forked from OriHoch/budgetkey-k8s
-
Notifications
You must be signed in to change notification settings - Fork 2
/
values-hasadna.yaml
136 lines (122 loc) · 5.36 KB
/
values-hasadna.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
global:
namespace: budgetkey
serverName: next.obudget.org
auth:
# see the auth configmap for the required keys
secretName: auth
# prevent unexpected upgrade / discrepency of images between nodes
image: datopian/auth@sha256:b0ca1a6243a46df92ae5d975e72dfcda4367e479e20399b8ce2b42458990a9fb
data-api:
# kubectl create secret generic data-api --from-literal=DATABASE_URL=postgresql://*****:*****@postgres/budgetkey
secretName: data-api
db-backup:
image: orihoch/kubernetes-db-to-s3@sha256:1f76ced68223d526886654835d411d11a81db367f7dce048129c5f6cce93325a
enabled: false
createClusterRole: true
# kubectl create secret generic db-backup --from-literal=S3_BUCKET= \
# --from-literal=S3_NAMESPACE= \
# --from-literal=AWS_ACCESS_KEY= \
# --from-literal=AWS_SECRET_KEY= \
# --from-literal=S3_HOST= \
# --from-literal=S3_HOST_BUCKET="
secretName: db-backup
emails:
enabled: true
secretName: emails
elasticsearch:
# gcloud --project=hasadna-general compute disks create --size=100GB --zone=europe-west1-b budgetkey-elasticsearch-data
# gcePersistentDiskName: budgetkey-elasticsearch-data-2
nfsServer: "172.16.0.9"
nfsPath: "/budgetkey/elasticsearch"
resources: >
{"requests": {"cpu": "3000m", "memory": "4Gi"}, "limits": {"cpu": "3500m", "memory": "6Gi"}}
ES_JAVA_OPTS: "-Xms3g -Xmx3g"
# prevents elasticsearch from scheduling on the same pod as pipelines and nginx
# enableAntiAffinity: true
elasticsearch-new:
# gcloud --project=hasadna-general compute disks create --size=100GB --zone=europe-west1-b budgetkey-elasticsearch-data
# gcePersistentDiskName: budgetkey-elasticsearch-data-new
nfsServer: "172.16.0.9"
nfsPath: "/budgetkey/elasticsearch-new"
resources: >
{"requests": {"cpu": "300m", "memory": "5271Mi"}, "limits": {"cpu": "800m", "memory": "9000Mi"}}
ES_JAVA_OPTS: "-Xms3g -Xmx3g"
secretName: budgetkey-elasticsearch
list-manager:
# kubectl create secret generic list-manager --from-literal=DATABASE_URL=
secretName: list-manager
data-input:
nfsServer: "172.16.0.9"
nfsPath: "/budgetkey/data-input-db"
# dataInputServerImage: "budgetkey/budgetkey-app-data-input"
# kubectl create secret generic data-input --from-literal=DATABASE_URL=
secretName: data-input
dgp-server:
# kubectl create secret generic dgp-server --from-literal=DATABASE_URL=
secretName: dgp-server
nginx:
# enableLoadBalancer: true
# gcloud --project=hasadna-general compute addresses create budgetkey-nginx --region=europe-west1
# gcloud --project=hasadna-general compute addresses describe budgetkey-nginx --region=europe-west1 | grep ^address:
# loadBalancerIP: 35.195.110.140
# prevents nginx from scheduling on the same node as elasticsearch
enableAntiAffinity: false
hosts:
- new.obudget.org
- next.obudget.org
- data.obudget.org
- socialmap.org.il
- www.socialmap.org.il
- kibana.obudget.org
- www.obudget.org
- obudget.org
- pipelines.obudget.org
- dgp.obudget.org
- data-input.obudget.org
- socialpro.org.il
- www.socialpro.org.il
pipelines:
# see the pipelines configmap for the required keys
secretName: pipelines
resources: >
{"requests": {"cpu": "2822m", "memory": "5546Mi"}, "limits": {"cpu": "2822m", "memory": "9000Mi"}}
# prevents pipelines from scheduling on the same node as elasticsearch
# enableAntiAffinity: true
# gcePersistentDiskName: budgetkey-pipelines-data-3
nfsServer: "172.16.0.9"
nfsPath: "/budgetkey/pipelines"
postgres:
# gcloud --project=hasadna-general compute disks create --size=100GB --zone=europe-west1-b budgetkey-postgres-data
# gcePersistentDiskName: budgetkey-postgres-data-2
nfsServer: "172.16.0.9"
nfsPath: "/budgetkey/postgres"
# kubectl create secret generic postgres --from-literal=POSTGRES_PASSWORD=
secretName: postgres
# enableLoadBalancer: true
# gcloud --project=hasadna-general compute addresses create budgetkey-postgres --region=europe-west1
# gcloud --project=hasadna-general compute addresses describe budgetkey-postgres --region=europe-west1 | grep ^address:
# loadBalancerIP: 35.189.219.73
resources: >
{"requests": {"cpu": "1554m", "memory": "9641Mi"}, "limits": {"memory": "15000Mi"}}
# prevents postgres from scheduling on the same node as elasticsearch and pipelines
# enableAntiAffinity: true
# node selector is needed due to host port
# dns is updated automatically when node changes, so just remove the nodeSelector
# or set to the desired node name
nodeSelector: 'kubernetes.io/hostname: hasadna-worker2'
# to get the postgres node external ip:
# kubectl get nodes -l budgetkey-postgres=true -o 'jsonpath={.items[0].status.addresses[?(@.type=='"'"'ExternalIP'"'"')].address}'
# you will also need to allow firewall to access it (port 5432)
enableHostPort: true
# see https://github.com/OriHoch/kube-ip-dns-updater
# kubeIpDnsUpdaterSecret: postgres-dns-updater
# see environments/budgetkey/publicdb-kube-ip-dns-updater-rbac.yaml
# kubeIpDnsUpdaterServiceAccountName: budgetkey-postgres-kube-ip-dns-updater
search-api:
INDEX_NAME: 'budgetkey02'
# was: budgetkey_20180705090302400922_aa29c55d'
api:
secretName: api
indexName: 'budgetkey02'
nfsServer: "172.16.0.9"
nfsPath: "/budgetkey/api"