feat: fix keycloak metrics issues, bump EFS memory as workarounf for OOM
This commit is contained in:
parent
e70822dd28
commit
a13b062d38
@ -1,6 +1,6 @@
|
|||||||
# kubezero-auth
|
# kubezero-auth
|
||||||
|
|
||||||
![Version: 0.6.0](https://img.shields.io/badge/Version-0.6.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 26.0.5](https://img.shields.io/badge/AppVersion-26.0.5-informational?style=flat-square)
|
![Version: 0.6.1](https://img.shields.io/badge/Version-0.6.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 26.0.5](https://img.shields.io/badge/AppVersion-26.0.5-informational?style=flat-square)
|
||||||
|
|
||||||
KubeZero umbrella chart for all things Authentication and Identity management
|
KubeZero umbrella chart for all things Authentication and Identity management
|
||||||
|
|
||||||
@ -19,7 +19,7 @@ Kubernetes: `>= 1.26.0`
|
|||||||
| Repository | Name | Version |
|
| Repository | Name | Version |
|
||||||
|------------|------|---------|
|
|------------|------|---------|
|
||||||
| https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.6 |
|
| https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.6 |
|
||||||
| oci://registry-1.docker.io/bitnamicharts | keycloak | 24.0.4 |
|
| oci://registry-1.docker.io/bitnamicharts | keycloak | 24.2.1 |
|
||||||
|
|
||||||
# Keycloak
|
# Keycloak
|
||||||
|
|
||||||
@ -38,9 +38,15 @@ https://github.com/keycloak/keycloak-benchmark/tree/main/provision/minikube/keyc
|
|||||||
| Key | Type | Default | Description |
|
| Key | Type | Default | Description |
|
||||||
|-----|------|---------|-------------|
|
|-----|------|---------|-------------|
|
||||||
| keycloak.auth.adminUser | string | `"admin"` | |
|
| keycloak.auth.adminUser | string | `"admin"` | |
|
||||||
| keycloak.auth.existingSecret | string | `"kubezero-auth"` | |
|
| keycloak.auth.existingSecret | string | `"keycloak-auth"` | |
|
||||||
| keycloak.auth.passwordSecretKey | string | `"admin-password"` | |
|
| keycloak.auth.passwordSecretKey | string | `"admin-password"` | |
|
||||||
| keycloak.enabled | bool | `false` | |
|
| keycloak.enabled | bool | `false` | |
|
||||||
|
| keycloak.externalDatabase.database | string | `"keycloak"` | |
|
||||||
|
| keycloak.externalDatabase.existingSecret | string | `"keycloak-pg"` | |
|
||||||
|
| keycloak.externalDatabase.existingSecretPasswordKey | string | `"password"` | |
|
||||||
|
| keycloak.externalDatabase.host | string | `"keycloak-pg-rw"` | |
|
||||||
|
| keycloak.externalDatabase.port | int | `5432` | |
|
||||||
|
| keycloak.externalDatabase.user | string | `"keycloak"` | |
|
||||||
| keycloak.hostnameStrict | bool | `false` | |
|
| keycloak.hostnameStrict | bool | `false` | |
|
||||||
| keycloak.istio.admin.enabled | bool | `false` | |
|
| keycloak.istio.admin.enabled | bool | `false` | |
|
||||||
| keycloak.istio.admin.gateway | string | `"istio-ingress/private-ingressgateway"` | |
|
| keycloak.istio.admin.gateway | string | `"istio-ingress/private-ingressgateway"` | |
|
||||||
@ -52,15 +58,7 @@ https://github.com/keycloak/keycloak-benchmark/tree/main/provision/minikube/keyc
|
|||||||
| keycloak.metrics.serviceMonitor.enabled | bool | `true` | |
|
| keycloak.metrics.serviceMonitor.enabled | bool | `true` | |
|
||||||
| keycloak.pdb.create | bool | `false` | |
|
| keycloak.pdb.create | bool | `false` | |
|
||||||
| keycloak.pdb.minAvailable | int | `1` | |
|
| keycloak.pdb.minAvailable | int | `1` | |
|
||||||
| keycloak.postgresql.auth.database | string | `"keycloak"` | |
|
|
||||||
| keycloak.postgresql.auth.existingSecret | string | `"kubezero-auth"` | |
|
|
||||||
| keycloak.postgresql.auth.username | string | `"keycloak"` | |
|
|
||||||
| keycloak.postgresql.enabled | bool | `false` | |
|
| keycloak.postgresql.enabled | bool | `false` | |
|
||||||
| keycloak.postgresql.primary.persistence.size | string | `"1Gi"` | |
|
|
||||||
| keycloak.postgresql.primary.resources.limits.memory | string | `"128Mi"` | |
|
|
||||||
| keycloak.postgresql.primary.resources.requests.cpu | string | `"100m"` | |
|
|
||||||
| keycloak.postgresql.primary.resources.requests.memory | string | `"64Mi"` | |
|
|
||||||
| keycloak.postgresql.readReplicas.replicaCount | int | `0` | |
|
|
||||||
| keycloak.production | bool | `true` | |
|
| keycloak.production | bool | `true` | |
|
||||||
| keycloak.proxyHeaders | string | `"xforwarded"` | |
|
| keycloak.proxyHeaders | string | `"xforwarded"` | |
|
||||||
| keycloak.replicaCount | int | `1` | |
|
| keycloak.replicaCount | int | `1` | |
|
||||||
|
@ -1,9 +1,9 @@
|
|||||||
configmap: grafana-dashboards
|
configmap: grafana-dashboards
|
||||||
condition: '.Values.keycloak.metrics.enabled'
|
condition: '.Values.keycloak.metrics.enabled'
|
||||||
gzip: true
|
gzip: true
|
||||||
# folder:
|
folder: KubeZero
|
||||||
dashboards:
|
dashboards:
|
||||||
- name: keycloak
|
- name: keycloak
|
||||||
# url: https://grafana.com/api/dashboards/10441/revisions/2/download
|
url: https://grafana.com/api/dashboards/19659/revisions/1/download
|
||||||
url: https://grafana.com/api/dashboards/17878/revisions/1/download
|
# url: https://grafana.com/api/dashboards/17878/revisions/1/download
|
||||||
tags: ['Keycloak', 'Auth']
|
tags: ['Keycloak', 'Auth']
|
||||||
|
File diff suppressed because one or more lines are too long
@ -16,6 +16,8 @@ spec:
|
|||||||
- route:
|
- route:
|
||||||
- destination:
|
- destination:
|
||||||
host: {{ template "kubezero-lib.fullname" $ }}-keycloak
|
host: {{ template "kubezero-lib.fullname" $ }}-keycloak
|
||||||
|
port:
|
||||||
|
number: 80
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
---
|
---
|
||||||
@ -41,4 +43,6 @@ spec:
|
|||||||
route:
|
route:
|
||||||
- destination:
|
- destination:
|
||||||
host: {{ template "kubezero-lib.fullname" $ }}-keycloak
|
host: {{ template "kubezero-lib.fullname" $ }}-keycloak
|
||||||
|
port:
|
||||||
|
number: 80
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
4
charts/kubezero-istio/TODO
Normal file
4
charts/kubezero-istio/TODO
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
{"time":"2024-11-21T10:32:42.652788Z","level":"warning","scope":"envoy main","msg":"Usage of the deprecated runtime key overload.global_downstream_max_connections, consider switching to `e │
|
||||||
|
│ nvoy.resource_monitors.downstream_connections` instead.This runtime key will be removed in future.","caller":"external/envoy/source/server/server.cc:843","thread":"8"} │
|
||||||
|
│ {"time":"2024-11-21T10:32:42.653492Z","level":"warning","scope":"envoy main","msg":"There is no configured limit to the number of allowed active downstream connections. Configure a limit i │
|
||||||
|
│ n `envoy.resource_monitors.downstream_connections` resource monitor.","caller":"external/envoy/source/server/server.cc:936","thread":"8"} │
|
@ -245,9 +245,9 @@ aws-efs-csi-driver:
|
|||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
cpu: 20m
|
cpu: 20m
|
||||||
memory: 96Mi
|
memory: 128Mi
|
||||||
limits:
|
limits:
|
||||||
memory: 256Mi
|
memory: 512Mi
|
||||||
|
|
||||||
affinity:
|
affinity:
|
||||||
nodeAffinity:
|
nodeAffinity:
|
||||||
|
Loading…
Reference in New Issue
Block a user