viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[ci skip] tune resource limits and requests across 10 services

Browse source 
Critical OOM fixes (add/increase limits):
- netbox: add 512Mi limit (was at 98.8% of Kyverno default 256Mi)
- speedtest: add 512Mi limit (was at 80.9%)
- meshcentral: add 384Mi limit (was at 72.7%)
- ytdlp: uncomment resources, set 512Mi limit (was at 74.6%)

Over-provisioned (reduce limits):
- dashy: 2Gi → 512Mi (was using 135Mi)
- redis master: 2Gi → 256Mi (was using 14Mi)
- redis replica: 1Gi → 256Mi (was using 12Mi)
- resume printer: 2Gi → 512Mi (was using 108Mi)
- resume app: 1Gi → 384Mi (was using 125Mi)
- openclaw: 4Gi → 1Gi (was using 372Mi)

Under-provisioned requests (increase):
- authentik server: 256Mi → 512Mi request (actual ~560Mi)
- authentik worker: 256Mi → 384Mi request (actual ~400Mi)

New explicit resources (previously Kyverno defaults):
- forgejo: add 512Mi limit, 64Mi request
This commit is contained in:
Viktor Barzin 2026-02-28 21:59:08 +00:00
parent ac482b5324
commit f64c979ba5
10 changed files with 80 additions and 40 deletions
Download patch file Download diff file Expand all files Collapse all files

8
stacks/dashy/main.tf
View file

@ -67,12 +67,12 @@ resource "kubernetes_deployment" "dashy" {
resources {
requests = {
cpu = "50m"
memory = "256Mi"
cpu = "15m"
memory = "64Mi"
}
limits = {
cpu = "1"
memory = "2Gi"
cpu = "500m"
memory = "512Mi"
}
}
port {

10
stacks/forgejo/main.tf
View file

@ -59,6 +59,16 @@ resource "kubernetes_deployment" "forgejo" {
name = "data"
mount_path = "/data"
}
resources {
requests = {
cpu = "15m"
memory = "64Mi"
}
limits = {
cpu = "500m"
memory = "512Mi"
}
}
port {
name = "http"
container_port = 3000

10
stacks/meshcentral/main.tf
View file

@ -89,6 +89,16 @@ resource "kubernetes_deployment" "meshcentral" {
name = "files"
mount_path = "/opt/meshcentral/meshcentral-files"
}
resources {
requests = {
cpu = "15m"
memory = "64Mi"
}
limits = {
cpu = "500m"
memory = "384Mi"
}
}
volume_mount {
name = "backups"
mount_path = "/opt/meshcentral/meshcentral-backups"

10
stacks/netbox/main.tf
View file

@ -131,6 +131,16 @@ resource "kubernetes_deployment" "netbox" {
value = "Europe/Sofia"
}
resources {
requests = {
cpu = "25m"
memory = "64Mi"
}
limits = {
cpu = "1"
memory = "512Mi"
}
}
port {
container_port = 8080
}

4
stacks/openclaw/main.tf
View file

@ -403,10 +403,10 @@ resource "kubernetes_deployment" "openclaw" {
}
resources {
limits = {
memory = "4Gi"
memory = "1Gi"
}
requests = {
memory = "256Mi"
memory = "64Mi"
}
}
}

4
stacks/platform/modules/authentik/values.yaml
View file

@ -20,7 +20,7 @@ server:
resources:
requests:
cpu: 100m
memory: 256Mi
memory: 512Mi
limits:
cpu: "2"
memory: 1Gi
@ -39,7 +39,7 @@ worker:
resources:
requests:
cpu: 50m
memory: 256Mi
memory: 384Mi
limits:
cpu: "1"
memory: 1Gi

22
stacks/platform/modules/redis/main.tf
View file

@ -40,10 +40,10 @@ resource "helm_release" "redis" {
}
sentinel = {
enabled = true
quorum = 2
masterSet = "mymaster"
automateCluster = true
enabled = true
quorum = 2
masterSet = "mymaster"
automateCluster = true
resources = {
requests = {
@ -66,12 +66,12 @@ resource "helm_release" "redis" {
resources = {
requests = {
cpu = "200m"
memory = "512Mi"
cpu = "100m"
memory = "64Mi"
}
limits = {
cpu = "1"
memory = "2Gi"
cpu = "500m"
memory = "256Mi"
}
}
}
@ -87,12 +87,12 @@ resource "helm_release" "redis" {
resources = {
requests = {
cpu = "100m"
memory = "256Mi"
cpu = "50m"
memory = "64Mi"
}
limits = {
cpu = "500m"
memory = "1Gi"
memory = "256Mi"
}
}
}

16
stacks/resume/main.tf
View file

@ -73,12 +73,12 @@ resource "kubernetes_deployment" "printer" {
resources {
requests = {
memory = "256Mi"
cpu = "100m"
memory = "128Mi"
cpu = "50m"
}
limits = {
memory = "2Gi"
cpu = "2"
memory = "512Mi"
cpu = "1"
}
}
@ -221,12 +221,12 @@ resource "kubernetes_deployment" "resume" {
resources {
requests = {
memory = "256Mi"
cpu = "100m"
memory = "128Mi"
cpu = "25m"
}
limits = {
memory = "1Gi"
cpu = "1"
memory = "384Mi"
cpu = "500m"
}
}

10
stacks/speedtest/main.tf
View file

@ -101,6 +101,16 @@ resource "kubernetes_deployment" "speedtest" {
name = "APP_TIMEZONE"
value = "Europe/Sofia"
}
resources {
requests = {
cpu = "25m"
memory = "64Mi"
}
limits = {
cpu = "500m"
memory = "512Mi"
}
}
volume_mount {
name = "config"
mount_path = "/config"

26
stacks/ytdlp/main.tf
View file

@ -56,16 +56,16 @@ resource "kubernetes_deployment" "ytdlp" {
container {
image = "tzahi12345/youtubedl-material:nightly"
name = "ytdlp"
# resources {
# limits = {
# cpu = "1"
# memory = "1Gi"
# }
# requests = {
# cpu = "1"
# memory = "1Gi"
# }
# }
resources {
requests = {
cpu = "25m"
memory = "128Mi"
}
limits = {
cpu = "500m"
memory = "512Mi"
}
}
port {
container_port = 17442
}
@ -190,9 +190,9 @@ resource "kubernetes_deployment" "yt_highlights" {
"gpu" : "true"
}
toleration {
key = "nvidia.com/gpu"
value = "true"
effect = "NoSchedule"
key = "nvidia.com/gpu"
value = "true"
effect = "NoSchedule"
}
container {
name = "yt-highlights"