c948ab" - # -- Resource requests & limits for the `qdrant` container, + # -- Resource requests & limits for the `embeddings` container, # learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) resources: limits: @@ -303,7 +303,7 @@ embeddings: memory: 32G # -- Environment variables for the `embeddings` container env: {} - # -- Security context for the `worker` container, + # -- Security context for the `embeddings` container, # learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) containerSecurityContext: allowPrivilegeEscalation: false @@ -356,7 +356,7 @@ qdrant: runAsUser: 100 runAsGroup: 101 fsGroup: 101 - fsGroupChangePolicy: "Always" + fsGroupChangePolicy: "OnRootMismatch" serviceAccount: # -- Enable creation of ServiceAccount for `embeddings` create: false From c2e3893ebce4750309c8a2dcb2279e877b13b4ba Mon Sep 17 00:00:00 2001 From: Camden Cheek Date: Mon, 21 Aug 2023 14:50:05 -0600 Subject: [PATCH 09/16] minimal working --- charts/sourcegraph/templates/qdrant/qdrant.Service.yaml | 8 ++++---- .../sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml | 7 ------- charts/sourcegraph/values.yaml | 8 ++++---- 3 files changed, 8 insertions(+), 15 deletions(-) diff --git a/charts/sourcegraph/templates/qdrant/qdrant.Service.yaml b/charts/sourcegraph/templates/qdrant/qdrant.Service.yaml index 12327f73..13ad6d59 100644 --- a/charts/sourcegraph/templates/qdrant/qdrant.Service.yaml +++ b/charts/sourcegraph/templates/qdrant/qdrant.Service.yaml @@ -16,12 +16,12 @@ metadata: name: qdrant spec: ports: - - name: grpc - port: 6333 - targetPort: grpc - name: http - port: 6334 + port: 6333 targetPort: http + - name: grpc + port: 6334 + targetPort: grpc selector: {{- include "sourcegraph.selectorLabels" . | nindent 4 }} app: qdrant diff --git a/charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml b/charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml index dd0cc260..4d3eb883 100644 --- a/charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml +++ b/charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml @@ -79,13 +79,6 @@ spec: {{- end }} securityContext: {{- toYaml .Values.qdrant.containerSecurityContext | nindent 10 }} - resources: - limits: - cpu: "1" - memory: 8Gi - requests: - cpu: "1" - memory: 8Gi {{- if .Values.blobstore.extraContainers }} {{- toYaml .Values.blobstore.extraContainers | nindent 6 }} {{- end }} diff --git a/charts/sourcegraph/values.yaml b/charts/sourcegraph/values.yaml index e4cdc7db..cb6b018c 100644 --- a/charts/sourcegraph/values.yaml +++ b/charts/sourcegraph/values.yaml @@ -336,11 +336,11 @@ qdrant: # learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) resources: limits: - cpu: "4" - memory: 16G + cpu: "2" + memory: 8G requests: - cpu: "4" - memory: 16G + cpu: "500m" + memory: 2G # -- Environment variables for the `qdrant` container env: {} # -- Security context for the `qdrant` container, From 78567697b9d9934efc30055f36a926d2cc6bad17 Mon Sep 17 00:00:00 2001 From: Camden Cheek Date: Mon, 21 Aug 2023 22:05:47 -0600 Subject: [PATCH 10/16] update docs --- charts/sourcegraph/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/sourcegraph/README.md b/charts/sourcegraph/README.md index 3d3d72e2..12fa7e89 100644 --- a/charts/sourcegraph/README.md +++ b/charts/sourcegraph/README.md @@ -273,7 +273,7 @@ In addition to the documented values, all services also support the following va | qdrant.image.name | string | `"qdrant"` | Docker image name for the `embeddings` image | | qdrant.name | string | `"qdrant"` | Name of the `qdrant` service | | qdrant.podSecurityContext | object | `{"fsGroup":101,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":101,"runAsUser":100}` | Security context for the `qdrant` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | -| qdrant.resources | object | `{"limits":{"cpu":"4","memory":"16G"},"requests":{"cpu":"4","memory":"16G"}}` | Resource requests & limits for the `qdrant` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | +| qdrant.resources | object | `{"limits":{"cpu":"2","memory":"8G"},"requests":{"cpu":"500m","memory":"2G"}}` | Resource requests & limits for the `qdrant` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | | qdrant.serviceAccount.annotations | object | `{}` | | | qdrant.serviceAccount.create | bool | `false` | Enable creation of ServiceAccount for `embeddings` | | qdrant.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount | From d5b7479b0f83e60fb242e31ef6097a097a6fa7d5 Mon Sep 17 00:00:00 2001 From: Camden Cheek Date: Mon, 21 Aug 2023 22:16:40 -0600 Subject: [PATCH 11/16] fix prometheus scraping --- charts/sourcegraph/templates/qdrant/qdrant.Service.yaml | 2 ++ charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml | 2 -- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/sourcegraph/templates/qdrant/qdrant.Service.yaml b/charts/sourcegraph/templates/qdrant/qdrant.Service.yaml index 13ad6d59..d2084016 100644 --- a/charts/sourcegraph/templates/qdrant/qdrant.Service.yaml +++ b/charts/sourcegraph/templates/qdrant/qdrant.Service.yaml @@ -3,6 +3,8 @@ apiVersion: v1 kind: Service metadata: annotations: + sourcegraph.prometheus/scrape: "true" + prometheus.io/port: "6333" {{- if .Values.qdrant.serviceAnnotations }} {{- toYaml .Values.qdrant.serviceAnnotations | nindent 4 }} {{- end }} diff --git a/charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml b/charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml index 4d3eb883..266d0a6a 100644 --- a/charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml +++ b/charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml @@ -44,8 +44,6 @@ spec: app.kubernetes.io/component: qdrant deploy: sourcegraph # TODO: should these live in pod labels? - sourcegraph.prometheus/scrape: "true" - prometheus.io/port: "6333" spec: containers: - name: {{ .Values.qdrant.name }} From 3303bccee1040d5eb52fdbf83a6b7584a6194166 Mon Sep 17 00:00:00 2001 From: Camden Cheek Date: Mon, 21 Aug 2023 22:24:42 -0600 Subject: [PATCH 12/16] remove outdated TODO --- charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml b/charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml index 266d0a6a..f2cdd274 100644 --- a/charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml +++ b/charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml @@ -43,7 +43,6 @@ spec: app: {{ .Values.qdrant.name }} app.kubernetes.io/component: qdrant deploy: sourcegraph - # TODO: should these live in pod labels? spec: containers: - name: {{ .Values.qdrant.name }} From 7b2814d123c1739a29ebc0ede47097fe35608634 Mon Sep 17 00:00:00 2001 From: Camden Cheek Date: Mon, 21 Aug 2023 22:26:58 -0600 Subject: [PATCH 13/16] add liveness and readiness --- .../templates/qdrant/qdrant.StatefulSet.yaml | 20 ++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml b/charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml index f2cdd274..947414a4 100644 --- a/charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml +++ b/charts/sourcegraph/templates/qdrant/qdrant.StatefulSet.yaml @@ -61,7 +61,25 @@ spec: - containerPort: 6334 name: grpc protocol: TCP - # TODO: add readiness probe once this PR lands: https://github.com/qdrant/qdrant/pull/2409 + # TODO: use gRPC liveness/readiness probe once this PR lands: https://github.com/qdrant/qdrant/pull/2409 + readinessProbe: + failureThreshold: 3 + httpGet: + scheme: HTTP + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + livenessProbe: + failureThreshold: 3 + httpGet: + scheme: HTTP + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 volumeMounts: - name: qdrant-data mountPath: /data From a5c2ae78b55954a0c2a97f9b061dc598e30ac7e0 Mon Sep 17 00:00:00 2001 From: Camden Cheek Date: Mon, 21 Aug 2023 22:38:09 -0600 Subject: [PATCH 14/16] update changelog --- charts/sourcegraph/CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/charts/sourcegraph/CHANGELOG.md b/charts/sourcegraph/CHANGELOG.md index daf11263..fcd8ff11 100644 --- a/charts/sourcegraph/CHANGELOG.md +++ b/charts/sourcegraph/CHANGELOG.md @@ -8,6 +8,8 @@ Use `**BREAKING**:` to denote a breaking change ## Unreleased +- Added a service for the Qdrant vector database + ## 5.1.6 - Sourcegraph 5.1.6 is now available! From ba0fdec04f68f43916ab14cc2cd97b7048fad91e Mon Sep 17 00:00:00 2001 From: Camden Cheek Date: Tue, 22 Aug 2023 10:52:59 -0600 Subject: [PATCH 15/16] add config for debug and log_level --- .../templates/qdrant/qdrant.ConfigMap.yaml | 16 +++++++++------- charts/sourcegraph/values.yaml | 3 +++ 2 files changed, 12 insertions(+), 7 deletions(-) diff --git a/charts/sourcegraph/templates/qdrant/qdrant.ConfigMap.yaml b/charts/sourcegraph/templates/qdrant/qdrant.ConfigMap.yaml index 6477e845..9ccc21b0 100644 --- a/charts/sourcegraph/templates/qdrant/qdrant.ConfigMap.yaml +++ b/charts/sourcegraph/templates/qdrant/qdrant.ConfigMap.yaml @@ -8,18 +8,24 @@ metadata: app.kubernetes.io/component: qdrant data: config.yaml: | - debug: true - log_level: INFO + debug: {{ .Values.qdrant.config.debug }} + log_level: {{ .Values.qdrant.config.log_level }} storage: storage_path: /data snapshots_path: /data/storage on_disk_payload: true + service: + http_port: 6333 + grpc_port: 6334 + telemetry_disabled: true + # The following parameters can be configured + # on a per-collection basis, so these are just defaults. performance: max_optimization_threads: 4 optimizers: max_optimization_threads: 4 mmap_threshold_kb: 1 - indexing_threshold_kb: 0 + indexing_threshold_kb: 0 # disable indexing hnsw_index: m: 8 ef_construct: 100 @@ -27,8 +33,4 @@ data: max_indexing_threads: 4 on_disk: true payload_m: 8 - service: - http_port: 6333 - grpc_port: 6334 - telemetry_disabled: true {{- end }} diff --git a/charts/sourcegraph/values.yaml b/charts/sourcegraph/values.yaml index cb6b018c..bcc9d73d 100644 --- a/charts/sourcegraph/values.yaml +++ b/charts/sourcegraph/values.yaml @@ -334,6 +334,9 @@ qdrant: defaultTag: "239247_2023-08-18_5.1-433e1b1c997f@sha256:eafcd7af2aca699fa9c9ce8e6aa674cc0470441f794baf031296d5d1cdadd0bc" # -- Resource requests & limits for the `qdrant` container, # learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) + config: + debug: true + log_level: INFO resources: limits: cpu: "2" From 34f82d7ba41f98f6e0ae83990179bab6eb8bd637 Mon Sep 17 00:00:00 2001 From: Camden Cheek Date: Tue, 22 Aug 2023 11:03:35 -0600 Subject: [PATCH 16/16] update docs --- charts/sourcegraph/README.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/charts/sourcegraph/README.md b/charts/sourcegraph/README.md index 12fa7e89..a5f49939 100644 --- a/charts/sourcegraph/README.md +++ b/charts/sourcegraph/README.md @@ -264,6 +264,7 @@ In addition to the documented values, all services also support the following va | prometheus.serviceAccount.create | bool | `true` | Enable creation of ServiceAccount | | prometheus.serviceAccount.name | string | `"prometheus"` | Name of the ServiceAccount to be created or an existing ServiceAccount | | prometheus.storageSize | string | `"200Gi"` | PVC Storage Request for `prometheus` data volume | +| qdrant.config | object | `{"debug":true,"log_level":"INFO"}` | Resource requests & limits for the `qdrant` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | | qdrant.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"fsGroup":101,"runAsGroup":101,"runAsUser":100}` | Security context for the `qdrant` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | | qdrant.enabled | bool | `false` | Enable `qdrant` | | qdrant.env | object | `{}` | Environment variables for the `qdrant` container | @@ -273,7 +274,10 @@ In addition to the documented values, all services also support the following va | qdrant.image.name | string | `"qdrant"` | Docker image name for the `embeddings` image | | qdrant.name | string | `"qdrant"` | Name of the `qdrant` service | | qdrant.podSecurityContext | object | `{"fsGroup":101,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":101,"runAsUser":100}` | Security context for the `qdrant` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) | -| qdrant.resources | object | `{"limits":{"cpu":"2","memory":"8G"},"requests":{"cpu":"500m","memory":"2G"}}` | Resource requests & limits for the `qdrant` container, learn more from the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) | +| qdrant.resources.limits.cpu | string | `"2"` | | +| qdrant.resources.limits.memory | string | `"8G"` | | +| qdrant.resources.requests.cpu | string | `"500m"` | | +| qdrant.resources.requests.memory | string | `"2G"` | | | qdrant.serviceAccount.annotations | object | `{}` | | | qdrant.serviceAccount.create | bool | `false` | Enable creation of ServiceAccount for `embeddings` | | qdrant.serviceAccount.name | string | `""` | Name of the ServiceAccount to be created or an existing ServiceAccount |