ops: pause portal/ariadne and add migrate jobs
This commit is contained in:
parent
8e3fe266aa
commit
156effebe3
@ -5,7 +5,7 @@ metadata:
|
|||||||
name: bstein-dev-home-backend
|
name: bstein-dev-home-backend
|
||||||
namespace: bstein-dev-home
|
namespace: bstein-dev-home
|
||||||
spec:
|
spec:
|
||||||
replicas: 1
|
replicas: 0
|
||||||
revisionHistoryLimit: 3
|
revisionHistoryLimit: 3
|
||||||
selector:
|
selector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@ -99,6 +99,20 @@ spec:
|
|||||||
value: ""
|
value: ""
|
||||||
- name: HTTP_CHECK_TIMEOUT_SEC
|
- name: HTTP_CHECK_TIMEOUT_SEC
|
||||||
value: "2"
|
value: "2"
|
||||||
|
- name: PORTAL_DB_POOL_MIN
|
||||||
|
value: "0"
|
||||||
|
- name: PORTAL_DB_POOL_MAX
|
||||||
|
value: "5"
|
||||||
|
- name: PORTAL_DB_CONNECT_TIMEOUT_SEC
|
||||||
|
value: "5"
|
||||||
|
- name: PORTAL_DB_LOCK_TIMEOUT_SEC
|
||||||
|
value: "5"
|
||||||
|
- name: PORTAL_DB_STATEMENT_TIMEOUT_SEC
|
||||||
|
value: "30"
|
||||||
|
- name: PORTAL_DB_IDLE_IN_TX_TIMEOUT_SEC
|
||||||
|
value: "10"
|
||||||
|
- name: PORTAL_RUN_MIGRATIONS
|
||||||
|
value: "false"
|
||||||
- name: ACCESS_REQUEST_SUBMIT_RATE_LIMIT
|
- name: ACCESS_REQUEST_SUBMIT_RATE_LIMIT
|
||||||
value: "30"
|
value: "30"
|
||||||
- name: ACCESS_REQUEST_SUBMIT_RATE_WINDOW_SEC
|
- name: ACCESS_REQUEST_SUBMIT_RATE_WINDOW_SEC
|
||||||
|
|||||||
@ -5,7 +5,7 @@ metadata:
|
|||||||
name: chat-ai-gateway
|
name: chat-ai-gateway
|
||||||
namespace: bstein-dev-home
|
namespace: bstein-dev-home
|
||||||
spec:
|
spec:
|
||||||
replicas: 1
|
replicas: 0
|
||||||
revisionHistoryLimit: 2
|
revisionHistoryLimit: 2
|
||||||
selector:
|
selector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
|
|||||||
@ -5,7 +5,7 @@ metadata:
|
|||||||
name: bstein-dev-home-frontend
|
name: bstein-dev-home-frontend
|
||||||
namespace: bstein-dev-home
|
namespace: bstein-dev-home
|
||||||
spec:
|
spec:
|
||||||
replicas: 1
|
replicas: 0
|
||||||
revisionHistoryLimit: 3
|
revisionHistoryLimit: 3
|
||||||
selector:
|
selector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
|
|||||||
@ -15,6 +15,7 @@ resources:
|
|||||||
- frontend-service.yaml
|
- frontend-service.yaml
|
||||||
- backend-deployment.yaml
|
- backend-deployment.yaml
|
||||||
- backend-service.yaml
|
- backend-service.yaml
|
||||||
|
- portal-migrate-job.yaml
|
||||||
- vaultwarden-cred-sync-cronjob.yaml
|
- vaultwarden-cred-sync-cronjob.yaml
|
||||||
- portal-onboarding-e2e-test-job.yaml
|
- portal-onboarding-e2e-test-job.yaml
|
||||||
- ingress.yaml
|
- ingress.yaml
|
||||||
|
|||||||
41
services/bstein-dev-home/portal-migrate-job.yaml
Normal file
41
services/bstein-dev-home/portal-migrate-job.yaml
Normal file
@ -0,0 +1,41 @@
|
|||||||
|
# services/bstein-dev-home/portal-migrate-job.yaml
|
||||||
|
apiVersion: batch/v1
|
||||||
|
kind: Job
|
||||||
|
metadata:
|
||||||
|
name: bstein-dev-home-portal-migrate
|
||||||
|
namespace: bstein-dev-home
|
||||||
|
spec:
|
||||||
|
backoffLimit: 1
|
||||||
|
ttlSecondsAfterFinished: 3600
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
app: bstein-dev-home-portal-migrate
|
||||||
|
annotations:
|
||||||
|
vault.hashicorp.com/agent-inject: "true"
|
||||||
|
vault.hashicorp.com/role: "bstein-dev-home"
|
||||||
|
vault.hashicorp.com/agent-inject-secret-portal-env.sh: "kv/data/atlas/portal/atlas-portal-db"
|
||||||
|
vault.hashicorp.com/agent-inject-template-portal-env.sh: |
|
||||||
|
{{ with secret "kv/data/atlas/portal/atlas-portal-db" }}
|
||||||
|
export PORTAL_DATABASE_URL="{{ .Data.data.PORTAL_DATABASE_URL }}"
|
||||||
|
{{ end }}
|
||||||
|
spec:
|
||||||
|
serviceAccountName: bstein-dev-home
|
||||||
|
restartPolicy: Never
|
||||||
|
nodeSelector:
|
||||||
|
kubernetes.io/arch: arm64
|
||||||
|
node-role.kubernetes.io/worker: "true"
|
||||||
|
imagePullSecrets:
|
||||||
|
- name: harbor-regcred
|
||||||
|
containers:
|
||||||
|
- name: migrate
|
||||||
|
image: registry.bstein.dev/bstein/bstein-dev-home-backend:0.1.1-95
|
||||||
|
imagePullPolicy: Always
|
||||||
|
command: ["/bin/sh", "-c"]
|
||||||
|
args:
|
||||||
|
- >-
|
||||||
|
. /vault/secrets/portal-env.sh
|
||||||
|
&& exec python -m atlas_portal.migrate
|
||||||
|
env:
|
||||||
|
- name: PORTAL_RUN_MIGRATIONS
|
||||||
|
value: "true"
|
||||||
@ -5,7 +5,7 @@ metadata:
|
|||||||
name: bstein-dev-home-vault-sync
|
name: bstein-dev-home-vault-sync
|
||||||
namespace: bstein-dev-home
|
namespace: bstein-dev-home
|
||||||
spec:
|
spec:
|
||||||
replicas: 1
|
replicas: 0
|
||||||
selector:
|
selector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
app: bstein-dev-home-vault-sync
|
app: bstein-dev-home-vault-sync
|
||||||
|
|||||||
@ -5,7 +5,7 @@ metadata:
|
|||||||
name: ariadne
|
name: ariadne
|
||||||
namespace: maintenance
|
namespace: maintenance
|
||||||
spec:
|
spec:
|
||||||
replicas: 1
|
replicas: 0
|
||||||
revisionHistoryLimit: 3
|
revisionHistoryLimit: 3
|
||||||
selector:
|
selector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@ -129,6 +129,20 @@ spec:
|
|||||||
value: https://bstein.dev
|
value: https://bstein.dev
|
||||||
- name: ARIADNE_LOG_LEVEL
|
- name: ARIADNE_LOG_LEVEL
|
||||||
value: INFO
|
value: INFO
|
||||||
|
- name: ARIADNE_DB_POOL_MIN
|
||||||
|
value: "0"
|
||||||
|
- name: ARIADNE_DB_POOL_MAX
|
||||||
|
value: "5"
|
||||||
|
- name: ARIADNE_DB_CONNECT_TIMEOUT_SEC
|
||||||
|
value: "5"
|
||||||
|
- name: ARIADNE_DB_LOCK_TIMEOUT_SEC
|
||||||
|
value: "5"
|
||||||
|
- name: ARIADNE_DB_STATEMENT_TIMEOUT_SEC
|
||||||
|
value: "30"
|
||||||
|
- name: ARIADNE_DB_IDLE_IN_TX_TIMEOUT_SEC
|
||||||
|
value: "10"
|
||||||
|
- name: ARIADNE_RUN_MIGRATIONS
|
||||||
|
value: "false"
|
||||||
- name: PORTAL_ADMIN_USERS
|
- name: PORTAL_ADMIN_USERS
|
||||||
value: bstein
|
value: bstein
|
||||||
- name: PORTAL_ADMIN_GROUPS
|
- name: PORTAL_ADMIN_GROUPS
|
||||||
|
|||||||
42
services/maintenance/ariadne-migrate-job.yaml
Normal file
42
services/maintenance/ariadne-migrate-job.yaml
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
# services/maintenance/ariadne-migrate-job.yaml
|
||||||
|
apiVersion: batch/v1
|
||||||
|
kind: Job
|
||||||
|
metadata:
|
||||||
|
name: ariadne-migrate
|
||||||
|
namespace: maintenance
|
||||||
|
spec:
|
||||||
|
backoffLimit: 1
|
||||||
|
ttlSecondsAfterFinished: 3600
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
app: ariadne-migrate
|
||||||
|
annotations:
|
||||||
|
vault.hashicorp.com/agent-inject: "true"
|
||||||
|
vault.hashicorp.com/role: "maintenance"
|
||||||
|
vault.hashicorp.com/agent-inject-secret-ariadne-env.sh: "kv/data/atlas/maintenance/ariadne-db"
|
||||||
|
vault.hashicorp.com/agent-inject-template-ariadne-env.sh: |
|
||||||
|
{{ with secret "kv/data/atlas/maintenance/ariadne-db" }}
|
||||||
|
export ARIADNE_DATABASE_URL="{{ .Data.data.database_url }}"
|
||||||
|
{{ end }}
|
||||||
|
{{ with secret "kv/data/atlas/portal/atlas-portal-db" }}
|
||||||
|
export PORTAL_DATABASE_URL="{{ .Data.data.PORTAL_DATABASE_URL }}"
|
||||||
|
{{ end }}
|
||||||
|
spec:
|
||||||
|
serviceAccountName: ariadne
|
||||||
|
restartPolicy: Never
|
||||||
|
nodeSelector:
|
||||||
|
kubernetes.io/arch: arm64
|
||||||
|
node-role.kubernetes.io/worker: "true"
|
||||||
|
containers:
|
||||||
|
- name: migrate
|
||||||
|
image: registry.bstein.dev/bstein/ariadne:0.1.0-0
|
||||||
|
imagePullPolicy: Always
|
||||||
|
command: ["/bin/sh", "-c"]
|
||||||
|
args:
|
||||||
|
- >-
|
||||||
|
. /vault/secrets/ariadne-env.sh
|
||||||
|
&& exec python -m ariadne.migrate
|
||||||
|
env:
|
||||||
|
- name: ARIADNE_RUN_MIGRATIONS
|
||||||
|
value: "true"
|
||||||
@ -14,6 +14,7 @@ resources:
|
|||||||
- node-nofile-serviceaccount.yaml
|
- node-nofile-serviceaccount.yaml
|
||||||
- pod-cleaner-rbac.yaml
|
- pod-cleaner-rbac.yaml
|
||||||
- ariadne-deployment.yaml
|
- ariadne-deployment.yaml
|
||||||
|
- ariadne-migrate-job.yaml
|
||||||
- ariadne-service.yaml
|
- ariadne-service.yaml
|
||||||
- disable-k3s-traefik-daemonset.yaml
|
- disable-k3s-traefik-daemonset.yaml
|
||||||
- k3s-traefik-cleanup-job.yaml
|
- k3s-traefik-cleanup-job.yaml
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user