feat: add ai-gateway deployment and service configuration with TLS support
This commit is contained in:
parent
91f8167323
commit
54d368d462
89
manifests/home-services/ai-gateway.yaml
Normal file
89
manifests/home-services/ai-gateway.yaml
Normal file
@ -0,0 +1,89 @@
|
|||||||
|
apiVersion: apps/v1
|
||||||
|
kind: Deployment
|
||||||
|
metadata:
|
||||||
|
name: ai-gateway
|
||||||
|
namespace: home-services
|
||||||
|
labels:
|
||||||
|
app: ai-gateway
|
||||||
|
spec:
|
||||||
|
replicas: 1
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
app: ai-gateway
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
app: ai-gateway
|
||||||
|
spec:
|
||||||
|
imagePullSecrets:
|
||||||
|
- name: gitea-registry-secret
|
||||||
|
containers:
|
||||||
|
- name: ai-gateway
|
||||||
|
image: gitea.nik4nao.com/nik/ai-gateway:latest
|
||||||
|
ports:
|
||||||
|
- containerPort: 50052
|
||||||
|
name: grpc
|
||||||
|
env:
|
||||||
|
- name: GRPC_PORT
|
||||||
|
value: "50052"
|
||||||
|
- name: OLLAMA_URL
|
||||||
|
value: "http://192.168.7.96:11434"
|
||||||
|
- name: OLLAMA_MODEL
|
||||||
|
value: "llama3"
|
||||||
|
- name: OLLAMA_TIMEOUT
|
||||||
|
value: "30s"
|
||||||
|
- name: HA_GATEWAY_ADDR
|
||||||
|
value: "ha-gateway.home-services.svc.cluster.local:50051"
|
||||||
|
- name: HA_GATEWAY_SERVER_NAME
|
||||||
|
value: "ha-gateway.home-services.svc.cluster.local"
|
||||||
|
- name: OTEL_ENDPOINT
|
||||||
|
value: "otel-collector-opentelemetry-collector.monitoring.svc.cluster.local:4317"
|
||||||
|
- name: LOG_LEVEL
|
||||||
|
value: "info"
|
||||||
|
- name: LOG_FORMAT
|
||||||
|
value: "json"
|
||||||
|
- name: LIGHT_CACHE_TTL
|
||||||
|
value: "60s"
|
||||||
|
- name: TLS_DIR
|
||||||
|
value: /tls
|
||||||
|
readinessProbe:
|
||||||
|
tcpSocket:
|
||||||
|
port: 50052
|
||||||
|
initialDelaySeconds: 5
|
||||||
|
periodSeconds: 10
|
||||||
|
livenessProbe:
|
||||||
|
tcpSocket:
|
||||||
|
port: 50052
|
||||||
|
initialDelaySeconds: 10
|
||||||
|
periodSeconds: 30
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
cpu: 50m
|
||||||
|
memory: 64Mi
|
||||||
|
limits:
|
||||||
|
cpu: 200m
|
||||||
|
memory: 128Mi
|
||||||
|
volumeMounts:
|
||||||
|
- name: tls
|
||||||
|
mountPath: /tls
|
||||||
|
readOnly: true
|
||||||
|
volumes:
|
||||||
|
- name: tls
|
||||||
|
secret:
|
||||||
|
secretName: ai-gateway-tls
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
name: ai-gateway
|
||||||
|
namespace: home-services
|
||||||
|
labels:
|
||||||
|
app: ai-gateway
|
||||||
|
spec:
|
||||||
|
selector:
|
||||||
|
app: ai-gateway
|
||||||
|
ports:
|
||||||
|
- name: grpc
|
||||||
|
port: 50052
|
||||||
|
targetPort: 50052
|
||||||
|
type: ClusterIP
|
||||||
@ -32,3 +32,23 @@ spec:
|
|||||||
- client auth
|
- client auth
|
||||||
- digital signature
|
- digital signature
|
||||||
- key encipherment
|
- key encipherment
|
||||||
|
---
|
||||||
|
apiVersion: cert-manager.io/v1
|
||||||
|
kind: Certificate
|
||||||
|
metadata:
|
||||||
|
name: ai-gateway-tls
|
||||||
|
namespace: home-services
|
||||||
|
spec:
|
||||||
|
secretName: ai-gateway-tls
|
||||||
|
issuerRef:
|
||||||
|
name: internal-ca-issuer
|
||||||
|
kind: ClusterIssuer
|
||||||
|
commonName: ai-gateway
|
||||||
|
dnsNames:
|
||||||
|
- ai-gateway.home-services.svc.cluster.local
|
||||||
|
- ai-gateway
|
||||||
|
usages:
|
||||||
|
- server auth
|
||||||
|
- client auth
|
||||||
|
- digital signature
|
||||||
|
- key encipherment
|
||||||
|
|||||||
@ -33,6 +33,8 @@ spec:
|
|||||||
key: GUILD_ID
|
key: GUILD_ID
|
||||||
- name: HA_GATEWAY_ADDR
|
- name: HA_GATEWAY_ADDR
|
||||||
value: "ha-gateway.home-services.svc.cluster.local:50051"
|
value: "ha-gateway.home-services.svc.cluster.local:50051"
|
||||||
|
- name: AI_GATEWAY_ADDR
|
||||||
|
value: "ai-gateway.home-services.svc.cluster.local:50052"
|
||||||
- name: OTEL_ENDPOINT
|
- name: OTEL_ENDPOINT
|
||||||
value: "otel-collector-opentelemetry-collector.monitoring.svc.cluster.local:4317"
|
value: "otel-collector-opentelemetry-collector.monitoring.svc.cluster.local:4317"
|
||||||
- name: TLS_DIR
|
- name: TLS_DIR
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user