119 lines
3.4 KiB
YAML
119 lines
3.4 KiB
YAML
apiVersion: argoproj.io/v1alpha1
|
|
kind: Application
|
|
metadata:
|
|
name: plane
|
|
finalizers:
|
|
- resources-finalizer.argocd.argoproj.io
|
|
spec:
|
|
ignoreDifferences:
|
|
# PVCs - creationTimestamp und Status ignorieren
|
|
- group: ""
|
|
kind: PersistentVolumeClaim
|
|
jsonPointers:
|
|
- /metadata/creationTimestamp
|
|
- /status
|
|
|
|
# StatefulSets - alle volumeClaimTemplates komplett ignorieren
|
|
- group: apps
|
|
kind: StatefulSet
|
|
jsonPointers:
|
|
- /spec/volumeClaimTemplates
|
|
- /status
|
|
- /spec/replicas
|
|
|
|
# Worker Deployment - Replica Status ignorieren
|
|
- group: apps
|
|
kind: Deployment
|
|
name: plane-worker-wl
|
|
jsonPointers:
|
|
- /status
|
|
|
|
project: default
|
|
source:
|
|
repoURL: 'https://helm.plane.so/'
|
|
chart: 'plane-ce'
|
|
targetRevision: 1.3.1
|
|
helm:
|
|
values: |
|
|
|
|
ingress:
|
|
enabled: true
|
|
appHost: "plane.innovation-hub-niedersachsen.de"
|
|
ingressClass: "traefik"
|
|
ingress_annotations:
|
|
cert-manager.io/cluster-issuer: lets-encrypt
|
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
|
|
|
ssl:
|
|
tls_secret_name: "plane-tls"
|
|
createIssuer: false
|
|
generateCerts: false
|
|
|
|
minio:
|
|
local_setup: false
|
|
|
|
env:
|
|
docstore_bucket: "planedocstore"
|
|
doc_upload_size_limit: "5242880"
|
|
aws_access_key: "a0ccb47cc0994bf51ecd"
|
|
aws_secret_access_key: "0d54ee2f943f2a56b8cafc3afe9cb1e2f9fecac2"
|
|
aws_region: "eu-central-1"
|
|
aws_s3_endpoint_url: "https://sws3.innovation-hub-niedersachsen.de"
|
|
# Celery Worker Konfiguration - Optimiert für Stabilität
|
|
CELERY_WORKER_CONCURRENCY: "2"
|
|
CELERY_WORKER_MAX_TASKS_PER_CHILD: "100"
|
|
CELERY_WORKER_MAX_MEMORY_PER_CHILD: "200000"
|
|
# Task Timeouts zur Vermeidung von Memory-Leaks
|
|
CELERY_TASK_SOFT_TIME_LIMIT: "300"
|
|
CELERY_TASK_TIME_LIMIT: "600"
|
|
|
|
# Worker-spezifische Einstellungen
|
|
worker:
|
|
replicas: 2
|
|
# Reduzierte Concurrency für bessere Memory-Nutzung
|
|
concurrency: 1
|
|
resources:
|
|
requests:
|
|
memory: "4Gi"
|
|
cpu: "500m"
|
|
limits:
|
|
memory: "8Gi"
|
|
cpu: "2000m"
|
|
# Vereinfachte Health Checks
|
|
readinessProbe:
|
|
exec:
|
|
command:
|
|
- /bin/sh
|
|
- -c
|
|
- celery -A plane inspect ping -d celery@$HOSTNAME -t 5
|
|
initialDelaySeconds: 60
|
|
periodSeconds: 60
|
|
timeoutSeconds: 15
|
|
failureThreshold: 5
|
|
livenessProbe:
|
|
exec:
|
|
command:
|
|
- /bin/sh
|
|
- -c
|
|
- celery -A plane inspect ping -d celery@$HOSTNAME -t 5
|
|
initialDelaySeconds: 120
|
|
periodSeconds: 120
|
|
timeoutSeconds: 15
|
|
failureThreshold: 5
|
|
|
|
destination:
|
|
server: 'https://kubernetes.default.svc'
|
|
namespace: plane
|
|
|
|
syncPolicy:
|
|
managedNamespaceMetadata:
|
|
labels:
|
|
pod-security.kubernetes.io/enforce: "privileged"
|
|
automated:
|
|
selfHeal: true
|
|
prune: true
|
|
syncOptions:
|
|
- CreateNamespace=true
|
|
- ServerSideApply=true
|
|
- PruneLast=true
|
|
- RespectIgnoreDifferences=true |