Provisioning WIP

go.mod

@@ -36,7 +36,7 @@ require (
 	github.com/joho/godotenv v1.5.1
 	github.com/jpillora/longestcommon v0.0.0-20161227235612-adb9d91ee629
 	github.com/keboola/go-client v1.26.4
-	github.com/keboola/go-utils v0.10.2
+	github.com/keboola/go-utils v0.10.3-0.20240522072138-726d26d3bf0f
 	github.com/klauspost/compress v1.17.8
 	github.com/klauspost/pgzip v1.2.6
 	github.com/kylelemons/godebug v1.1.0

go.sum

@@ -391,8 +391,8 @@ github.com/keboola/go-mockoidc v0.0.0-20240405064136-5229d2b53db6 h1:HcvX1VQkiav
 github.com/keboola/go-mockoidc v0.0.0-20240405064136-5229d2b53db6/go.mod h1:eDjgYHYDJbPLBLsyZ6qRaugP0mX8vePOhZ5id1fdzJw=
 github.com/keboola/go-oauth2-proxy/v7 v7.6.1-0.20240418143152-9d00aaa29562 h1:EiwSnkbGt2i6XxvjDMrWx6/bGlQjVs+yq1mDJ5b3U1U=
 github.com/keboola/go-oauth2-proxy/v7 v7.6.1-0.20240418143152-9d00aaa29562/go.mod h1:uPrZkzwsuFyIPP04hIt6TG2KvWujglvkOnUUnQJyIdw=
-github.com/keboola/go-utils v0.10.2 h1:omvBSTEL96zz2lHxfHCZ4UEBZ1J8M40M7GngmMwt070=
-github.com/keboola/go-utils v0.10.2/go.mod h1:p+AIGpqlL7c0X+MWNOLdkAt2rMM5JXlycWwkOKmlrps=
+github.com/keboola/go-utils v0.10.3-0.20240522072138-726d26d3bf0f h1:hHoHg3m0wqK01ze9lIic25IxDI2Iz/A8XqVPfitPiME=
+github.com/keboola/go-utils v0.10.3-0.20240522072138-726d26d3bf0f/go.mod h1:p+AIGpqlL7c0X+MWNOLdkAt2rMM5JXlycWwkOKmlrps=
 github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
 github.com/klauspost/compress v1.17.8 h1:YcnTYrq7MikUT7k0Yb5eceMmALQPYBW/Xltxn0NAMnU=

internal/pkg/service/common/configmap/bind.go

@@ -351,8 +351,10 @@ func collectValues(cfg BindConfig, flagToField FlagToFieldFn) (*orderedmap.Order
 
 		// Store
 		config.VisitAllRecursive(func(path orderedmap.Path, v any, parent any) {
-			// Copy leaf values
-			if _, ok := v.(*orderedmap.OrderedMap); !ok {
+			// Copy leaf values = value is not object AND key is map step, not slice step
+			_, isObject := v.(*orderedmap.OrderedMap)
+			_, isMapKey := path.Last().(orderedmap.MapStep)
+			if !isObject && isMapKey {
 				if err := values.SetNestedPath(path, fieldValue{Value: v, SetBy: SetByConfig}); err != nil {
 					errs.Append(err)
 				}

out.txt

@@ -0,0 +1,161 @@
+# Enable logging at DEBUG level.
+debugLog: false
+# Log HTTP client requests and responses as debug messages.
+debugHTTPClient: false
+# Path where CPU profile is saved.
+cpuProfilePath: ""
+# Unique ID of the node in the cluster. Validation rules: required
+nodeID: ""
+# Storage API host. Validation rules: required,hostname
+storageApiHost: connection.keboola.com
+datadog:
+    # Enable DataDog integration.
+    enabled: false
+    # Enable DataDog debug messages.
+    debug: false
+etcd:
+    # Etcd endpoint. Validation rules: required
+    endpoint: etcd:2379
+    # Etcd namespace. Validation rules: required
+    namespace: stream/
+    # Etcd username.
+    username: root
+    # Etcd password.
+    password: '*****'
+    # Etcd connect timeout. Validation rules: required
+    connectTimeout: 30s
+    # Etcd keep alive timeout. Validation rules: required
+    keepAliveTimeout: 5s
+    # Etcd keep alive interval. Validation rules: required
+    keepAliveInterval: 10s
+    # Etcd operations logging as debug messages.
+    debugLog: false
+metrics:
+    # Prometheus scraping metrics listen address. Validation rules: required,hostname_port
+    listen: 0.0.0.0:9000
+api:
+    # Listen address of the configuration HTTP API. Validation rules: required,hostname_port
+    listen: 0.0.0.0:8000
+    # Public URL of the configuration HTTP API for link generation. Validation rules: required
+    publicUrl: http://localhost:8000
+distribution:
+    # The maximum time to wait for creating a new session. Validation rules: required,minDuration=1s,maxDuration=1m
+    grantTimeout: 5s
+    # Timeout for the node registration to the cluster. Validation rules: required,minDuration=1s,maxDuration=5m
+    startupTimeout: 1m0s
+    # Timeout for the node un-registration from the cluster. Validation rules: required,minDuration=1s,maxDuration=5m
+    shutdownTimeout: 10s
+    # Interval of processing changes in the topology. Use 0 to disable the grouping. Validation rules: maxDuration=30s
+    eventsGroupInterval: 5s
+    # Seconds after which the node is automatically un-registered if an outage occurs. Validation rules: required,min=1,max=30
+    ttlSeconds: 15
+source:
+    http:
+        # Listen address of the HTTP source. Validation rules: required,hostname_port
+        listen: 0.0.0.0:7000
+        # Public URL of the HTTP source for link generation.
+        publicUrl: null
+storage:
+    # Mounted volumes path, each volume is in "{type}/{label}" subdir. Validation rules: required
+    volumesPath: ""
+    statistics:
+        sync:
+            # Statistics synchronization interval, from memory to the etcd. Validation rules: required,minDuration=100ms,maxDuration=5s
+            interval: 1s
+            # Statistics synchronization timeout. Validation rules: required,minDuration=1s,maxDuration=1m
+            timeout: 30s
+        cache:
+            L2:
+                # Enable statistics L2 in-memory cache, otherwise only L1 cache is used.
+                enabled: true
+                # Statistics L2 in-memory cache invalidation interval. Validation rules: required,minDuration=100ms,maxDuration=5s
+                interval: 1s
+    cleanup:
+        # Enable storage cleanup.
+        enabled: true
+        # Cleanup interval. Validation rules: required,minDuration=5m,maxDuration=24h
+        interval: 30m0s
+        # How many files are deleted in parallel. Validation rules: required,min=1,max=500
+        concurrency: 100
+        # Expiration interval of a file that has not yet been imported. Validation rules: required,minDuration=1h,maxDuration=720h,gtefield=ArchivedFileExpiration
+        activeFileExpiration: 168h0m0s
+        # Expiration interval of a file that has already been imported. Validation rules: required,minDuration=15m,maxDuration=720h
+        archivedFileExpiration: 24h0m0s
+    level:
+        local:
+            volume:
+                assignment:
+                    # Volumes count simultaneously utilized per sink. Validation rules: required,min=1,max=100
+                    count: 1
+                    # List of preferred volume types, start with the most preferred. Validation rules: required,min=1
+                    preferredTypes:
+                        - default
+                registration:
+                    # Number of seconds after the volume registration expires if the node is not available. Validation rules: required,min=1,max=60
+                    ttlSeconds: 10
+                sync:
+                    # Sync mode: "disabled", "cache" or "disk". Validation rules: required,oneof=disabled disk cache
+                    mode: disk
+                    # Wait for sync to disk OS cache or to disk hardware, depending on the mode.
+                    wait: true
+                    # Minimal interval between syncs to disk. Validation rules: min=0,maxDuration=2s,required_if=Mode disk,required_if=Mode cache
+                    checkInterval: 5ms
+                    # Written records count to trigger sync. Validation rules: min=0,max=1000000,required_if=Mode disk,required_if=Mode cache
+                    countTrigger: 500
+                    # Written size to trigger sync. Validation rules: maxBytes=100MB,required_if=Mode disk,required_if=Mode cache
+                    bytesTrigger: 1MB
+                    # Interval from the last sync to trigger sync. Validation rules: min=0,maxDuration=2s,required_if=Mode disk,required_if=Mode cache
+                    intervalTrigger: 50ms
+                allocation:
+                    # Allocate disk space for each slice.
+                    enabled: true
+                    # Size of allocated disk space for a slice. Validation rules: required
+                    static: 100MB
+                    # Allocate disk space as % from the previous slice size. Validation rules: min=100,max=500
+                    relative: 110
+            compression:
+                # Compression type. Validation rules: required,oneof=none gzip zstd
+                type: gzip
+                gzip:
+                    # GZIP compression level: 1-9. Validation rules: min=1,max=9
+                    level: 1
+                    # GZIP implementation: standard, fast, parallel. Validation rules: required,oneof=standard fast parallel
+                    implementation: parallel
+                    # GZIP parallel block size. Validation rules: required,minBytes=16kB,maxBytes=100MB
+                    blockSize: 256KB
+                    # GZIP parallel concurrency, 0 = auto.
+                    concurrency: 0
+                zstd:
+                    # ZSTD compression level: fastest, default, better, best. Validation rules: min=1,max=4
+                    level: 1
+                    # ZSTD window size. Validation rules: required,minBytes=1kB,maxBytes=512MB
+                    windowSize: 1MB
+                    # ZSTD concurrency, 0 = auto
+                    concurrency: 0
+        staging:
+            # Maximum number of slices in a file, a new file is created after reaching it. Validation rules: required,min=1,max=50000
+            maxSlicesPerFile: 100
+            # Maximum number of the Storage API file resources created in parallel within one operation. Validation rules: required,min=1,max=500
+            parallelFileCreateLimit: 50
+            upload:
+                # Minimal interval between uploads. Validation rules: required,minDuration=1s,maxDuration=5m
+                minInterval: 5s
+                trigger:
+                    # Records count to trigger slice upload. Validation rules: required,min=1,max=10000000
+                    count: 10000
+                    # Records size to trigger slice upload. Validation rules: required,minBytes=100B,maxBytes=50MB
+                    size: 1MB
+                    # Duration from the last slice upload to trigger the next upload. Validation rules: required,minDuration=1s,maxDuration=30m
+                    interval: 1m0s
+        target:
+            import:
+                # Minimal interval between imports. Validation rules: required,minDuration=30s,maxDuration=30m
+                minInterval: 1m0s
+                trigger:
+                    # Records count to trigger file import. Validation rules: required,min=1,max=10000000
+                    count: 50000
+                    # Records size to trigger file import. Validation rules: required,minBytes=100B,maxBytes=500MB
+                    size: 5MB
+                    # Duration from the last import to trigger the next import. Validation rules: required,minDuration=60s,maxDuration=24h
+                    interval: 5m0s
+

provisioning/apps-proxy/deploy_local.sh

@@ -14,7 +14,7 @@ export RELEASE_RELEASENAME="${RELEASE_RELEASENAME:=my-release}"
 export KEBOOLA_STACK="${KEBOOLA_STACK:=local-machine}"
 export HOSTNAME_SUFFIX="${HOSTNAME_SUFFIX:=keboola.com}"
 export APPS_PROXY_REPOSITORY="${APPS_PROXY_REPOSITORY:=docker.io/keboola/apps-proxy}" # docker.io prefix is required
-export APPS_PROXY_IMAGE_TAG="${APPS_PROXY_IMAGE_TAG:=$(git rev-parse --short HEAD)}"
+export APPS_PROXY_IMAGE_TAG="${APPS_PROXY_IMAGE_TAG:=$(git rev-parse --short HEAD)-$(date +%s)}"
 export APPS_PROXY_REPLICAS="${APPS_PROXY_REPLICAS:=3}"
 export APPS_PROXY_SANDBOXES_API_TOKEN="${APPS_PROXY_SANDBOXES_API_TOKEN:=token}"
 

provisioning/common/etcd/values.yaml

@@ -12,7 +12,7 @@ nodeSelector:
 
 # Locked/updated etcd image
 image:
-  tag: 3.5.11-debian-11-r3
+  tag: 3.5.13-debian-12-r10
 
 # Additional pod annotations
 podAnnotations:
@@ -56,6 +56,9 @@ extraEnvVars:
   # Default value in etcd v3.2+ is "100 000": https://etcd.io/docs/v3.5/op-guide/maintenance/#raft-log-retention
   - name: ETCD_SNAPSHOT_COUNT
     value: "10000"
+  # GOMEMLIMIT to prevent OOM kill, update the value together with "resources" spec.
+  - name: GOMEMLIMIT
+    value: "256MiB"
 
 # The root password is used for authentication, the client gets a JWT token with short expiration.
 auth:
@@ -105,7 +108,7 @@ startupProbe:
   periodSeconds: 5
   timeoutSeconds: 5
   successThreshold: 1
-  failureThreshold: 60
+  failureThreshold: 300
 livenessProbe:
   initialDelaySeconds: 0 # replaced by startupProbe
 readinessProbe:

provisioning/stream/README.md

@@ -1,4 +1,4 @@
-# Provisioning of the Buffer Service
+# Provisioning of the Stream Service
 
 ## Directory Structure
 
@@ -43,10 +43,10 @@ If you need to debug or test something in a Kubernetes cluster, you can use loca
 At the end of the script, the URL of the service is printed.
 ```sh
 To interact with the MiniKube profile run:
-export MINIKUBE_PROFILE=buffer
+export MINIKUBE_PROFILE=stream
 
 To clear the MiniKube:
-MINIKUBE_PROFILE=buffer minikube delete --purge
+MINIKUBE_PROFILE=stream minikube delete --purge
 
 Load balancer of the service is accessible at:
 http://172.17.0.2:32183
@@ -55,22 +55,22 @@ http://172.17.0.2:32183
 ### etcd
 
 Etcd deployment includes a network policy,
-only pods with `buffer-etcd-client=true` can connect to the etcd.
+only pods with `stream-etcd-client=true` can connect to the etcd.
 
 #### Client
 
 If you need to start the etcd client, you can use this following commands.
 
 Run interactive container:
 ```
-export ETCD_ROOT_PASSWORD=$(kubectl get secret --namespace "buffer" buffer-etcd -o jsonpath="{.data.etcd-root-password}" 2>/dev/null | base64 -d)
+export ETCD_ROOT_PASSWORD=$(kubectl get secret --namespace "stream" stream-etcd -o jsonpath="{.data.etcd-root-password}" 2>/dev/null | base64 -d)
 
-kubectl run --tty --stdin --rm --restart=Never buffer-etcd-client \
-  --namespace buffer \
+kubectl run --tty --stdin --rm --restart=Never stream-etcd-client \
+  --namespace stream \
   --image docker.io/bitnami/etcd:3.5.5-debian-11-r16 \
-  --labels="buffer-etcd-client=true" \
+  --labels="stream-etcd-client=true" \
   --env="ETCD_ROOT_PASSWORD=$ETCD_ROOT_PASSWORD" \
-  --env="ETCDCTL_ENDPOINTS=buffer-etcd:2379" \
+  --env="ETCDCTL_ENDPOINTS=stream-etcd:2379" \
   --command -- bash
 ```
 

provisioning/stream/azure.sh

@@ -37,11 +37,11 @@ TIME_WAITED=0
 # every 10 seconds but in total max 15 minutes try to fetch IP_ADDRESS
 #shellcheck disable=2203
 while [[ -z "$IP_ADDRESS" && $TIME_WAITED -lt 15*60 ]]; do
-    echo "Waiting for Buffer API ingress IP..."
+    echo "Waiting for Stream API ingress IP..."
     sleep 10;
     TIME_WAITED=$((TIME_WAITED + 10))
     IP_ADDRESS=$(kubectl get services \
-      --selector "app=buffer-api" \
+      --selector "app=stream-api" \
       --namespace "$NAMESPACE" \
       --no-headers \
       --output jsonpath="{.items[0].status.loadBalancer.ingress[0].ip}")
@@ -56,12 +56,12 @@ APPLICATION_GATEWAY_NAME=$(az deployment group show \
 az network application-gateway address-pool update \
   --gateway-name="$APPLICATION_GATEWAY_NAME" \
   --resource-group "$RESOURCE_GROUP" \
-  --name=buffer \
+  --name=stream \
   --servers "$IP_ADDRESS"
 
 az network application-gateway probe update \
   --gateway-name="$APPLICATION_GATEWAY_NAME" \
   --resource-group "$RESOURCE_GROUP" \
-  --name=buffer-health-probe \
+  --name=stream-health-probe \
   --host "$IP_ADDRESS"