platform/manifests
1
1
Fork 0
Code Issues 7 Pull Requests 6 Actions Packages Projects Releases Wiki Activity

fix(sorcerer): Add prod rossby

Browse Source
This commit is contained in:
Moritz Jörg
2025-11-29 14:33:48 +01:00
parent 71d9109a7b
commit 39e393e222
7 changed files with 127 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.envrc
+3
View File
@@ -5,5 +5,8 @@ watch_file nix/sources.json
# Load .env file if it exists # Load .env file if it exists
dotenv_if_exists dotenv_if_exists
# Set npins dir
export NPINS_DIRECTORY="nix"
# Activate development shell # Activate development shell
use nix use nix
helmfile.d/sorcerer.yaml.gotmpl
+1 -1
View File
@@ -11,12 +11,12 @@ commonLabels:
releases: releases:
- name: {{ .Environment.Name }}-sorcerer - name: {{ .Environment.Name }}-sorcerer
namespace: {{ .Environment.Name }}-sorcerer namespace: {{ .Environment.Name }}-sorcerer
#chart: oceanbox/sorcerer
chart: ../charts/sorcerer chart: ../charts/sorcerer
condition: sorcerer.enabled condition: sorcerer.enabled
values: values:
- ../values/sorcerer/values/values.yaml - ../values/sorcerer/values/values.yaml
- ../values/sorcerer/values/values-{{ .Environment.Name }}.yaml - ../values/sorcerer/values/values-{{ .Environment.Name }}.yaml
- ../values/sorcerer/values/values-{{ .Environment.Name }}{{ requiredEnv "ARGOCD_ENV_CLUSTER_NAME" }}.yaml
postRenderer: ../bin/kustomizer postRenderer: ../bin/kustomizer
postRendererArgs: postRendererArgs:
- ../values/sorcerer/kustomize/{{ .Environment.Name }} - ../values/sorcerer/kustomize/{{ .Environment.Name }}
nix/sources.json
+2 -2
View File
@@ -3,8 +3,8 @@
"nixpkgs": { "nixpkgs": {
"type": "Channel", "type": "Channel",
"name": "nixpkgs-unstable", "name": "nixpkgs-unstable",
"url": "https://releases.nixos.org/nixpkgs/nixpkgs-25.11pre883899.02f2cb8e0feb/nixexprs.tar.xz", "url": "https://releases.nixos.org/nixpkgs/nixpkgs-26.05pre903996.59b6c96beacc/nixexprs.tar.xz",
"hash": "0k4n6f873a4ls1mff6wck6z31kglgg8irwc5s3xsprrwbxdv7p58" "hash": "0b0yr9d1xyfwgpaj68bimsbjjbj7yis4whjvkrfdycfnasdf0gf0"
} }
}, },
"version": 5 "version": 5
shell.nix
+3 -4
View File
@@ -25,17 +25,16 @@ pkgs.mkShellNoCC {
kubelogin-oidc kubelogin-oidc
kubectl-rook-ceph kubectl-rook-ceph
# linkerd # other tools
step-cli step-cli
linkerd linkerd
# velero
velero velero
cmctl
# dapr # dapr
dapr-cli dapr-cli
]; ];
ARGOCD_ENV_CLUSTER_NAME = "ekman"; ARGOCD_ENV_CLUSTER_NAME = "rossby";
HELM_GIT_ACCESS_TOKEN = "glpat-xxx"; HELM_GIT_ACCESS_TOKEN = "glpat-xxx";
} }
values/sorcerer/env-ekman.yaml.gotmpl
-1
View File
@@ -1,3 +1,2 @@
sorcerer: sorcerer:
enabled: true enabled: true
values/sorcerer/env-rossby.yaml.gotmpl
+2
View File
@@ -0,0 +1,2 @@
sorcerer:
enabled: true
values/sorcerer/values/values-prod-rossby.yaml
+116
View File
@@ -0,0 +1,116 @@
replicaCount: 2
podAnnotations:
dapr.io/enabled: "true"
dapr.io/app-id: "prod-sorcerer"
dapr.io/app-port: "8085"
dapr.io/api-token-secret: "dapr-api-token"
dapr.io/config: "tracing"
dapr.io/app-protocol: "http"
dapr.io/log-as-json: "true"
dapr.io/sidecar-cpu-request: "10m"
dapr.io/sidecar-memory-request: "50Mi"
# dapr.io/sidecar-cpu-limit: "300m"
# dapr.io/sidecar-memory-limit: "1000Mi"
env:
- name: APP_VERSION
value: "4.16.3"
- name: LOG_LEVEL
value: "2"
- name: REDIS_USER
value: default
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: prod-sorcerer-redis
key: redis-password
- name: DAPR_API_TOKEN
valueFrom:
secretKeyRef:
name: dapr-api-token
key: token
ingress:
enabled: true
annotations:
cert-manager.io/cluster-issuer: letsencrypt-production
nginx.ingress.kubernetes.io/affinity: "cookie"
nginx.ingress.kubernetes.io/session-cookie-name: "http-affinity"
nginx.ingress.kubernetes.io/session-cookie-expires: "86400"
nginx.ingress.kubernetes.io/session-cookie-max-age: "86400"
hosts:
- host: sorcerer.adm.vtn.obx
paths:
paths:
- path: /
pathType: ImplementationSpecific
internal:
- path: /internal
pathType: ImplementationSpecific
- path: /dapr
pathType: ImplementationSpecific
- path: /actors
pathType: ImplementationSpecific
- path: /job
pathType: ImplementationSpecific
- path: /events
pathType: ImplementationSpecific
- path: /metrics
pathType: ImplementationSpecific
tls:
- hosts:
- sorcerer.adm.vtn.obx
secretName: prod-sorcerer-tls
persistence:
enabled: true
existingClaim: prod-sorcerer-ceph-archives
# existingClaim: prod-oceanbox-backup-archives
# nodeSelector:
# node-role.kubernetes.io/srv: ""
# kubernetes.io/hostname: fs-backup
# node-role.kubernetes.io/worker: c1-1
# tolerations:
# - key: workload
# operator: Equal
# value: compute
# effect: NoSchedule
redis:
enabled: true
replicas: 3
size: 2Gi
backup:
enabled: true
secret:
name: "prod-sorcerer-redis"
key: "redis-password"
resources:
cpu: 150m
memory: 256Mi
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: "topology.kubernetes.io/group"
operator: In
values:
- srv
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: "app.kubernetes.io/name"
operator: In
values:
- sorcerer
- key: "app.kubernetes.io/instance"
operator: In
values:
- prod-sorcerer
topologyKey: "kubernetes.io/hostname"