From efa7fa717e3ff6b69ff0466ce9816b8b463fd0c0 Mon Sep 17 00:00:00 2001 From: ivan Date: Tue, 21 Apr 2026 16:54:32 +0500 Subject: [PATCH] ++ --- apps/bim/base/backend-deployment.yaml | 175 ++++++++++++++++++++++++ apps/bim/base/backend-service.yaml | 15 ++ apps/bim/base/kustomization.yaml | 8 ++ apps/bim/base/namespace.yaml | 7 + apps/bim/yc-k8s-test/kustomization.yaml | 11 ++ apps/bim/yc-k8s-test/postgresql.yaml | 113 +++++++++++++++ apps/bim/yc-k8s-test/replicas.yaml | 8 ++ 7 files changed, 337 insertions(+) create mode 100644 apps/bim/base/backend-deployment.yaml create mode 100644 apps/bim/base/backend-service.yaml create mode 100644 apps/bim/base/kustomization.yaml create mode 100644 apps/bim/base/namespace.yaml create mode 100644 apps/bim/yc-k8s-test/kustomization.yaml create mode 100644 apps/bim/yc-k8s-test/postgresql.yaml create mode 100644 apps/bim/yc-k8s-test/replicas.yaml diff --git a/apps/bim/base/backend-deployment.yaml b/apps/bim/base/backend-deployment.yaml new file mode 100644 index 0000000..549e689 --- /dev/null +++ b/apps/bim/base/backend-deployment.yaml @@ -0,0 +1,175 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: backend + namespace: bim + labels: + app: backend +spec: + replicas: 1 + selector: + matchLabels: + app: backend + template: + metadata: + labels: + app: backend + spec: + containers: + - name: backend + image: cr.yandex/crp3ccidau046kdj8g9q/bim-backend-v2:donstroi1 + imagePullPolicy: IfNotPresent + ports: + - name: http + containerPort: 8000 + protocol: TCP + env: + - name: LAST_MASTER_BIM + value: "100000" + - name: LAST_MASTER_BIM_V3 + value: "100000" + - name: DB_CERT_PATH_4 + value: /root/yandex_pg.pem + - name: DB_CERT_PATH_3 + value: /root/yandex_pg.pem + - name: DB_CERT_PATH_2 + value: /root/yandex_pg.pem + - name: LAST_SLAVE_1_BIM + value: "1000000" + - name: POSTGRES_POOL_SIZE + value: "30" + - name: API_ADDRESS + value: 0.0.0.0:8000 + - name: DJANGO_HOST + value: http://backend.django.svc.cluster.local:8000 + - name: ENABLE_SQL_QUERY + value: "0" + - name: ENABLE_SSL + value: "0" + - name: POSTGRES_PORT_4 + valueFrom: + secretKeyRef: + key: port + name: postgresql-secret + - name: POSTGRES_PORT_2 + valueFrom: + secretKeyRef: + key: port + name: postgresql-secret + - name: POSTGRES_PORT + valueFrom: + secretKeyRef: + key: port + name: postgresql-secret + - name: POSTGRES_PORT_3 + valueFrom: + secretKeyRef: + key: port + name: postgresql-secret + - name: POSTGRES_DB_2 + valueFrom: + secretKeyRef: + key: database + name: postgresql-secret + - name: POSTGRES_DB_3 + valueFrom: + secretKeyRef: + key: database + name: postgresql-secret + - name: POSTGRES_DB_4 + valueFrom: + secretKeyRef: + key: database + name: postgresql-secret + - name: POSTGRES_DB + valueFrom: + secretKeyRef: + key: database + name: postgresql-secret + - name: POSTGRES_ADDRESS_2 + valueFrom: + secretKeyRef: + key: hostname + name: postgresql-secret + - name: POSTGRES_ADDRESS + valueFrom: + secretKeyRef: + key: hostname + name: postgresql-secret + - name: POSTGRES_ADDRESS_3 + valueFrom: + secretKeyRef: + key: hostname + name: postgresql-secret + - name: POSTGRES_ADDRESS_4 + valueFrom: + secretKeyRef: + key: hostname + name: postgresql-secret + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: username + name: postgresql-secret + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: password + name: postgresql-secret + - name: POSTGRES_USER_2 + valueFrom: + secretKeyRef: + key: username + name: postgresql-secret + - name: POSTGRES_PASSWORD_2 + valueFrom: + secretKeyRef: + key: password + name: postgresql-secret + - name: POSTGRES_USER_3 + valueFrom: + secretKeyRef: + key: username + name: postgresql-secret + - name: POSTGRES_PASSWORD_3 + valueFrom: + secretKeyRef: + key: password + name: postgresql-secret + - name: POSTGRES_USER_4 + valueFrom: + secretKeyRef: + key: username + name: postgresql-secret + - name: POSTGRES_PASSWORD_4 + valueFrom: + secretKeyRef: + key: password + name: postgresql-secret + + resources: + requests: + cpu: 100m + memory: 100Mi + volumeMounts: + - name: tasks-execution-config + readOnly: true + mountPath: /etc/app/tasks-execution-config.json + subPath: tasks-execution-config.json + livenessProbe: + httpGet: + path: /ping + port: 8000 + initialDelaySeconds: 10 + periodSeconds: 60 + failureThreshold: 10 + readinessProbe: + httpGet: + path: /ping + port: 8000 + initialDelaySeconds: 5 + periodSeconds: 5 + failureThreshold: 20 + imagePullSecrets: + - name: regcred diff --git a/apps/bim/base/backend-service.yaml b/apps/bim/base/backend-service.yaml new file mode 100644 index 0000000..9bd8e49 --- /dev/null +++ b/apps/bim/base/backend-service.yaml @@ -0,0 +1,15 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: backend-service + namespace: bim +spec: + type: ClusterIP + selector: + app: backend + ports: + - name: http + port: 8000 + targetPort: 8000 + protocol: TCP diff --git a/apps/bim/base/kustomization.yaml b/apps/bim/base/kustomization.yaml new file mode 100644 index 0000000..7bb3454 --- /dev/null +++ b/apps/bim/base/kustomization.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: bim +resources: + - namespace.yaml + - backend-deployment.yaml + - backend-service.yaml diff --git a/apps/bim/base/namespace.yaml b/apps/bim/base/namespace.yaml new file mode 100644 index 0000000..ce05970 --- /dev/null +++ b/apps/bim/base/namespace.yaml @@ -0,0 +1,7 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: bim + labels: + istio-injection: enabled diff --git a/apps/bim/yc-k8s-test/kustomization.yaml b/apps/bim/yc-k8s-test/kustomization.yaml new file mode 100644 index 0000000..79e4c45 --- /dev/null +++ b/apps/bim/yc-k8s-test/kustomization.yaml @@ -0,0 +1,11 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ../base + - postgresql.yaml +patches: + - path: replicas.yaml + target: + kind: Deployment + name: comparisons diff --git a/apps/bim/yc-k8s-test/postgresql.yaml b/apps/bim/yc-k8s-test/postgresql.yaml new file mode 100644 index 0000000..bb424a6 --- /dev/null +++ b/apps/bim/yc-k8s-test/postgresql.yaml @@ -0,0 +1,113 @@ +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: postgresql + namespace: bim +spec: + interval: 5m + timeout: 2h + chart: + spec: + chart: postgresql-contour + version: "17.0.2" + sourceRef: + kind: HelmRepository + name: yc-oci-charts + namespace: flux-system + + install: + timeout: 2h + remediation: + retries: 3 + + upgrade: + timeout: 2h + remediation: + retries: 3 + + values: + global: + security: + allowInsecureImages: true + defaultStorageClass: local-path + postgresql: + auth: + username: "" + database: "" + secretKeys: + userPasswordKey: "postgres-password" + auth: + username: "" + database: "" + secretKeys: + userPasswordKey: "postgres-password" + image: + registry: cr.yandex/crp3ccidau046kdj8g9q + repository: contour/postgresql + tag: 17.0.2 + pullPolicy: Always + metrics: + enabled: false + prometheusRule: + enabled: false + primary: + containerSecurityContext: + readOnlyRootFilesystem: false + persistence: + storageClass: local-path + size: 20Gi + customLivenessProbe: + exec: + command: + - /bin/sh + - -c + - exec pg_isready -U "sarex" -d postgres -h 127.0.0.1 -p 5432 + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 6 + customReadinessProbe: + exec: + command: + - /bin/sh + - -c + - exec pg_isready -U "sarex" -d postgres -h 127.0.0.1 -p 5432 + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 6 + customStartupProbe: + exec: + command: + - /bin/sh + - -c + - exec pg_isready -U "sarex" -d postgres -h 127.0.0.1 -p 5432 + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 6 + resources: + requests: + memory: 512Mi + nodeSelector: + dedicated: db + tolerations: + - key: dedicated + operator: Equal + value: db + effect: NoSchedule + contour: + enabled: true + adminUser: "" + adminPasswordSecretKey: "" + sharedPreloadLibraries: "pg_stat_statements,uuid-ossp,ltree,pg_partman" + databases: + - name: bim_db + user: bim + extensions: [] + restoreFromDump: false + s3-proxy: + endpointUrl: "s3-proxy-service.postgresql.svc.cluster.local" \ No newline at end of file diff --git a/apps/bim/yc-k8s-test/replicas.yaml b/apps/bim/yc-k8s-test/replicas.yaml new file mode 100644 index 0000000..6ae8686 --- /dev/null +++ b/apps/bim/yc-k8s-test/replicas.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: backend + namespace: bim +spec: + replicas: 1