chore: Update Weave self-managed docs #1773
Conversation
📚 Mintlify Preview Links📝 Changed (1 total)📄 Pages (1)
🤖 Generated automatically when Mintlify deployment succeeds |
| C --> F["ClickHouse Keeper Cluster<br/>keeper-0 · keeper-1 · keeper-2"] | ||
| D --> F | ||
| E --> F | ||
| F --> G["S3 Storage<br/>(AWS/MinIO)"] |
There was a problem hiding this comment.
The bucket needs to be connected to the ClickHouse Cluster, not Keeper. My previous architecture wasn’t completely correct, I tried to generalize the entire cluster connected to the Bucket
| ### Required Resources | ||
| Self-managed Weave instances require the following resources: | ||
|
|
||
| - **Kubernetes Cluster**: Version 1.24+ |
There was a problem hiding this comment.
Let’s bump this to 1.29+ to be inline with the Modela documentation
|
|
||
| # User configuration | ||
| users: | ||
| weave/password: weave123 |
There was a problem hiding this comment.
The hints to create an encrypted password are very important. I’m going to add it
| <!-- Update with your S3 bucket endpoint and region --> | ||
| <endpoint>https://YOUR-BUCKET-NAME.s3.YOUR-REGION.amazonaws.com/s3_disk/{replica}</endpoint> | ||
| <metadata_path>/var/lib/clickhouse/disks/s3_disk/</metadata_path> | ||
| <!-- Use environment credentials (IRSA) or remove for access keys --> |
There was a problem hiding this comment.
This comment can be removed, since I created the credentials and added them to env vars, the ClickHouse will pull it from there, as if it was using IRSA.
| 8. **Cluster Naming**: The cluster name `weavecluster` can be changed, but it must match the `WF_CLICKHOUSE_REPLICATED_CLUSTER` value in Step 5 | ||
| 9. **Credentials**: | ||
| - For IRSA: Keep `<use_environment_credentials>true</use_environment_credentials>` | ||
| - For access keys: Remove this line and ClickHouse will use the environment variables from the secret |
| 7. **Keeper Hostnames**: The Keeper node hostnames **must match** your Keeper deployment naming from Step 3 (see "Understanding Keeper Naming" below) | ||
| 8. **Cluster Naming**: The cluster name `weavecluster` can be changed, but it must match the `WF_CLICKHOUSE_REPLICATED_CLUSTER` value in Step 5 | ||
| 9. **Credentials**: | ||
| - For IRSA: Keep `<use_environment_credentials>true</use_environment_credentials>` |
There was a problem hiding this comment.
Add “or access or secrets keys mapped to env vars”
| <region>us-east-1</region> | ||
| ``` | ||
|
|
||
| **Do not remove `{replica}`** - this ensures each ClickHouse replica writes to its own folder in the bucket. |
There was a problem hiding this comment.
Maybe add a
| 2. **Horizontal Scaling**: Add more replicas (requires careful planning) | ||
| - Increasing replicas requires data rebalancing | ||
| - Consult ClickHouse documentation for shard management | ||
| - **Contact W&B Support** before implementing horizontal scaling in production |
There was a problem hiding this comment.
Contact SA, not support
| 2. **Network Policies**: Consider implementing NetworkPolicies to restrict ClickHouse access | ||
| 3. **RBAC**: Ensure service accounts have minimal required permissions | ||
| 4. **S3 Bucket**: Enable encryption at rest and restrict bucket access to necessary IAM roles | ||
| 5. **TLS**: For production, enable TLS for ClickHouse client connections |
2 participants
Description
Revamp the Weave self-managed installation docs.