From 16f8c065a5781410d0a95ed15832410478930f02 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20J=C3=A4ckle?= Date: Fri, 15 Nov 2024 10:11:29 +0100 Subject: [PATCH] enhance Helm chart by startupProbe * and more configuration options, e.g. several topologySpreadConstraints * also configure "ephemeral-storage" requests and limits --- deployment/helm/ditto/Chart.yaml | 2 +- .../ditto/scripts/patch-pods-deletion-cost.sh | 20 ++- .../templates/connectivity-deployment.yaml | 32 +++- .../ditto/templates/dittoui-deployment.yaml | 19 ++- .../ditto/templates/gateway-deployment.yaml | 32 +++- .../ditto/templates/nginx-deployment.yaml | 19 ++- .../ditto/templates/policies-deployment.yaml | 32 +++- .../ditto/templates/swaggerui-deployment.yaml | 19 ++- .../ditto/templates/things-deployment.yaml | 34 +++- .../templates/thingssearch-deployment.yaml | 31 +++- deployment/helm/ditto/values.yaml | 159 ++++++++++++------ 11 files changed, 276 insertions(+), 123 deletions(-) diff --git a/deployment/helm/ditto/Chart.yaml b/deployment/helm/ditto/Chart.yaml index 8b7210cbef..7138954a39 100644 --- a/deployment/helm/ditto/Chart.yaml +++ b/deployment/helm/ditto/Chart.yaml @@ -16,7 +16,7 @@ description: | A digital twin is a virtual, cloud based, representation of his real world counterpart (real world “Things”, e.g. devices like sensors, smart heating, connected cars, smart grids, EV charging stations etc). type: application -version: 3.6.2 # chart version is effectively set by release-job +version: 3.6.3 # chart version is effectively set by release-job appVersion: 3.6.2 keywords: - iot-chart diff --git a/deployment/helm/ditto/scripts/patch-pods-deletion-cost.sh b/deployment/helm/ditto/scripts/patch-pods-deletion-cost.sh index fa14e1a587..1e6ae94e96 100644 --- a/deployment/helm/ditto/scripts/patch-pods-deletion-cost.sh +++ b/deployment/helm/ditto/scripts/patch-pods-deletion-cost.sh @@ -25,8 +25,9 @@ curl --fail --silent --cacert ${CACERT} -H "Authorization: Bearer ${TOKEN}" \ "https://$KUBERNETES_SERVICE_HOST:$KUBERNETES_SERVICE_PORT/api/v1/namespaces/${NAMESPACE}/pods" \ | jq '.items | map(select(.metadata.labels.actorSystemName == "ditto-cluster") | { pod: .metadata.name, ip: .status.podIP, cost: .metadata.annotations."controller.kubernetes.io/pod-deletion-cost"})' \ > pod_ip_cost.json -if [ $? -ne 0 ]; then - echo "Retrieving current pods curl failed [exit-code: $?]" +curlExitCode=$? +if [ $curlExitCode -ne 0 ]; then + echo "Retrieving current pods curl failed [exit-code: $curlExitCode]" exit 1 fi @@ -34,8 +35,9 @@ fi somePekkoClusterIp=$(jq -r '.[0].ip' pod_ip_cost.json) echo "Accessing current Pekko Cluster members from internal ip: $somePekkoClusterIp ..." curl --fail --silent -o pekko_cluster_members.json http://$somePekkoClusterIp:7626/cluster/members -if [ $? -ne 0 ]; then - echo "Accessing current Pekko Cluster members curl failed [exit-code: $?]" +curlExitCode=$? +if [ $curlExitCode -ne 0 ]; then + echo "Accessing current Pekko Cluster members curl failed [exit-code: $curlExitCode]" exit 1 fi @@ -64,8 +66,9 @@ while read pod; do curl -X PATCH --silent --output /dev/null --show-error --fail --cacert ${CACERT} -H "Authorization: Bearer ${TOKEN}" -H 'Content-Type: application/merge-patch+json' \ "https://$KUBERNETES_SERVICE_HOST:$KUBERNETES_SERVICE_PORT/api/v1/namespaces/${NAMESPACE}/pods/${pod}" \ --data '{"metadata": {"annotations": {"controller.kubernetes.io/pod-deletion-cost": null }}}' - if [ $? -ne 0 ]; then - echo "Clearing pod-deletion-cost curl failed [exit-code: $?]" + curlExitCode=$? + if [ $curlExitCode -ne 0 ]; then + echo "Clearing pod-deletion-cost curl failed [exit-code: $curlExitCode]" exit 1 fi fi @@ -78,8 +81,9 @@ jq -r '.[] | [.pod, .ip, .cost] | @tsv' new_cost_pod_and_ip.json | curl -X PATCH --silent --output /dev/null --show-error --fail --cacert ${CACERT} -H "Authorization: Bearer ${TOKEN}" -H 'Content-Type: application/merge-patch+json' \ "https://$KUBERNETES_SERVICE_HOST:$KUBERNETES_SERVICE_PORT/api/v1/namespaces/${NAMESPACE}/pods/${pod}" \ --data '{"metadata": {"annotations": {"controller.kubernetes.io/pod-deletion-cost": '\""$cost"\"' }}}' - if [ $? -ne 0 ]; then - echo "Patching pod-deletion-cost curl failed [exit-code: $?]" + curlExitCode=$? + if [ $curlExitCode -ne 0 ]; then + echo "Patching pod-deletion-cost curl failed [exit-code: $curlExitCode]" exit 1 fi done diff --git a/deployment/helm/ditto/templates/connectivity-deployment.yaml b/deployment/helm/ditto/templates/connectivity-deployment.yaml index 91b48ec76c..986e2f2bd4 100644 --- a/deployment/helm/ditto/templates/connectivity-deployment.yaml +++ b/deployment/helm/ditto/templates/connectivity-deployment.yaml @@ -8,6 +8,7 @@ # http://www.eclipse.org/legal/epl-2.0 # # SPDX-License-Identifier: EPL-2.0 +{{- $name := include "ditto.name" . -}} {{- if .Values.connectivity.enabled -}} --- apiVersion: apps/v1 @@ -15,7 +16,7 @@ kind: Deployment metadata: name: {{ include "ditto.fullname" . }}-connectivity labels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-connectivity + app.kubernetes.io/name: {{ $name }}-connectivity {{ include "ditto.labels" . | indent 4 }} spec: replicas: {{ .Values.connectivity.replicaCount }} @@ -26,12 +27,12 @@ spec: minReadySeconds: {{ .Values.connectivity.minReadySeconds }} selector: matchLabels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-connectivity + app.kubernetes.io/name: {{ $name }}-connectivity app.kubernetes.io/instance: {{ .Release.Name }} template: metadata: labels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-connectivity + app.kubernetes.io/name: {{ $name }}-connectivity app.kubernetes.io/instance: {{ .Release.Name }} actorSystemName: {{ .Values.pekko.actorSystemName }} {{- with .Values.connectivity.additionalLabels }} @@ -45,6 +46,9 @@ spec: {{- end }} checksum/mongodb-config: {{ include (print $.Template.BasePath "/mongodb-secret.yaml") . | sha256sum }} checksum/config: {{ include (print $.Template.BasePath "/connectivity-configmap.yaml") . | sha256sum }} + {{- with .Values.global.additionalAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.connectivity.additionalAnnotations }} {{- toYaml . | nindent 8 }} {{- end }} @@ -70,12 +74,14 @@ spec: mountPath: /var/log/ditto {{- end }} topologySpreadConstraints: - - maxSkew: {{ .Values.connectivity.topologySpreadConstraints.maxSkew }} - topologyKey: {{ .Values.connectivity.topologySpreadConstraints.topologyKey }} - whenUnsatisfiable: {{ .Values.connectivity.topologySpreadConstraints.whenUnsatisfiable }} + {{- range .Values.connectivity.topologySpreadConstraints }} + - maxSkew: {{ .maxSkew }} + topologyKey: {{ .topologyKey }} + whenUnsatisfiable: {{ .whenUnsatisfiable }} labelSelector: matchLabels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-connectivity + app.kubernetes.io/name: {{ $name }}-connectivity + {{- end }} containers: - name: {{ .Chart.Name }}-connectivity image: {{ printf "%s:%s" .Values.connectivity.image.repository ( default .Chart.AppVersion ( default .Values.dittoTag .Values.connectivity.image.tag ) ) }} @@ -312,11 +318,19 @@ spec: protocol: TCP containerPort: {{ .Values.global.prometheus.port }} {{- end }} + startupProbe: + httpGet: + port: management + path: /ready + initialDelaySeconds: {{ .Values.connectivity.startupProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.connectivity.startupProbe.periodSeconds }} + timeoutSeconds: {{ .Values.connectivity.startupProbe.timeoutSeconds }} + successThreshold: {{ .Values.connectivity.startupProbe.successThreshold }} + failureThreshold: {{ .Values.connectivity.startupProbe.failureThreshold }} readinessProbe: httpGet: port: management path: /ready - initialDelaySeconds: {{ .Values.connectivity.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.connectivity.readinessProbe.periodSeconds }} timeoutSeconds: {{ .Values.connectivity.readinessProbe.timeoutSeconds }} successThreshold: {{ .Values.connectivity.readinessProbe.successThreshold }} @@ -352,11 +366,13 @@ spec: requests: cpu: {{ mulf .Values.connectivity.resources.cpu 1000 }}m memory: {{ .Values.connectivity.resources.memoryMi }}Mi + ephemeral-storage: {{ .Values.connectivity.resources.ephemeralStorageMi }}Mi limits: # ## no cpu limit to avoid CFS scheduler limits # ref: https://pekko.apache.org/docs/pekko/current/additional/deploying.html#deploying-to-kubernetes # cpu: "" memory: {{ .Values.connectivity.resources.memoryMi }}Mi + ephemeral-storage: {{ .Values.connectivity.resources.ephemeralStorageMi }}Mi {{- if .Values.openshift.enabled }} {{- with .Values.openshift.securityContext }} securityContext: diff --git a/deployment/helm/ditto/templates/dittoui-deployment.yaml b/deployment/helm/ditto/templates/dittoui-deployment.yaml index 67ed161c9a..cfed6f4a44 100644 --- a/deployment/helm/ditto/templates/dittoui-deployment.yaml +++ b/deployment/helm/ditto/templates/dittoui-deployment.yaml @@ -8,6 +8,7 @@ # http://www.eclipse.org/legal/epl-2.0 # # SPDX-License-Identifier: EPL-2.0 +{{- $name := include "ditto.name" . -}} {{- if .Values.dittoui.enabled -}} --- apiVersion: apps/v1 @@ -15,7 +16,7 @@ kind: Deployment metadata: name: {{ include "ditto.fullname" . }}-dittoui labels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-dittoui + app.kubernetes.io/name: {{ $name }}-dittoui {{ include "ditto.labels" . | indent 4 }} spec: replicas: {{ .Values.dittoui.replicaCount }} @@ -25,12 +26,12 @@ spec: {{- end }} selector: matchLabels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-dittoui + app.kubernetes.io/name: {{ $name }}-dittoui app.kubernetes.io/instance: {{ .Release.Name }} template: metadata: labels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-dittoui + app.kubernetes.io/name: {{ $name }}-dittoui app.kubernetes.io/instance: {{ .Release.Name }} {{- with .Values.dittoui.additionalLabels }} {{- toYaml . | nindent 8 }} @@ -45,12 +46,14 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} topologySpreadConstraints: - - maxSkew: {{ .Values.dittoui.topologySpreadConstraints.maxSkew }} - topologyKey: {{ .Values.dittoui.topologySpreadConstraints.topologyKey }} - whenUnsatisfiable: {{ .Values.dittoui.topologySpreadConstraints.whenUnsatisfiable }} + {{- range .Values.dittoui.topologySpreadConstraints }} + - maxSkew: {{ .maxSkew }} + topologyKey: {{ .topologyKey }} + whenUnsatisfiable: {{ .whenUnsatisfiable }} labelSelector: matchLabels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-dittoui + app.kubernetes.io/name: {{ $name }}-dittoui + {{- end }} containers: - name: {{ .Chart.Name }}-dittoui image: {{ printf "%s:%s" .Values.dittoui.image.repository ( default .Chart.AppVersion ( default .Values.dittoTag .Values.dittoui.image.tag ) ) }} @@ -67,9 +70,11 @@ spec: requests: cpu: {{ mulf .Values.dittoui.resources.cpu 1000 }}m memory: {{ .Values.dittoui.resources.memoryMi }}Mi + ephemeral-storage: {{ .Values.dittoui.resources.ephemeralStorageMi }}Mi limits: # cpu: # don't limit memory: {{ .Values.dittoui.resources.memoryMi }}Mi + ephemeral-storage: {{ .Values.dittoui.resources.ephemeralStorageMi }}Mi securityContext: runAsNonRoot: true runAsUser: 101 diff --git a/deployment/helm/ditto/templates/gateway-deployment.yaml b/deployment/helm/ditto/templates/gateway-deployment.yaml index ee472f8a51..ae90113e2f 100644 --- a/deployment/helm/ditto/templates/gateway-deployment.yaml +++ b/deployment/helm/ditto/templates/gateway-deployment.yaml @@ -8,6 +8,7 @@ # http://www.eclipse.org/legal/epl-2.0 # # SPDX-License-Identifier: EPL-2.0 +{{- $name := include "ditto.name" . -}} {{- if .Values.gateway.enabled -}} --- apiVersion: apps/v1 @@ -15,7 +16,7 @@ kind: Deployment metadata: name: {{ include "ditto.fullname" . }}-gateway labels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-gateway + app.kubernetes.io/name: {{ $name }}-gateway {{ include "ditto.labels" . | indent 4 }} spec: replicas: {{ .Values.gateway.replicaCount }} @@ -26,12 +27,12 @@ spec: minReadySeconds: {{ .Values.gateway.minReadySeconds }} selector: matchLabels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-gateway + app.kubernetes.io/name: {{ $name }}-gateway app.kubernetes.io/instance: {{ .Release.Name }} template: metadata: labels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-gateway + app.kubernetes.io/name: {{ $name }}-gateway app.kubernetes.io/instance: {{ .Release.Name }} actorSystemName: {{ .Values.pekko.actorSystemName }} {{- with .Values.gateway.additionalLabels }} @@ -45,6 +46,9 @@ spec: {{- end }} checksum/password-config: {{ include (print $.Template.BasePath "/gateway-secret.yaml") . | sha256sum }} checksum/config: {{ include (print $.Template.BasePath "/gateway-configmap.yaml") . | sha256sum }} + {{- with .Values.global.additionalAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.gateway.additionalAnnotations }} {{- toYaml . | nindent 8 }} {{- end }} @@ -70,12 +74,14 @@ spec: mountPath: /var/log/ditto {{- end }} topologySpreadConstraints: - - maxSkew: {{ .Values.gateway.topologySpreadConstraints.maxSkew }} - topologyKey: {{ .Values.gateway.topologySpreadConstraints.topologyKey }} - whenUnsatisfiable: {{ .Values.gateway.topologySpreadConstraints.whenUnsatisfiable }} + {{- range .Values.gateway.topologySpreadConstraints }} + - maxSkew: {{ .maxSkew }} + topologyKey: {{ .topologyKey }} + whenUnsatisfiable: {{ .whenUnsatisfiable }} labelSelector: matchLabels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-gateway + app.kubernetes.io/name: {{ $name }}-gateway + {{- end }} containers: - name: {{ .Chart.Name }}-gateway image: {{ printf "%s:%s" .Values.gateway.image.repository ( default .Chart.AppVersion ( default .Values.dittoTag .Values.gateway.image.tag ) ) }} @@ -230,11 +236,19 @@ spec: protocol: TCP containerPort: {{ .Values.global.prometheus.port }} {{- end }} + startupProbe: + httpGet: + port: management + path: /ready + initialDelaySeconds: {{ .Values.gateway.startupProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.gateway.startupProbe.periodSeconds }} + timeoutSeconds: {{ .Values.gateway.startupProbe.timeoutSeconds }} + successThreshold: {{ .Values.gateway.startupProbe.successThreshold }} + failureThreshold: {{ .Values.gateway.startupProbe.failureThreshold }} readinessProbe: httpGet: port: management path: /ready - initialDelaySeconds: {{ .Values.gateway.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.gateway.readinessProbe.periodSeconds }} timeoutSeconds: {{ .Values.gateway.readinessProbe.timeoutSeconds }} successThreshold: {{ .Values.gateway.readinessProbe.successThreshold }} @@ -270,11 +284,13 @@ spec: requests: cpu: {{ mulf .Values.gateway.resources.cpu 1000 }}m memory: {{ .Values.gateway.resources.memoryMi }}Mi + ephemeral-storage: {{ .Values.gateway.resources.ephemeralStorageMi }}Mi limits: # ## no cpu limit to avoid CFS scheduler limits # ref: https://pekko.apache.org/docs/pekko/current/additional/deploying.html#deploying-to-kubernetes # cpu: "" memory: {{ .Values.gateway.resources.memoryMi }}Mi + ephemeral-storage: {{ .Values.gateway.resources.ephemeralStorageMi }}Mi {{- if .Values.openshift.enabled }} {{- with .Values.openshift.securityContext }} securityContext: diff --git a/deployment/helm/ditto/templates/nginx-deployment.yaml b/deployment/helm/ditto/templates/nginx-deployment.yaml index 6d4858ffd1..52cc59ba86 100644 --- a/deployment/helm/ditto/templates/nginx-deployment.yaml +++ b/deployment/helm/ditto/templates/nginx-deployment.yaml @@ -8,6 +8,7 @@ # http://www.eclipse.org/legal/epl-2.0 # # SPDX-License-Identifier: EPL-2.0 +{{- $name := include "ditto.name" . -}} {{- if .Values.nginx.enabled -}} --- apiVersion: apps/v1 @@ -15,7 +16,7 @@ kind: Deployment metadata: name: {{ include "ditto.fullname" . }}-nginx labels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-nginx + app.kubernetes.io/name: {{ $name }}-nginx {{ include "ditto.labels" . | indent 4 }} spec: replicas: {{ .Values.nginx.replicaCount }} @@ -25,12 +26,12 @@ spec: {{- end }} selector: matchLabels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-nginx + app.kubernetes.io/name: {{ $name }}-nginx app.kubernetes.io/instance: {{ .Release.Name }} template: metadata: labels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-nginx + app.kubernetes.io/name: {{ $name }}-nginx app.kubernetes.io/instance: {{ .Release.Name }} {{- with .Values.nginx.additionalLabels }} {{- toYaml . | nindent 8 }} @@ -62,12 +63,14 @@ spec: done {{- end }} topologySpreadConstraints: - - maxSkew: {{ .Values.nginx.topologySpreadConstraints.maxSkew }} - topologyKey: {{ .Values.nginx.topologySpreadConstraints.topologyKey }} - whenUnsatisfiable: {{ .Values.nginx.topologySpreadConstraints.whenUnsatisfiable }} + {{- range .Values.nginx.topologySpreadConstraints }} + - maxSkew: {{ .maxSkew }} + topologyKey: {{ .topologyKey }} + whenUnsatisfiable: {{ .whenUnsatisfiable }} labelSelector: matchLabels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-nginx + app.kubernetes.io/name: {{ $name }}-nginx + {{- end }} containers: - name: {{ .Chart.Name }}-nginx image: "{{ .Values.nginx.image.repository }}:{{ .Values.nginx.image.tag }}" @@ -92,9 +95,11 @@ spec: requests: cpu: {{ mulf .Values.nginx.resources.cpu 1000 }}m memory: {{ .Values.nginx.resources.memoryMi }}Mi + ephemeral-storage: {{ .Values.nginx.resources.ephemeralStorageMi }}Mi limits: # cpu: # don't limit memory: {{ .Values.nginx.resources.memoryMi }}Mi + ephemeral-storage: {{ .Values.nginx.resources.ephemeralStorageMi }}Mi volumeMounts: - name: nginx-conf mountPath: /etc/nginx/nginx.conf diff --git a/deployment/helm/ditto/templates/policies-deployment.yaml b/deployment/helm/ditto/templates/policies-deployment.yaml index 4860241367..b1caf4ff56 100644 --- a/deployment/helm/ditto/templates/policies-deployment.yaml +++ b/deployment/helm/ditto/templates/policies-deployment.yaml @@ -8,6 +8,7 @@ # http://www.eclipse.org/legal/epl-2.0 # # SPDX-License-Identifier: EPL-2.0 +{{- $name := include "ditto.name" . -}} {{- if .Values.policies.enabled -}} --- apiVersion: apps/v1 @@ -15,7 +16,7 @@ kind: Deployment metadata: name: {{ include "ditto.fullname" . }}-policies labels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-policies + app.kubernetes.io/name: {{ $name }}-policies {{ include "ditto.labels" . | indent 4 }} spec: replicas: {{ .Values.policies.replicaCount }} @@ -26,12 +27,12 @@ spec: minReadySeconds: {{ .Values.policies.minReadySeconds }} selector: matchLabels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-policies + app.kubernetes.io/name: {{ $name }}-policies app.kubernetes.io/instance: {{ .Release.Name }} template: metadata: labels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-policies + app.kubernetes.io/name: {{ $name }}-policies app.kubernetes.io/instance: {{ .Release.Name }} actorSystemName: {{ .Values.pekko.actorSystemName }} {{- with .Values.policies.additionalLabels }} @@ -45,6 +46,9 @@ spec: {{- end }} checksum/mongodb-config: {{ include (print $.Template.BasePath "/mongodb-secret.yaml") . | sha256sum }} checksum/config: {{ include (print $.Template.BasePath "/policies-configmap.yaml") . | sha256sum }} + {{- with .Values.global.additionalAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.policies.additionalAnnotations }} {{- toYaml . | nindent 8 }} {{- end }} @@ -70,12 +74,14 @@ spec: mountPath: /var/log/ditto {{- end }} topologySpreadConstraints: - - maxSkew: {{ .Values.policies.topologySpreadConstraints.maxSkew }} - topologyKey: {{ .Values.policies.topologySpreadConstraints.topologyKey }} - whenUnsatisfiable: {{ .Values.policies.topologySpreadConstraints.whenUnsatisfiable }} + {{- range .Values.policies.topologySpreadConstraints }} + - maxSkew: {{ .maxSkew }} + topologyKey: {{ .topologyKey }} + whenUnsatisfiable: {{ .whenUnsatisfiable }} labelSelector: matchLabels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-policies + app.kubernetes.io/name: {{ $name }}-policies + {{- end }} containers: - name: {{ .Chart.Name }}-policies image: {{ printf "%s:%s" .Values.policies.image.repository ( default .Chart.AppVersion ( default .Values.dittoTag .Values.policies.image.tag ) ) }} @@ -289,11 +295,19 @@ spec: protocol: TCP containerPort: {{ .Values.global.prometheus.port }} {{- end }} + startupProbe: + httpGet: + port: management + path: /ready + initialDelaySeconds: {{ .Values.policies.startupProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.policies.startupProbe.periodSeconds }} + timeoutSeconds: {{ .Values.policies.startupProbe.timeoutSeconds }} + successThreshold: {{ .Values.policies.startupProbe.successThreshold }} + failureThreshold: {{ .Values.policies.startupProbe.failureThreshold }} readinessProbe: httpGet: port: management path: /ready - initialDelaySeconds: {{ .Values.policies.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.policies.readinessProbe.periodSeconds }} timeoutSeconds: {{ .Values.policies.readinessProbe.timeoutSeconds }} successThreshold: {{ .Values.policies.readinessProbe.successThreshold }} @@ -329,11 +343,13 @@ spec: requests: cpu: {{ mulf .Values.policies.resources.cpu 1000 }}m memory: {{ .Values.policies.resources.memoryMi }}Mi + ephemeral-storage: {{ .Values.policies.resources.ephemeralStorageMi }}Mi limits: # ## no cpu limit to avoid CFS scheduler limits # ref: https://pekko.apache.org/docs/pekko/current/additional/deploying.html#deploying-to-kubernetes # cpu: "" memory: {{ .Values.policies.resources.memoryMi }}Mi + ephemeral-storage: {{ .Values.policies.resources.ephemeralStorageMi }}Mi {{- if .Values.openshift.enabled }} {{- with .Values.openshift.securityContext }} securityContext: diff --git a/deployment/helm/ditto/templates/swaggerui-deployment.yaml b/deployment/helm/ditto/templates/swaggerui-deployment.yaml index 4e176dfe3d..083fa50a1e 100644 --- a/deployment/helm/ditto/templates/swaggerui-deployment.yaml +++ b/deployment/helm/ditto/templates/swaggerui-deployment.yaml @@ -8,6 +8,7 @@ # http://www.eclipse.org/legal/epl-2.0 # # SPDX-License-Identifier: EPL-2.0 +{{- $name := include "ditto.name" . -}} {{- if .Values.swaggerui.enabled -}} --- apiVersion: apps/v1 @@ -15,7 +16,7 @@ kind: Deployment metadata: name: {{ include "ditto.fullname" . }}-swaggerui labels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-swaggerui + app.kubernetes.io/name: {{ $name }}-swaggerui {{ include "ditto.labels" . | indent 4 }} spec: replicas: {{ .Values.swaggerui.replicaCount }} @@ -25,12 +26,12 @@ spec: {{- end }} selector: matchLabels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-swaggerui + app.kubernetes.io/name: {{ $name }}-swaggerui app.kubernetes.io/instance: {{ .Release.Name }} template: metadata: labels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-swaggerui + app.kubernetes.io/name: {{ $name }}-swaggerui app.kubernetes.io/instance: {{ .Release.Name }} {{- with .Values.swaggerui.additionalLabels }} {{- toYaml . | nindent 8 }} @@ -79,12 +80,14 @@ spec: - name: swagger-ui-init-config mountPath: /init-config topologySpreadConstraints: - - maxSkew: {{ .Values.swaggerui.topologySpreadConstraints.maxSkew }} - topologyKey: {{ .Values.swaggerui.topologySpreadConstraints.topologyKey }} - whenUnsatisfiable: {{ .Values.swaggerui.topologySpreadConstraints.whenUnsatisfiable }} + {{- range .Values.swaggerui.topologySpreadConstraints }} + - maxSkew: {{ .maxSkew }} + topologyKey: {{ .topologyKey }} + whenUnsatisfiable: {{ .whenUnsatisfiable }} labelSelector: matchLabels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-swaggerui + app.kubernetes.io/name: {{ $name }}-swaggerui + {{- end }} containers: - name: {{ .Chart.Name }}-swaggerui image: "{{ .Values.swaggerui.image.repository }}:{{ .Values.swaggerui.image.tag }}" @@ -103,9 +106,11 @@ spec: requests: cpu: {{ mulf .Values.swaggerui.resources.cpu 1000 }}m memory: {{ .Values.swaggerui.resources.memoryMi }}Mi + ephemeral-storage: {{ .Values.swaggerui.resources.ephemeralStorageMi }}Mi limits: # cpu: # don't limit memory: {{ .Values.swaggerui.resources.memoryMi }}Mi + ephemeral-storage: {{ .Values.swaggerui.resources.ephemeralStorageMi }}Mi volumeMounts: - name: swagger-ui-init-config mountPath: /usr/share/nginx/html/openapi diff --git a/deployment/helm/ditto/templates/things-deployment.yaml b/deployment/helm/ditto/templates/things-deployment.yaml index 85328acf9b..a807bc487f 100644 --- a/deployment/helm/ditto/templates/things-deployment.yaml +++ b/deployment/helm/ditto/templates/things-deployment.yaml @@ -8,6 +8,7 @@ # http://www.eclipse.org/legal/epl-2.0 # # SPDX-License-Identifier: EPL-2.0 +{{- $name := include "ditto.name" . -}} {{- if .Values.things.enabled -}} --- apiVersion: apps/v1 @@ -15,7 +16,7 @@ kind: Deployment metadata: name: {{ include "ditto.fullname" . }}-things labels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-things + app.kubernetes.io/name: {{ $name }}-things {{ include "ditto.labels" . | indent 4 }} spec: replicas: {{ .Values.things.replicaCount }} @@ -26,15 +27,15 @@ spec: minReadySeconds: {{ .Values.things.minReadySeconds }} selector: matchLabels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-things + app.kubernetes.io/name: {{ $name }}-things app.kubernetes.io/instance: {{ .Release.Name }} template: metadata: labels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-things + app.kubernetes.io/name: {{ $name }}-things app.kubernetes.io/instance: {{ .Release.Name }} actorSystemName: {{ .Values.pekko.actorSystemName }} - {{- with .Values.things.additionalLabels }} + {{- with .Values.things.^Labels }} {{- toYaml . | nindent 8 }} {{- end }} annotations: @@ -45,6 +46,9 @@ spec: {{- end }} checksum/mongodb-config: {{ include (print $.Template.BasePath "/mongodb-secret.yaml") . | sha256sum }} checksum/config: {{ include (print $.Template.BasePath "/things-configmap.yaml") . | sha256sum }} + {{- with .Values.global.additionalAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.things.additionalAnnotations }} {{- toYaml . | nindent 8 }} {{- end }} @@ -70,12 +74,14 @@ spec: mountPath: /var/log/ditto {{- end }} topologySpreadConstraints: - - maxSkew: {{ .Values.things.topologySpreadConstraints.maxSkew }} - topologyKey: {{ .Values.things.topologySpreadConstraints.topologyKey }} - whenUnsatisfiable: {{ .Values.things.topologySpreadConstraints.whenUnsatisfiable }} + {{- range .Values.things.topologySpreadConstraints }} + - maxSkew: {{ .maxSkew }} + topologyKey: {{ .topologyKey }} + whenUnsatisfiable: {{ .whenUnsatisfiable }} labelSelector: matchLabels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-things + app.kubernetes.io/name: {{ $name }}-things + {{- end }} containers: - name: {{ .Chart.Name }}-things image: {{ printf "%s:%s" .Values.things.image.repository ( default .Chart.AppVersion ( default .Values.dittoTag .Values.things.image.tag ) ) }} @@ -336,11 +342,19 @@ spec: protocol: TCP containerPort: {{ .Values.global.prometheus.port }} {{- end }} + startupProbe: + httpGet: + port: management + path: /ready + initialDelaySeconds: {{ .Values.things.startupProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.things.startupProbe.periodSeconds }} + timeoutSeconds: {{ .Values.things.startupProbe.timeoutSeconds }} + successThreshold: {{ .Values.things.startupProbe.successThreshold }} + failureThreshold: {{ .Values.things.startupProbe.failureThreshold }} readinessProbe: httpGet: port: management path: /ready - initialDelaySeconds: {{ .Values.things.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.things.readinessProbe.periodSeconds }} timeoutSeconds: {{ .Values.things.readinessProbe.timeoutSeconds }} successThreshold: {{ .Values.things.readinessProbe.successThreshold }} @@ -376,11 +390,13 @@ spec: requests: cpu: {{ mulf .Values.things.resources.cpu 1000 }}m memory: {{ .Values.things.resources.memoryMi }}Mi + ephemeral-storage: {{ .Values.things.resources.ephemeralStorageMi }}Mi limits: # ## no cpu limit to avoid CFS scheduler limits # ref: https://pekko.apache.org/docs/pekko/current/additional/deploying.html#deploying-to-kubernetes # cpu: "" memory: {{ .Values.things.resources.memoryMi }}Mi + ephemeral-storage: {{ .Values.things.resources.ephemeralStorageMi }}Mi {{- if .Values.openshift.enabled }} {{- with .Values.openshift.securityContext }} securityContext: diff --git a/deployment/helm/ditto/templates/thingssearch-deployment.yaml b/deployment/helm/ditto/templates/thingssearch-deployment.yaml index 54242086fa..e2451bb554 100644 --- a/deployment/helm/ditto/templates/thingssearch-deployment.yaml +++ b/deployment/helm/ditto/templates/thingssearch-deployment.yaml @@ -8,6 +8,7 @@ # http://www.eclipse.org/legal/epl-2.0 # # SPDX-License-Identifier: EPL-2.0 +{{- $name := include "ditto.name" . -}} {{- if .Values.thingsSearch.enabled -}} --- apiVersion: apps/v1 @@ -15,7 +16,7 @@ kind: Deployment metadata: name: {{ include "ditto.fullname" . }}-thingssearch labels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-thingssearch + app.kubernetes.io/name: {{ $name }}-thingssearch {{ include "ditto.labels" . | indent 4 }} spec: replicas: {{ .Values.thingsSearch.replicaCount }} @@ -26,12 +27,12 @@ spec: minReadySeconds: {{ .Values.thingsSearch.minReadySeconds }} selector: matchLabels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-thingssearch + app.kubernetes.io/name: {{ $name }}-thingssearch app.kubernetes.io/instance: {{ .Release.Name }} template: metadata: labels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-thingssearch + app.kubernetes.io/name: {{ $name }}-thingssearch app.kubernetes.io/instance: {{ .Release.Name }} actorSystemName: {{ .Values.pekko.actorSystemName }} {{- with .Values.thingsSearch.additionalLabels }} @@ -45,6 +46,9 @@ spec: {{- end }} checksum/mongodb-config: {{ include (print $.Template.BasePath "/mongodb-secret.yaml") . | sha256sum }} checksum/config: {{ include (print $.Template.BasePath "/thingssearch-configmap.yaml") . | sha256sum }} + {{- with .Values.global.additionalAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.thingsSearch.additionalAnnotations }} {{- toYaml . | nindent 8 }} {{- end }} @@ -70,12 +74,14 @@ spec: mountPath: /var/log/ditto {{- end }} topologySpreadConstraints: - - maxSkew: {{ .Values.thingsSearch.topologySpreadConstraints.maxSkew }} - topologyKey: {{ .Values.thingsSearch.topologySpreadConstraints.topologyKey }} - whenUnsatisfiable: {{ .Values.thingsSearch.topologySpreadConstraints.whenUnsatisfiable }} + {{- range .Values.thingsSearch.topologySpreadConstraints }} + - maxSkew: {{ .maxSkew }} + topologyKey: {{ .topologyKey }} + whenUnsatisfiable: {{ .whenUnsatisfiable }} labelSelector: matchLabels: - app.kubernetes.io/name: {{ include "ditto.name" . }}-thingssearch + app.kubernetes.io/name: {{ $name }}-thingssearch + {{- end }} containers: - name: {{ .Chart.Name }}-thingssearch image: {{ printf "%s:%s" .Values.thingsSearch.image.repository ( default .Chart.AppVersion ( default .Values.dittoTag .Values.thingsSearch.image.tag ) ) }} @@ -262,11 +268,19 @@ spec: protocol: TCP containerPort: {{ .Values.global.prometheus.port }} {{- end }} + startupProbe: + httpGet: + port: management + path: /ready + initialDelaySeconds: {{ .Values.thingsSearch.startupProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.thingsSearch.startupProbe.periodSeconds }} + timeoutSeconds: {{ .Values.thingsSearch.startupProbe.timeoutSeconds }} + successThreshold: {{ .Values.thingsSearch.startupProbe.successThreshold }} + failureThreshold: {{ .Values.thingsSearch.startupProbe.failureThreshold }} readinessProbe: httpGet: port: management path: /ready - initialDelaySeconds: {{ .Values.thingsSearch.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.thingsSearch.readinessProbe.periodSeconds }} timeoutSeconds: {{ .Values.thingsSearch.readinessProbe.timeoutSeconds }} successThreshold: {{ .Values.thingsSearch.readinessProbe.successThreshold }} @@ -307,6 +321,7 @@ spec: # ref: https://pekko.apache.org/docs/pekko/current/additional/deploying.html#deploying-to-kubernetes # cpu: "" memory: {{ .Values.thingsSearch.resources.memoryMi }}Mi + ephemeral-storage: {{ .Values.thingsSearch.resources.ephemeralStorageMi }}Mi {{- if .Values.openshift.enabled }} {{- with .Values.openshift.securityContext }} securityContext: diff --git a/deployment/helm/ditto/values.yaml b/deployment/helm/ditto/values.yaml index eb4567d00b..47aea06505 100644 --- a/deployment/helm/ditto/values.yaml +++ b/deployment/helm/ditto/values.yaml @@ -82,7 +82,6 @@ global: # password: ditto # - user: jane # password: janesPw - # existingSecret contains the name of existing secret containing user and password # format: ${user}:${password}, where secret key is ${user} and value is ${password} # example creating secret for users ditto and jane: @@ -108,15 +107,18 @@ global: -Djava.net.preferIPv4Stack=true pekkoOptions: > -Dpekko.management.cluster.bootstrap.contact-point-discovery.port-name=management + -Dpekko.http.client.parsing.max-chunk-size=2m -Dpekko.cluster.failure-detector.threshold=15.0 -Dpekko.cluster.failure-detector.expected-response-after=3s -Dpekko.cluster.failure-detector.acceptable-heartbeat-pause=7s -Dpekko.persistence.journal-plugin-fallback.recovery-event-timeout=30s -Dpekko.persistence.max-concurrent-recoveries=100 -Dpekko.cluster.sharding.updating-state-timeout=20s - -Dpekko.cluster.shutdown-after-unsuccessful-join-seed-nodes=120s + -Dpekko.cluster.shutdown-after-unsuccessful-join-seed-nodes=180s # timezone defines the timezone to configure the JVM with timezone: Europe/Berlin + # additionalAnnotations contains additional annotations to apply to the deployment template of Ditto services + additionalAnnotations: {} # imagePullSecrets will be added to every deployment imagePullSecrets: [] # proxyPart configures a reverse proxy part to be added in front of the Ditto API endpoints: @@ -318,6 +320,8 @@ ingress: cpu: 0.75 # memoryMi defines the memory in mebibyte (MiB) used as "required" and "limit" in k8s memoryMi: 1024 + # ephemeralStorageMi defines the storage in mebibyte (MiB) used as "required" and "limit" in k8s + ephemeralStorageMi: 2048 # namespace for ingress controller, managed by helm, should not be created manually namespace: ingress-nginx # Ingress-NGINX version. Check Supported Versions table from https://github.com/kubernetes/ingress-nginx to match k8s version. @@ -598,6 +602,8 @@ policies: cpu: 0.5 # memoryMi defines the memory in mebibyte (MiB) used as "required" and "limit" in k8s memoryMi: 1024 + # ephemeralStorageMi defines the storage in mebibyte (MiB) used as "required" and "limit" in k8s + ephemeralStorageMi: 2048 # jvm contains JVM specific scaling/tuning configuration of e.g. processors and garbage collector settings jvm: # activeProcessorCount defines how many processors the JVM should be configured to use @@ -609,22 +615,29 @@ policies: # maxGcPauseMillis configures the used G1 GC "target for the maximum GC pause time" # default (by JVM if not set): 200 maxGcPauseMillis: 150 + # startupProbe configuration for policies + # ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes + startupProbe: + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 3 + successThreshold: 1 + failureThreshold: 30 # readinessProbe configuration for policies # ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes readinessProbe: - initialDelaySeconds: 30 - periodSeconds: 10 + periodSeconds: 5 timeoutSeconds: 3 successThreshold: 1 - failureThreshold: 3 + failureThreshold: 6 # livenessProbe configuration for policies # ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes livenessProbe: - initialDelaySeconds: 160 + initialDelaySeconds: 60 periodSeconds: 10 timeoutSeconds: 5 successThreshold: 1 - failureThreshold: 4 + failureThreshold: 6 # podDisruptionBudget configuration for policies # ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ podDisruptionBudget: @@ -647,9 +660,9 @@ policies: # Pod topology spread constraints for policies # ref: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/ topologySpreadConstraints: - maxSkew: 1 - topologyKey: topology.kubernetes.io/zone - whenUnsatisfiable: ScheduleAnyway + - maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway # podMonitor configuration for policies podMonitor: # enabled configures whether Pod Monitor is enabled, then a resource to scrape policies metrics will be created @@ -862,6 +875,8 @@ things: cpu: 0.5 # memoryMi defines the memory in mebibyte (MiB) used as "required" and "limit" in k8s memoryMi: 1024 + # ephemeralStorageMi defines the storage in mebibyte (MiB) used as "required" and "limit" in k8s + ephemeralStorageMi: 2048 # jvm contains JVM specific scaling/tuning configuration of e.g. processors and garbage collector settings jvm: # activeProcessorCount defines how many processors the JVM should be configured to use @@ -873,22 +888,29 @@ things: # maxGcPauseMillis configures the used G1 GC "target for the maximum GC pause time" # default (by JVM if not set): 200 maxGcPauseMillis: 150 + # startupProbe configuration for things + # ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes + startupProbe: + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 3 + successThreshold: 1 + failureThreshold: 30 # readinessProbe configuration for things # ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes readinessProbe: - initialDelaySeconds: 30 - periodSeconds: 10 + periodSeconds: 5 timeoutSeconds: 3 successThreshold: 1 - failureThreshold: 3 + failureThreshold: 6 # livenessProbe configuration for things # ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes livenessProbe: - initialDelaySeconds: 160 + initialDelaySeconds: 60 periodSeconds: 10 timeoutSeconds: 5 successThreshold: 1 - failureThreshold: 4 + failureThreshold: 6 # podDisruptionBudget configuration for things # ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ podDisruptionBudget: @@ -911,9 +933,9 @@ things: # Pod topology spread constraints for things # ref: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/ topologySpreadConstraints: - maxSkew: 1 - topologyKey: topology.kubernetes.io/zone - whenUnsatisfiable: ScheduleAnyway + - maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway # podMonitor configuration for things podMonitor: # enabled configures whether Pod Monitor is enabled, then a resource to scrape things metrics will be created @@ -1231,6 +1253,8 @@ thingsSearch: cpu: 0.5 # memoryMi defines the memory in mebibyte (MiB) used as "required" and "limit" in k8s memoryMi: 1024 + # ephemeralStorageMi defines the storage in mebibyte (MiB) used as "required" and "limit" in k8s + ephemeralStorageMi: 2048 # jvm contains JVM specific scaling/tuning configuration of e.g. processors and garbage collector settings jvm: # activeProcessorCount defines how many processors the JVM should be configured to use @@ -1242,22 +1266,29 @@ thingsSearch: # maxGcPauseMillis configures the used G1 GC "target for the maximum GC pause time" # default (by JVM if not set): 200 maxGcPauseMillis: 150 + # startupProbe configuration for policies + # ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes + startupProbe: + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 3 + successThreshold: 1 + failureThreshold: 30 # readinessProbe configuration for things-search # ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes readinessProbe: - initialDelaySeconds: 30 - periodSeconds: 10 + periodSeconds: 5 timeoutSeconds: 3 successThreshold: 1 - failureThreshold: 3 + failureThreshold: 6 # livenessProbe configuration for things-search # ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes livenessProbe: - initialDelaySeconds: 160 + initialDelaySeconds: 60 periodSeconds: 10 timeoutSeconds: 5 successThreshold: 1 - failureThreshold: 4 + failureThreshold: 6 # podDisruptionBudget configuration for things-search # ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ podDisruptionBudget: @@ -1280,9 +1311,9 @@ thingsSearch: # Pod topology spread constraints for things-search # ref: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/ topologySpreadConstraints: - maxSkew: 1 - topologyKey: topology.kubernetes.io/zone - whenUnsatisfiable: ScheduleAnyway + - maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway # podMonitor configuration for things-search podMonitor: # enabled configures whether Pod Monitor is enabled, then a resource to scrape things search metrics will be created @@ -1471,6 +1502,8 @@ connectivity: cpu: 0.5 # memoryMi defines the memory in mebibyte (MiB) used as "required" and "limit" in k8s memoryMi: 1024 + # ephemeralStorageMi defines the storage in mebibyte (MiB) used as "required" and "limit" in k8s + ephemeralStorageMi: 2048 # jvm contains JVM specific scaling/tuning configuration of e.g. processors and garbage collector settings jvm: # activeProcessorCount defines how many processors the JVM should be configured to use @@ -1482,22 +1515,29 @@ connectivity: # maxGcPauseMillis configures the used G1 GC "target for the maximum GC pause time" # default (by JVM if not set): 200 maxGcPauseMillis: 150 + # startupProbe configuration for connectivity + # ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes + startupProbe: + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 3 + successThreshold: 1 + failureThreshold: 30 # readinessProbe configuration for connectivity # ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes readinessProbe: - initialDelaySeconds: 30 - periodSeconds: 10 + periodSeconds: 5 timeoutSeconds: 3 successThreshold: 1 - failureThreshold: 3 + failureThreshold: 6 # livenessProbe configuration for connectivity # ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes livenessProbe: - initialDelaySeconds: 160 + initialDelaySeconds: 60 periodSeconds: 10 timeoutSeconds: 5 successThreshold: 1 - failureThreshold: 4 + failureThreshold: 6 # podDisruptionBudget configuration for connectivity # ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ podDisruptionBudget: @@ -1520,9 +1560,9 @@ connectivity: # Pod topology spread constraints for connectivity # ref: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/ topologySpreadConstraints: - maxSkew: 1 - topologyKey: topology.kubernetes.io/zone - whenUnsatisfiable: ScheduleAnyway + - maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway # podMonitor configuration for connectivity podMonitor: # enabled configures whether Pod Monitor is enabled, then a resource to scrape connectivity metrics will be created @@ -1782,6 +1822,8 @@ gateway: cpu: 0.5 # memoryMi defines the memory in mebibyte (MiB) used as "required" and "limit" in k8s memoryMi: 1024 + # ephemeralStorageMi defines the storage in mebibyte (MiB) used as "required" and "limit" in k8s + ephemeralStorageMi: 2048 # jvm contains JVM specific scaling/tuning configuration of e.g. processors and garbage collector settings jvm: # activeProcessorCount defines how many processors the JVM should be configured to use @@ -1793,22 +1835,29 @@ gateway: # maxGcPauseMillis configures the used G1 GC "target for the maximum GC pause time" # default (by JVM if not set): 200 maxGcPauseMillis: 150 + # startupProbe configuration for gateway + # ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes + startupProbe: + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 3 + successThreshold: 1 + failureThreshold: 30 # readinessProbe configuration for gateway # ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes readinessProbe: - initialDelaySeconds: 30 - periodSeconds: 10 + periodSeconds: 5 timeoutSeconds: 3 successThreshold: 1 - failureThreshold: 3 + failureThreshold: 6 # livenessProbe configuration for gateway # ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes livenessProbe: - initialDelaySeconds: 160 + initialDelaySeconds: 60 periodSeconds: 10 timeoutSeconds: 5 successThreshold: 1 - failureThreshold: 4 + failureThreshold: 6 # service configuration of the k8s service of the gateway service: # port number configuration for gateway @@ -1837,9 +1886,9 @@ gateway: # Pod topology spread constraints for gateway # ref: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/ topologySpreadConstraints: - maxSkew: 1 - topologyKey: topology.kubernetes.io/zone - whenUnsatisfiable: ScheduleAnyway + - maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway # podMonitor configuration for gateway podMonitor: # enabled configures whether Pod Monitor is enabled, then a resource to scrape gateway metrics will be created @@ -1960,7 +2009,7 @@ nginx: additionalAnnotations: {} image: # repository for the nginx docker image - repository: docker.io/nginx + repository: public.ecr.aws/nginx/nginx # tag for the nginx docker image tag: 1.27 # pullPolicy for the nginx docker image @@ -1973,6 +2022,8 @@ nginx: cpu: 0.2 # memoryMi defines the memory in mebibyte (MiB) used as "required" and "limit" in k8s memoryMi: 64 + # ephemeralStorageMi defines the storage in mebibyte (MiB) used as "required" and "limit" in k8s + ephemeralStorageMi: 64 # readinessProbe configuration for nginx # ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes readinessProbe: {} @@ -2005,9 +2056,9 @@ nginx: # Pod topology spread constraints for nginx # ref: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/ topologySpreadConstraints: - maxSkew: 1 - topologyKey: topology.kubernetes.io/zone - whenUnsatisfiable: ScheduleAnyway + - maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway # init containers for nginx initContainers: waitForGateway: @@ -2057,12 +2108,14 @@ dittoui: cpu: 0.1 # memoryMi defines the memory in mebibyte (MiB) used as "required" and "limit" in k8s memoryMi: 64 + # ephemeralStorageMi defines the storage in mebibyte (MiB) used as "required" and "limit" in k8s + ephemeralStorageMi: 64 # Pod topology spread constraints for Ditto UI # ref: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/ topologySpreadConstraints: - maxSkew: 1 - topologyKey: topology.kubernetes.io/zone - whenUnsatisfiable: ScheduleAnyway + - maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway # podDisruptionBudget ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ podDisruptionBudget: # enabled controls whether Ditto UI related PodDisruptionBudget should be created @@ -2109,12 +2162,14 @@ swaggerui: cpu: 0.1 # memoryMi defines the memory in mebibyte (MiB) used as "required" and "limit" in k8s memoryMi: 64 + # ephemeralStorageMi defines the storage in mebibyte (MiB) used as "required" and "limit" in k8s + ephemeralStorageMi: 64 # Pod topology spread constraints for the swagger ui # ref: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/ topologySpreadConstraints: - maxSkew: 1 - topologyKey: topology.kubernetes.io/zone - whenUnsatisfiable: ScheduleAnyway + - maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway # podDisruptionBudget ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ podDisruptionBudget: # enabled controls whether swagger ui related PodDisruptionBudget should be created