jonny/gcp-hockey-results
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
00f6c6576a
gcp-hockey-results/motm_app/helm-chart/motm-app/values-production.yaml

182 lines
3.9 KiB
YAML
Raw Blame History

# Production values for MOTM App
# Use this file as a template for production deployment
# Application Configuration
app:
name: motm-app
version: "1.0.0"
# Image Configuration
image:
repository: your-registry/motm-app
tag: "v1.0.0" # Use specific version tags in production
pullPolicy: IfNotPresent
# Resource Limits for Production
resources:
limits:
cpu: 1000m
memory: 1Gi
requests:
cpu: 200m
memory: 512Mi
# Autoscaling for Production
autoscaling:
enabled: true
minReplicas: 2
maxReplicas: 10
targetCPUUtilizationPercentage: 70
targetMemoryUtilizationPercentage: 80
# Pod Disruption Budget
podDisruptionBudget:
enabled: true
minAvailable: 1
# Security Context
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
# Service Configuration
service:
type: ClusterIP
port: 80
targetPort: 5000
# Ingress Configuration for Production
ingress:
enabled: true
className: "nginx"
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
cert-manager.io/cluster-issuer: "letsencrypt-prod"
nginx.ingress.kubernetes.io/rate-limit: "100"
nginx.ingress.kubernetes.io/rate-limit-window: "1m"
hosts:
- host: motm.yourdomain.com
paths:
- path: /
pathType: Prefix
tls:
- secretName: motm-app-tls
hosts:
- motm.yourdomain.com
# Database Configuration
database:
type: "postgresql"
host: "postgresql-primary-service"
port: 5432
name: "motm_prod"
username: "motm_user"
# S3/MinIO Configuration for Production
s3:
enabled: true
storageProvider: "minio" # Use "aws" for AWS S3 or "minio" for MinIO
endpoint: "http://minio.default.svc.cluster.local:9000" # MinIO internal service endpoint
region: "us-east-1" # Required for boto3 even with MinIO
bucket: "hockey-apps"
bucketPrefix: "assets/"
useSignedUrls: false # Use public URLs (MinIO bucket should be public read)
signedUrlExpiry: 3600
fallbackToStatic: true
useSSL: false # Use HTTP for internal cluster communication
# Alternative external MinIO configuration (for external access):
# storageProvider: "minio"
# endpoint: "https://minio.yourdomain.com" # External MinIO endpoint
# region: "us-east-1"
# bucket: "hockey-apps"
# useSignedUrls: false
# useSSL: true # Use HTTPS for external access
# Environment Variables
env:
FLASK_ENV: "production"
FLASK_APP: "main.py"
FLASK_RUN_HOST: "0.0.0.0"
FLASK_RUN_PORT: "5000"
PYTHONUNBUFFERED: "1"
PYTHONDONTWRITEBYTECODE: "1"
# Health Checks
healthCheck:
enabled: true
path: "/"
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
# Persistence for Production
persistence:
enabled: true
storageClass: "fast-ssd" # Use fast storage class
accessMode: ReadWriteOnce
size: 10Gi
# Monitoring
monitoring:
enabled: true
serviceMonitor:
enabled: true
interval: 30s
scrapeTimeout: 10s
# Logging
logging:
level: "INFO"
format: "json"
# Node Selector for Production
nodeSelector:
node-type: "production"
# Tolerations
tolerations:
- key: "production"
operator: "Equal"
value: "true"
effect: "NoSchedule"
# Affinity Rules
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- motm-app
topologyKey: kubernetes.io/hostname
# Labels and Annotations
labels:
environment: "production"
team: "platform"
annotations:
deployment.kubernetes.io/revision: "1"
podLabels:
environment: "production"
podAnnotations:
prometheus.io/scrape: "true"
prometheus.io/port: "5000"
prometheus.io/path: "/metrics"
Reference in New Issue View Git Blame Copy Permalink