seth
/
video-iac
mirror of https://bitbucket.org/jamkazam/video-iac.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

update staging to have a second cluster and better procss isolation

This commit is contained in:
Seth Call 2026-01-06 06:04:29 -06:00
parent 035c7709d6
commit 800c1f0a1c
12 changed files with 123 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
k8s/applications/templates/ingress-nginx.yaml
View File

@ -12,6 +12,18 @@ spec:
repoURL: 'https://kubernetes.github.io/ingress-nginx' repoURL: 'https://kubernetes.github.io/ingress-nginx'
targetRevision: 4.13.0 targetRevision: 4.13.0
chart: ingress-nginx chart: ingress-nginx
helm:
values: |
controller:
nodeSelector:
workload: infra
admissionWebhooks:
patch:
nodeSelector:
workload: infra
defaultBackend:
nodeSelector:
workload: infra
project: default project: default
syncPolicy: syncPolicy:
syncOptions: syncOptions:

18
k8s/argocd/overlays/staging/kustomization.yaml
View File

@ -17,4 +17,20 @@ patchesJson6902:
group: networking.k8s.io group: networking.k8s.io
kind: Ingress kind: Ingress
name: argocd-server-ingress name: argocd-server-ingress
version: v1 version: v1
patches:
- target:
kind: Deployment
patch: |-
- op: add
path: /spec/template/spec/nodeSelector
value:
workload: infra
- target:
kind: StatefulSet
patch: |-
- op: add
path: /spec/template/spec/nodeSelector
value:
workload: infra

11
k8s/cert-manager/kustomization.yaml
View File

@ -4,4 +4,13 @@ kind: Kustomization
resources: resources:
- https://github.com/jetstack/cert-manager/releases/download/v1.6.0/cert-manager.yaml - https://github.com/jetstack/cert-manager/releases/download/v1.6.0/cert-manager.yaml
- cluster-issuer-nginx.yaml - cluster-issuer-nginx.yaml
patches:
- target:
kind: Deployment
patch: |-
- op: add
path: /spec/template/spec/nodeSelector
value:
workload: infra

8
k8s/coturn/templates/deployment.yml
View File

@ -43,3 +43,11 @@ spec:
- name: coturn-config-volume - name: coturn-config-volume
mountPath: /etc/coturn/turnserver.conf mountPath: /etc/coturn/turnserver.conf
subPath: turnserver.conf subPath: turnserver.conf
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}

14
k8s/coturn/values.yaml
View File

@ -12,6 +12,12 @@ imagePullSecrets: []
redis: redis:
enabled: true enabled: true
master:
nodeSelector:
workload: infra
replica:
nodeSelector:
workload: infra
image: image:
registry: public.ecr.aws registry: public.ecr.aws
repository: bitnami/redis repository: bitnami/redis
@ -23,3 +29,11 @@ exporter:
repository: ghcr.io/coturn/coturn-exporter repository: ghcr.io/coturn/coturn-exporter
tag: latest tag: latest
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
nodeSelector:
workload: media
tolerations:
- key: "dedicated"
operator: "Equal"
value: "media"
effect: "NoSchedule"

11
k8s/external-dns/overlays/staging/kustomization.yaml
View File

@ -12,4 +12,13 @@ patchesJson6902:
group: apps group: apps
version: v1 version: v1
kind: Deployment kind: Deployment
name: external-dns name: external-dns
patches:
- target:
kind: Deployment
patch: |-
- op: add
path: /spec/template/spec/nodeSelector
value:
workload: infra

2
k8s/loki/values.yaml
View File

@ -64,6 +64,8 @@ loki:
singleBinary: singleBinary:
replicas: 1 replicas: 1
nodeSelector:
workload: infra
persistence: persistence:
enabled: true enabled: true
size: 20Gi size: 20Gi

11
k8s/monitoring/values-staging.yaml
View File

@ -5,6 +5,17 @@ rbac:
kube-prometheus-stack: kube-prometheus-stack:
prometheus:
prometheusSpec:
nodeSelector:
workload: infra
grafana:
nodeSelector:
workload: infra
alertmanager:
alertmanagerSpec:
nodeSelector:
workload: infra
crds: crds:
enabled: false enabled: false

5
k8s/promtail/values.yaml
View File

@ -2,3 +2,8 @@ promtail:
config: config:
clients: clients:
- url: http://loki.loki.svc:3100/loki/api/v1/push - url: http://loki.loki.svc:3100/loki/api/v1/push
tolerations:
- key: dedicated
operator: Equal
value: media
effect: NoSchedule

8
k8s/webrtc-be/templates/deployment.yml
View File

@ -68,6 +68,14 @@ spec:
periodSeconds: 10 periodSeconds: 10
timeoutSeconds: 5 timeoutSeconds: 5
failureThreshold: 3 failureThreshold: 3
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
readinessProbe: readinessProbe:
httpGet: httpGet:
path: /healthcheck path: /healthcheck

8
k8s/webrtc-be/values-staging.yaml
View File

@ -15,3 +15,11 @@ mediasoup:
# Session Timeouts (ms) # Session Timeouts (ms)
sessionHealthCheckInterval: 60000 sessionHealthCheckInterval: 60000
sessionOverGracePeriod: 300000 sessionOverGracePeriod: 300000
nodeSelector:
workload: media
tolerations:
- key: "dedicated"
operator: "Equal"
value: "media"
effect: "NoSchedule"

19
terraform/lke.tf
View File

@ -10,7 +10,12 @@ resource "linode_lke_cluster" "stg-video-cluster" {
type = "g6-standard-2" type = "g6-standard-2"
count = 3 count = 3
labels = { labels = {
"workload" = "any" "workload" = "media"
}
taint {
key = "dedicated"
value = "media"
effect = "NoSchedule"
} }
autoscaler { autoscaler {
min = 3 min = 3
@ -18,6 +23,18 @@ resource "linode_lke_cluster" "stg-video-cluster" {
} }
} }
pool {
type = "g6-standard-1"
count = 2
labels = {
"workload" = "infra"
}
autoscaler {
min = 2
max = 5
}
}
} }
resource "local_file" "kubeconfig" { resource "local_file" "kubeconfig" {