sarex/iac
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8ef010b09c
iac/apps/processing/base/engine.yaml

223 lines
8.0 KiB
YAML
Raw Blame History

---
apiVersion: apps/v1
kind: Deployment
metadata:
name: engine
namespace: processing
labels:
app: engine
service: engine
spec:
replicas: 1
selector:
matchLabels:
app: engine
template:
metadata:
labels:
app: engine
service: engine
annotations:
traffic.sidecar.istio.io/excludeOutboundPorts: "8200"
vault.hashicorp.com/agent-init-first: "true"
vault.hashicorp.com/agent-inject: "true"
vault.hashicorp.com/agent-pre-populate-only: "true"
vault.hashicorp.com/auth-path: auth/kubernetes
vault.hashicorp.com/role: processing
vault.hashicorp.com/agent-inject-secret-processing-postgresql: secrets/data/postgresql/apps/processing
vault.hashicorp.com/agent-inject-template-processing-postgresql: |-
{{- with secret "secrets/data/postgresql/apps/processing" -}}
POSTGRES_ADDRESS=postgresql.processing.svc.cluster.local
POSTGRES_PORT=5432
POSTGRES_USER={{ index .Data.data "username" }}
POSTGRES_PASSWORD={{ index .Data.data "password" }}
POSTGRES_DB=workflow_db
{{- end -}}
vault.hashicorp.com/agent-inject-secret-processing-rabbitmq: secrets/data/rabbitmq/apps/processing
vault.hashicorp.com/agent-inject-template-processing-rabbitmq: |-
{{- with secret "secrets/data/rabbitmq/apps/processing" -}}
RABBITMQ_HOST=rabbitmq.rabbitmq.svc.cluster.local
RABBITMQ_PORT=5672
RABBITMQ_USER={{ index .Data.data "username" }}
RABBITMQ_PASS={{ index .Data.data "password" }}
{{- end -}}
vault.hashicorp.com/agent-inject-secret-processing-smtp: secrets/data/vault/common/smtp_auth
vault.hashicorp.com/agent-inject-template-processing-smtp: |-
{{- with secret "secrets/data/vault/common/smtp_auth" -}}
{{ index .Data.data "env_json" }}
{{- end -}}
spec:
serviceAccountName: processing-vault
containers:
- name: engine
image: cr.yandex/crp3ccidau046kdj8g9q/workflows-endigne_prod:075fc0
imagePullPolicy: IfNotPresent
command: ["/bin/bash", "-ec"]
args:
- |
set -a
[ -f /vault/secrets/processing-postgresql ] && . /vault/secrets/processing-postgresql
[ -f /vault/secrets/processing-rabbitmq ] && . /vault/secrets/processing-rabbitmq
set +a
exec /engine
ports:
- name: http
containerPort: 8000
protocol: TCP
env:
- name: POSTGRES_POOL_SIZE
value: "20"
- name: ENVIRONMENT
value: prod
- name: WORKFLOWS_SENTRY_DSN
value: https://866b532efdbb4764a7551b76231232fc@o279218.ingest.sentry.io/543123
- name: WORKFLOWS_SENTRY_DEBUG
value: "0"
- name: API_ADDRESS
value: 0.0.0.0:8000
- name: DJANGO_HOST
value: http://backend.django.svc.cluster.local:8000
- name: S3_SERVICE_ACCOUNT
value: /etc/sarex/yc-s3/yc-s3-service-account.json
- name: BIM_API_V2_DB
value: /etc/sarex/bim-api-v2-db-prod.json
- name: PDM_API_DB
value: /etc/pdm/pdm-api-db-prod.json
- name: WORKSPACE_API_DB
value: /etc/ws/ws-api-db-prod.json
- name: ISSUE_API_DB
value: /etc/issues/issue-api-db-prod.json
- name: MAILGUN
value: /etc/mailgun-secret/env.json
- name: SMTP
value: /vault/secrets/processing-smtp
- name: INTERNAL_PDM_URL
value: http://documentations-api.documentations.svc.cluster.local:8080
- name: INTERNAL_FILESTREAM_URL
value: http://documentations-filestream.documentations.svc.cluster.local:8080
- name: EXTERNAL_PDM_URL
value: http://documentations-api.documentations.svc.cluster.local:8080
- name: EXTERNAL_FILESTREAM_URL
value: http://documentations-filestream-service.documentations.svc.cluster.local:8080
- name: RESOURCES_API_INTERNAL_HOST
value: http://resources-service.resources.svc.cluster.local:8000
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: ENABLE_SQL_QUERY
value: "0"
- name: ENABLE_S3_STORAGE
value: "1"
- name: ENABLE_S3V2_STORAGE
value: "1"
- name: ENABLE_PDM_STORAGE
value: "1"
- name: ENABLE_SMTP
value: "1"
- name: ENABLE_URL_STORAGE
value: "1"
- name: ENABLE_SRX_TMP
value: "1"
- name: ENABLE_BIM_API_V2_DB
value: "1"
- name: ENABLE_WORKSPACE_API_DB
value: "1"
- name: ENABLE_ISSUE_API_DB
value: "1"
- name: ENABLE_RESOURCES_API
value: "1"
- name: ENABLE_PDM_API_DB
value: "1"
- name: ENABLE_COMPARISONS_API_DB
value: "1"
- name: ENABLE_MAIL_GUN
value: "1"
- name: ENABLE_AMQP_EXECUTOR
value: "0"
- name: ENABLE_KUBERNETES_EXECUTOR
value: "1"
- name: MAX_WORKFLOWS_LIMIT
value: "5"
- name: CPU_COUNT
value: "1"
- name: MEMORY_GI
value: "1"
- name: CPU_COUNT_LOW_RESOURCES
value: "1"
- name: MEMORY_GI_LOW_RESOURCES
value: "1"
- name: CPU_COUNT_HIGH_MEM
value: "1"
- name: MEMORY_GI_HIGH_MEM
value: "1"
- name: ENABLE_TOLERATION
value: "1"
- name: COUNT_RUNNING_WORKERS
value: "1"
- name: COUNT_CANCELING_WORKERS
value: "1"
- name: COUNT_HANDLE_JOB_WORKERS
value: "1"
- name: BIM_API_DEBUG
value: "0"
- name: BIM_API_V2_DEBUG
value: "0"
- name: PDM_API_DEBUG
value: "0"
- name: COMPARISONS_API_DEBUG
value: "0"
- name: WORKSPACE_API_DEBUG
value: "0"
- name: JOBS_NAMESPACE
value: workflow
- name: ISSUE_API_DEBUG
value: "0"
- name: TOLERATION_KEY
value: dedicated
- name: TOLERATION_VALUE
value: processing-light
- name: TOLERATION_KEY_HIGH_MEM
value: dedicated
- name: TOLERATION_VALUE_HIGH_MEM
value: processing-light
- name: TOLERATION_KEY_PERSISTENT
value: dedicated
- name: TOLERATION_VALUE_PERSISTENT
value: processing-light
- name: RABBITMQ_CREATE_EXCHANGE
value: autodesk.inputMessage
- name: RABBITMQ_CANCEL_EXCHANGE
value: autodesk.cancelMessage
- name: RABBITMQ_CREATE_ROUTING_KEY
value: converting
- name: RABBITMQ_CANCEL_TOPIC
value: cancel
- name: RABBITMQ_COMPLETENESS_EXCHANGE
value: autodesk.outputMessage
- name: RABBITMQ_COMPLETENESS_TOPIC
value: output_navis
- name: CONTROL_PLANE_PERIOD
value: 10s
- name: DEFAULT_TOLERATION_KEY
value: dedicated
- name: DEFAULT_TOLERATION_VALUE
value: processing-light
- name: DEFAULT_NODE_SELECTOR_KEY
value: dedicated
- name: DEFAULT_NODE_SELECTOR_VALUE
value: processing-light
resources:
requests:
cpu: "1"
memory: 1Gi
imagePullSecrets:
- name: regcred
Reference in New Issue View Git Blame Copy Permalink