eblume/blumeops
1
1
Fork 0
Code Issues Pull requests Projects Releases 83 Packages Wiki Activity Actions

P5: Migrate devpi to Kubernetes #34

Merged
eblume merged 12 commits from feature/p5-devpi into main 2026-01-20 14:55:37 -08:00
Conversation 0 Commits 12 Files changed 18 +474 -75
eblume commented 2026-01-20 14:55:17 -08:00
Owner
Copy link

Summary

  • Migrate devpi PyPI caching proxy from indri LaunchAgent to Kubernetes
  • Custom container image with devpi-server + devpi-web + auto-init
  • StatefulSet with 50Gi PVC, Tailscale Ingress at pypi.tail8d86e.ts.net
  • Remove devpi from ansible playbooks and update CLAUDE.md with k8s workflow

Key Changes

  • Add CRI-O registry mirror config for registry.tail8d86e.ts.net
  • Change ArgoCD apps to manual sync (was auto-sync causing issues)
  • 2Gi memory limit for Whoosh indexer (reclaimed after startup)

Deployment and Testing

  • devpi pod healthy in k8s
  • pip install through proxy works
  • mcquack 1.0.0 uploaded and installable
  • Old devpi stopped on indri

Post-Merge

Reset ArgoCD to main:

argocd app set apps --revision main && argocd app sync apps
argocd app set devpi --revision main && argocd app sync devpi

🤖 Generated with Claude Code

## Summary - Migrate devpi PyPI caching proxy from indri LaunchAgent to Kubernetes - Custom container image with devpi-server + devpi-web + auto-init - StatefulSet with 50Gi PVC, Tailscale Ingress at pypi.tail8d86e.ts.net - Remove devpi from ansible playbooks and update CLAUDE.md with k8s workflow ## Key Changes - Add CRI-O registry mirror config for registry.tail8d86e.ts.net - Change ArgoCD apps to manual sync (was auto-sync causing issues) - 2Gi memory limit for Whoosh indexer (reclaimed after startup) ## Deployment and Testing - [x] devpi pod healthy in k8s - [x] pip install through proxy works - [x] mcquack 1.0.0 uploaded and installable - [x] Old devpi stopped on indri ## Post-Merge Reset ArgoCD to main: ``` argocd app set apps --revision main && argocd app sync apps argocd app set devpi --revision main && argocd app sync devpi ``` 🤖 Generated with [Claude Code](https://claude.com/claude-code)
- Fresh start approach (no data migration needed)
- Build custom container with devpi-server + devpi-web
- Use StatefulSet for persistence
- Include verification steps for pip proxy and mcquack upload

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Dockerfile for devpi-server + devpi-web image
- StatefulSet with 50Gi PVC for data persistence
- Tailscale Ingress for pypi.tail8d86e.ts.net
- README with setup and usage instructions

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add Service Deployment section with ArgoCD PR workflow
- Document app-of-apps pattern and manual sync policy
- Add Tailscale hostname migration steps
- Update project structure to include argocd/ directory
- List services staying on indri vs moving to k8s
- Use fish syntax for shell blocks

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Auto-sync was causing issues with testing feature branches -
manual changes to targetRevision were being reverted.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Use host.containers.internal:5050 instead of registry.tail8d86e.ts.net
- Minikube's CRI-O can't resolve Tailscale DNS, but can reach Zot via podman host
- Also update CLAUDE.md to spell out kubectl commands (fish abbreviations don't work in scripts)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add direct access config for host.containers.internal:5050 (insecure)
- Add mirror config for registry.tail8d86e.ts.net -> host.containers.internal:5050
- Revert statefulset to use registry.tail8d86e.ts.net (cleaner, if mirror works)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Startup script checks for initialization and runs devpi-init if needed
- Root password passed via DEVPI_ROOT_PASSWORD env var from secret
- Secret template references 1Password vault item
- Updated README with setup instructions

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Kubernetes auto-sets DEVPI_PORT for service discovery, which conflicts
with our port configuration. Renamed to DEVPI_LISTEN_PORT.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
OOM during initialization - try modest increase first.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Remove devpi and devpi_metrics roles from indri.yml
- Remove svc:pypi from tailscale_serve config
- Remove devpi logs from alloy collection
- Remove devpi backup from borgmatic
- Update README with correct uvx --from devpi-client syntax

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The Whoosh search indexer needs significant memory during initial
PyPI index build. Using high limit with low request so memory is
reclaimed after indexing completes.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add P5_devpi.complete.md with implementation notes
- Document key learnings (registry mirrors, memory, env vars)
- Remove incomplete P5_devpi.md

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
eblume merged commit 0439fbb704 into main 2026-01-20 14:55:37 -08:00
eblume referenced this pull request from a commit 2026-01-20 14:55:38 -08:00
P5: Migrate devpi to Kubernetes (#34)
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
eblume/blumeops!34
No description provided.