|
|
38cf6abc0b
|
refactor: update Vault secret paths to new categorized structure
- minio: minio → storage/minio, minio-s3-credentials → storage/minio-s3-credentials
- pgweb: pgweb → storage/pgweb
- postgresql: postgresql → storage/postgresql
- velero: minio → storage/minio, velero → storage/velero
- zot: zot → storage/zot
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
|
2026-01-11 22:36:38 +09:00 |
|
|
|
39ad7757f8
|
REFACTOR(repo): remove control-plane scheduling
- Remove nodeSelector for control-plane node
- Remove tolerations for control-plane taint
- Allow pods to schedule on any available node
|
2026-01-10 18:35:15 +09:00 |
|
|
|
6cc795c3ef
|
CHORE(resources): set memory limits equal to memory requests
Align memory limits with memory requests for guaranteed QoS class.
- velero: main, nodeAgent
- postgresql: cluster
- minio: console
- zot, cnpg, pgweb
|
2026-01-09 21:46:58 +09:00 |
|
|
|
613ef5984e
|
REFACTOR(repo): standardize taint to control-plane
- Change node-role.kubernetes.io/master to control-plane
- Update velero, zot, postgresql, minio tolerations
- Change effect from NoExecute to NoSchedule (K3s standard)
|
2026-01-09 21:46:40 +09:00 |
|
|
|
93beb1c3b0
|
FIX(postgresql): remove CPU limit from CNPG cluster
|
2026-01-08 00:31:16 +09:00 |
|
|
|
35df7aa64e
|
PERF(resources): remove CPU limits - keep memory limits only
- CPU throttling prevents app startup, not crashes
- Memory OOM is the real cascading failure cause
- CPU request ensures fair scheduling
|
2026-01-07 23:48:47 +09:00 |
|
|
|
9c0fddb0ef
|
REFACTOR(secrets): flatten Vault paths
- Change secret paths from <category>/<app> to <app>
- databases/postgresql → postgresql
- databases/minio → minio
- databases/pgweb → pgweb
- cluster-infrastructure/velero → velero
|
2026-01-06 16:52:54 +09:00 |
|
|
|
b5f93b3812
|
REFACTOR(repo): move vault/ to manifests/
- Move ExternalSecret files from vault/ to manifests/secret.yaml
- Merge multiple secrets with --- separator (postgresql)
- Update kustomization.yaml references
- Remove vault/ folders
Apps: postgresql, postgresql-dev, pgweb, minio, velero
|
2026-01-06 16:42:24 +09:00 |
|
|
|
e1a10ff954
|
PERF(postgresql): reduce postgresql memory usage
- shared_buffers: 512MB -> 128MB
- effective_cache_size: 1536MB -> 384MB
- memory requests: 512Mi -> 256Mi
- memory limits: 2Gi -> 512Mi
Database size is only 7.5MB, previous settings were excessive.
|
2026-01-05 00:39:12 +09:00 |
|
|
|
3607f521e0
|
CHORE(postgresql): reset PostgreSQL cluster
- Reset cluster with local-path-retain storageClass
- Reconfigure database storage
|
2026-01-05 00:39:12 +09:00 |
|
|
|
0935908d0f
|
REFACTOR(postgresql): migrate PostgreSQL storage
- Migrate to local-path-retain storageClass
- Update storage configuration
|
2026-01-05 00:39:12 +09:00 |
|
|
|
bc8d0dd521
|
REFACTOR(postgresql): change pg anti-affinity
- from hard to soft
- Use podAntiAffinityType: preferred instead of required
- Allows pods to be scheduled on same node if necessary
|
2026-01-05 00:39:12 +09:00 |
|
|
|
196c941db9
|
REVERT(storage): revert storageClass to local-path
- Will patch existing PVs manually
- Revert storage configuration
|
2026-01-05 00:39:12 +09:00 |
|
|
|
2b315deac5
|
FEAT(cnpg): add local-path-retain StorageClass
- for CNPG data protection
|
2026-01-05 00:39:12 +09:00 |
|
|
|
a8e2034766
|
PERF(postgresql): reduce PostgreSQL CPU request from 150m to 30m
- Reduce based on actual usage
- Optimize resource allocation
|
2026-01-05 00:39:12 +09:00 |
|
|
|
e0143b153f
|
FEAT(postgresql): add master node toleration
- to PostgreSQL
- Allows postgresql pods to run on master with NoExecute taint
- Required because PV is on master node
|
2026-01-05 00:39:12 +09:00 |
|
|
|
09e841d025
|
FEAT(authelia): add authelia
- to manually created databases list
|
2026-01-05 00:39:12 +09:00 |
|
|
|
bc3445e170
|
REFACTOR(cnpg): remove managed databases section
- (not supported by CN...
- CNPG operator version doesn't support spec.managed.databases
- authentik database created manually via psql
|
2026-01-05 00:39:12 +09:00 |
|
|
|
72f1ae1e11
|
FEAT(postgresql): add authentik database
- to main pg cluster
- Add managed database 'authentik' owned by 'app' user
- Consolidate from separate authentik-postgres CNPG cluster
|
2026-01-05 00:39:12 +09:00 |
|
|
|
588861a53b
|
REFACTOR(vault): remove Vault database and user
- Vault uses file storage instead
- Remove database dependencies
|
2026-01-05 00:39:12 +09:00 |
|
|
|
75a165b474
|
REFACTOR(postgresql): rename pg-cnpg namespace and folder
- Rename to postgresql
- Standardize naming convention
|
2026-01-05 00:39:12 +09:00 |
|
