- Remove duplicate namespace definitions from homer.yaml and deployment.yaml
- Namespace now only defined in namespace.yaml with Goldilocks labels
- Fixes ComparisonError: 'may not add resource with an already registered id'
- Remove argocd/ and helm-values/ subdirectories
- Move files to parent directory (argocd.yaml, helm-values.yaml)
- Update helm valueFiles paths in ArgoCD Applications
- Remove CreateNamespace=true from all applications
- Namespace creation now handled by namespace.yaml with Goldilocks labels
- Add namespace.yaml with goldilocks.fairwinds.com/enabled label
- Enable VPA recommendations for all applications
- Update kustomization.yaml to include namespace resources
- Fix namespace names to match actual usage (umami -> analytics)
- Add longhorn.io/display-name annotation to PVC for better visibility in Longhorn UI
- This helps identify the volume as 'code-server' in Longhorn dashboard
- Update namespace in all manifests (ingress, rbac, vault, argocd)
- Add namespace field to kustomization.yaml
- PVC will be recreated in new namespace with name 'code-server'
- All resources will be migrated to code-server namespace
- Change database host to postgresql-cnpg-rw.postgresql-cnpg.svc.cluster.local
- Change database user from postgres to bluemayne
- Database password remains Po87345364! (same as before)
- Gitea data has been migrated to CNPG successfully
- Reduce PVC size from 20Gi to 5Gi
- Revert storageClass from longhorn to local-path due to storage constraints
- Keep Gitea on longhorn, other apps on local-path
Reduced CPU requests to prevent node-agent scheduling failures:
- code-server: 100m → 50m (actual usage ~5m)
- kubernetes-dashboard metrics-scraper: 100m → 50m (actual usage minimal)
This optimization frees up 100m CPU on worker-node-2, allowing
Velero node-agent (30m request) to be scheduled successfully.
Worker-node-2 CPU allocation before: 840m/1000m (84%)
Worker-node-2 CPU allocation after: 730m/1000m (73%)
- Added ingress.yaml for code-server, kubernetes-dashboard, and umami
- Updated kustomization files to include ingress resources
- Migrated from centralized ingress management to per-app architecture
Set passwordMode to initialOnlyDoNotUpdate to prevent Gitea from forcing
password changes on every pod restart. This resolves the issue where users
were continuously prompted to update their password, causing ArgoCD
authentication failures.
