ZhenYi/gitdataai
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
bc1bdd8491
gitdataai/deploy/values.yaml
ZhenYi d1ade2c3c3
Some checks are pending
CI / Rust Lint & Check (push) Waiting to run
Details
CI / Rust Tests (push) Waiting to run
Details
CI / Frontend Lint & Type Check (push) Waiting to run
Details
CI / Frontend Build (push) Blocked by required conditions
Details
feat(deploy): add HPA autoscaling rules for all services except email 
Add HorizontalPodAutoscaler (autoscaling/v2) using CPU and memory utilization
metrics to all deployment templates: app, static, gitserver, git-hook,
operator, adminrpc. Email-worker is excluded as requested.

- CPU target: 80% average utilization
- Memory target: 80% average utilization
- Each service has per-service min/max replicas in values.yaml
- Operator autoscaling defaults to disabled (enabled: false)
- Conditional via {{ if .Values.<service>.autoscaling.enabled }}
2026-04-28 13:42:37 +08:00

474 lines
9.8 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# =============================================================================
# Global / common settings
# =============================================================================
namespace: gitdataai
releaseName: gitdata
image:
registry: harbor.gitdata.me/gta_team
pullPolicy: IfNotPresent
pullSecrets: []
# =============================================================================
# Cert-Manager Configuration (集群已安装 cert-manager)
# =============================================================================
certManager:
enabled: true
clusterIssuerName: cloudflare-acme-cluster-issuer # 引用集群已有的 ClusterIssuer
# =============================================================================
# External Secrets Configuration (需要集群安装 ESO)
# =============================================================================
externalSecrets:
storeName: "vault-backend"
storeKind: "SecretStore"
databaseKey: "gitdata/database"
redisKey: "gitdata/redis"
qdrantKey: "gitdata/qdrant"
# =============================================================================
# Shared persistent storage (aliyun-nfs)
# =============================================================================
storage:
enabled: true
storageClass: aliyun-nfs
size: 20Ti
accessMode: ReadWriteMany # NFS supports multiple readers/writers
# =============================================================================
# Application config (non-sensitive, shared via ConfigMap)
# =============================================================================
config:
# App info
name: gitdata
# Domain configuration
staticDomain: "https://static.gitdata.ai"
mediaDomain: ""
gitHttpDomain: "https://git.gitdata.ai"
# Storage paths
avatarPath: /data/avatar
reposRoot: /data/repos
# Logging
logLevel: info
logFormat: json
logFileEnabled: "false"
logFilePath: /var/log/gitdata/app.log
logFileRotation: daily
logFileMaxFiles: "7"
logFileMaxSize: "100"
# OpenTelemetry
otelEnabled: "false"
otelEndpoint: ""
otelServiceName: gitdata
# Database pool tuning
databaseMaxConnections: "100"
databaseMinConnections: "5"
databaseIdleTimeout: "600"
databaseMaxLifetime: "3600"
databaseConnectionTimeout: "30"
databaseSchemaSearchPath: public
databaseHealthCheckInterval: "30"
databaseRetryAttempts: "3"
databaseRetryDelay: "1"
# Redis tuning
redisPoolSize: "16"
redisConnectTimeout: "5"
redisAcquireTimeout: "1"
# Hook pool
hookPoolMaxConcurrent: "100"
hookPoolCpuThreshold: "80"
hookPoolRedisListPrefix: "{hook}"
hookPoolRedisLogChannel: hook:logs
hookPoolRedisBlockTimeout: "5"
hookPoolRedisMaxRetries: "3"
# SSH
sshPort: "22"
# SMTP (non-sensitive defaults)
smtpPort: "465"
smtpTls: "true"
smtpTimeout: "30"
# PostgreSQL (required)
database:
existingSecret: "" # 留空则使用默认名 {release-name}-secrets
secretKeys:
url: APP_DATABASE_URL
# Redis (required)
redis:
existingSecret: ""
secretKeys:
url: APP_REDIS_URL
# NATS (optional)
nats:
enabled: true
url: "nats://nats-client.nats.svc.cluster.local:4222"
# Qdrant (optional)
qdrant:
enabled: true
url: "http://qdrant.qdrant.svc.cluster.local:6333"
existingSecret: ""
secretKeys:
apiKey: APP_QDRANT_API_KEY
# =============================================================================
# App main web/API service (includes embedded SPA)
# =============================================================================
app:
enabled: true
replicaCount: 3
image:
repository: app
tag: latest
# Pod disruption budget
pdb:
enabled: true
minAvailable: 2 # Keep at least 2 pods available during disruptions
service:
type: ClusterIP
port: 8080
ingress:
enabled: false
resources:
requests:
cpu: 100m
memory: 256Mi
autoscaling:
enabled: true
minReplicas: 3
maxReplicas: 20
targetCPUUtilizationPercentage: 80
targetMemoryUtilizationPercentage: 80
livenessProbe:
path: /health
port: 8080
initialDelaySeconds: 5
periodSeconds: 10
readinessProbe:
path: /health
port: 8080
initialDelaySeconds: 5
periodSeconds: 5
startupProbe:
path: /health
port: 8080
initialDelaySeconds: 0
periodSeconds: 10
failureThreshold: 30 # Allow up to 5 minutes for slow starts
env: []
nodeSelector: {}
tolerations: []
affinity: {}
# =============================================================================
# Static server - avatar, blob, media files
# =============================================================================
static:
enabled: true
replicaCount: 2
image:
repository: static
tag: latest
service:
type: ClusterIP
port: 8081
ingress:
enabled: false
cors: true
logLevel: info
livenessProbe:
path: /health
port: 8081
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 3
failureThreshold: 3
readinessProbe:
path: /health
port: 8081
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 3
failureThreshold: 3
env: []
nodeSelector: {}
tolerations: []
affinity: {}
autoscaling:
enabled: true
minReplicas: 2
maxReplicas: 10
targetCPUUtilizationPercentage: 80
targetMemoryUtilizationPercentage: 80
# =============================================================================
# Gitserver git daemon / SSH + HTTP server
# =============================================================================
gitserver:
enabled: true
replicaCount: 2
image:
repository: gitserver
tag: latest
service:
http:
type: ClusterIP
port: 8022
ssh:
type: LoadBalancer
port: 22
domain: ""
loadBalancerIP: ""
loadBalancerSourceRanges: []
resources:
requests:
cpu: 100m
memory: 128Mi
persistence:
enabled: true
storageClass: ""
size: 50Gi
accessMode: ReadWriteOnce
ingress:
enabled: false
env: []
livenessProbe:
httpGet:
path: /health
port: 8021
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 3
failureThreshold: 3
readinessProbe:
httpGet:
path: /health
port: 8021
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 3
failureThreshold: 3
nodeSelector: {}
tolerations: []
affinity: {}
autoscaling:
enabled: true
minReplicas: 2
maxReplicas: 10
targetCPUUtilizationPercentage: 80
targetMemoryUtilizationPercentage: 80
# =============================================================================
# Email worker processes outgoing email queue
# =============================================================================
emailWorker:
enabled: true
image:
repository: email-worker
tag: latest
livenessProbe:
httpGet:
path: /health
port: 8084
initialDelaySeconds: 10
periodSeconds: 30
timeoutSeconds: 5
failureThreshold: 3
readinessProbe:
httpGet:
path: /health
port: 8084
initialDelaySeconds: 5
periodSeconds: 15
timeoutSeconds: 3
failureThreshold: 3
resources:
requests:
cpu: 50m
memory: 64Mi
env: []
nodeSelector: {}
tolerations: []
affinity: {}
# =============================================================================
# Git hook pool handles pre-receive / post-receive hooks
# =============================================================================
gitHook:
enabled: true
image:
repository: git-hook
tag: latest
replicaCount: 2
pdb:
enabled: true
minAvailable: 1
livenessProbe:
httpGet:
path: /health
port: 8083
initialDelaySeconds: 10
periodSeconds: 15
timeoutSeconds: 5
failureThreshold: 3
readinessProbe:
httpGet:
path: /health
port: 8083
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 3
failureThreshold: 3
resources:
requests:
cpu: 50m
memory: 64Mi
env: []
nodeSelector: {}
tolerations: []
affinity: {}
autoscaling:
enabled: true
minReplicas: 2
maxReplicas: 10
targetCPUUtilizationPercentage: 80
targetMemoryUtilizationPercentage: 80
# =============================================================================
# Migrate database migration Job (runOnce)
# =============================================================================
migrate:
enabled: false # Set true to run migrations on upgrade
image:
repository: migrate
tag: latest
command: up
backoffLimit: 3
env: []
# =============================================================================
# Operator Kubernetes operator
# =============================================================================
operator:
enabled: false
replicaCount: 2
image:
repository: operator
tag: latest
imagePrefix: ""
logLevel: info
resources:
requests:
cpu: 50m
memory: 64Mi
nodeSelector: {}
tolerations: []
affinity: {}
autoscaling:
enabled: false
minReplicas: 2
maxReplicas: 5
targetCPUUtilizationPercentage: 80
targetMemoryUtilizationPercentage: 80
# =============================================================================
# Admin RPC internal gRPC service for admin operations (k8s internal only)
# =============================================================================
adminrpc:
enabled: true
image:
repository: adminrpc
tag: latest
service:
port: 9090
http_port: 9091
readinessProbe:
tcpSocket:
port: 9090
initialDelaySeconds: 3
periodSeconds: 5
resources:
requests:
cpu: 50m
memory: 64Mi
env: []
nodeSelector: {}
tolerations: []
affinity: {}
autoscaling:
enabled: true
minReplicas: 1
maxReplicas: 5
targetCPUUtilizationPercentage: 80
targetMemoryUtilizationPercentage: 80
Reference in New Issue View Git Blame Copy Permalink