docs: add runbooks and Kubernetes Helm Chart
Add 6 runbook documents: - 服务启动 (Service Startup) - 服务停止 (Service Shutdown) - 配置更新 (Configuration Update) - 日志分析 (Log Analysis) - 备份恢复 (Backup & Recovery) - 安全事件 (Security Incident) Add Kubernetes Helm Chart: - Chart.yaml, values.yaml - Deployment with health checks - Ingress with TLS support - PVC for data persistence - PDB for high availability - HPA for autoscaling - ServiceAccount configuration Add cron-backup.conf for automated backup scheduling.
This commit is contained in:
90
kubernetes/user-management/values.yaml
Normal file
90
kubernetes/user-management/values.yaml
Normal file
@@ -0,0 +1,90 @@
|
||||
# Default values for user-management.
|
||||
|
||||
replicaCount: 1
|
||||
|
||||
image:
|
||||
repository: user-management
|
||||
tag: latest
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
imagePullSecrets: []
|
||||
nameOverride: ""
|
||||
fullnameOverride: ""
|
||||
|
||||
service:
|
||||
type: ClusterIP
|
||||
port: 8080
|
||||
|
||||
ingress:
|
||||
enabled: true
|
||||
className: nginx
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-prod
|
||||
nginx.ingress.kubernetes.io/ssl-redirect: "true"
|
||||
hosts:
|
||||
- host: ums.example.com
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
tls:
|
||||
- secretName: ums-tls
|
||||
hosts:
|
||||
- ums.example.com
|
||||
|
||||
resources:
|
||||
limits:
|
||||
cpu: 500m
|
||||
memory: 512Mi
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 256Mi
|
||||
|
||||
persistence:
|
||||
enabled: true
|
||||
storageClass: standard
|
||||
accessMode: ReadWriteOnce
|
||||
size: 5Gi
|
||||
|
||||
# Pod Anti-Affinity settings
|
||||
podAntiAffinity:
|
||||
enabled: true
|
||||
topologyKey: kubernetes.io/hostname
|
||||
|
||||
# Readiness and Liveness probes
|
||||
readinessProbe:
|
||||
enabled: true
|
||||
path: /api/v1/health/ready
|
||||
initialDelaySeconds: 10
|
||||
periodSeconds: 5
|
||||
timeoutSeconds: 3
|
||||
failureThreshold: 3
|
||||
|
||||
livenessProbe:
|
||||
enabled: true
|
||||
path: /api/v1/health
|
||||
initialDelaySeconds: 30
|
||||
periodSeconds: 10
|
||||
timeoutSeconds: 5
|
||||
failureThreshold: 3
|
||||
|
||||
# Pod Disruption Budget
|
||||
podDisruptionBudget:
|
||||
enabled: true
|
||||
minAvailable: 1
|
||||
|
||||
# Horizontal Pod Autoscaler
|
||||
autoscaling:
|
||||
enabled: false
|
||||
minReplicas: 1
|
||||
maxReplicas: 3
|
||||
targetCPUUtilizationPercentage: 70
|
||||
targetMemoryUtilizationPercentage: 80
|
||||
|
||||
# Config
|
||||
config:
|
||||
jwtSecret: ""
|
||||
adminEmail: "admin@example.com"
|
||||
logLevel: "info"
|
||||
|
||||
# Ingress controller version (for annotation compatibility)
|
||||
ingressControllerVersion: "1.0"
|
||||
Reference in New Issue
Block a user