parent
12d67b2d42
commit
40565fd2d0
30 changed files with 197 additions and 224 deletions
argocd/resources
cnpg/cluster/resources
dragonfly-operator/resources
ente/resources
external-dns/resources
fider/resources
forgejo
garage/resources
harbor/resources/dragonfly
hedgedoc/resources
kube-prometheus/config
linkwarden/resources
meali/resources
nextcloud/config
nocodb/resources
plausible/resources
postgres-operator/resources/db
s3-csi/patches
snips/resources
vaultwarden/resources
vikunja/resources
zipline/resources
|
@ -16,5 +16,4 @@ spec:
|
||||||
cpu: 50m
|
cpu: 50m
|
||||||
memory: 50Mi
|
memory: 50Mi
|
||||||
limits:
|
limits:
|
||||||
cpu: 100m
|
|
||||||
memory: 350Mi
|
memory: 350Mi
|
||||||
|
|
|
@ -50,7 +50,6 @@ spec:
|
||||||
cpu: 400m
|
cpu: 400m
|
||||||
memory: 600Mi
|
memory: 600Mi
|
||||||
limits:
|
limits:
|
||||||
cpu: 1200m
|
|
||||||
memory: 900Mi
|
memory: 900Mi
|
||||||
|
|
||||||
affinity:
|
affinity:
|
||||||
|
|
|
@ -36,75 +36,73 @@ spec:
|
||||||
- arm64
|
- arm64
|
||||||
requiredDuringSchedulingIgnoredDuringExecution:
|
requiredDuringSchedulingIgnoredDuringExecution:
|
||||||
nodeSelectorTerms:
|
nodeSelectorTerms:
|
||||||
- matchExpressions:
|
- matchExpressions:
|
||||||
- key: kubernetes.io/arch
|
- key: kubernetes.io/arch
|
||||||
operator: In
|
operator: In
|
||||||
values:
|
values:
|
||||||
- amd64
|
- amd64
|
||||||
- arm64
|
- arm64
|
||||||
- ppc64le
|
- ppc64le
|
||||||
- s390x
|
- s390x
|
||||||
- key: kubernetes.io/os
|
- key: kubernetes.io/os
|
||||||
operator: In
|
operator: In
|
||||||
values:
|
values:
|
||||||
- linux
|
- linux
|
||||||
containers:
|
containers:
|
||||||
- args:
|
- args:
|
||||||
- --secure-listen-address=0.0.0.0:8443
|
- --secure-listen-address=0.0.0.0:8443
|
||||||
- --upstream=http://127.0.0.1:8080/
|
- --upstream=http://127.0.0.1:8080/
|
||||||
- --logtostderr=true
|
- --logtostderr=true
|
||||||
- --v=0
|
- --v=0
|
||||||
image: kube-rbac-proxy
|
image: kube-rbac-proxy
|
||||||
name: kube-rbac-proxy
|
name: kube-rbac-proxy
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 8443
|
- containerPort: 8443
|
||||||
name: https
|
name: https
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
resources:
|
resources:
|
||||||
limits:
|
limits:
|
||||||
cpu: 500m
|
memory: 128Mi
|
||||||
memory: 128Mi
|
requests:
|
||||||
requests:
|
cpu: 5m
|
||||||
cpu: 5m
|
memory: 64Mi
|
||||||
memory: 64Mi
|
securityContext:
|
||||||
securityContext:
|
allowPrivilegeEscalation: false
|
||||||
allowPrivilegeEscalation: false
|
capabilities:
|
||||||
capabilities:
|
drop:
|
||||||
drop:
|
- ALL
|
||||||
- ALL
|
- args:
|
||||||
- args:
|
- --health-probe-bind-address=:8081
|
||||||
- --health-probe-bind-address=:8081
|
- --metrics-bind-address=127.0.0.1:8080
|
||||||
- --metrics-bind-address=127.0.0.1:8080
|
- --leader-elect
|
||||||
- --leader-elect
|
command:
|
||||||
command:
|
- /manager
|
||||||
- /manager
|
image: dragonfly-operator
|
||||||
image: dragonfly-operator
|
livenessProbe:
|
||||||
livenessProbe:
|
httpGet:
|
||||||
httpGet:
|
path: /healthz
|
||||||
path: /healthz
|
port: 8081
|
||||||
port: 8081
|
initialDelaySeconds: 15
|
||||||
initialDelaySeconds: 15
|
periodSeconds: 20
|
||||||
periodSeconds: 20
|
name: manager
|
||||||
name: manager
|
readinessProbe:
|
||||||
readinessProbe:
|
httpGet:
|
||||||
httpGet:
|
path: /readyz
|
||||||
path: /readyz
|
port: 8081
|
||||||
port: 8081
|
initialDelaySeconds: 5
|
||||||
initialDelaySeconds: 5
|
periodSeconds: 10
|
||||||
periodSeconds: 10
|
resources:
|
||||||
resources:
|
limits:
|
||||||
limits:
|
memory: 128Mi
|
||||||
cpu: 500m
|
requests:
|
||||||
memory: 128Mi
|
cpu: 10m
|
||||||
requests:
|
memory: 64Mi
|
||||||
cpu: 10m
|
securityContext:
|
||||||
memory: 64Mi
|
allowPrivilegeEscalation: false
|
||||||
securityContext:
|
capabilities:
|
||||||
allowPrivilegeEscalation: false
|
drop:
|
||||||
capabilities:
|
- ALL
|
||||||
drop:
|
|
||||||
- ALL
|
|
||||||
securityContext:
|
securityContext:
|
||||||
runAsNonRoot: true
|
runAsNonRoot: true
|
||||||
serviceAccountName: dragonfly-operator-controller-manager
|
serviceAccountName: dragonfly-operator-controller-manager
|
||||||
terminationGracePeriodSeconds: 10
|
terminationGracePeriodSeconds: 10
|
||||||
|
|
|
@ -31,7 +31,6 @@ spec:
|
||||||
cpu: "25m"
|
cpu: "25m"
|
||||||
limits:
|
limits:
|
||||||
memory: "128Mi"
|
memory: "128Mi"
|
||||||
cpu: "50m"
|
|
||||||
ports:
|
ports:
|
||||||
- name: http
|
- name: http
|
||||||
containerPort: 3000
|
containerPort: 3000
|
||||||
|
|
|
@ -16,5 +16,4 @@ spec:
|
||||||
cpu: 50m
|
cpu: 50m
|
||||||
memory: 50Mi
|
memory: 50Mi
|
||||||
limits:
|
limits:
|
||||||
cpu: 100m
|
|
||||||
memory: 350Mi
|
memory: 350Mi
|
||||||
|
|
|
@ -49,7 +49,6 @@ spec:
|
||||||
cpu: "50m"
|
cpu: "50m"
|
||||||
limits:
|
limits:
|
||||||
memory: "128Mi"
|
memory: "128Mi"
|
||||||
cpu: "250m"
|
|
||||||
ports:
|
ports:
|
||||||
- name: api
|
- name: api
|
||||||
containerPort: 8080
|
containerPort: 8080
|
||||||
|
|
|
@ -31,7 +31,6 @@ spec:
|
||||||
cpu: "25m"
|
cpu: "25m"
|
||||||
limits:
|
limits:
|
||||||
memory: "128Mi"
|
memory: "128Mi"
|
||||||
cpu: "50m"
|
|
||||||
ports:
|
ports:
|
||||||
- name: http
|
- name: http
|
||||||
containerPort: 3000
|
containerPort: 3000
|
||||||
|
|
|
@ -44,5 +44,4 @@ spec:
|
||||||
cpu: 50m
|
cpu: 50m
|
||||||
memory: 128Mi
|
memory: 128Mi
|
||||||
limits:
|
limits:
|
||||||
cpu: 100m
|
|
||||||
memory: 128Mi
|
memory: 128Mi
|
||||||
|
|
|
@ -36,7 +36,6 @@ spec:
|
||||||
name: fider-config
|
name: fider-config
|
||||||
resources:
|
resources:
|
||||||
limits:
|
limits:
|
||||||
cpu: 200m
|
|
||||||
memory: 200Mi
|
memory: 200Mi
|
||||||
requests:
|
requests:
|
||||||
cpu: 50m
|
cpu: 50m
|
||||||
|
@ -44,12 +43,12 @@ spec:
|
||||||
affinity:
|
affinity:
|
||||||
podAntiAffinity:
|
podAntiAffinity:
|
||||||
preferredDuringSchedulingIgnoredDuringExecution:
|
preferredDuringSchedulingIgnoredDuringExecution:
|
||||||
- weight: 100
|
- weight: 100
|
||||||
podAffinityTerm:
|
podAffinityTerm:
|
||||||
labelSelector:
|
labelSelector:
|
||||||
matchExpressions:
|
matchExpressions:
|
||||||
- key: app.kubernetes.io/name
|
- key: app.kubernetes.io/name
|
||||||
operator: In
|
operator: In
|
||||||
values:
|
values:
|
||||||
- fider
|
- fider
|
||||||
topologyKey: topology.kubernetes.io/zone
|
topologyKey: topology.kubernetes.io/zone
|
||||||
|
|
|
@ -9,7 +9,6 @@ ingress:
|
||||||
|
|
||||||
resources:
|
resources:
|
||||||
limits:
|
limits:
|
||||||
cpu: 500m
|
|
||||||
memory: 3Gi
|
memory: 3Gi
|
||||||
requests:
|
requests:
|
||||||
cpu: 250m
|
cpu: 250m
|
||||||
|
|
|
@ -16,7 +16,6 @@ persistence:
|
||||||
|
|
||||||
resources:
|
resources:
|
||||||
limits:
|
limits:
|
||||||
cpu: 100m
|
|
||||||
memory: 768Mi
|
memory: 768Mi
|
||||||
requests:
|
requests:
|
||||||
cpu: 100m
|
cpu: 100m
|
||||||
|
|
|
@ -16,5 +16,4 @@ spec:
|
||||||
cpu: 100m
|
cpu: 100m
|
||||||
memory: 350Mi
|
memory: 350Mi
|
||||||
limits:
|
limits:
|
||||||
cpu: 100m
|
memory: 350Mi
|
||||||
memory: 350Mi
|
|
||||||
|
|
|
@ -48,7 +48,6 @@ spec:
|
||||||
cpu: 300m
|
cpu: 300m
|
||||||
memory: 280Mi
|
memory: 280Mi
|
||||||
limits:
|
limits:
|
||||||
cpu: 750m
|
|
||||||
memory: 500Mi
|
memory: 500Mi
|
||||||
securityContext:
|
securityContext:
|
||||||
capabilities:
|
capabilities:
|
||||||
|
|
|
@ -16,5 +16,4 @@ spec:
|
||||||
cpu: 100m
|
cpu: 100m
|
||||||
memory: 350Mi
|
memory: 350Mi
|
||||||
limits:
|
limits:
|
||||||
cpu: 100m
|
|
||||||
memory: 350Mi
|
memory: 350Mi
|
||||||
|
|
|
@ -13,42 +13,41 @@ spec:
|
||||||
app.kubernetes.io/name: hedgedoc
|
app.kubernetes.io/name: hedgedoc
|
||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: hedgedoc
|
- name: hedgedoc
|
||||||
image: hedgedoc
|
image: hedgedoc
|
||||||
env:
|
env:
|
||||||
- name: CMD_DB_URL
|
- name: CMD_DB_URL
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: db-credentials-hedgedoc
|
name: db-credentials-hedgedoc
|
||||||
key: PQ_URL
|
key: PQ_URL
|
||||||
- name: NODE_EXTRA_CA_CERTS
|
- name: NODE_EXTRA_CA_CERTS
|
||||||
value: /certs/ca.crt
|
value: /certs/ca.crt
|
||||||
envFrom:
|
envFrom:
|
||||||
- secretRef:
|
- secretRef:
|
||||||
name: hedgedoc-config
|
name: hedgedoc-config
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 3000
|
- containerPort: 3000
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
name: web
|
name: web
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: upload-tmp
|
- name: upload-tmp
|
||||||
mountPath: /tmp
|
mountPath: /tmp
|
||||||
- name: pg-certs
|
- name: pg-certs
|
||||||
mountPath: /certs
|
mountPath: /certs
|
||||||
readOnly: true
|
readOnly: true
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
memory: "168Mi"
|
memory: "168Mi"
|
||||||
cpu: "50m"
|
cpu: "50m"
|
||||||
limits:
|
limits:
|
||||||
memory: "256Mi"
|
memory: "256Mi"
|
||||||
cpu: "500m"
|
securityContext:
|
||||||
securityContext:
|
allowPrivilegeEscalation: false
|
||||||
allowPrivilegeEscalation: false
|
capabilities:
|
||||||
capabilities:
|
drop:
|
||||||
drop:
|
- ALL
|
||||||
- ALL
|
readOnlyRootFilesystem: true
|
||||||
readOnlyRootFilesystem: true
|
|
||||||
securityContext:
|
securityContext:
|
||||||
runAsUser: 1000
|
runAsUser: 1000
|
||||||
runAsGroup: 1000
|
runAsGroup: 1000
|
||||||
|
@ -69,4 +68,4 @@ spec:
|
||||||
sizeLimit: 500Mi
|
sizeLimit: 500Mi
|
||||||
- name: pg-certs
|
- name: pg-certs
|
||||||
secret:
|
secret:
|
||||||
secretName: default-cluster-cluster-cert
|
secretName: default-cluster-cluster-cert
|
||||||
|
|
|
@ -24,7 +24,6 @@ prometheus:
|
||||||
cpu: 500m
|
cpu: 500m
|
||||||
limits:
|
limits:
|
||||||
memory: 2200Mi
|
memory: 2200Mi
|
||||||
cpu: 800m
|
|
||||||
storageSpec:
|
storageSpec:
|
||||||
volumeClaimTemplate:
|
volumeClaimTemplate:
|
||||||
spec:
|
spec:
|
||||||
|
|
|
@ -61,7 +61,6 @@ spec:
|
||||||
cpu: "50m"
|
cpu: "50m"
|
||||||
limits:
|
limits:
|
||||||
memory: "1500Mi"
|
memory: "1500Mi"
|
||||||
cpu: "500m"
|
|
||||||
readinessProbe:
|
readinessProbe:
|
||||||
httpGet:
|
httpGet:
|
||||||
path: /login
|
path: /login
|
||||||
|
@ -104,7 +103,6 @@ spec:
|
||||||
cpu: "50m"
|
cpu: "50m"
|
||||||
limits:
|
limits:
|
||||||
memory: "1500Mi"
|
memory: "1500Mi"
|
||||||
cpu: "500m"
|
|
||||||
securityContext:
|
securityContext:
|
||||||
allowPrivilegeEscalation: false
|
allowPrivilegeEscalation: false
|
||||||
capabilities:
|
capabilities:
|
||||||
|
@ -131,4 +129,4 @@ spec:
|
||||||
sizeLimit: 250Mi
|
sizeLimit: 250Mi
|
||||||
- name: node-cache
|
- name: node-cache
|
||||||
emptyDir:
|
emptyDir:
|
||||||
sizeLimit: 1500Mi
|
sizeLimit: 1500Mi
|
||||||
|
|
|
@ -34,7 +34,6 @@ spec:
|
||||||
name: meali-config
|
name: meali-config
|
||||||
resources:
|
resources:
|
||||||
limits:
|
limits:
|
||||||
cpu: 200m
|
|
||||||
memory: 500Mi
|
memory: 500Mi
|
||||||
requests:
|
requests:
|
||||||
cpu: 150m
|
cpu: 150m
|
||||||
|
|
|
@ -13,7 +13,6 @@ resources:
|
||||||
cpu: 50m
|
cpu: 50m
|
||||||
memory: 100Mi
|
memory: 100Mi
|
||||||
limits:
|
limits:
|
||||||
cpu: 250m
|
|
||||||
memory: 256Mi
|
memory: 256Mi
|
||||||
|
|
||||||
exporter:
|
exporter:
|
||||||
|
@ -24,7 +23,6 @@ exporter:
|
||||||
cpu: 50m
|
cpu: 50m
|
||||||
memory: 50Mi
|
memory: 50Mi
|
||||||
limits:
|
limits:
|
||||||
cpu: 150m
|
|
||||||
memory: 100Mi
|
memory: 100Mi
|
||||||
|
|
||||||
serviceMonitor:
|
serviceMonitor:
|
||||||
|
|
|
@ -63,7 +63,6 @@ spec:
|
||||||
cpu: "50m"
|
cpu: "50m"
|
||||||
limits:
|
limits:
|
||||||
memory: "256Mi"
|
memory: "256Mi"
|
||||||
cpu: "500m"
|
|
||||||
securityContext:
|
securityContext:
|
||||||
allowPrivilegeEscalation: false
|
allowPrivilegeEscalation: false
|
||||||
capabilities:
|
capabilities:
|
||||||
|
|
|
@ -16,5 +16,4 @@ spec:
|
||||||
cpu: 100m
|
cpu: 100m
|
||||||
memory: 350Mi
|
memory: 350Mi
|
||||||
limits:
|
limits:
|
||||||
cpu: 100m
|
memory: 350Mi
|
||||||
memory: 350Mi
|
|
||||||
|
|
|
@ -42,7 +42,6 @@ spec:
|
||||||
cpu: "250m"
|
cpu: "250m"
|
||||||
limits:
|
limits:
|
||||||
memory: "512Mi"
|
memory: "512Mi"
|
||||||
cpu: "500m"
|
|
||||||
securityContext:
|
securityContext:
|
||||||
allowPrivilegeEscalation: false
|
allowPrivilegeEscalation: false
|
||||||
capabilities:
|
capabilities:
|
||||||
|
|
|
@ -52,25 +52,24 @@ spec:
|
||||||
cpu: 500m
|
cpu: 500m
|
||||||
memory: 800Mi
|
memory: 800Mi
|
||||||
limits:
|
limits:
|
||||||
cpu: 500m
|
|
||||||
memory: 800Mi
|
memory: 800Mi
|
||||||
dataVolumeClaimSpec:
|
dataVolumeClaimSpec:
|
||||||
storageClassName: hcloud-volumes
|
storageClassName: hcloud-volumes
|
||||||
accessModes:
|
accessModes:
|
||||||
- "ReadWriteOnce"
|
- "ReadWriteOnce"
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
storage: 10Gi
|
storage: 10Gi
|
||||||
affinity:
|
affinity:
|
||||||
podAntiAffinity:
|
podAntiAffinity:
|
||||||
preferredDuringSchedulingIgnoredDuringExecution:
|
preferredDuringSchedulingIgnoredDuringExecution:
|
||||||
- weight: 1
|
- weight: 1
|
||||||
podAffinityTerm:
|
podAffinityTerm:
|
||||||
topologyKey: kubernetes.io/hostname
|
topologyKey: kubernetes.io/hostname
|
||||||
labelSelector:
|
labelSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
postgres-operator.crunchydata.com/cluster: default-cluster
|
postgres-operator.crunchydata.com/cluster: default-cluster
|
||||||
postgres-operator.crunchydata.com/instance-set: instance1
|
postgres-operator.crunchydata.com/instance-set: instance1
|
||||||
|
|
||||||
backups:
|
backups:
|
||||||
pgbackrest:
|
pgbackrest:
|
||||||
|
@ -79,8 +78,8 @@ spec:
|
||||||
options:
|
options:
|
||||||
- --type=full
|
- --type=full
|
||||||
configuration:
|
configuration:
|
||||||
- secret:
|
- secret:
|
||||||
name: pgo-s3-creds
|
name: pgo-s3-creds
|
||||||
global:
|
global:
|
||||||
repo1-retention-full: "14"
|
repo1-retention-full: "14"
|
||||||
repo1-retention-full-type: time
|
repo1-retention-full-type: time
|
||||||
|
@ -88,11 +87,11 @@ spec:
|
||||||
repo1-path: /pgbackrest/default-cluster/repo1
|
repo1-path: /pgbackrest/default-cluster/repo1
|
||||||
repo1-s3-uri-style: path
|
repo1-s3-uri-style: path
|
||||||
repos:
|
repos:
|
||||||
- name: repo1
|
- name: repo1
|
||||||
schedules:
|
schedules:
|
||||||
full: "0 1 * * 0"
|
full: "0 1 * * 0"
|
||||||
differential: "0 1 * * 1-6"
|
differential: "0 1 * * 1-6"
|
||||||
s3:
|
s3:
|
||||||
bucket: backup
|
bucket: backup
|
||||||
endpoint: s3.icb4dc0.de
|
endpoint: s3.icb4dc0.de
|
||||||
region: hel1
|
region: hel1
|
||||||
|
|
|
@ -5,7 +5,6 @@
|
||||||
cpu: 20m
|
cpu: 20m
|
||||||
memory: 15Mi
|
memory: 15Mi
|
||||||
limits:
|
limits:
|
||||||
cpu: 20m
|
|
||||||
memory: 15Mi
|
memory: 15Mi
|
||||||
- op: add
|
- op: add
|
||||||
path: "/spec/template/spec/containers/1/resources"
|
path: "/spec/template/spec/containers/1/resources"
|
||||||
|
@ -14,5 +13,4 @@
|
||||||
cpu: 100m
|
cpu: 100m
|
||||||
memory: 100Mi
|
memory: 100Mi
|
||||||
limits:
|
limits:
|
||||||
cpu: 100m
|
|
||||||
memory: 100Mi
|
memory: 100Mi
|
||||||
|
|
|
@ -17,7 +17,14 @@ spec:
|
||||||
initContainers:
|
initContainers:
|
||||||
- name: init-litestream
|
- name: init-litestream
|
||||||
image: litestream
|
image: litestream
|
||||||
args: ['restore', '-replica=Garage', '-if-db-not-exists', '-if-replica-exists', '/data/snips.db']
|
args:
|
||||||
|
[
|
||||||
|
"restore",
|
||||||
|
"-replica=Garage",
|
||||||
|
"-if-db-not-exists",
|
||||||
|
"-if-replica-exists",
|
||||||
|
"/data/snips.db",
|
||||||
|
]
|
||||||
env:
|
env:
|
||||||
- name: LITESTREAM_ACCESS_KEY_ID
|
- name: LITESTREAM_ACCESS_KEY_ID
|
||||||
valueFrom:
|
valueFrom:
|
||||||
|
@ -76,7 +83,6 @@ spec:
|
||||||
periodSeconds: 5
|
periodSeconds: 5
|
||||||
resources:
|
resources:
|
||||||
limits:
|
limits:
|
||||||
cpu: 100m
|
|
||||||
memory: 200Mi
|
memory: 200Mi
|
||||||
requests:
|
requests:
|
||||||
cpu: 50m
|
cpu: 50m
|
||||||
|
@ -95,7 +101,7 @@ spec:
|
||||||
readOnlyRootFilesystem: true
|
readOnlyRootFilesystem: true
|
||||||
- name: litestream
|
- name: litestream
|
||||||
image: litestream
|
image: litestream
|
||||||
args: ['replicate']
|
args: ["replicate"]
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: data
|
- name: data
|
||||||
mountPath: /data
|
mountPath: /data
|
||||||
|
@ -142,15 +148,15 @@ spec:
|
||||||
affinity:
|
affinity:
|
||||||
podAntiAffinity:
|
podAntiAffinity:
|
||||||
preferredDuringSchedulingIgnoredDuringExecution:
|
preferredDuringSchedulingIgnoredDuringExecution:
|
||||||
- weight: 100
|
- weight: 100
|
||||||
podAffinityTerm:
|
podAffinityTerm:
|
||||||
labelSelector:
|
labelSelector:
|
||||||
matchExpressions:
|
matchExpressions:
|
||||||
- key: app.kubernetes.io/name
|
- key: app.kubernetes.io/name
|
||||||
operator: In
|
operator: In
|
||||||
values:
|
values:
|
||||||
- snips
|
- snips
|
||||||
topologyKey: topology.kubernetes.io/zone
|
topologyKey: topology.kubernetes.io/zone
|
||||||
volumes:
|
volumes:
|
||||||
- name: data
|
- name: data
|
||||||
emptyDir: {}
|
emptyDir: {}
|
||||||
|
|
|
@ -30,7 +30,6 @@ spec:
|
||||||
resources:
|
resources:
|
||||||
limits:
|
limits:
|
||||||
memory: "128Mi"
|
memory: "128Mi"
|
||||||
cpu: "500m"
|
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 8080
|
- containerPort: 8080
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
|
|
|
@ -51,7 +51,7 @@ spec:
|
||||||
resourceFieldRef:
|
resourceFieldRef:
|
||||||
resource: limits.memory
|
resource: limits.memory
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 3456
|
- containerPort: 3456
|
||||||
securityContext:
|
securityContext:
|
||||||
allowPrivilegeEscalation: false
|
allowPrivilegeEscalation: false
|
||||||
readOnlyRootFilesystem: true
|
readOnlyRootFilesystem: true
|
||||||
|
@ -65,7 +65,6 @@ spec:
|
||||||
cpu: 20m
|
cpu: 20m
|
||||||
limits:
|
limits:
|
||||||
memory: "100Mi"
|
memory: "100Mi"
|
||||||
cpu: "50m"
|
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: vikunja-config
|
- name: vikunja-config
|
||||||
mountPath: /etc/vikunja
|
mountPath: /etc/vikunja
|
||||||
|
|
|
@ -16,5 +16,4 @@ spec:
|
||||||
cpu: 50m
|
cpu: 50m
|
||||||
memory: 50Mi
|
memory: 50Mi
|
||||||
limits:
|
limits:
|
||||||
cpu: 100m
|
|
||||||
memory: 350Mi
|
memory: 350Mi
|
||||||
|
|
|
@ -18,22 +18,21 @@ spec:
|
||||||
app.kubernetes.io/part-of: vikunja
|
app.kubernetes.io/part-of: vikunja
|
||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: vikunja-ui
|
- name: vikunja-ui
|
||||||
image: vikunja-ui
|
image: vikunja-ui
|
||||||
env:
|
env:
|
||||||
- name: VIKUNJA_API_URL
|
- name: VIKUNJA_API_URL
|
||||||
value: https://todo.icb4dc0.de/api/v1
|
value: https://todo.icb4dc0.de/api/v1
|
||||||
- name: VIKUNJA_HTTP_PORT
|
- name: VIKUNJA_HTTP_PORT
|
||||||
value: "8080"
|
value: "8080"
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
memory: 15Mi
|
memory: 15Mi
|
||||||
cpu: 10m
|
cpu: 10m
|
||||||
limits:
|
limits:
|
||||||
memory: "50Mi"
|
memory: "50Mi"
|
||||||
cpu: "50m"
|
ports:
|
||||||
ports:
|
- containerPort: 8080
|
||||||
- containerPort: 8080
|
|
||||||
affinity:
|
affinity:
|
||||||
nodeAffinity:
|
nodeAffinity:
|
||||||
preferredDuringSchedulingIgnoredDuringExecution:
|
preferredDuringSchedulingIgnoredDuringExecution:
|
||||||
|
|
|
@ -14,37 +14,36 @@ spec:
|
||||||
app.kubernetes.io/name: zipline
|
app.kubernetes.io/name: zipline
|
||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: zipline
|
- name: zipline
|
||||||
image: zipline
|
image: zipline
|
||||||
env:
|
env:
|
||||||
- name: CORE_DATABASE_URL
|
- name: CORE_DATABASE_URL
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: db-credentials-zipline
|
name: db-credentials-zipline
|
||||||
key: PQ_URL
|
key: PQ_URL
|
||||||
envFrom:
|
envFrom:
|
||||||
- secretRef:
|
- secretRef:
|
||||||
name: zipline-config
|
name: zipline-config
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 3000
|
- containerPort: 3000
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
name: web
|
name: web
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- mountPath: /tmp
|
- mountPath: /tmp
|
||||||
name: temp
|
name: temp
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
memory: "256Mi"
|
memory: "256Mi"
|
||||||
cpu: "50m"
|
cpu: "50m"
|
||||||
limits:
|
limits:
|
||||||
memory: "512Mi"
|
memory: "512Mi"
|
||||||
cpu: "500m"
|
securityContext:
|
||||||
securityContext:
|
allowPrivilegeEscalation: false
|
||||||
allowPrivilegeEscalation: false
|
capabilities:
|
||||||
capabilities:
|
drop:
|
||||||
drop:
|
- ALL
|
||||||
- ALL
|
readOnlyRootFilesystem: true
|
||||||
readOnlyRootFilesystem: true
|
|
||||||
affinity:
|
affinity:
|
||||||
nodeAffinity:
|
nodeAffinity:
|
||||||
preferredDuringSchedulingIgnoredDuringExecution:
|
preferredDuringSchedulingIgnoredDuringExecution:
|
||||||
|
@ -62,4 +61,4 @@ spec:
|
||||||
securityContext:
|
securityContext:
|
||||||
runAsUser: 1000
|
runAsUser: 1000
|
||||||
runAsGroup: 1000
|
runAsGroup: 1000
|
||||||
runAsNonRoot: true
|
runAsNonRoot: true
|
||||||
|
|
Loading…
Add table
Add a link
Reference in a new issue