Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Reduce resource requests. Increase replica count to 2 in prod #77

Merged
merged 1 commit into from
Nov 6, 2024
Merged

Reduce resource requests. Increase replica count to 2 in prod #77

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
102 changes: 0 additions & 102 deletions .nais/prod.yaml
View file
Open in desktop

This file was deleted.

100 changes: 93 additions & 7 deletions .nais/prod/nais.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,14 +3,100 @@ kind: Application
metadata:
name: maskinporten-guardian
namespace: dapla-stat
labels:
team: dapla-stat
spec:
image: {{image}}
port: 8080
ttl: 3h
image: "{{ image }}" # Injected from the GitHub Action
port: 10310
replicas:
max: 1
min: 1
max: 2
min: 2
resources:
requests:
cpu: 50m
memory: 500Mi
cpu: 100m
memory: 500Mi

ingresses:
- https://guardian.intern.ssb.no

accessPolicy:
outbound:
external:
- host: "auth.ssb.no"
- host: "keycloak.prod-bip-app.ssb.no"
- host: "maskinporten.no"
- host: "sky.maskinporten.no"

liveness:
path: /health/liveness
port: 10310
readiness:
path: /health/readiness
port: 10310
startup:
path: /health/readiness
port: 10310

env:
- name: MICRONAUT_CONFIG_FILES
value: /conf/bootstrap-prod.yml,/conf/application-prod.yml,/conf/protected/application-gcp.yml,/conf/auth/maskinporten-clients.yml
- name: LOGBACK_CONFIGURATION_FILE
value: /conf/logback-prod.xml

filesFrom:
- configmap: guardian-application-prod-configmap
mountPath: /conf
- configmap: guardian-application-prod-protected-configmap
mountPath: /conf/protected
- configmap: maskinporten-clients-prod-configmap
mountPath: /conf/auth

---

apiVersion: v1
kind: ConfigMap
metadata:
name: guardian-application-prod-configmap
namespace: dapla-stat
labels:
team: dapla-stat
data:
bootstrap-prod.yml: |-
micronaut:
application:
name: maskinporten-guardian
config-client:
enabled: true

application-prod.yml: |-
micronaut:
application:
name: maskinporten-guardian
server:
port: 10310

security:
enabled: true
token:
name-key: preferred_username
jwt:
signatures:
jwks:
keycloak-prod:
url: 'https://keycloak.prod-bip-app.ssb.no/auth/realms/ssb/protocol/openid-connect/certs'
auth-prod:
url: 'https://auth.ssb.no/realms/ssb/protocol/openid-connect/certs'

endpoints:
prometheus:
sensitive: false

services:
secrets:
impl: GCP

certificates:
ssb-maskinporten-virksomhetssertifikat:
certificate-secret-id: ssb-prod-seid2-p12-certificate
certificate-passphrase-secret-id: ssb-prod-seid2-p12-passphrase
certificate-keystore-entry-alias: statistisk sentralbyrå
118 changes: 0 additions & 118 deletions .nais/test.yaml
View file
Open in desktop

This file was deleted.

Loading
Loading