Mayne0213
35df7aa64e
- CPU throttling prevents app startup, not crashes - Memory OOM is the real cascading failure cause - CPU request ensures fair scheduling
112 lines
2.5 KiB
YAML
112 lines
2.5 KiB
YAML
# Velero Helm Values
|
|
# Chart: https://github.com/vmware-tanzu/helm-charts/tree/main/charts/velero
|
|
|
|
# Skip CRD upgrade job (avoids kubectl image dependency)
|
|
upgradeCRDs: false
|
|
|
|
# Image configuration
|
|
image:
|
|
repository: velero/velero
|
|
tag: v1.17.1
|
|
pullPolicy: IfNotPresent
|
|
|
|
# Resource requests
|
|
resources:
|
|
requests:
|
|
cpu: 50m
|
|
memory: 128Mi
|
|
limits:
|
|
memory: 192Mi
|
|
|
|
# Init containers for plugins
|
|
initContainers:
|
|
# AWS plugin for S3-compatible storage (Minio)
|
|
- name: velero-plugin-for-aws
|
|
image: velero/velero-plugin-for-aws:v1.13.1
|
|
volumeMounts:
|
|
- mountPath: /target
|
|
name: plugins
|
|
|
|
# Deploy node-agent for file-system backups
|
|
deployNodeAgent: true
|
|
|
|
# Node agent configuration
|
|
nodeAgent:
|
|
podVolumePath: /var/lib/kubelet/pods
|
|
privileged: false
|
|
resources:
|
|
requests:
|
|
cpu: 30m # Reduced to 30m to fit on mayne-worker-2 (99% CPU usage)
|
|
memory: 256Mi
|
|
limits:
|
|
# cpu: removed to prevent throttling
|
|
memory: 1Gi
|
|
|
|
# Configuration for backup storage
|
|
configuration:
|
|
# Use existing BackupStorageLocation and VolumeSnapshotLocation
|
|
backupStorageLocation:
|
|
- name: default
|
|
provider: aws
|
|
bucket: velero-backups
|
|
config:
|
|
region: minio
|
|
s3ForcePathStyle: "true"
|
|
s3Url: http://minio.minio.svc.cluster.local:9000
|
|
publicUrl: https://s3.minio0213.kro.kr
|
|
|
|
volumeSnapshotLocation:
|
|
- name: default
|
|
provider: aws
|
|
config:
|
|
region: minio
|
|
|
|
# Default backup retention
|
|
defaultBackupTTL: 168h # 7 days (reduced for storage efficiency)
|
|
|
|
# Enable file-system backup by default for all PVs
|
|
defaultVolumesToFsBackup: true
|
|
|
|
# Restore only mode (for disaster recovery)
|
|
restoreOnlyMode: false
|
|
|
|
# Disable BackupStorageLocation validation (user only uses manual backups)
|
|
# This prevents status updates that trigger ArgoCD refreshes
|
|
storeValidationFrequency: 0s
|
|
|
|
# Disable backup-sync controller (user only uses manual backups)
|
|
# This prevents lastSyncedTime updates that trigger ArgoCD refreshes
|
|
disableControllers: backup-sync
|
|
|
|
# Credentials for S3 access (from Vault via External Secrets)
|
|
credentials:
|
|
useSecret: true
|
|
existingSecret: velero-s3-credentials
|
|
secretContents: {}
|
|
|
|
# Metrics
|
|
metrics:
|
|
enabled: true
|
|
serviceMonitor:
|
|
enabled: true
|
|
prometheusRule:
|
|
enabled: false
|
|
|
|
# RBAC
|
|
serviceAccount:
|
|
server:
|
|
create: true
|
|
name: velero
|
|
|
|
rbac:
|
|
create: true
|
|
|
|
# Node selector (optional)
|
|
nodeSelector: {}
|
|
|
|
# Tolerations (optional)
|
|
tolerations: []
|
|
|
|
# Affinity (optional)
|
|
affinity: {}
|