apiVersion: apps/v1 kind: Deployment metadata: name: vapora-backend namespace: vapora labels: app: vapora component: backend deployment-mode: {{ deployment_mode }} spec: replicas: {% if deployment_mode == 'enterprise' %}3{% elif deployment_mode == 'multiuser' %}2{% else %}1{% endif %} selector: matchLabels: app: vapora component: backend template: metadata: labels: app: vapora component: backend deployment-mode: {{ deployment_mode }} annotations: prometheus.io/scrape: "{{ monitoring.prometheus_enabled|lower }}" prometheus.io/port: "{{ backend.port }}" prometheus.io/path: "{{ monitoring.metrics_path }}" spec: serviceAccountName: vapora {% if security.tls_enabled %} securityContext: fsGroup: 65534 runAsNonRoot: true runAsUser: 65534 {% endif %} containers: - name: backend image: vapora/backend:latest imagePullPolicy: IfNotPresent ports: - name: http containerPort: {{ backend.port }} protocol: TCP env: - name: DEPLOYMENT_MODE valueFrom: configMapKeyRef: name: vapora-config key: deployment-mode - name: WORKSPACE_NAME valueFrom: configMapKeyRef: name: vapora-config key: workspace-name - name: BACKEND_HOST valueFrom: configMapKeyRef: name: vapora-config key: backend-host - name: BACKEND_PORT valueFrom: configMapKeyRef: name: vapora-config key: backend-port - name: BACKEND_WORKERS valueFrom: configMapKeyRef: name: vapora-config key: backend-workers - name: DATABASE_URL valueFrom: configMapKeyRef: name: vapora-config key: backend-database-url - name: DATABASE_POOL_SIZE valueFrom: configMapKeyRef: name: vapora-config key: backend-database-pool-size - name: DATABASE_USER valueFrom: secretKeyRef: name: vapora-secrets key: database-username optional: true - name: DATABASE_PASSWORD valueFrom: secretKeyRef: name: vapora-secrets key: database-password optional: true - name: JWT_SECRET valueFrom: secretKeyRef: name: vapora-secrets key: jwt-secret optional: true - name: LOG_LEVEL valueFrom: configMapKeyRef: name: vapora-config key: monitoring-log-level - name: PROMETHEUS_ENABLED valueFrom: configMapKeyRef: name: vapora-config key: monitoring-prometheus-enabled - name: TLS_ENABLED valueFrom: configMapKeyRef: name: vapora-config key: security-tls-enabled {% if security.tls_enabled %} - name: TLS_CERT_PATH value: /etc/vapora/certs/tls.crt - name: TLS_KEY_PATH value: /etc/vapora/certs/tls.key {% endif %} resources: requests: memory: {% if deployment_mode == 'enterprise' %}"512Mi"{% elif deployment_mode == 'multiuser' %}"256Mi"{% else %}"128Mi"{% endif %} cpu: {% if deployment_mode == 'enterprise' %}"500m"{% elif deployment_mode == 'multiuser' %}"250m"{% else %}"100m"{% endif %} limits: memory: {% if deployment_mode == 'enterprise' %}"1Gi"{% elif deployment_mode == 'multiuser' %}"512Mi"{% else %}"256Mi"{% endif %} cpu: {% if deployment_mode == 'enterprise' %}"1000m"{% elif deployment_mode == 'multiuser' %}"500m"{% else %}"200m"{% endif %} livenessProbe: httpGet: path: /health port: http scheme: {% if security.tls_enabled %}HTTPS{% else %}HTTP{% endif %} initialDelaySeconds: 10 periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 3 readinessProbe: httpGet: path: /ready port: http scheme: {% if security.tls_enabled %}HTTPS{% else %}HTTP{% endif %} initialDelaySeconds: 5 periodSeconds: 5 timeoutSeconds: 3 failureThreshold: 3 volumeMounts: - name: config mountPath: /etc/vapora/config readOnly: true - name: storage mountPath: "{{ backend.storage.path }}" {% if security.tls_enabled %} - name: tls-certs mountPath: /etc/vapora/certs readOnly: true {% endif %} volumes: - name: config configMap: name: vapora-config - name: storage {% if deployment_mode == 'enterprise' %} persistentVolumeClaim: claimName: vapora-storage {% else %} emptyDir: sizeLimit: {% if deployment_mode == 'multiuser' %}"5Gi"{% else %}"1Gi"{% endif %} {% endif %} {% if security.tls_enabled %} - name: tls-certs secret: secretName: vapora-tls defaultMode: 0400 {% endif %} {% if deployment_mode == 'enterprise' %} affinity: podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - weight: 100 podAffinityTerm: labelSelector: matchExpressions: - key: app operator: In values: - vapora topologyKey: kubernetes.io/hostname {% endif %} --- apiVersion: apps/v1 kind: Deployment metadata: name: vapora-agents namespace: vapora labels: app: vapora component: agents deployment-mode: {{ deployment_mode }} spec: replicas: {% if deployment_mode == 'enterprise' %}3{% elif deployment_mode == 'multiuser' %}2{% else %}1{% endif %} selector: matchLabels: app: vapora component: agents template: metadata: labels: app: vapora component: agents deployment-mode: {{ deployment_mode }} spec: serviceAccountName: vapora containers: - name: agents image: vapora/agents:latest imagePullPolicy: IfNotPresent ports: - name: http containerPort: {{ agents.port }} protocol: TCP env: - name: AGENTS_HOST valueFrom: configMapKeyRef: name: vapora-config key: agents-host - name: AGENTS_PORT valueFrom: configMapKeyRef: name: vapora-config key: agents-port - name: AGENTS_MAX_INSTANCES valueFrom: configMapKeyRef: name: vapora-config key: agents-max-instances - name: AGENTS_HEARTBEAT_INTERVAL valueFrom: configMapKeyRef: name: vapora-config key: agents-heartbeat-interval - name: LEARNING_ENABLED valueFrom: configMapKeyRef: name: vapora-config key: agents-learning-enabled - name: NATS_ENABLED valueFrom: configMapKeyRef: name: vapora-config key: agents-nats-enabled - name: NATS_URL valueFrom: configMapKeyRef: name: vapora-config key: nats-url resources: requests: memory: {% if deployment_mode == 'enterprise' %}"256Mi"{% elif deployment_mode == 'multiuser' %}"128Mi"{% else %}"64Mi"{% endif %} cpu: {% if deployment_mode == 'enterprise' %}"250m"{% elif deployment_mode == 'multiuser' %}"100m"{% else %}"50m"{% endif %} limits: memory: {% if deployment_mode == 'enterprise' %}"512Mi"{% elif deployment_mode == 'multiuser' %}"256Mi"{% else %}"128Mi"{% endif %} cpu: {% if deployment_mode == 'enterprise' %}"500m"{% elif deployment_mode == 'multiuser' %}"200m"{% else %}"100m"{% endif %} --- apiVersion: apps/v1 kind: Deployment metadata: name: vapora-llm-router namespace: vapora labels: app: vapora component: llm-router deployment-mode: {{ deployment_mode }} spec: replicas: {% if deployment_mode == 'enterprise' %}2{% elif deployment_mode == 'multiuser' %}1{% else %}1{% endif %} selector: matchLabels: app: vapora component: llm-router template: metadata: labels: app: vapora component: llm-router deployment-mode: {{ deployment_mode }} spec: serviceAccountName: vapora containers: - name: llm-router image: vapora/llm-router:latest imagePullPolicy: IfNotPresent ports: - name: http containerPort: {{ llm_router.port }} protocol: TCP env: - name: LLM_ROUTER_HOST valueFrom: configMapKeyRef: name: vapora-config key: llm-router-host - name: LLM_ROUTER_PORT valueFrom: configMapKeyRef: name: vapora-config key: llm-router-port - name: COST_TRACKING_ENABLED valueFrom: configMapKeyRef: name: vapora-config key: llm-router-cost-tracking-enabled - name: CLAUDE_ENABLED valueFrom: configMapKeyRef: name: vapora-config key: llm-router-claude-enabled - name: OPENAI_ENABLED valueFrom: configMapKeyRef: name: vapora-config key: llm-router-openai-enabled - name: OLLAMA_URL valueFrom: configMapKeyRef: name: vapora-config key: llm-router-ollama-url - name: ANTHROPIC_API_KEY valueFrom: secretKeyRef: name: vapora-secrets key: anthropic-api-key optional: true - name: OPENAI_API_KEY valueFrom: secretKeyRef: name: vapora-secrets key: openai-api-key optional: true resources: requests: memory: {% if deployment_mode == 'enterprise' %}"256Mi"{% elif deployment_mode == 'multiuser' %}"128Mi"{% else %}"64Mi"{% endif %} cpu: {% if deployment_mode == 'enterprise' %}"250m"{% elif deployment_mode == 'multiuser' %}"100m"{% else %}"50m"{% endif %} limits: memory: {% if deployment_mode == 'enterprise' %}"512Mi"{% elif deployment_mode == 'multiuser' %}"256Mi"{% else %}"128Mi"{% endif %} cpu: {% if deployment_mode == 'enterprise' %}"500m"{% elif deployment_mode == 'multiuser' %}"200m"{% else %}"100m"{% endif %}