a051b67030
PERF(resources): remove CPU limits - keep memory limits only
...
- CPU throttling prevents app startup, not crashes
- Memory OOM is the real cascading failure cause
- CPU request ensures fair scheduling
2026-01-07 23:48:31 +09:00
b5517f757a
PERF(resources): increase CPU limit to VPA × 3 for startup burst
...
- Change CPU limit multiplier from 1.5x to 3x
- Prevents throttling during app startup
- Affected: code-server, crafty, docusaurus, gitea, headlamp,
homer, immich, mas, umami
2026-01-07 23:35:06 +09:00
8353cf22bc
FEAT(repo): add startupProbe for CPU-limited apps
...
- Add startupProbe to code-server, crafty, mas, umami, immich
- Configure 300s startup timeout (10s × 30 attempts)
- Set initialDelaySeconds to 0 for liveness/readiness
- Reduce immich-ml memory from 2Gi to 1Gi (node memory limit)
2026-01-07 23:25:06 +09:00
3bc0b76135
PERF(repo): apply CPU/Memory limits based on VPA
...
- Set CPU request to VPA recommendation
- Set CPU limit to VPA × 1.5 for burst allowance
- Set Memory limit to VPA × 1.5 to prevent OOM
- Prevent cascading failure on node failure
2026-01-07 23:07:30 +09:00
d65596309b
REFACTOR(secrets): flatten Vault paths
...
- Change secret paths from <category>/<app> to <app>
- applications/code-server → code-server
- applications/umami → umami
- databases/postgresql → postgresql
- cluster-infrastructure/authelia → authelia
2026-01-06 16:53:02 +09:00
068d9339b9
REFACTOR(repo): move vault/ to manifests/
...
- Move ExternalSecret files from vault/ to manifests/secret.yaml
- Merge multiple secrets with --- separator (immich)
- Update kustomization.yaml references
- Remove vault/ folders
Apps: umami, immich, code-server
2026-01-06 16:43:34 +09:00
fb0fb44251
REFACTOR(apps): integrate ingress to helm-values
...
- code-server: move ingress to helm-values, rbac to manifests
- headlamp: move ingress to helm-values, external-secret to manifests
2026-01-06 01:57:21 +09:00
42eb875c01
REFACTOR(repo): migrate repoURL to K3S-HOME
...
- Update repository URL to K3S-HOME organization
- Change from personal to organization repo
2026-01-05 00:43:51 +09:00
0592c36f34
PERF(code-server): reduce memory request
...
- Reduce memory request based on actual usage
- Optimize resource allocation
2026-01-05 00:43:51 +09:00
6ea23f1995
CHORE(authelia): disable local auth and add Authelia SSO
...
- code-server: Change --auth password to --auth none
- code-server: Add Authelia middleware to ingress
- immich: Add Authelia middleware to ingress
- umami: Add Authelia middleware to ingress
2026-01-05 00:43:51 +09:00
5bc34a7674
REFACTOR(longhorn): migrate storage from Longhorn to local-path
...
- code-server: storageClassName -> local-path-retain
- crafty: storageClassName -> local-path-retain
- immich: storageClassName -> local-path-retain
2026-01-05 00:43:51 +09:00
22694d9699
REFACTOR(traefik): switch ingress to Traefik
...
- Update ingressClassName from haproxy to traefik
- Update kubernetes-dashboard with Traefik backend SSL annotation
2026-01-05 00:43:51 +09:00
c44ec110e7
CHORE(eso): update ESO API version
2026-01-05 00:43:51 +09:00
9b256777bd
REFACTOR(gitea): migrate repoURL from Gitea to GitHub
...
- Update repository URL from Gitea to GitHub
- Change source control provider
2026-01-05 00:43:51 +09:00
19adcadfdf
REFACTOR(goldilocks): use managedNsMeta for Goldil
...
- Remove namespace.yaml files
- Add managedNamespaceMetadata with Goldilocks label
- Set CreateNamespace=true in syncOptions
- Update kustomization.yaml to remove namespace.yaml references
2026-01-05 00:43:51 +09:00
0996187c82
REFACTOR(docs): detach services,ingress from docs
2026-01-05 00:43:51 +09:00
71f7f1b741
REFACTOR(repo): restructure apps folder and remove CreateNamespace
...
- Remove argocd/ and helm-values/ subdirectories
- Move files to parent directory (argocd.yaml, helm-values.yaml)
- Update helm valueFiles paths in ArgoCD Applications
- Remove CreateNamespace=true from all applications
- Namespace creation now handled by namespace.yaml with Goldilocks labels
2026-01-05 00:43:51 +09:00
c7c7698610
FEAT(goldilocks): add goldilocks labels to applica
...
- Add namespace.yaml with goldilocks.fairwinds.com/enabled label
- Enable VPA recommendations for all applications
- Update kustomization.yaml to include namespace resources
- Fix namespace names to match actual usage (umami -> analytics)
2026-01-05 00:43:51 +09:00
3c4c92438f
REVERT(code-server): revert Longhorn display name annotation
...
- This reverts commit 99d33302bf79f56378884537ad3e250cf07cdb38
- Remove Longhorn display name annotation
2026-01-05 00:43:51 +09:00
aa04005fb9
FEAT(code-server): add longhorn display name annot
...
- Add longhorn.io/display-name annotation to PVC for better visibility in Longhorn UI
- This helps identify the volume as 'code-server' in Longhorn dashboard
2026-01-05 00:43:51 +09:00
642e3d0817
FEAT(code-server): add namespace field to code-ser
2026-01-05 00:43:51 +09:00
6d042cd89a
REFACTOR(code-server): migrate code-server namespa
...
- Update namespace in all manifests (ingress, rbac, vault, argocd)
- Add namespace field to kustomization.yaml
- PVC will be recreated in new namespace with name 'code-server'
- All resources will be migrated to code-server namespace
2026-01-05 00:43:51 +09:00
7be1e7cbc8
REFACTOR(code-server): migrate code-server to long
...
- Migrate Code-server (5Gi) to Longhorn
- Enable HA with replica=2
2026-01-05 00:43:51 +09:00
5904f97127
PERF(code-server): reduce code-server PVC size and
...
- Reduce PVC size from 20Gi to 5Gi
- Revert storageClass from longhorn to local-path due to storage constraints
- Keep Gitea on longhorn, other apps on local-path
2026-01-05 00:43:51 +09:00
18b7e5fe4a
REFACTOR(longhorn): migrate pvcs
...
- Gitea: 10Gi (replica=3 for high availability)
- Code Server: 20Gi (replica=3)
- Use dedicated 50GB Longhorn storage on each node
2026-01-05 00:43:51 +09:00
6805058bc4
PERF(grafana): optimize cpu requests based on actu
...
- code-server: 50m → 5m (actual: 1m)
- docusaurus: 50m → 5m (actual: 1m)
- kubernetes-dashboard: 15m → 5m (actual: 1m)
- kubernetes-dashboard-metrics-scraper: 50m → 5m (actual: 1m)
- homer: 50m → 5m (actual: 1m)
- umami: 30m → 5m (actual: 1m)
- gitea: 50m → 10m (actual: 5m)
2025-12-26 11:46:38 +09:00
47e3bf1b4e
PERF(resources): optimize cpu requests for worker-
...
Reduced CPU requests to prevent node-agent scheduling failures:
- code-server: 100m → 50m (actual usage ~5m)
- kubernetes-dashboard metrics-scraper: 100m → 50m (actual usage minimal)
This optimization frees up 100m CPU on worker-node-2, allowing
Velero node-agent (30m request) to be scheduled successfully.
Worker-node-2 CPU allocation before: 840m/1000m (84%)
Worker-node-2 CPU allocation after: 730m/1000m (73%)
2025-12-26 10:34:59 +09:00
af5343fbc3
PERF(code-server): reduce resource requests for wo
2025-12-26 09:50:38 +09:00
cb532c3bd1
FEAT(traefik): add per-application ingress managem
...
- Added ingress.yaml for code-server, kubernetes-dashboard, and umami
- Updated kustomization files to include ingress resources
- Migrated from centralized ingress management to per-app architecture
2025-12-25 20:21:26 +09:00
3f5c38ab49
REFACTOR(code-server): change username in code-ser
2025-12-25 01:32:46 +09:00
a26cc8d77c
FEAT(code-server): grant permissions
2025-12-25 01:21:10 +09:00
e9072e573c
FEAT(code-server): grant permissions
2025-12-25 01:11:16 +09:00
424d3656ce
FEAT(code-server): grant permissions
2025-12-25 01:09:40 +09:00
5c8ab74aed
FEAT(code-server): grant permissions
2025-12-25 01:06:18 +09:00
09c53730db
REFACTOR(code-server): change vault secret path
2025-12-17 21:32:30 +09:00
089f8c0575
CHORE(argocd): update ArgoCD apps to point to apps
2025-12-17 15:13:15 +09:00
9763b1e682
INIT(repo): apps setup with all user-facing servic
2025-12-17 15:11:34 +09:00
