ZhenYi/gitdataai
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(deploy): hardcode PVC name as shared-data in templates, remove pvcName Helm value

Browse Source 
PVC name is now immutable — hardcoded in all 4 deployment templates instead
of being a configurable Helm value. Removed pvcName from values.yaml and
--set pvcName from deploy.sh. This ensures the PVC can never be renamed or
deleted by Helm operations, only manually via kubectl.
This commit is contained in:
ZhenYi 2026-05-12 16:36:13 +08:00
parent dc193a061a
commit 8be15cb81e
7 changed files with 48 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
deploy.sh
View File

@ -65,7 +65,6 @@ if ! helm upgrade --install "$RELEASE" "$CHART_DIR" \
--set imageRegistry="$REGISTRY" \
--set imageTag="$TAG" \
--set configMapName="$CONFIG_MAP" \
--set pvcName="$PVC_NAME" \
--timeout 5m; then
echo ""
err "Deployment FAILED — release preserved for debugging.

24
deploy/README.md
View File

@ -5,7 +5,7 @@ Monolithic Helm chart for all backend services.
## Services
| Service | Port(s) | Replicas | HPA | Purpose |
|---|---|---|---|---|
|----------------------|-------------------------|----------|----------|---------------------------------------------|
| `app` | 3000 (HTTP) | 2 | 210 | Main API server |
| `gitserver` | 8021 (HTTP), 2222 (SSH) | 1 | 15 | Git HTTP + SSH server |
| `email_worker` | 8084 (HTTP) | 1 | disabled | Email queue consumer (single instance only) |
@ -15,7 +15,8 @@ Monolithic Helm chart for all backend services.
## Prerequisites
The following resources must exist in the cluster **before** installing the Helm chart. They are not managed by Helm — install, upgrade, and uninstall of the chart will not touch them.
The following resources must exist in the cluster **before** installing the Helm chart. They are not managed by Helm —
install, upgrade, and uninstall of the chart will not touch them.
### 1. Namespace
@ -23,7 +24,7 @@ The following resources must exist in the cluster **before** installing the Helm
kubectl create namespace app
```
### 2. PVC (aliyun-nfs, 200Ti, ReadWriteMany)
### 2. PVC (aliyun-nfs-app, 200Ti, ReadWriteMany)
```bash
kubectl apply -f - <<'EOF'
@ -38,11 +39,12 @@ spec:
resources:
requests:
storage: 200Ti
storageClassName: aliyun-nfs
storageClassName: aliyun-nfs-app
EOF
```
> The chart references this PVC by name. If you use a different name, pass `--set pvcName=your-pvc-name` to Helm.
> The chart references this PVC by hardcoded name `shared-data`. This name is immutable — it cannot be changed via Helm
> values.
### 3. ConfigMap
@ -72,7 +74,7 @@ EOF
```
| Variable | Default / Example | Required |
|---|---|---|
|------------------------------|-----------------------------|-----------|
| `APP_REPOS_ROOT` | `/data/repos` | Yes |
| `APP_AVATAR_PATH` | `/data/avatars` | Yes |
| `STORAGE_PATH` | `/data/files` | Yes |
@ -128,7 +130,7 @@ helm upgrade --install deploy ./deploy \
All services share a single PVC (`shared-data`) via `subPath` mounts:
| SubPath | Mount | Used By |
|---|---|---|
|-----------|-----------------|--------------------------|
| `repos` | `/data/repos` | app, gitserver, git-hook |
| `avatars` | `/data/avatars` | app |
| `files` | `/data/files` | app |
@ -136,7 +138,8 @@ All services share a single PVC (`shared-data`) via `subPath` mounts:
## Autoscaling
All services except `email_worker` have HPA enabled by default. The email worker is fixed at 1 replica and must not be scaled.
All services except `email_worker` have HPA enabled by default. The email worker is fixed at 1 replica and must not be
scaled.
To adjust HPA bounds per service:
@ -176,7 +179,7 @@ All services require these to be reachable from the cluster:
Optional dependencies with graceful degradation:
| Dependency | Variable | Fallback |
|---|---|---|
|----------------|-------------------------------|------------------|
| NATS JetStream | `NATS_URL` + `NATS_TOKEN` | Redis queue |
| Loki | `LOKI_URL` | Logs discarded |
| OTEL Collector | `OTEL_EXPORTER_OTLP_ENDPOINT` | Tracing disabled |
@ -193,6 +196,5 @@ helm upgrade --install deploy ./deploy \
--set ingress.enabled=true \
--set ingress.className=nginx \
--set ingress.hosts[0].host=your-domain.com \
--set configMapName=app-env \
--set pvcName=shared-data
--set configMapName=app-env
```

2
deploy/templates/app/deployment.yaml
View File

@ -74,7 +74,7 @@ spec:
volumes:
- name: shared-data
persistentVolumeClaim:
claimName: {{ .Values.pvcName }}
claimName: shared-data
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}

2
deploy/templates/git_hook/deployment.yaml
View File

@ -63,7 +63,7 @@ spec:
volumes:
- name: shared-data
persistentVolumeClaim:
claimName: {{ .Values.pvcName }}
claimName: shared-data
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}

2
deploy/templates/gitserver/deployment.yaml
View File

@ -73,7 +73,7 @@ spec:
volumes:
- name: shared-data
persistentVolumeClaim:
claimName: {{ .Values.pvcName }}
claimName: shared-data
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}

2
deploy/templates/static_server/deployment.yaml
View File

@ -63,7 +63,7 @@ spec:
volumes:
- name: shared-data
persistentVolumeClaim:
claimName: {{ .Values.pvcName }}
claimName: shared-data
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}

3
deploy/values.yaml
View File

@ -153,9 +153,6 @@ gingress:
cpu: 500m
memory: 512Mi
# External PVC (managed outside Helm — not deleted on uninstall)
pvcName: "shared-data"
# Ingress — handled by gingress controller
ingress:
enabled: true