Skip to content

feat: Add manifests for basic CDN for firmware images#1692

Open
stevekeay wants to merge 3 commits intomainfrom
cdn
Open

feat: Add manifests for basic CDN for firmware images#1692
stevekeay wants to merge 3 commits intomainfrom
cdn

Conversation

@stevekeay
Copy link
Contributor

@stevekeay stevekeay commented Feb 24, 2026

This provides a HTTPS endpoint that will serve up files from our back-end object storage.

These manifests will create a global storage bucket to hold the content.

A site-local nginx proxy caches the files locally (should work for deployments in countries far away or on slow links).

Requires https://github.com/RSS-Engineering/undercloud-deploy/pull/1332

Copy link
Contributor

@cardoe cardoe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add an entry into charts/argocd-understack/templates and it'll get deployed automatically put cdn in values.yaml under the site: block.


server {
listen 8080;
server_name cdn.dev.undercloud.rackspace.net;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Don't set the server name here

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yup I spotted that, fixed.

# Assumes you're using ingress-nginx and cert-manager.
# Swap annotations if using Traefik or another ingress controller.
apiVersion: networking.k8s.io/v1
kind: Ingress
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Don't need an Ingress with HTTPRoute

Copy link
Contributor Author

@stevekeay stevekeay Feb 26, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I removed the manifest from the repo.

namespace: cdn
spec:
hostnames:
- cdn.dev.undercloud.rackspace.net
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Put this HTTPRoute in the deploy repo in the cdn directory under the cluster.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It looks like these get created by envoy. I removed the manifest from the repo.

spec:
accessModes:
- ReadWriteOnce
storageClassName: openebs-hostpath
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Probably not where we'd want this since that would mean we have to ping the nginx to a specific node?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's for the cache. The intention was to get fast, cheap, simple storage. If the pod moves to another node then it would re-populate the cache over there. If we run multiple pods, I don't know how that would interact with ceph-backed distributed storage.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Storage on openebs-hostpath is quite limited - imho it normally should not be used for applications. The openebs-lvm would be better choice if you want to keep it local. If ceph, then ceph-block-ecoded if you want block or ceph-fs-ec if you want ReadWriteMany

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I moved it to openebs-lvm, multiple writers on ceph seems too advanced.

@stevekeay stevekeay force-pushed the cdn branch 6 times, most recently from 641b729 to 66e204a Compare February 26, 2026 08:57
Copy link
Collaborator

@skrobul skrobul left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Consider packaging those manifests into a helm chart so that the values can be adjusted on per-environment basis easily.
If you don't want to use the helm's default template, we have https://github.com/rxt-pvc/backbone-sno-helm-scaffold/ that is slightly smaller but will need adjustments for HTTPRoutes


Images are stored in Object Store

Cacheing reverse-proxies at each fabric will fetch the images from Object Store
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
Cacheing reverse-proxies at each fabric will fetch the images from Object Store
Caching reverse-proxies at each fabric will fetch the images from Object Store

Comment on lines +10 to +11
maxObjects: "1000"
maxSize: "5G"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

that seems quite small, imho should be configurable

@stevekeay stevekeay changed the title Add manifests for basic CDN for firmware images feat: Add manifests for basic CDN for firmware images Feb 26, 2026
@ctria
Copy link
Contributor

ctria commented Feb 26, 2026

Before merging, can we change the namespace to something like "understack-cdn" to avoid possible future overlaps?

@stevekeay
Copy link
Contributor Author

Before merging, can we change the namespace to something like "understack-cdn" to avoid possible future overlaps?

I changed the namespace name. I will remember this every time I have to type that name :)

@stevekeay stevekeay marked this pull request as ready for review February 26, 2026 16:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants