badjware
/
home-stack-kustomize
1
0
Fork 0
Code Releases Activity

tweak resource requests/limits, fix drone persistence

This commit is contained in:
Massaki Archambault 2021-09-02 00:00:42 -04:00
parent cae45d5676
commit 4df81101ad
6 changed files with 38 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
kustomize/bases/drone/drone-runner-deployment.yaml
View File

@ -38,11 +38,11 @@ spec:
containerPort: 3000 containerPort: 3000
resources: resources:
requests: requests:
cpu: 1000m cpu: 250m
memory: 1Gi memory: 250Mi
limits: limits:
cpu: 2000m cpu: 500m
memory: 2Gi memory: 500Mi
--- ---
kind: Role kind: Role
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1

28
kustomize/bases/drone/drone-server-deployment.yaml
View File

@ -6,6 +6,9 @@ metadata:
app.kubernetes.io/name: drone app.kubernetes.io/name: drone
app.kubernetes.io/component: server app.kubernetes.io/component: server
spec: spec:
replicas: 1
strategy:
type: Recreate
selector: selector:
matchLabels: matchLabels:
app.kubernetes.io/name: drone app.kubernetes.io/name: drone
@ -43,16 +46,39 @@ spec:
secretKeyRef: secretKeyRef:
name: drone-secret name: drone-secret
key: rpc_secret key: rpc_secret
- name: DRONE_DATABASE_SECRET
valueFrom:
secretKeyRef:
name: drone-secret
key: database_secret
ports: ports:
- name: http - name: http
containerPort: 80 containerPort: 80
resources: resources:
requests: requests:
cpu: 500m cpu: 250m
memory: 250Mi memory: 250Mi
limits: limits:
cpu: 500m cpu: 500m
memory: 500Mi memory: 500Mi
volumeMounts:
- mountPath: /data
name: drone-server-pv
volumes:
- name: drone-server-pv
persistentVolumeClaim:
claimName: drone-server-pvc
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: drone-server-pvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
--- ---
apiVersion: v1 apiVersion: v1
kind: Service kind: Service

1
kustomize/bases/drone/kustomization.yaml
View File

@ -8,6 +8,7 @@ secretGenerator:
type: Opaque type: Opaque
literals: literals:
- rpc_secret=changeme - rpc_secret=changeme
- database_secret=changeme
- name: drone-gitea-oauth-secret - name: drone-gitea-oauth-secret
type: Opaque type: Opaque
literals: literals:

8
kustomize/bases/nextcloud/nextcloud-deployment.yaml
View File

@ -66,11 +66,11 @@ spec:
containerPort: 80 containerPort: 80
resources: resources:
requests: requests:
cpu: 750m cpu: 1500m
memory: 1Gi memory: 1.5Gi
limits: limits:
cpu: 1000m cpu: 2000m
memory: 1Gi memory: 2Gi
volumeMounts: volumeMounts:
- name: nextcloud-pv - name: nextcloud-pv
mountPath: /var/www/html mountPath: /var/www/html

1
kustomize/bases/traefik/traefik-helmchartconfig.yaml
View File

@ -6,6 +6,7 @@ spec:
valuesContent: |- valuesContent: |-
additionalArguments: additionalArguments:
- '--entryPoints.web.forwardedHeaders.insecure' - '--entryPoints.web.forwardedHeaders.insecure'
- '--entryPoints.websecure.forwardedHeaders.insecure'
- '--serversTransport.insecureSkipVerify=true' - '--serversTransport.insecureSkipVerify=true'
- '--metrics.prometheus=true' - '--metrics.prometheus=true'
ports: ports:

1
kustomize/overlays/prod/kustomization.yaml
View File

@ -31,6 +31,7 @@ secretGenerator:
behavior: replace behavior: replace
literals: literals:
- rpc_secret=${ssm:/k3s/prod/drone/gitea/rpc_secret} - rpc_secret=${ssm:/k3s/prod/drone/gitea/rpc_secret}
- database_secret=${ssm:/k3s/prod/drone/gitea/database_secret}
# https://docs.drone.io/server/provider/gitea/ # https://docs.drone.io/server/provider/gitea/
- name: drone-gitea-oauth-secret - name: drone-gitea-oauth-secret
type: Opaque type: Opaque