K3S-HOME/platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
be072c84d650c0ef39baf66f38a66adb80734f38
platform/argocd/helm-values.yaml
Mayne0213 be072c84d6 PERF(argocd): increase repo-server CPU limit 
- Double CPU limit from 84m to 168m to reduce throttling
2026-01-12 01:25:39 +09:00

173 lines
4.7 KiB
YAML
Raw Blame History

# ArgoCD Helm Chart Values
# Chart: https://argoproj.github.io/argo-helm (argo-cd)
# All custom settings from current cluster deployment
# =============================================================================
# GLOBAL SETTINGS
# =============================================================================
global:
# High priority for critical GitOps infrastructure
priorityClassName: high-priority
# =============================================================================
# CONFIGS (ConfigMaps)
# =============================================================================
configs:
# argocd-cm
cm:
# Authelia handles authentication, so allow anonymous access
users.anonymous.enabled: "true"
# Disable polling - webhook only
timeout.reconciliation: "0"
# Ignore resource status field differences
resource.compareoptions: |
ignoreResourceStatusField: all
# argocd-cmd-params-cm
params:
# Ingress handles TLS, so run in insecure mode
server.insecure: "true"
# Disable periodic app resync (webhook + self-heal only)
controller.self.heal.timeout.seconds: "5"
# argocd-rbac-cm
rbac:
# Anonymous users get admin role (Authelia handles authentication)
policy.csv: |
g, , role:admin
policy.default: role:admin
# =============================================================================
# APPLICATION CONTROLLER (StatefulSet)
# =============================================================================
controller:
# Metrics for Prometheus
metrics:
enabled: true
service:
enabled: true
servicePort: 8082
serviceMonitor:
enabled: true
# Memory optimization environment variables
env:
- name: GOMEMLIMIT
value: "800MiB"
- name: GOGC
value: "50"
# Disable periodic app resync
args:
appResyncPeriod: "0"
# Resource settings (VPA lowerBound/upperBound)
resources:
requests:
cpu: 22m
memory: 1388Mi
limits:
cpu: 839m
memory: 1861Mi
# Schedule on master node
nodeSelector:
node-role.kubernetes.io/control-plane: "true"
tolerations:
- key: node-role.kubernetes.io/control-plane
operator: Exists
effect: NoSchedule
# =============================================================================
# API SERVER (Deployment)
# =============================================================================
server:
# Metrics for Prometheus
metrics:
enabled: true
service:
enabled: true
servicePort: 8083
serviceMonitor:
enabled: true
# Main Ingress with Authelia middleware
ingress:
enabled: true
ingressClassName: traefik
hostname: argocd0213.kro.kr
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
traefik.ingress.kubernetes.io/router.middlewares: authelia-authelia-auth@kubernetescrd
tls: true
# Resource settings (VPA lowerBound/upperBound)
resources:
requests:
cpu: 15m
memory: 163Mi
limits:
cpu: 15m
memory: 218Mi
# =============================================================================
# REPO SERVER (Deployment)
# =============================================================================
repoServer:
# Metrics for Prometheus
metrics:
enabled: true
service:
enabled: true
servicePort: 8084
serviceMonitor:
enabled: true
# Resource settings (VPA lowerBound/upperBound)
resources:
requests:
cpu: 15m
memory: 225Mi
limits:
cpu: 168m
memory: 1310Mi
# =============================================================================
# REDIS (Deployment)
# =============================================================================
redis:
# Resource settings (VPA lowerBound/upperBound)
resources:
requests:
cpu: 15m
memory: 100Mi
limits:
cpu: 15m
memory: 100Mi
# =============================================================================
# DEX (OIDC) - Disabled (using Authelia instead)
# =============================================================================
dex:
enabled: false
# =============================================================================
# APPLICATIONSET CONTROLLER - Disabled (not used)
# =============================================================================
applicationSet:
enabled: false
# =============================================================================
# NOTIFICATIONS CONTROLLER - Disabled (not used)
# =============================================================================
notifications:
enabled: false
# =============================================================================
# CRDs
# =============================================================================
crds:
install: true
keep: true
Reference in New Issue View Git Blame Copy Permalink