From 168aa44eef0b37905f7f736772bf6a5f98a7bb6a Mon Sep 17 00:00:00 2001 From: Csaky Date: Wed, 27 Nov 2024 10:36:42 -0800 Subject: [PATCH] fine-tune server resources --- .../actions/deploy-to-environment/action.yaml | 2 +- .github/environments/values.dev.yaml | 8 +++--- .github/environments/values.prod.yaml | 28 ++++++++++--------- .github/environments/values.test.yaml | 28 ++++++++++--------- bcgovpubcode.yaml | 9 +++--- charts/ches/Chart.yaml | 2 +- charts/ches/README.md | 8 +++--- charts/ches/templates/configmap.yaml | 5 ++-- charts/ches/values.yaml | 4 +-- 9 files changed, 50 insertions(+), 44 deletions(-) diff --git a/.github/actions/deploy-to-environment/action.yaml b/.github/actions/deploy-to-environment/action.yaml index 37f39585..a0b0aa00 100644 --- a/.github/actions/deploy-to-environment/action.yaml +++ b/.github/actions/deploy-to-environment/action.yaml @@ -59,7 +59,7 @@ runs: --values ./.github/environments/values.${{ inputs.environment }}.yaml --set image.repository=ghcr.io/$OWNER_LC --set image.tag=sha-$(git rev-parse --short HEAD) - --set route.host=${{ inputs.acronym }}-${{ inputs.namespace_environment }}-${{ inputs.job_name }}-temp.apps.silver.devops.gov.bc.ca + --set route.host=${{ inputs.acronym }}-${{ inputs.namespace_environment }}-${{ inputs.job_name }}.apps.silver.devops.gov.bc.ca --set postgres.name=postgres-${{ inputs.job_name }} --set postgres.enabled=${{ inputs.deploy_postgres }} --timeout 15m diff --git a/.github/environments/values.dev.yaml b/.github/environments/values.dev.yaml index e69ede4c..2783d59a 100644 --- a/.github/environments/values.dev.yaml +++ b/.github/environments/values.dev.yaml @@ -20,20 +20,20 @@ postgres: global: # log-level-console: debug # --- pvc - repo1-retention-full: "2" + repo1-retention-full: "1" repo1-retention-diff: "3" repos: - name: repo1 schedules: - full: "0 7 * * *" # full backup every day at 7am - differential: "0 */2 * * *" # differential every 2 hours + full: "0 0 1 * *" # full backup at midnight every month + differential: "0 1 * * *" # differential every day at 1am volume: volumeClaimSpec: accessModes: - "ReadWriteOnce" resources: requests: - storage: 5Gi + storage: 10Gi storageClassName: "netapp-file-backup" manual: repoName: repo1 diff --git a/.github/environments/values.prod.yaml b/.github/environments/values.prod.yaml index edbb506b..679901b9 100644 --- a/.github/environments/values.prod.yaml +++ b/.github/environments/values.prod.yaml @@ -28,15 +28,15 @@ postgres: - "ReadWriteOnce" resources: requests: - storage: 10Gi + storage: 20Gi storageClassName: "netapp-block-standard" resources: requests: - cpu: 50m - memory: 128Mi - limits: cpu: 100m memory: 256Mi + limits: + cpu: 200m + memory: 512Mi sidecars: replicaCertCopy: resources: @@ -93,28 +93,30 @@ postgres: global: # log-level-console: debug # --- pvc - repo1-retention-full: "3" - repo1-retention-diff: "12" + repo1-retention-full: "1" + repo1-retention-diff: "3" # --- s3 repo2-path: /backups/common-hosted-email-service/postgres/prod - repo2-retention-full: "30" + repo2-retention-full: "2" + repo2-retention-diff: "3" repo2-s3-uri-style: path repos: - name: repo1 schedules: - full: "0 7 * * *" # full backup every day at 7am - differential: "0 */2 * * *" # differential every 2 hours + full: "0 0 1 * *" # full backup at midnight every month + differential: "0 1 * * *" # differential every day at 1am volume: volumeClaimSpec: accessModes: - "ReadWriteOnce" resources: requests: - storage: 10Gi + storage: 20Gi storageClassName: "netapp-file-backup" - name: repo2 schedules: - full: "0 3 * * *" # full backup every day at 3am + full: "0 0 1 * *" # full backup at midnight every month + differential: "0 */2 * * *" # differential every 2 hours s3: bucket: csstops endpoint: https://nrs.objectstore.gov.bc.ca @@ -157,7 +159,7 @@ redis: persistence: enabled: true accessMode: ReadWriteOnce - size: 25Mi + size: 250Mi resources: limits: cpu: 50m @@ -175,7 +177,7 @@ redis: persistence: enabled: true accessMode: ReadWriteOnce - size: 25Mi + size: 250Mi storageClass: netapp-block-standard persistentVolumeClaimRetentionPolicy: enabled: true diff --git a/.github/environments/values.test.yaml b/.github/environments/values.test.yaml index 2dd78549..65b6f83f 100644 --- a/.github/environments/values.test.yaml +++ b/.github/environments/values.test.yaml @@ -23,21 +23,21 @@ postgres: # --- resource allocation ---- instances: - name: db # do not change this name after initial install, pvc (data) and stateful sets will be deleted - replicas: 3 + replicas: 1 dataVolumeClaimSpec: accessModes: - "ReadWriteOnce" resources: requests: - storage: 10Gi + storage: 20Gi storageClassName: "netapp-block-standard" resources: requests: - cpu: 50m - memory: 128Mi - limits: cpu: 100m memory: 256Mi + limits: + cpu: 200m + memory: 512Mi sidecars: replicaCertCopy: resources: @@ -94,28 +94,30 @@ postgres: global: # log-level-console: debug # --- pvc - repo1-retention-full: "2" + repo1-retention-full: "1" repo1-retention-diff: "3" # --- s3 repo2-path: /backups/common-hosted-email-service/postgres/test - repo2-retention-full: "30" + repo2-retention-full: "2" + repo2-retention-diff: "3" repo2-s3-uri-style: path repos: - name: repo1 schedules: - full: "0 7 * * *" # full backup every day at 7am - differential: "0 */2 * * *" # differential every 2 hours + full: "0 0 1 * *" # full backup at midnight every month + differential: "0 1 * * *" # differential every day at 1am volume: volumeClaimSpec: accessModes: - "ReadWriteOnce" resources: requests: - storage: 2Gi + storage: 10Gi storageClassName: "netapp-file-backup" - name: repo2 schedules: - full: "0 3 * * *" # full backup every day at 3am + full: "0 0 1 * *" # full backup at midnight every month + differential: "0 */2 * * *" # differential every 2 hours s3: bucket: csstops endpoint: https://nrs.objectstore.gov.bc.ca @@ -147,7 +149,7 @@ redis: persistence: enabled: true accessMode: ReadWriteOnce - size: 25Mi + size: 250Mi resources: limits: cpu: 50m @@ -165,7 +167,7 @@ redis: persistence: enabled: true accessMode: ReadWriteOnce - size: 25Mi + size: 250Mi storageClass: netapp-block-standard persistentVolumeClaimRetentionPolicy: enabled: true diff --git a/bcgovpubcode.yaml b/bcgovpubcode.yaml index 0f839c14..b694f390 100644 --- a/bcgovpubcode.yaml +++ b/bcgovpubcode.yaml @@ -1,7 +1,7 @@ --- data_management_roles: data_custodian: Fraser Marshall - product_owner: Sharolyn Hurley + product_owner: Shabari Khaniyan Kunnumel product_external_dependencies: identity_authorization: - Custom-Keycloak @@ -28,15 +28,16 @@ product_information: product_technology_information: backend_frameworks: - name: Node.js - version: 16 + version: 20 - name: Express - version: 4.17.2 + version: 4.19.2 backend_languages_version: - name: JavaScript version: ecmaVersion 9 / es2018 ci_cd_tools: - - Jenkins + - Helm - OpenShift-Templates + - GitHub Actions data_storage_platforms: - Postgresql - Redis diff --git a/charts/ches/Chart.yaml b/charts/ches/Chart.yaml index dee43f7c..eb13dca8 100644 --- a/charts/ches/Chart.yaml +++ b/charts/ches/Chart.yaml @@ -3,7 +3,7 @@ name: common-hosted-email-service # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 1.0.3 +version: 1.0.4 kubeVersion: ">= 1.13.0" description: A microservice for managing access control to S3 Objects # A chart can be either an 'application' or a 'library' chart. diff --git a/charts/ches/README.md b/charts/ches/README.md index fc0013aa..a347d90b 100644 --- a/charts/ches/README.md +++ b/charts/ches/README.md @@ -1,6 +1,6 @@ # common-hosted-email-service -![Version: 1.0.2](https://img.shields.io/badge/Version-1.0.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.8.0](https://img.shields.io/badge/AppVersion-0.8.0-informational?style=flat-square) +![Version: 1.0.4](https://img.shields.io/badge/Version-1.0.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.8.0](https://img.shields.io/badge/AppVersion-0.8.0-informational?style=flat-square) A microservice for managing access control to S3 Objects @@ -52,7 +52,7 @@ Kubernetes: `>= 1.13.0` | postgres.databaseInitSQL.sql | string | `"\\c ches;\nALTER DATABASE ches OWNER TO app;\nALTER SCHEMA public OWNER TO app;\nREVOKE CREATE ON SCHEMA public FROM PUBLIC;\n"` | | | postgres.enabled | bool | `true` | | | postgres.instances[0].dataVolumeClaimSpec.accessModes[0] | string | `"ReadWriteOnce"` | | -| postgres.instances[0].dataVolumeClaimSpec.resources.requests.storage | string | `"1Gi"` | | +| postgres.instances[0].dataVolumeClaimSpec.resources.requests.storage | string | `"2Gi"` | | | postgres.instances[0].dataVolumeClaimSpec.storageClassName | string | `"netapp-block-standard"` | | | postgres.instances[0].name | string | `"db"` | | | postgres.instances[0].replicas | int | `2` | | @@ -99,7 +99,7 @@ Kubernetes: `>= 1.13.0` | redis.image.registry | string | `"artifacts.developer.gov.bc.ca/docker-remote"` | | | redis.replica.persistence.accessMode | string | `"ReadWriteOnce"` | | | redis.replica.persistence.enabled | bool | `true` | | -| redis.replica.persistence.size | string | `"25Mi"` | | +| redis.replica.persistence.size | string | `"250Mi"` | | | redis.replica.persistentVolumeClaimRetentionPolicy.enabled | bool | `true` | | | redis.replica.persistentVolumeClaimRetentionPolicy.whenDeleted | string | `"Delete"` | | | redis.replica.replicaCount | int | `2` | | @@ -113,7 +113,7 @@ Kubernetes: `>= 1.13.0` | redis.sentinel.image.registry | string | `"artifacts.developer.gov.bc.ca/docker-remote"` | | | redis.sentinel.persistence.accessMode | string | `"ReadWriteOnce"` | | | redis.sentinel.persistence.enabled | bool | `true` | | -| redis.sentinel.persistence.size | string | `"25Mi"` | | +| redis.sentinel.persistence.size | string | `"250Mi"` | | | redis.sentinel.persistence.storageClass | string | `"netapp-block-standard"` | | | redis.sentinel.persistentVolumeClaimRetentionPolicy.enabled | bool | `true` | | | redis.sentinel.persistentVolumeClaimRetentionPolicy.whenDeleted | string | `"Delete"` | | diff --git a/charts/ches/templates/configmap.yaml b/charts/ches/templates/configmap.yaml index 65f48ace..301ef720 100644 --- a/charts/ches/templates/configmap.yaml +++ b/charts/ches/templates/configmap.yaml @@ -10,8 +10,9 @@ metadata: {{- end }} data: {{ toYaml .Values.config.configMap | nindent 2 }} {{- end }} -# TODO: use release-specific name to avoid conflicts (eg: `{{ .Release.name}}-fluent-bit-config`) -{{ if eq .Release.Name "xyz" }} + +{{- $fbConfigMap := (lookup "v1" "ConfigMap" .Release.Namespace "fluent-bit-config" ) }} +{{- if not $fbConfigMap }} --- apiVersion: v1 kind: ConfigMap diff --git a/charts/ches/values.yaml b/charts/ches/values.yaml index 52200c5c..c1c11585 100644 --- a/charts/ches/values.yaml +++ b/charts/ches/values.yaml @@ -158,7 +158,7 @@ redis: persistence: enabled: true accessMode: ReadWriteOnce - size: 25Mi + size: 250Mi resources: limits: cpu: 50m @@ -176,7 +176,7 @@ redis: persistence: enabled: true accessMode: ReadWriteOnce - size: 25Mi + size: 250Mi storageClass: netapp-block-standard persistentVolumeClaimRetentionPolicy: enabled: true