viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

right-size memory: set requests=limits based on actual usage

Browse source 
- Set memory requests = limits across 56 stacks to prevent overcommit
- Right-sized limits based on actual pod usage (2x actual, rounded up)
- Scaled down trading-bot (replicas=0) to free memory
- Fixed OOMKilled services: forgejo, dawarich, health, meshcentral,
  paperless-ngx, vault auto-unseal, rybbit, whisper, openclaw, clickhouse
- Added startup+liveness probes to calibre-web
- Bumped inotify limits on nodes 2,3 (max_user_instances 128->8192)

Post node2 OOM incident (2026-03-14). Previous kubelet config had no
kubeReserved/systemReserved set, allowing pods to starve the kernel.
This commit is contained in:
Viktor Barzin 2026-03-14 21:01:24 +00:00
parent 2c296d4d7c
commit f7c2c06009
58 changed files with 123 additions and 121 deletions
Download patch file Download diff file Expand all files Collapse all files

4
stacks/affine/main.tf
View file

@ -144,7 +144,7 @@ resource "kubernetes_deployment" "affine" {
memory = "256Mi"
}
limits = {
memory = "512Mi"
memory = "256Mi"
}
}
}
@ -182,7 +182,7 @@ resource "kubernetes_deployment" "affine" {
cpu = "50m"
}
limits = {
memory = "512Mi"
memory = "256Mi"
}
}

2
stacks/audiobookshelf/main.tf
View file

@ -139,7 +139,7 @@ resource "kubernetes_deployment" "audiobookshelf" {
memory = "64Mi"
}
limits = {
memory = "512Mi"
memory = "64Mi"
}
}
}

4
stacks/blog/main.tf
View file

@ -48,11 +48,11 @@ resource "kubernetes_deployment" "blog" {
name = "blog"
resources {
limits = {
memory = "256Mi"
memory = "64Mi"
}
requests = {
cpu = "10m"
memory = "32Mi"
memory = "64Mi"
}
}
port {

10
stacks/calibre/main.tf
View file

@ -205,9 +205,9 @@ resource "kubernetes_deployment" "calibre-web-automated" {
path = "/"
port = 8083
}
initial_delay_seconds = 30
period_seconds = 10
failure_threshold = 54
initial_delay_seconds = 60
period_seconds = 15
failure_threshold = 56
}
liveness_probe {
http_get {
@ -220,7 +220,7 @@ resource "kubernetes_deployment" "calibre-web-automated" {
resources {
requests = {
cpu = "50m"
memory = "256Mi"
memory = "512Mi"
}
limits = {
memory = "512Mi"
@ -338,7 +338,7 @@ resource "kubernetes_deployment" "annas-archive-stacks" {
resources {
requests = {
cpu = "10m"
memory = "192Mi"
memory = "384Mi"
}
limits = {
memory = "384Mi"

4
stacks/changedetection/main.tf
View file

@ -83,7 +83,7 @@ resource "kubernetes_deployment" "changedetection" {
memory = "128Mi"
}
limits = {
memory = "512Mi"
memory = "128Mi"
}
}
}
@ -122,7 +122,7 @@ resource "kubernetes_deployment" "changedetection" {
memory = "64Mi"
}
limits = {
memory = "256Mi"
memory = "64Mi"
}
}
}

4
stacks/city-guesser/main.tf
View file

@ -48,11 +48,11 @@ resource "kubernetes_deployment" "city-guesser" {
name = "city-guesser"
resources {
limits = {
memory = "256Mi"
memory = "64Mi"
}
requests = {
cpu = "10m"
memory = "32Mi"
memory = "64Mi"
}
}
port {

4
stacks/claude-memory/main.tf
View file

@ -145,11 +145,11 @@ resource "kubernetes_deployment" "claude-memory" {
resources {
requests = {
memory = "32Mi"
memory = "64Mi"
cpu = "10m"
}
limits = {
memory = "128Mi"
memory = "64Mi"
}
}
}

4
stacks/coturn/main.tf
View file

@ -135,10 +135,10 @@ resource "kubernetes_deployment" "coturn" {
resources {
requests = {
cpu = "10m"
memory = "32Mi"
memory = "64Mi"
}
limits = {
memory = "128Mi"
memory = "64Mi"
}
}
}

4
stacks/cyberchef/main.tf
View file

@ -58,10 +58,10 @@ resource "kubernetes_deployment" "cyberchef" {
resources {
requests = {
cpu = "10m"
memory = "32Mi"
memory = "64Mi"
}
limits = {
memory = "128Mi"
memory = "64Mi"
}
}
}

2
stacks/dashy/main.tf
View file

@ -71,7 +71,7 @@ resource "kubernetes_deployment" "dashy" {
resources {
requests = {
cpu = "250m"
memory = "512Mi"
memory = "1Gi"
}
limits = {
memory = "1Gi"

4
stacks/dawarich/main.tf
View file

@ -148,10 +148,10 @@ resource "kubernetes_deployment" "dawarich" {
resources {
requests = {
cpu = "15m"
memory = "256Mi"
memory = "512Mi"
}
limits = {
memory = "1Gi"
memory = "512Mi"
}
}
}

4
stacks/diun/main.tf
View file

@ -179,10 +179,10 @@ resource "kubernetes_deployment" "diun" {
resources {
requests = {
cpu = "10m"
memory = "32Mi"
memory = "64Mi"
}
limits = {
memory = "128Mi"
memory = "64Mi"
}
}
}

2
stacks/echo/main.tf
View file

@ -55,7 +55,7 @@ resource "kubernetes_deployment" "echo" {
resources {
requests = {
cpu = "10m"
memory = "32Mi"
memory = "128Mi"
}
limits = {
memory = "128Mi"

2
stacks/excalidraw/main.tf
View file

@ -79,7 +79,7 @@ resource "kubernetes_deployment" "excalidraw" {
resources {
requests = {
cpu = "10m"
memory = "16Mi"
memory = "64Mi"
}
limits = {
memory = "64Mi"

2
stacks/f1-stream/main.tf
View file

@ -62,7 +62,7 @@ resource "kubernetes_deployment" "f1-stream" {
}
requests = {
cpu = "25m"
memory = "64Mi"
memory = "256Mi"
}
}
port {

4
stacks/forgejo/main.tf
View file

@ -100,10 +100,10 @@ resource "kubernetes_deployment" "forgejo" {
resources {
requests = {
cpu = "15m"
memory = "64Mi"
memory = "256Mi"
}
limits = {
memory = "512Mi"
memory = "256Mi"
}
}
port {

2
stacks/freshrss/main.tf
View file

@ -108,7 +108,7 @@ resource "kubernetes_deployment" "freshrss" {
memory = "64Mi"
}
limits = {
memory = "256Mi"
memory = "64Mi"
}
}
}

2
stacks/frigate/main.tf
View file

@ -89,7 +89,7 @@ resource "kubernetes_deployment" "frigate" {
memory = "2Gi"
}
limits = {
memory = "8Gi"
memory = "8Gi"
"nvidia.com/gpu" = "1"
}
}

4
stacks/grampsweb/main.tf
View file

@ -202,7 +202,7 @@ resource "kubernetes_deployment" "grampsweb" {
memory = "512Mi"
}
limits = {
memory = "2Gi"
memory = "512Mi"
}
}
}
@ -267,7 +267,7 @@ resource "kubernetes_deployment" "grampsweb" {
memory = "256Mi"
}
limits = {
memory = "1Gi"
memory = "256Mi"
}
}
}

2
stacks/hackmd/main.tf
View file

@ -125,7 +125,7 @@ resource "kubernetes_deployment" "hackmd" {
memory = "64Mi"
}
limits = {
memory = "512Mi"
memory = "64Mi"
}
}
}

4
stacks/health/main.tf
View file

@ -96,11 +96,11 @@ resource "kubernetes_deployment" "health" {
resources {
requests = {
memory = "64Mi"
memory = "128Mi"
cpu = "15m"
}
limits = {
memory = "256Mi"
memory = "128Mi"
}
}
}

2
stacks/homepage/main.tf
View file

@ -96,7 +96,7 @@ resource "kubernetes_deployment" "cache_proxy" {
container_port = 80
}
resources {
requests = { cpu = "10m", memory = "16Mi" }
requests = { cpu = "10m", memory = "64Mi" }
limits = { memory = "64Mi" }
}
volume_mount {

4
stacks/immich/main.tf
View file

@ -513,10 +513,10 @@ resource "kubernetes_deployment" "immich-machine-learning" {
resources {
requests = {
cpu = "100m"
memory = "1Gi"
memory = "2Gi"
}
limits = {
memory = "4Gi"
memory = "2Gi"
"nvidia.com/gpu" = "1"
}
}

4
stacks/isponsorblocktv/main.tf
View file

@ -54,10 +54,10 @@ resource "kubernetes_deployment" "isponsorblocktv-vermont" {
resources {
requests = {
cpu = "10m"
memory = "32Mi"
memory = "64Mi"
}
limits = {
memory = "256Mi"
memory = "64Mi"
}
}
}

6
stacks/kms/main.tf
View file

@ -65,7 +65,7 @@ resource "kubernetes_deployment" "kms-web-page" {
}
requests = {
cpu = "10m"
memory = "16Mi"
memory = "64Mi"
}
}
port {
@ -157,11 +157,11 @@ resource "kubernetes_deployment" "windows_kms" {
name = "windows-kms"
resources {
limits = {
memory = "128Mi"
memory = "64Mi"
}
requests = {
cpu = "10m"
memory = "32Mi"
memory = "64Mi"
}
}
port {

4
stacks/meshcentral/main.tf
View file

@ -119,10 +119,10 @@ resource "kubernetes_deployment" "meshcentral" {
resources {
requests = {
cpu = "15m"
memory = "64Mi"
memory = "256Mi"
}
limits = {
memory = "512Mi"
memory = "256Mi"
}
}
volume_mount {

2
stacks/navidrome/main.tf
View file

@ -107,7 +107,7 @@ resource "kubernetes_deployment" "navidrome" {
memory = "64Mi"
}
limits = {
memory = "384Mi"
memory = "64Mi"
}
}
}

2
stacks/netbox/main.tf
View file

@ -143,7 +143,7 @@ resource "kubernetes_deployment" "netbox" {
memory = "256Mi"
}
limits = {
memory = "1Gi"
memory = "256Mi"
}
}
port {

2
stacks/networking-toolbox/main.tf
View file

@ -52,7 +52,7 @@ resource "kubernetes_deployment" "networking-toolbox" {
resources {
requests = {
cpu = "10m"
memory = "32Mi"
memory = "128Mi"
}
limits = {
memory = "128Mi"

2
stacks/novelapp/main.tf
View file

@ -73,7 +73,7 @@ resource "kubernetes_deployment" "novelapp" {
}
}
container {
image = "viktorbarzin/novelapp:1"
image = "mghee/novelapp:latest"
name = "novelapp"
image_pull_policy = "Always"
env {

4
stacks/ntfy/main.tf
View file

@ -121,10 +121,10 @@ resource "kubernetes_deployment" "ntfy" {
resources {
requests = {
cpu = "10m"
memory = "32Mi"
memory = "64Mi"
}
limits = {
memory = "128Mi"
memory = "64Mi"
}
}
}

2
stacks/ollama/main.tf
View file

@ -271,7 +271,7 @@ resource "kubernetes_deployment" "ollama-ui" {
memory = "256Mi"
}
limits = {
memory = "1536Mi"
memory = "256Mi"
}
}
}

4
stacks/onlyoffice/main.tf
View file

@ -103,10 +103,10 @@ resource "kubernetes_deployment" "onlyoffice-document-server" {
resources {
requests = {
cpu = "100m"
memory = "512Mi"
memory = "3Gi"
}
limits = {
memory = "4Gi"
memory = "3Gi"
}
}
port {

12
stacks/openclaw/main.tf
View file

@ -603,7 +603,7 @@ resource "kubernetes_deployment" "openclaw" {
}
requests = {
cpu = "100m"
memory = "512Mi"
memory = "1536Mi"
}
}
}
@ -640,11 +640,11 @@ resource "kubernetes_deployment" "openclaw" {
}
resources {
limits = {
memory = "512Mi"
memory = "256Mi"
}
requests = {
cpu = "25m"
memory = "64Mi"
memory = "256Mi"
}
}
}
@ -879,7 +879,7 @@ resource "kubernetes_deployment" "task_webhook" {
resources {
requests = {
cpu = "5m"
memory = "32Mi"
memory = "64Mi"
}
limits = {
memory = "64Mi"
@ -1023,7 +1023,7 @@ resource "kubernetes_cron_job_v1" "cluster_healthcheck" {
memory = "64Mi"
}
limits = {
memory = "128Mi"
memory = "64Mi"
}
}
}
@ -1104,7 +1104,7 @@ resource "kubernetes_cron_job_v1" "task_processor" {
memory = "64Mi"
}
limits = {
memory = "128Mi"
memory = "64Mi"
}
}
}

6
stacks/osm_routing/main.tf
View file

@ -94,7 +94,7 @@ resource "kubernetes_deployment" "osrm-foot" {
memory = "256Mi"
}
limits = {
memory = "1Gi"
memory = "256Mi"
}
}
}
@ -174,7 +174,7 @@ resource "kubernetes_deployment" "osrm-bicycle" {
memory = "256Mi"
}
limits = {
memory = "1Gi"
memory = "256Mi"
}
}
}
@ -258,7 +258,7 @@ resource "kubernetes_deployment" "otp" {
memory = "2Gi"
}
limits = {
memory = "4Gi"
memory = "2Gi"
}
}
}

2
stacks/owntracks/main.tf
View file

@ -116,7 +116,7 @@ resource "kubernetes_deployment" "owntracks" {
resources {
requests = {
cpu = "10m"
memory = "16Mi"
memory = "64Mi"
}
limits = {
memory = "64Mi"

4
stacks/paperless-ngx/main.tf
View file

@ -131,10 +131,10 @@ resource "kubernetes_deployment" "paperless-ngx" {
resources {
requests = {
cpu = "50m"
memory = "512Mi"
memory = "1Gi"
}
limits = {
memory = "2Gi"
memory = "1Gi"
}
}

4
stacks/plotting-book/main.tf
View file

@ -119,11 +119,11 @@ resource "kubernetes_deployment" "plotting-book" {
}
resources {
requests = {
memory = "32Mi"
memory = "64Mi"
cpu = "10m"
}
limits = {
memory = "256Mi"
memory = "64Mi"
}
}
}

4
stacks/poison-fountain/main.tf
View file

@ -151,10 +151,10 @@ resource "kubernetes_deployment" "poison_fountain" {
resources {
requests = {
cpu = "10m"
memory = "32Mi"
memory = "64Mi"
}
limits = {
memory = "128Mi"
memory = "64Mi"
}
}
}

4
stacks/privatebin/main.tf
View file

@ -70,10 +70,10 @@ resource "kubernetes_deployment" "privatebin" {
resources {
requests = {
cpu = "10m"
memory = "32Mi"
memory = "64Mi"
}
limits = {
memory = "256Mi"
memory = "64Mi"
}
}
}

6
stacks/real-estate-crawler/main.tf
View file

@ -213,7 +213,7 @@ resource "kubernetes_deployment" "realestate-crawler-api" {
memory = "64Mi"
}
limits = {
memory = "512Mi"
memory = "64Mi"
}
}
volume_mount {
@ -329,7 +329,7 @@ resource "kubernetes_deployment" "realestate-crawler-celery" {
memory = "512Mi"
}
limits = {
memory = "3Gi"
memory = "512Mi"
}
}
port {
@ -439,7 +439,7 @@ resource "kubernetes_deployment" "realestate-crawler-celery-beat" {
resources {
requests = {
cpu = "10m"
memory = "64Mi"
memory = "256Mi"
}
limits = {
memory = "256Mi"

4
stacks/resume/main.tf
View file

@ -83,7 +83,7 @@ resource "kubernetes_deployment" "printer" {
cpu = "25m"
}
limits = {
memory = "1536Mi"
memory = "128Mi"
}
}
@ -238,7 +238,7 @@ resource "kubernetes_deployment" "resume" {
cpu = "15m"
}
limits = {
memory = "384Mi"
memory = "64Mi"
}
}

12
stacks/rybbit/main.tf
View file

@ -112,10 +112,10 @@ resource "kubernetes_deployment" "clickhouse" {
resources {
requests = {
cpu = "500m"
memory = "512Mi"
memory = "1Gi"
}
limits = {
memory = "2Gi"
memory = "1Gi"
}
}
}
@ -302,10 +302,10 @@ resource "kubernetes_deployment" "rybbit" {
resources {
requests = {
cpu = "25m"
memory = "128Mi"
memory = "1Gi"
}
limits = {
memory = "512Mi"
memory = "1Gi"
}
}
}
@ -397,10 +397,10 @@ resource "kubernetes_deployment" "rybbit-client" {
resources {
requests = {
cpu = "10m"
memory = "64Mi"
memory = "192Mi"
}
limits = {
memory = "256Mi"
memory = "192Mi"
}
}
}

4
stacks/send/main.tf
View file

@ -103,10 +103,10 @@ resource "kubernetes_deployment" "send" {
resources {
requests = {
cpu = "10m"
memory = "32Mi"
memory = "64Mi"
}
limits = {
memory = "256Mi"
memory = "64Mi"
}
}
}

2
stacks/shadowsocks/main.tf
View file

@ -69,7 +69,7 @@ resource "kubernetes_deployment" "shadowsocks" {
resources {
requests = {
cpu = "10m"
memory = "16Mi"
memory = "64Mi"
}
limits = {
memory = "64Mi"

2
stacks/speedtest/main.tf
View file

@ -121,7 +121,7 @@ resource "kubernetes_deployment" "speedtest" {
memory = "128Mi"
}
limits = {
memory = "512Mi"
memory = "128Mi"
}
}
volume_mount {

4
stacks/stirling-pdf/main.tf
View file

@ -58,10 +58,10 @@ resource "kubernetes_deployment" "stirling-pdf" {
resources {
requests = {
cpu = "25m"
memory = "512Mi"
memory = "1536Mi"
}
limits = {
memory = "2Gi"
memory = "1536Mi"
}
}

2
stacks/tandoor/main.tf
View file

@ -158,7 +158,7 @@ resource "kubernetes_deployment" "tandoor" {
memory = "256Mi"
}
limits = {
memory = "1536Mi"
memory = "256Mi"
}
}
}

4
stacks/tor-proxy/main.tf
View file

@ -83,7 +83,7 @@ resource "kubernetes_deployment" "tor-proxy" {
memory = "64Mi"
}
limits = {
memory = "256Mi"
memory = "64Mi"
}
}
# volume_mount {
@ -177,7 +177,7 @@ resource "kubernetes_deployment" "torrserver" {
memory = "256Mi"
}
limits = {
memory = "1Gi"
memory = "256Mi"
}
}
readiness_probe {

24
stacks/trading-bot/main.tf
View file

@ -145,7 +145,8 @@ resource "kubernetes_deployment" "trading-bot-frontend" {
}
}
spec {
replicas = 1
# Disabled: reduce cluster memory pressure (2026-03-14 OOM incident)
replicas = 0
strategy {
type = "RollingUpdate"
rolling_update {
@ -176,10 +177,10 @@ resource "kubernetes_deployment" "trading-bot-frontend" {
resources {
requests = {
cpu = "10m"
memory = "32Mi"
memory = "64Mi"
}
limits = {
memory = "128Mi"
memory = "64Mi"
}
}
}
@ -205,7 +206,7 @@ resource "kubernetes_deployment" "trading-bot-frontend" {
memory = "128Mi"
}
limits = {
memory = "512Mi"
memory = "128Mi"
}
}
}
@ -232,7 +233,8 @@ resource "kubernetes_deployment" "trading-bot-workers" {
}
}
spec {
replicas = 1
# Disabled: reduce cluster memory pressure (2026-03-14 OOM incident)
replicas = 0
strategy {
type = "Recreate"
}
@ -270,7 +272,7 @@ resource "kubernetes_deployment" "trading-bot-workers" {
memory = "64Mi"
}
limits = {
memory = "256Mi"
memory = "64Mi"
}
}
}
@ -296,7 +298,7 @@ resource "kubernetes_deployment" "trading-bot-workers" {
memory = "512Mi"
}
limits = {
memory = "2Gi"
memory = "512Mi"
}
}
}
@ -322,7 +324,7 @@ resource "kubernetes_deployment" "trading-bot-workers" {
memory = "64Mi"
}
limits = {
memory = "256Mi"
memory = "64Mi"
}
}
}
@ -348,7 +350,7 @@ resource "kubernetes_deployment" "trading-bot-workers" {
memory = "64Mi"
}
limits = {
memory = "256Mi"
memory = "64Mi"
}
}
}
@ -374,7 +376,7 @@ resource "kubernetes_deployment" "trading-bot-workers" {
memory = "64Mi"
}
limits = {
memory = "256Mi"
memory = "64Mi"
}
}
}
@ -400,7 +402,7 @@ resource "kubernetes_deployment" "trading-bot-workers" {
memory = "64Mi"
}
limits = {
memory = "256Mi"
memory = "64Mi"
}
}
}

4
stacks/travel_blog/main.tf
View file

@ -48,11 +48,11 @@ resource "kubernetes_deployment" "blog" {
name = "travel-blog"
resources {
limits = {
memory = "256Mi"
memory = "64Mi"
}
requests = {
cpu = "10m"
memory = "32Mi"
memory = "64Mi"
}
}
port {

2
stacks/tuya-bridge/main.tf
View file

@ -72,7 +72,7 @@ resource "kubernetes_deployment" "tuya-bridge" {
resources {
requests = {
cpu = "10m"
memory = "32Mi"
memory = "256Mi"
}
limits = {
memory = "256Mi"

6
stacks/url/main.tf
View file

@ -145,7 +145,7 @@ resource "kubernetes_deployment" "shlink" {
}
requests = {
cpu = "25m"
memory = "128Mi"
memory = "512Mi"
}
}
port {
@ -275,11 +275,11 @@ resource "kubernetes_deployment" "shlink-web" {
}
resources {
limits = {
memory = "512Mi"
memory = "64Mi"
}
requests = {
cpu = "10m"
memory = "50Mi"
memory = "64Mi"
}
}
port {

4
stacks/vault/main.tf
View file

@ -130,8 +130,8 @@ resource "helm_release" "vault" {
readOnly = true
}]
resources = {
requests = { cpu = "10m", memory = "32Mi" }
limits = { memory = "64Mi" }
requests = { cpu = "10m", memory = "128Mi" }
limits = { memory = "128Mi" }
}
}]
}

4
stacks/wealthfolio/main.tf
View file

@ -105,10 +105,10 @@ resource "kubernetes_deployment" "wealthfolio" {
resources {
requests = {
cpu = "10m"
memory = "32Mi"
memory = "64Mi"
}
limits = {
memory = "128Mi"
memory = "64Mi"
}
}
}

4
stacks/webhook_handler/main.tf
View file

@ -110,11 +110,11 @@ resource "kubernetes_deployment" "webhook_handler" {
name = "webhook-handler"
resources {
limits = {
memory = "256Mi"
memory = "64Mi"
}
requests = {
cpu = "10m"
memory = "32Mi"
memory = "64Mi"
}
}
port {

6
stacks/whisper/main.tf
View file

@ -81,10 +81,10 @@ resource "kubernetes_deployment" "whisper" {
resources {
requests = {
cpu = "25m"
memory = "256Mi"
memory = "1Gi"
}
limits = {
memory = "1536Mi"
memory = "1Gi"
}
}
}
@ -202,7 +202,7 @@ resource "kubernetes_deployment" "piper" {
memory = "64Mi"
}
limits = {
memory = "512Mi"
memory = "64Mi"
}
}
}

2
stacks/ytdlp/main.tf
View file

@ -81,7 +81,7 @@ resource "kubernetes_deployment" "ytdlp" {
resources {
requests = {
cpu = "25m"
memory = "128Mi"
memory = "512Mi"
}
limits = {
memory = "512Mi"