jesus/prvng_platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
prvng_platform/crates/rag/k8s/04-deployment.yaml
Jesús Pérez 09a97ac8f5
chore: update platform submodule to monorepo crates structure 
Platform restructured into crates/, added AI service and detector,
       migrated control-center-ui to Leptos 0.8
2026-01-08 21:32:59 +00:00

240 lines
5.8 KiB
YAML
Raw Blame History

---
# Deployment for RAG Service
apiVersion: apps/v1
kind: Deployment
metadata:
name: provisioning-rag
namespace: provisioning-rag
labels:
app: provisioning-rag
version: "8e"
component: api-service
annotations:
description: "RAG Service with Orchestrator and REST API"
deployment.kubernetes.io/revision: "1"
spec:
replicas: 3
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
selector:
matchLabels:
app: provisioning-rag
component: api-service
template:
metadata:
labels:
app: provisioning-rag
component: api-service
version: "8e"
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "8888"
prometheus.io/path: "/metrics"
spec:
serviceAccountName: provisioning-rag
securityContext:
runAsNonRoot: true
runAsUser: 1000
fsGroup: 1000
initContainers:
- name: wait-for-db
image: busybox:1.35
command: ['sh', '-c', 'until nc -z surrealdb 8000; do echo waiting for surrealdb; sleep 2; done']
containers:
- name: provisioning-rag
image: provisioning-rag:latest
imagePullPolicy: IfNotPresent
ports:
- name: api
containerPort: 9090
protocol: TCP
- name: metrics
containerPort: 8888
protocol: TCP
# Environment variables from ConfigMap
envFrom:
- configMapRef:
name: provisioning-rag-config
# Secrets
env:
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: provisioning-rag-secrets
key: DB_PASSWORD
- name: OPENAI_API_KEY
valueFrom:
secretKeyRef:
name: provisioning-rag-secrets
key: OPENAI_API_KEY
# Resource limits and requests
resources:
requests:
cpu: 500m
memory: 512Mi
limits:
cpu: 2000m
memory: 2Gi
# Liveness probe - checks if container is alive
livenessProbe:
httpGet:
path: /health
port: api
initialDelaySeconds: 10
periodSeconds: 30
timeoutSeconds: 5
failureThreshold: 3
# Readiness probe - checks if container is ready for traffic
readinessProbe:
httpGet:
path: /health
port: api
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 2
# Startup probe - checks if container has started
startupProbe:
httpGet:
path: /health
port: api
initialDelaySeconds: 0
periodSeconds: 10
timeoutSeconds: 3
failureThreshold: 30
# Volume mounts
volumeMounts:
- name: data
mountPath: /app/data
- name: logs
mountPath: /app/logs
# Security context for container
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: false
runAsNonRoot: true
runAsUser: 1000
capabilities:
drop:
- ALL
add:
- NET_BIND_SERVICE
# Volumes
volumes:
- name: data
persistentVolumeClaim:
claimName: provisioning-rag-data-pvc
- name: logs
emptyDir: {}
# Pod scheduling
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchExpressions:
- key: app
operator: In
values:
- provisioning-rag
topologyKey: kubernetes.io/hostname
terminationGracePeriodSeconds: 30
---
# Deployment for SurrealDB
apiVersion: apps/v1
kind: Deployment
metadata:
name: surrealdb
namespace: provisioning-rag
labels:
app: surrealdb
version: latest
component: database
spec:
replicas: 1
selector:
matchLabels:
app: surrealdb
component: database
template:
metadata:
labels:
app: surrealdb
component: database
spec:
securityContext:
fsGroup: 1000
containers:
- name: surrealdb
image: surrealdb/surrealdb:latest
imagePullPolicy: IfNotPresent
ports:
- name: http
containerPort: 8000
protocol: TCP
# Environment
env:
- name: SURREAL_LOG
value: "info"
# Resource limits
resources:
requests:
cpu: 250m
memory: 256Mi
limits:
cpu: 1000m
memory: 1Gi
# Health checks
livenessProbe:
tcpSocket:
port: http
initialDelaySeconds: 10
periodSeconds: 20
timeoutSeconds: 5
failureThreshold: 3
readinessProbe:
tcpSocket:
port: http
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 2
# Volume mounts
volumeMounts:
- name: data
mountPath: /data
# Volumes
volumes:
- name: data
persistentVolumeClaim:
claimName: surrealdb-data-pvc
terminationGracePeriodSeconds: 10
Reference in New Issue View Git Blame Copy Permalink