167 lines
3.2 KiB
YAML
167 lines
3.2 KiB
YAML
# Production values for MOTM App
|
|
# Use this file as a template for production deployment
|
|
|
|
# Application Configuration
|
|
app:
|
|
name: motm-app
|
|
version: "1.0.0"
|
|
|
|
# Image Configuration
|
|
image:
|
|
repository: your-registry/motm-app
|
|
tag: "v1.0.0" # Use specific version tags in production
|
|
pullPolicy: IfNotPresent
|
|
|
|
# Resource Limits for Production
|
|
resources:
|
|
limits:
|
|
cpu: 1000m
|
|
memory: 1Gi
|
|
requests:
|
|
cpu: 200m
|
|
memory: 512Mi
|
|
|
|
# Autoscaling for Production
|
|
autoscaling:
|
|
enabled: true
|
|
minReplicas: 2
|
|
maxReplicas: 10
|
|
targetCPUUtilizationPercentage: 70
|
|
targetMemoryUtilizationPercentage: 80
|
|
|
|
# Pod Disruption Budget
|
|
podDisruptionBudget:
|
|
enabled: true
|
|
minAvailable: 1
|
|
|
|
# Security Context
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
readOnlyRootFilesystem: true
|
|
runAsNonRoot: true
|
|
runAsUser: 1000
|
|
|
|
# Service Configuration
|
|
service:
|
|
type: ClusterIP
|
|
port: 80
|
|
targetPort: 5000
|
|
|
|
# Ingress Configuration for Production
|
|
ingress:
|
|
enabled: true
|
|
className: "nginx"
|
|
annotations:
|
|
nginx.ingress.kubernetes.io/rewrite-target: /
|
|
nginx.ingress.kubernetes.io/ssl-redirect: "true"
|
|
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
|
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
|
nginx.ingress.kubernetes.io/rate-limit: "100"
|
|
nginx.ingress.kubernetes.io/rate-limit-window: "1m"
|
|
hosts:
|
|
- host: motm.yourdomain.com
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
tls:
|
|
- secretName: motm-app-tls
|
|
hosts:
|
|
- motm.yourdomain.com
|
|
|
|
# Database Configuration
|
|
database:
|
|
type: "postgresql"
|
|
host: "postgresql-primary-service"
|
|
port: 5432
|
|
name: "motm_prod"
|
|
username: "motm_user"
|
|
|
|
# S3 Configuration for Production
|
|
s3:
|
|
enabled: true
|
|
endpoint: "https://s3.amazonaws.com"
|
|
region: "us-east-1"
|
|
bucket: "motm-assets-prod"
|
|
|
|
# Environment Variables
|
|
env:
|
|
FLASK_ENV: "production"
|
|
FLASK_APP: "main.py"
|
|
FLASK_RUN_HOST: "0.0.0.0"
|
|
FLASK_RUN_PORT: "5000"
|
|
PYTHONUNBUFFERED: "1"
|
|
PYTHONDONTWRITEBYTECODE: "1"
|
|
|
|
# Health Checks
|
|
healthCheck:
|
|
enabled: true
|
|
path: "/"
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 3
|
|
|
|
# Persistence for Production
|
|
persistence:
|
|
enabled: true
|
|
storageClass: "fast-ssd" # Use fast storage class
|
|
accessMode: ReadWriteOnce
|
|
size: 10Gi
|
|
|
|
# Monitoring
|
|
monitoring:
|
|
enabled: true
|
|
serviceMonitor:
|
|
enabled: true
|
|
interval: 30s
|
|
scrapeTimeout: 10s
|
|
|
|
# Logging
|
|
logging:
|
|
level: "INFO"
|
|
format: "json"
|
|
|
|
# Node Selector for Production
|
|
nodeSelector:
|
|
node-type: "production"
|
|
|
|
# Tolerations
|
|
tolerations:
|
|
- key: "production"
|
|
operator: "Equal"
|
|
value: "true"
|
|
effect: "NoSchedule"
|
|
|
|
# Affinity Rules
|
|
affinity:
|
|
podAntiAffinity:
|
|
preferredDuringSchedulingIgnoredDuringExecution:
|
|
- weight: 100
|
|
podAffinityTerm:
|
|
labelSelector:
|
|
matchExpressions:
|
|
- key: app.kubernetes.io/name
|
|
operator: In
|
|
values:
|
|
- motm-app
|
|
topologyKey: kubernetes.io/hostname
|
|
|
|
# Labels and Annotations
|
|
labels:
|
|
environment: "production"
|
|
team: "platform"
|
|
|
|
annotations:
|
|
deployment.kubernetes.io/revision: "1"
|
|
|
|
podLabels:
|
|
environment: "production"
|
|
|
|
podAnnotations:
|
|
prometheus.io/scrape: "true"
|
|
prometheus.io/port: "5000"
|
|
prometheus.io/path: "/metrics"
|