diff --git a/phoenix b/phoenix deleted file mode 160000 index 5f2e821..0000000 --- a/phoenix +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 5f2e821a83b0ce55033da75452e06f8298e26a1e diff --git a/phoenix/configmap.yaml b/phoenix/configmap.yaml new file mode 100644 index 0000000..162d685 --- /dev/null +++ b/phoenix/configmap.yaml @@ -0,0 +1,36 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: phoenix-config + namespace: phoenix +data: + # Phoenix Server Configuration + PHOENIX_PORT: "6006" + PHOENIX_HOST: "::" + PHOENIX_WORKING_DIR: "/mnt/data" + + # Database Configuration + PHOENIX_SQL_DATABASE_URL: "postgresql://postgres:postgres@postgres:5432/postgres" + + # OTLP Configuration + PHOENIX_GRPC_PORT: "4317" + + # Prometheus Metrics + PHOENIX_ENABLE_PROMETHEUS: "true" + + # Server Limits + PHOENIX_SERVER_MAX_SPANS_QUEUE_SIZE: "20000" + + # Optional: Enable authentication (uncomment to enable) + # PHOENIX_ENABLE_AUTH: "true" + + # Optional: OIDC Configuration (uncomment and configure as needed) + # PHOENIX_OAUTH2_DEV_CLIENT_ID: "" + # PHOENIX_OAUTH2_DEV_OIDC_CONFIG_URL: "" + # PHOENIX_OAUTH2_DEV_DISPLAY_NAME: "OAuth Login" + + # Optional: SMTP Configuration (uncomment and configure as needed) + # PHOENIX_SMTP_HOSTNAME: "" + # PHOENIX_SMTP_PORT: "587" + # PHOENIX_SMTP_USERNAME: "" + # PHOENIX_FROM_EMAIL_ADDRESS: "" diff --git a/phoenix/ingress.yaml b/phoenix/ingress.yaml new file mode 100644 index 0000000..4952ad1 --- /dev/null +++ b/phoenix/ingress.yaml @@ -0,0 +1,31 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: phoenix-ingress + namespace: phoenix + annotations: + # Use Traefik as the ingress controller (default in k3s) + kubernetes.io/ingress.class: "traefik" + # Enable SSL redirect + traefik.ingress.kubernetes.io/redirect-entry-point: https + # Optional: enable compression + traefik.ingress.kubernetes.io/compress: "true" + cert-manager.io/issuer: prod-issuer + cert-manager.io/issuer-kind: OriginIssuer + cert-manager.io/issuer-group: cert-manager.k8s.cloudflare.com +spec: + tls: + - hosts: + - "*.rogi.casa" + secretName: rogicasa-tls + rules: + - host: phoenix.rogi.casa + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: phoenix + port: + number: 6006 diff --git a/phoenix/namespace.yaml b/phoenix/namespace.yaml new file mode 100644 index 0000000..16e3b5a --- /dev/null +++ b/phoenix/namespace.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: phoenix + labels: + name: phoenix diff --git a/phoenix/phoenix-statefulset.yaml b/phoenix/phoenix-statefulset.yaml new file mode 100644 index 0000000..45e88f9 --- /dev/null +++ b/phoenix/phoenix-statefulset.yaml @@ -0,0 +1,120 @@ +apiVersion: v1 +kind: Service +metadata: + name: phoenix + namespace: phoenix + labels: + app: phoenix + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "9090" + prometheus.io/path: "/metrics" +spec: + type: ClusterIP + ports: + - port: 6006 + targetPort: 6006 + name: http + - port: 4317 + targetPort: 4317 + name: grpc + - port: 9090 + targetPort: 9090 + name: metrics + selector: + app: phoenix +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: phoenix + namespace: phoenix + labels: + app: phoenix +spec: + serviceName: phoenix + replicas: 1 + selector: + matchLabels: + app: phoenix + template: + metadata: + labels: + app: phoenix + spec: + initContainers: + - name: wait-for-postgres + image: busybox:1.36 + command: + - sh + - -c + - | + echo "Waiting for PostgreSQL to be ready..." + until nc -z postgres 5432; do + echo "PostgreSQL is unavailable - sleeping" + sleep 2 + done + echo "PostgreSQL is up - executing command" + containers: + - name: phoenix + image: arizephoenix/phoenix:version-12.31.2 + ports: + - containerPort: 6006 + name: http + protocol: TCP + - containerPort: 4317 + name: grpc + protocol: TCP + - containerPort: 9090 + name: metrics + protocol: TCP + envFrom: + - configMapRef: + name: phoenix-config + - secretRef: + name: phoenix-secret + volumeMounts: + - name: phoenix-data + mountPath: /mnt/data + resources: + requests: + memory: "512Mi" + cpu: "500m" + limits: + memory: "2Gi" + cpu: "2000m" + readinessProbe: + httpGet: + path: / + port: 6006 + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 3 + livenessProbe: + httpGet: + path: / + port: 6006 + initialDelaySeconds: 30 + periodSeconds: 30 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 3 + startupProbe: + httpGet: + path: / + port: 6006 + initialDelaySeconds: 5 + periodSeconds: 5 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 30 + volumeClaimTemplates: + - metadata: + name: phoenix-data + spec: + accessModes: ["ReadWriteOnce"] + resources: + requests: + storage: 10Gi diff --git a/phoenix/postgres-statefulset.yaml b/phoenix/postgres-statefulset.yaml new file mode 100644 index 0000000..20baf86 --- /dev/null +++ b/phoenix/postgres-statefulset.yaml @@ -0,0 +1,130 @@ +apiVersion: v1 +kind: Service +metadata: + name: postgres + namespace: phoenix + labels: + app: postgres +spec: + type: ClusterIP + ports: + - port: 5432 + targetPort: 5432 + name: postgres + selector: + app: postgres + clusterIP: None # Headless service for StatefulSet +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: postgres + namespace: phoenix + labels: + app: postgres +spec: + serviceName: postgres + replicas: 1 + selector: + matchLabels: + app: postgres + template: + metadata: + labels: + app: postgres + spec: + containers: + - name: postgres + image: postgres:17-alpine + ports: + - containerPort: 5432 + name: postgres + env: + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + name: phoenix-secret + key: POSTGRES_USER + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: phoenix-secret + key: POSTGRES_PASSWORD + - name: POSTGRES_DB + valueFrom: + secretKeyRef: + name: phoenix-secret + key: POSTGRES_DB + - name: PGDATA + value: /var/lib/postgresql/data/pgdata + # PostgreSQL optimization settings + - name: POSTGRES_INITDB_ARGS + value: "-E UTF8" + args: + - "postgres" + - "-c" + - "shared_preload_libraries=pg_stat_statements" + - "-c" + - "pg_stat_statements.track=all" + - "-c" + - "shared_buffers=256MB" + - "-c" + - "effective_cache_size=1GB" + - "-c" + - "maintenance_work_mem=128MB" + - "-c" + - "checkpoint_completion_target=0.9" + - "-c" + - "wal_buffers=16MB" + - "-c" + - "default_statistics_target=100" + - "-c" + - "random_page_cost=1.1" + - "-c" + - "effective_io_concurrency=200" + - "-c" + - "work_mem=8MB" + - "-c" + - "min_wal_size=1GB" + - "-c" + - "max_wal_size=4GB" + volumeMounts: + - name: postgres-data + mountPath: /var/lib/postgresql/data + resources: + requests: + memory: "256Mi" + cpu: "250m" + limits: + memory: "1Gi" + cpu: "1000m" + readinessProbe: + exec: + command: + - /bin/sh + - -c + - pg_isready -U postgres + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 3 + livenessProbe: + exec: + command: + - /bin/sh + - -c + - pg_isready -U postgres + initialDelaySeconds: 30 + periodSeconds: 30 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 3 + volumeClaimTemplates: + - metadata: + name: postgres-data + spec: + accessModes: ["ReadWriteOnce"] + resources: + requests: + storage: 8Gi diff --git a/phoenix/servicemonitor.yaml b/phoenix/servicemonitor.yaml new file mode 100644 index 0000000..d2ff537 --- /dev/null +++ b/phoenix/servicemonitor.yaml @@ -0,0 +1,18 @@ +# Optional: ServiceMonitor for Prometheus Operator +# Only apply this if you have Prometheus Operator installed +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: phoenix-metrics + namespace: phoenix + labels: + app: phoenix +spec: + selector: + matchLabels: + app: phoenix + endpoints: + - port: metrics + path: /metrics + interval: 30s + scrapeTimeout: 10s