From 7399215578f9258dfbafe48029c4aba73f809509 Mon Sep 17 00:00:00 2001
From: Carsten Schafer <Carsten.Schafer@kinarasystems.com>
Date: Thu, 19 Sep 2024 11:55:29 -0400
Subject: [PATCH] WIFI-14148 Adapt to the idiosyncrasies of each cluster env

Signed-off-by: Carsten Schafer <Carsten.Schafer@kinarasystems.com>
---
 cgw/helmfile.yaml            | 44 ++++--------------------------------
 cgw/values/cgw-cgw01-1.yaml  |  0
 cgw/values/cgw-cgw01-2.yaml  |  0
 cgw/values/cgw-devcgw-1.yaml | 15 ++++++++++++
 cgw/values/cgw-devcgw-2.yaml | 16 +++++++++++++
 cgw/values/cgw.yaml          | 24 ++++++++++++++++++++
 6 files changed, 59 insertions(+), 40 deletions(-)
 create mode 100644 cgw/values/cgw-cgw01-1.yaml
 create mode 100644 cgw/values/cgw-cgw01-2.yaml
 create mode 100644 cgw/values/cgw-devcgw-1.yaml
 create mode 100644 cgw/values/cgw-devcgw-2.yaml
 create mode 100644 cgw/values/cgw.yaml

diff --git a/cgw/helmfile.yaml b/cgw/helmfile.yaml
index c5c61c7..2df68b8 100644
--- a/cgw/helmfile.yaml
+++ b/cgw/helmfile.yaml
@@ -196,39 +196,21 @@ releases:
     - values/certs.tip.yaml
     # this one is generated from GH secrets:
     - values/certs.device.yaml
+    - values/cgw.yaml
+    - values/cgw-{{ .Environment.Values.global.name }}-1.yaml
     - images:
         cgw:
           tag: {{ .Environment.Values.cgw.tag }}
     - public_env_variables:
         CGW_ID: 0
-        CGW_DB_HOST: pgsql
-        CGW_DB_PORT: "5432"
         CGW_DB_USERNAME: "{{ .Environment.Values.postgres.cgwUser.name }}"
-        CGW_KAFKA_HOST: kafka
-        CGW_KAFKA_PORT: "9092"
-        CGW_REDIS_HOST: redis-master
-        CGW_REDIS_PORT: "6379"
-        CGW_ALLOW_CERT_MISMATCH: "yes"
-        # use (#cpus * 2) - 2
-        DEFAULT_WSS_THREAD_NUM: "4"
-        # Useful for debugging:
-        #CGW_LOG_LEVEL: "debug"
-        #RUST_BACKTRACE: "full"
     - secret_env_variables:
         CGW_DB_PASSWORD: "{{ .Environment.Values.postgres.cgwUser.password }}"
     - services:
         cgw:
-          type: LoadBalancer
           annotations:
             external-dns.alpha.kubernetes.io/hostname: cgw-{{ .Environment.Values.global.name }}.{{ .Environment.Values.global.domain }}
-            #service.beta.kubernetes.io/aws-load-balancer-type: nlb-ip
-            service.beta.kubernetes.io/aws-load-balancer-scheme: internet-facing
-            service.beta.kubernetes.io/aws-load-balancer-backend-protocol: ssl
             service.beta.kubernetes.io/aws-load-balancer-ssl-cert: {{ .Environment.Values.global.certificateARN }}
-            service.beta.kubernetes.io/aws-load-balancer-healthcheck-port: "15003"
-            service.beta.kubernetes.io/aws-load-balancer-target-group-attributes: preserve_client_ip.enabled=true
-            service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "16002"
-            alb.ingress.kubernetes.io/healthcheck-path: /health
 
 - name: cgw2
   namespace: {{ .Environment.Values.global.namespace }}
@@ -243,36 +225,18 @@ releases:
     - values/certs.tip.yaml
     # this one is generated from GH secrets:
     - values/certs.device.yaml
+    - values/cgw.yaml
+    - values/cgw-{{ .Environment.Values.global.name }}-2.yaml
     - images:
         cgw:
           tag: {{ .Environment.Values.cgw.tag }}
     - public_env_variables:
         CGW_ID: 1
-        CGW_DB_HOST: pgsql
-        CGW_DB_PORT: "5432"
         CGW_DB_USERNAME: "{{ .Environment.Values.postgres.cgwUser.name }}"
-        CGW_KAFKA_HOST: kafka
-        CGW_KAFKA_PORT: "9092"
-        CGW_REDIS_HOST: redis-master
-        CGW_REDIS_PORT: "6379"
-        CGW_ALLOW_CERT_MISMATCH: "yes"
-        # use (#cpus * 2) - 2
-        DEFAULT_WSS_THREAD_NUM: "4"
-        # Useful for debugging:
-        #CGW_LOG_LEVEL: "debug"
-        #RUST_BACKTRACE: "full"
     - secret_env_variables:
         CGW_DB_PASSWORD: "{{ .Environment.Values.postgres.cgwUser.password }}"
     - services:
         cgw:
-          type: LoadBalancer
           annotations:
             external-dns.alpha.kubernetes.io/hostname: cgw2-{{ .Environment.Values.global.name }}.{{ .Environment.Values.global.domain }}
-            #service.beta.kubernetes.io/aws-load-balancer-type: nlb-ip
-            service.beta.kubernetes.io/aws-load-balancer-scheme: internet-facing
-            service.beta.kubernetes.io/aws-load-balancer-backend-protocol: ssl
             service.beta.kubernetes.io/aws-load-balancer-ssl-cert: {{ .Environment.Values.global.certificateARN }}
-            service.beta.kubernetes.io/aws-load-balancer-healthcheck-port: "15003"
-            service.beta.kubernetes.io/aws-load-balancer-target-group-attributes: preserve_client_ip.enabled=true
-            service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "16002"
-            alb.ingress.kubernetes.io/healthcheck-path: /health
diff --git a/cgw/values/cgw-cgw01-1.yaml b/cgw/values/cgw-cgw01-1.yaml
new file mode 100644
index 0000000..e69de29
diff --git a/cgw/values/cgw-cgw01-2.yaml b/cgw/values/cgw-cgw01-2.yaml
new file mode 100644
index 0000000..e69de29
diff --git a/cgw/values/cgw-devcgw-1.yaml b/cgw/values/cgw-devcgw-1.yaml
new file mode 100644
index 0000000..408679c
--- /dev/null
+++ b/cgw/values/cgw-devcgw-1.yaml
@@ -0,0 +1,15 @@
+affinity:
+  nodeAffinity:
+    requiredDuringSchedulingIgnoredDuringExecution:
+      nodeSelectorTerms:
+      - matchExpressions:
+        - key: alpha.eksctl.io/nodegroup-name
+          operator: In
+          values:
+          - gwmed
+
+tolerations:
+- effect: NoSchedule
+  key: type
+  operator: Equal
+  value: onlygwmed
diff --git a/cgw/values/cgw-devcgw-2.yaml b/cgw/values/cgw-devcgw-2.yaml
new file mode 100644
index 0000000..447e98d
--- /dev/null
+++ b/cgw/values/cgw-devcgw-2.yaml
@@ -0,0 +1,16 @@
+affinity:
+  nodeAffinity:
+    requiredDuringSchedulingIgnoredDuringExecution:
+      nodeSelectorTerms:
+      - matchExpressions:
+        - key: alpha.eksctl.io/nodegroup-name
+          operator: In
+          values:
+          - gwm5lrg
+
+tolerations:
+- effect: NoSchedule
+  key: type
+  operator: Equal
+  value: onlygwm5lrg
+
diff --git a/cgw/values/cgw.yaml b/cgw/values/cgw.yaml
new file mode 100644
index 0000000..aa4410f
--- /dev/null
+++ b/cgw/values/cgw.yaml
@@ -0,0 +1,24 @@
+public_env_variables:
+  CGW_DB_HOST: pgsql
+  CGW_DB_PORT: "5432"
+  CGW_KAFKA_HOST: kafka
+  CGW_KAFKA_PORT: "9092"
+  CGW_REDIS_HOST: redis-master
+  CGW_REDIS_PORT: "6379"
+  CGW_ALLOW_CERT_MISMATCH: "yes"
+  # use (#cpus * 2) - 2
+  DEFAULT_WSS_THREAD_NUM: "4"
+  # Useful for debugging:
+  #CGW_LOG_LEVEL: "debug"
+  #RUST_BACKTRACE: "full"
+services:
+  cgw:
+    type: LoadBalancer
+    annotations:
+      #service.beta.kubernetes.io/aws-load-balancer-type: nlb-ip
+      service.beta.kubernetes.io/aws-load-balancer-scheme: internet-facing
+      service.beta.kubernetes.io/aws-load-balancer-backend-protocol: ssl
+      service.beta.kubernetes.io/aws-load-balancer-healthcheck-port: "15003"
+      service.beta.kubernetes.io/aws-load-balancer-target-group-attributes: preserve_client_ip.enabled=true
+      service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "16002"
+      alb.ingress.kubernetes.io/healthcheck-path: /health