phoenix

phoenix/configmap.yaml

@@ -0,0 +1,36 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: phoenix-config
+  namespace: phoenix
+data:
+  # Phoenix Server Configuration
+  PHOENIX_PORT: "6006"
+  PHOENIX_HOST: "::"
+  PHOENIX_WORKING_DIR: "/mnt/data"
+
+  # Database Configuration
+  PHOENIX_SQL_DATABASE_URL: "postgresql://postgres:postgres@postgres:5432/postgres"
+
+  # OTLP Configuration
+  PHOENIX_GRPC_PORT: "4317"
+
+  # Prometheus Metrics
+  PHOENIX_ENABLE_PROMETHEUS: "true"
+
+  # Server Limits
+  PHOENIX_SERVER_MAX_SPANS_QUEUE_SIZE: "20000"
+
+  # Optional: Enable authentication (uncomment to enable)
+  # PHOENIX_ENABLE_AUTH: "true"
+
+  # Optional: OIDC Configuration (uncomment and configure as needed)
+  # PHOENIX_OAUTH2_DEV_CLIENT_ID: ""
+  # PHOENIX_OAUTH2_DEV_OIDC_CONFIG_URL: ""
+  # PHOENIX_OAUTH2_DEV_DISPLAY_NAME: "OAuth Login"
+
+  # Optional: SMTP Configuration (uncomment and configure as needed)
+  # PHOENIX_SMTP_HOSTNAME: ""
+  # PHOENIX_SMTP_PORT: "587"
+  # PHOENIX_SMTP_USERNAME: ""
+  # PHOENIX_FROM_EMAIL_ADDRESS: ""

phoenix/ingress.yaml

@@ -0,0 +1,31 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: phoenix-ingress
+  namespace: phoenix
+  annotations:
+    # Use Traefik as the ingress controller (default in k3s)
+    kubernetes.io/ingress.class: "traefik"
+    # Enable SSL redirect
+    traefik.ingress.kubernetes.io/redirect-entry-point: https
+    # Optional: enable compression
+    traefik.ingress.kubernetes.io/compress: "true"
+    cert-manager.io/issuer: prod-issuer
+    cert-manager.io/issuer-kind: OriginIssuer
+    cert-manager.io/issuer-group: cert-manager.k8s.cloudflare.com
+spec:
+  tls:
+    - hosts:
+      - "*.rogi.casa"
+      secretName: rogicasa-tls
+  rules:
+  - host: phoenix.rogi.casa
+    http:
+      paths:
+        - path: /
+          pathType: Prefix
+          backend:
+            service:
+              name: phoenix
+              port:
+                number: 6006

phoenix/namespace.yaml

@@ -0,0 +1,6 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: phoenix
+  labels:
+    name: phoenix

phoenix/phoenix-statefulset.yaml

@@ -0,0 +1,120 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: phoenix
+  namespace: phoenix
+  labels:
+    app: phoenix
+  annotations:
+    prometheus.io/scrape: "true"
+    prometheus.io/port: "9090"
+    prometheus.io/path: "/metrics"
+spec:
+  type: ClusterIP
+  ports:
+    - port: 6006
+      targetPort: 6006
+      name: http
+    - port: 4317
+      targetPort: 4317
+      name: grpc
+    - port: 9090
+      targetPort: 9090
+      name: metrics
+  selector:
+    app: phoenix
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: phoenix
+  namespace: phoenix
+  labels:
+    app: phoenix
+spec:
+  serviceName: phoenix
+  replicas: 1
+  selector:
+    matchLabels:
+      app: phoenix
+  template:
+    metadata:
+      labels:
+        app: phoenix
+    spec:
+      initContainers:
+        - name: wait-for-postgres
+          image: busybox:1.36
+          command:
+            - sh
+            - -c
+            - |
+              echo "Waiting for PostgreSQL to be ready..."
+              until nc -z postgres 5432; do
+                echo "PostgreSQL is unavailable - sleeping"
+                sleep 2
+              done
+              echo "PostgreSQL is up - executing command"
+      containers:
+        - name: phoenix
+          image: arizephoenix/phoenix:version-12.31.2
+          ports:
+            - containerPort: 6006
+              name: http
+              protocol: TCP
+            - containerPort: 4317
+              name: grpc
+              protocol: TCP
+            - containerPort: 9090
+              name: metrics
+              protocol: TCP
+          envFrom:
+            - configMapRef:
+                name: phoenix-config
+            - secretRef:
+                name: phoenix-secret
+          volumeMounts:
+            - name: phoenix-data
+              mountPath: /mnt/data
+          resources:
+            requests:
+              memory: "512Mi"
+              cpu: "500m"
+            limits:
+              memory: "2Gi"
+              cpu: "2000m"
+          readinessProbe:
+            httpGet:
+              path: /
+              port: 6006
+            initialDelaySeconds: 10
+            periodSeconds: 10
+            timeoutSeconds: 5
+            successThreshold: 1
+            failureThreshold: 3
+          livenessProbe:
+            httpGet:
+              path: /
+              port: 6006
+            initialDelaySeconds: 30
+            periodSeconds: 30
+            timeoutSeconds: 5
+            successThreshold: 1
+            failureThreshold: 3
+          startupProbe:
+            httpGet:
+              path: /
+              port: 6006
+            initialDelaySeconds: 5
+            periodSeconds: 5
+            timeoutSeconds: 5
+            successThreshold: 1
+            failureThreshold: 30
+  volumeClaimTemplates:
+    - metadata:
+        name: phoenix-data
+      spec:
+        accessModes: ["ReadWriteOnce"]
+        resources:
+          requests:
+            storage: 10Gi

phoenix/postgres-statefulset.yaml

@@ -0,0 +1,130 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: postgres
+  namespace: phoenix
+  labels:
+    app: postgres
+spec:
+  type: ClusterIP
+  ports:
+    - port: 5432
+      targetPort: 5432
+      name: postgres
+  selector:
+    app: postgres
+  clusterIP: None  # Headless service for StatefulSet
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: postgres
+  namespace: phoenix
+  labels:
+    app: postgres
+spec:
+  serviceName: postgres
+  replicas: 1
+  selector:
+    matchLabels:
+      app: postgres
+  template:
+    metadata:
+      labels:
+        app: postgres
+    spec:
+      containers:
+        - name: postgres
+          image: postgres:17-alpine
+          ports:
+            - containerPort: 5432
+              name: postgres
+          env:
+            - name: POSTGRES_USER
+              valueFrom:
+                secretKeyRef:
+                  name: phoenix-secret
+                  key: POSTGRES_USER
+            - name: POSTGRES_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: phoenix-secret
+                  key: POSTGRES_PASSWORD
+            - name: POSTGRES_DB
+              valueFrom:
+                secretKeyRef:
+                  name: phoenix-secret
+                  key: POSTGRES_DB
+            - name: PGDATA
+              value: /var/lib/postgresql/data/pgdata
+            # PostgreSQL optimization settings
+            - name: POSTGRES_INITDB_ARGS
+              value: "-E UTF8"
+          args:
+            - "postgres"
+            - "-c"
+            - "shared_preload_libraries=pg_stat_statements"
+            - "-c"
+            - "pg_stat_statements.track=all"
+            - "-c"
+            - "shared_buffers=256MB"
+            - "-c"
+            - "effective_cache_size=1GB"
+            - "-c"
+            - "maintenance_work_mem=128MB"
+            - "-c"
+            - "checkpoint_completion_target=0.9"
+            - "-c"
+            - "wal_buffers=16MB"
+            - "-c"
+            - "default_statistics_target=100"
+            - "-c"
+            - "random_page_cost=1.1"
+            - "-c"
+            - "effective_io_concurrency=200"
+            - "-c"
+            - "work_mem=8MB"
+            - "-c"
+            - "min_wal_size=1GB"
+            - "-c"
+            - "max_wal_size=4GB"
+          volumeMounts:
+            - name: postgres-data
+              mountPath: /var/lib/postgresql/data
+          resources:
+            requests:
+              memory: "256Mi"
+              cpu: "250m"
+            limits:
+              memory: "1Gi"
+              cpu: "1000m"
+          readinessProbe:
+            exec:
+              command:
+                - /bin/sh
+                - -c
+                - pg_isready -U postgres
+            initialDelaySeconds: 10
+            periodSeconds: 10
+            timeoutSeconds: 5
+            successThreshold: 1
+            failureThreshold: 3
+          livenessProbe:
+            exec:
+              command:
+                - /bin/sh
+                - -c
+                - pg_isready -U postgres
+            initialDelaySeconds: 30
+            periodSeconds: 30
+            timeoutSeconds: 5
+            successThreshold: 1
+            failureThreshold: 3
+  volumeClaimTemplates:
+    - metadata:
+        name: postgres-data
+      spec:
+        accessModes: ["ReadWriteOnce"]
+        resources:
+          requests:
+            storage: 8Gi

phoenix/servicemonitor.yaml

@@ -0,0 +1,18 @@
+# Optional: ServiceMonitor for Prometheus Operator
+# Only apply this if you have Prometheus Operator installed
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: phoenix-metrics
+  namespace: phoenix
+  labels:
+    app: phoenix
+spec:
+  selector:
+    matchLabels:
+      app: phoenix
+  endpoints:
+    - port: metrics
+      path: /metrics
+      interval: 30s
+      scrapeTimeout: 10s