forgejo: custom 8Gi ResourceQuota (was pegged at the 4Gi tier cap)
Some checks failed
ci/woodpecker/push/default Pipeline failed
Some checks failed
ci/woodpecker/push/default Pipeline failed
Yesterday's Forgejo 3Gi->4Gi OOM fix pushed its tier-3-edge namespace quota (requests.memory=4Gi) to 100%, firing KubeQuotaAlmostFull + the healthcheck resourcequota check. Forgejo is the git + OCI-registry backbone and legitimately needs ~4Gi, so the edge tier's 4Gi ceiling is too tight. Opt the namespace out of the auto tier quota (resource-governance/custom-quota=true) and define a forgejo-specific ResourceQuota at requests.memory=8Gi, so the 4Gi pod sits at ~50% with headroom. Same opt-out pattern dbaas uses. Re-tiering was rejected: tier 1-cluster is also 4Gi, and 0-core (8Gi) would over-classify Forgejo's priority/eviction. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
Viktor Barzin
parent
72982683bc
commit
a6381b8cf8
1 changed files with 26 additions and 0 deletions
|
|
@ -11,6 +11,12 @@ resource "kubernetes_namespace" "forgejo" {
|
|||
"istio-injection" : "disabled"
|
||||
tier = local.tiers.edge
|
||||
"keel.sh/enrolled" = "true"
|
||||
# Opt out of the auto-generated tier-3-edge ResourceQuota (caps
|
||||
# requests.memory at 4Gi). Forgejo's own pod requests 4Gi (the
|
||||
# git + OCI-registry backbone, Guaranteed QoS), which pegged that
|
||||
# tier quota at 100% and fired KubeQuotaAlmostFull. The
|
||||
# forgejo-specific quota below gives headroom. Same pattern as dbaas.
|
||||
"resource-governance/custom-quota" = "true"
|
||||
}
|
||||
}
|
||||
lifecycle {
|
||||
|
|
@ -19,6 +25,26 @@ resource "kubernetes_namespace" "forgejo" {
|
|||
}
|
||||
}
|
||||
|
||||
# Custom ResourceQuota — replaces the tier-3-edge auto quota (opted out via the
|
||||
# resource-governance/custom-quota label above). requests.memory is 8Gi so the
|
||||
# 4Gi Forgejo pod sits at ~50% (clears KubeQuotaAlmostFull + the healthcheck
|
||||
# resourcequota check) with room for a transient migration/sidecar pod. To
|
||||
# raise Forgejo's memory limit past 4Gi later, bump requests.memory here too.
|
||||
resource "kubernetes_resource_quota" "forgejo" {
|
||||
metadata {
|
||||
name = "forgejo-quota"
|
||||
namespace = kubernetes_namespace.forgejo.metadata[0].name
|
||||
}
|
||||
spec {
|
||||
hard = {
|
||||
"requests.cpu" = "4"
|
||||
"requests.memory" = "8Gi"
|
||||
"limits.memory" = "32Gi"
|
||||
pods = "30"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
module "tls_secret" {
|
||||
source = "../../modules/kubernetes/setup_tls_secret"
|
||||
namespace = kubernetes_namespace.forgejo.metadata[0].name
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue