templates/bot.yaml
apiVersion: v1
kind: Template
metadata:
name: "bot"
objects:
### Postgres
- apiVersion: v1
kind: ConfigMap
metadata:
name: postgresql-configs
labels:
app: "bot"
data:
01_miq_overrides.conf: |
#------------------------------------------------------------------------------
# CONNECTIONS AND AUTHENTICATION
#------------------------------------------------------------------------------
tcp_keepalives_count = 9
tcp_keepalives_idle = 3
tcp_keepalives_interval = 75
#------------------------------------------------------------------------------
# RESOURCE USAGE (except WAL)
#------------------------------------------------------------------------------
max_worker_processes = 10
#------------------------------------------------------------------------------
# WRITE AHEAD LOG
#------------------------------------------------------------------------------
wal_level = 'logical'
wal_log_hints = on
wal_buffers = 16MB
checkpoint_completion_target = 0.9
#------------------------------------------------------------------------------
# REPLICATION
#------------------------------------------------------------------------------
max_wal_senders = 10
wal_sender_timeout = 0
max_replication_slots = 10
hot_standby = on
#------------------------------------------------------------------------------
# ERROR REPORTING AND LOGGING
#------------------------------------------------------------------------------
log_filename = 'postgresql.log'
log_rotation_age = 0
log_min_duration_statement = 5000
log_connections = on
log_disconnections = on
log_line_prefix = '%t:%r:%c:%u@%d:[%p]:'
log_lock_waits = on
#------------------------------------------------------------------------------
# AUTOVACUUM PARAMETERS
#------------------------------------------------------------------------------
log_autovacuum_min_duration = 0
autovacuum_naptime = 5min
autovacuum_vacuum_threshold = 500
autovacuum_analyze_threshold = 500
autovacuum_vacuum_scale_factor = 0.05
#------------------------------------------------------------------------------
# LOCK MANAGEMENT
#------------------------------------------------------------------------------
deadlock_timeout = 5s
#------------------------------------------------------------------------------
# VERSION/PLATFORM COMPATIBILITY
#------------------------------------------------------------------------------
escape_string_warning = off
standard_conforming_strings = off
- apiVersion: v1
kind: Service
metadata:
name: postgresql
labels:
app: "bot"
spec:
ports:
- name: postgresql
port: 5432
selector:
name: postgresql
- apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: bot
name: postgresql
namespace: bot
spec:
replicas: 1
selector:
matchLabels:
name: postgresql
strategy:
type: Recreate
template:
metadata:
labels:
name: postgresql
name: postgresql
spec:
containers:
- env:
- name: POSTGRESQL_USER
valueFrom:
secretKeyRef:
key: username
name: postgresql-secrets
- name: POSTGRESQL_PASSWORD
valueFrom:
secretKeyRef:
key: password
name: postgresql-secrets
- name: POSTGRESQL_DATABASE
valueFrom:
secretKeyRef:
key: dbname
name: postgresql-secrets
- name: POSTGRESQL_MAX_CONNECTIONS
value: "1000"
- name: POSTGRESQL_SHARED_BUFFERS
value: 1GB
image: docker.io/manageiq/postgresql:10
imagePullPolicy: Always
name: postgresql
ports:
- containerPort: 5432
protocol: TCP
readinessProbe:
tcpSocket:
port: 5432
resources:
limits:
memory: 4Gi
requests:
cpu: 500m
memory: 2Gi
volumeMounts:
- mountPath: /var/lib/pgsql/data
name: pgdb-volume
- mountPath: /opt/app-root/src/postgresql-cfg/
name: pg-configs
initContainers:
- command:
- /bin/chmod
- -R
- "777"
- /var/lib/pgsql/data
image: busybox
imagePullPolicy: Always
name: pgsql-data-permission-fix
volumeMounts:
- mountPath: /var/lib/pgsql/data
name: pgdb-volume
volumes:
- name: pgdb-volume
persistentVolumeClaim:
claimName: bot-postgres-pvc
- configMap:
defaultMode: 420
name: postgresql-configs
name: pg-configs
### Redis
- apiVersion: v1
kind: Service
metadata:
name: redis
labels:
app: bot
spec:
ports:
- name: redis
port: 6379
selector:
name: redis
- apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: bot
name: redis
namespace: bot
spec:
replicas: 1
selector:
matchLabels:
name: redis
strategy:
type: Recreate
template:
metadata:
labels:
name: redis
name: redis
spec:
containers:
- image: docker.io/library/redis:7
imagePullPolicy: Always
name: redis
ports:
- containerPort: 6379
protocol: TCP
readinessProbe:
tcpSocket:
port: 6379
resources:
limits:
memory: 4Gi
requests:
cpu: 500m
memory: 1Gi
volumeMounts:
- mountPath: /data
name: bot-redis-volume
volumes:
- name: bot-redis-volume
persistentVolumeClaim:
claimName: bot-redis-pvc
### Application
- apiVersion: v1
kind: Service
metadata:
name: ui
labels:
app: "bot"
spec:
ports:
- name: ui
port: 3000
selector:
name: ui
- apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: bot
name: ui
namespace: bot
spec:
replicas: 1
selector:
matchLabels:
name: ui
strategy:
type: Recreate
template:
metadata:
labels:
name: ui
name: ui
spec:
containers:
- env:
- name: DATABASE_USER
valueFrom:
secretKeyRef:
key: username
name: postgresql-secrets
- name: DATABASE_PASSWORD
valueFrom:
secretKeyRef:
key: password
name: postgresql-secrets
- name: DATABASE_HOSTNAME
valueFrom:
secretKeyRef:
key: hostname
name: postgresql-secrets
- name: DATABASE_NAME
valueFrom:
secretKeyRef:
key: dbname
name: postgresql-secrets
- name: DATABASE_PORT
valueFrom:
secretKeyRef:
key: port
name: postgresql-secrets
- name: REDIS_URL
value: "redis://redis:6379/0"
image: docker.io/manageiq/miq_bot:v0.21.2
imagePullPolicy: Always
name: ui
ports:
- containerPort: 3000
protocol: TCP
readinessProbe:
tcpSocket:
port: 3000
resources:
limits:
memory: 2Gi
requests:
cpu: 100m
memory: 500Mi
volumeMounts:
- mountPath: /run/secrets/config
name: bot-config
volumes:
- name: bot-config
secret:
defaultMode: 420
items:
- key: master.key
mode: 400
path: master.key
- key: settings.local.yml
mode: 400
path: settings.local.yml
secretName: config
- apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: bot
name: queue-worker
namespace: bot
spec:
replicas: 1
selector:
matchLabels:
name: queue-worker
strategy:
type: Recreate
template:
metadata:
labels:
name: queue-worker
name: queue-worker
spec:
containers:
- env:
- name: QUEUE_NAME
value: miq_bot
- name: DATABASE_USER
valueFrom:
secretKeyRef:
key: username
name: postgresql-secrets
- name: DATABASE_PASSWORD
valueFrom:
secretKeyRef:
key: password
name: postgresql-secrets
- name: DATABASE_HOSTNAME
valueFrom:
secretKeyRef:
key: hostname
name: postgresql-secrets
- name: DATABASE_NAME
valueFrom:
secretKeyRef:
key: dbname
name: postgresql-secrets
- name: DATABASE_PORT
valueFrom:
secretKeyRef:
key: port
name: postgresql-secrets
- name: REDIS_URL
value: "redis://redis:6379/0"
image: docker.io/manageiq/miq_bot:v0.21.2
imagePullPolicy: Always
name: queue-worker
resources:
limits:
memory: 2Gi
requests:
cpu: 100m
memory: 500Mi
volumeMounts:
- mountPath: /run/secrets/config
name: bot-config
- mountPath: /root/ssh
name: bot-ssh
- mountPath: /opt/miq_bot_data
name: bot-notification-monitor-volume
- mountPath: /opt/miq_bot/repos
name: bot-queue-worker-repos-volume
- env:
- name: QUEUE_NAME
value: miq_bot_glacial
- name: DATABASE_USER
valueFrom:
secretKeyRef:
key: username
name: postgresql-secrets
- name: DATABASE_PASSWORD
valueFrom:
secretKeyRef:
key: password
name: postgresql-secrets
- name: DATABASE_HOSTNAME
valueFrom:
secretKeyRef:
key: hostname
name: postgresql-secrets
- name: DATABASE_NAME
valueFrom:
secretKeyRef:
key: dbname
name: postgresql-secrets
- name: DATABASE_PORT
valueFrom:
secretKeyRef:
key: port
name: postgresql-secrets
- name: REDIS_URL
value: "redis://redis:6379/0"
image: docker.io/manageiq/miq_bot:v0.21.2
imagePullPolicy: Always
name: queue-worker-glacial
resources:
limits:
memory: 2Gi
requests:
cpu: 100m
memory: 500Mi
volumeMounts:
- mountPath: /run/secrets/config
name: bot-config
- mountPath: /root/ssh
name: bot-ssh
- mountPath: /opt/miq_bot/repos
name: bot-queue-worker-repos-volume
volumes:
- name: bot-config
secret:
defaultMode: 420
items:
- key: master.key
mode: 400
path: master.key
- key: settings.local.yml
mode: 400
path: settings.local.yml
secretName: config
- configMap:
defaultMode: 420
name: bot-ssh
name: bot-ssh
- name: bot-notification-monitor-volume
persistentVolumeClaim:
claimName: bot-notification-monitor-pvc
- name: bot-queue-worker-repos-volume
persistentVolumeClaim:
claimName: bot-queue-worker-repos-pvc