site-publish: default S3 endpoint to garage-s3 (data-only Service)
The existing garage Service round-robined S3 across all three garage pods, including the gateway. The gateway pod uses an emptyDir for /data, so its in-memory auth table is unreliable after restart — site-publish runs hit intermittent 'Forbidden: No such key' errors during aws s3 sync. The new garage-s3 Service in fritzlab/apps@d9aa376 selects only garage-role=data pods (nas001 + nas002), bypassing the gateway entirely.
This commit is contained in:
Donavan Fritz
+4
-1
@@ -11,9 +11,12 @@ inputs:
|
||||
description: Garage ci-deploy-key secret access key
|
||||
required: true
|
||||
s3-endpoint:
|
||||
# Targets garage-s3 (data-only Service) so requests do not round-robin onto
|
||||
# the gateway pod, whose emptyDir-backed metadata view intermittently
|
||||
# returns "No such key" through the S3 API.
|
||||
description: Garage S3 endpoint URL
|
||||
required: false
|
||||
default: http://garage.storage.svc:3900
|
||||
default: http://garage-s3.storage.svc:3900
|
||||
garage-admin-token:
|
||||
description: Garage admin API token (required only when site.yaml has aliases — used to reconcile bucket globalAliases)
|
||||
required: false
|
||||
|
||||
+1
-1
@@ -12,7 +12,7 @@ from jinja2 import Environment, FileSystemLoader
|
||||
APPS_REPO = "fritzlab/apps"
|
||||
GITEA_HOST = "code.fritzlab.net"
|
||||
NAMESPACE = "websites"
|
||||
DEFAULT_S3_ENDPOINT = "http://garage.storage.svc:3900"
|
||||
DEFAULT_S3_ENDPOINT = "http://garage-s3.storage.svc:3900"
|
||||
|
||||
EXCLUDE_FILES = {
|
||||
".git", ".gitea", ".gitignore", "site.yaml",
|
||||
|
||||
Reference in New Issue
Block a user