diff --git a/apps-gx10/knowledge/deployment-knowledge-web.json b/apps-gx10/knowledge/deployment-knowledge-web.json new file mode 100644 index 0000000..d41e2fa --- /dev/null +++ b/apps-gx10/knowledge/deployment-knowledge-web.json @@ -0,0 +1,261 @@ +{ + "apiVersion": "apps/v1", + "kind": "Deployment", + "metadata": { + "labels": { + "app": "knowledge-web", + "app.kubernetes.io/name": "knowledge-web", + "app.kubernetes.io/part-of": "bluejay-infra" + }, + "name": "knowledge-web", + "namespace": "knowledge" + }, + "spec": { + "progressDeadlineSeconds": 600, + "replicas": 1, + "revisionHistoryLimit": 3, + "selector": { + "matchLabels": { + "app": "knowledge-web" + } + }, + "strategy": { + "type": "Recreate" + }, + "template": { + "metadata": { + "annotations": { + "fc.flowercore.io/healthz-anon": "true", + "fc.flowercore.io/probe-path": "/healthz", + "flowercore.io/healthz-auth-policy": "allow-anonymous", + "kubectl.kubernetes.io/restartedAt": "2026-06-14T00:57:20-05:00", + "prometheus.io/path": "/metrics", + "prometheus.io/port": "8080", + "prometheus.io/scrape": "true" + }, + "labels": { + "app": "knowledge-web", + "app.kubernetes.io/name": "knowledge-web", + "app.kubernetes.io/part-of": "bluejay-infra" + } + }, + "spec": { + "containers": [ + { + "args": [ + "if [ -n \"${KNOWLEDGE_MCP_BEARER_TOKEN:-}\" ]; then\n export FlowerCore__Mcp__ApiKey__Key=\"Bearer ${KNOWLEDGE_MCP_BEARER_TOKEN}\"\nfi\nexec dotnet FlowerCore.Knowledge.Web.dll\n" + ], + "command": [ + "/bin/sh", + "-c" + ], + "env": [ + { + "name": "ASPNETCORE_URLS", + "value": "http://+:8080" + }, + { + "name": "ASPNETCORE_ENVIRONMENT", + "value": "Production" + }, + { + "name": "DOTNET_SYSTEM_GLOBALIZATION_INVARIANT", + "value": "false" + }, + { + "name": "FlowerCore__Auth__Enabled", + "value": "false" + }, + { + "name": "FlowerCore__Auth__Oidc__Enabled", + "value": "true" + }, + { + "name": "FlowerCore__Auth__Oidc__Authority", + "value": "https://id.iamworkin.lan/application/o/knowledge/" + }, + { + "name": "FlowerCore__Auth__Oidc__Audience", + "value": "knowledge" + }, + { + "name": "FlowerCore__Auth__Oidc__ClientId", + "value": "knowledge" + }, + { + "name": "FlowerCore__Auth__Oidc__ClientSecret", + "valueFrom": { + "secretKeyRef": { + "key": "client_secret", + "name": "knowledge-oidc-client", + "optional": true + } + } + }, + { + "name": "Knowledge__VectorStoresDirectory", + "value": "/data/vector-stores" + }, + { + "name": "Knowledge__EmbeddingModel", + "value": "nomic-embed-text" + }, + { + "name": "Knowledge__DefaultLimit", + "value": "5" + }, + { + "name": "Knowledge__MaxLimit", + "value": "50" + }, + { + "name": "Knowledge__Federation__DatabasePath", + "value": "/data/vector-stores/knowledge-federation.db" + }, + { + "name": "FlowerCore__Editions__ProfileDirectory", + "value": "/home/app/editions" + }, + { + "name": "FlowerCore__Ollama__BaseUrl", + "value": "http://10.0.57.201:11434" + }, + { + "name": "FlowerCore__Mcp__ApiKey__Key", + "valueFrom": { + "secretKeyRef": { + "key": "password", + "name": "knowledge-mcp-tokens" + } + } + }, + { + "name": "FlowerCore__Mcp__ApiKey__HeaderName", + "value": "Authorization" + }, + { + "name": "KNOWLEDGE_MCP_BEARER_TOKEN", + "valueFrom": { + "secretKeyRef": { + "key": "password", + "name": "knowledge-mcp-tokens" + } + } + }, + { + "name": "Knowledge__CorpusRootDirectory", + "value": "/data/vector-stores/corpus-cache" + } + ], + "image": "localhost/fc-knowledge-web:gx10-v1", + "imagePullPolicy": "Never", + "livenessProbe": { + "failureThreshold": 3, + "initialDelaySeconds": 30, + "periodSeconds": 30, + "successThreshold": 1, + "tcpSocket": { + "port": 8080 + }, + "timeoutSeconds": 1 + }, + "name": "web", + "ports": [ + { + "containerPort": 8080, + "name": "http", + "protocol": "TCP" + } + ], + "readinessProbe": { + "failureThreshold": 3, + "httpGet": { + "path": "/healthz", + "port": 8080, + "scheme": "HTTP" + }, + "periodSeconds": 10, + "successThreshold": 1, + "timeoutSeconds": 1 + }, + "resources": { + "limits": { + "cpu": "2", + "memory": "4Gi" + }, + "requests": { + "cpu": "250m", + "memory": "512Mi" + } + }, + "securityContext": { + "allowPrivilegeEscalation": false, + "capabilities": { + "drop": [ + "ALL" + ] + }, + "readOnlyRootFilesystem": true, + "runAsGroup": 1654, + "runAsNonRoot": true, + "runAsUser": 1654 + }, + "startupProbe": { + "failureThreshold": 30, + "httpGet": { + "path": "/healthz", + "port": 8080, + "scheme": "HTTP" + }, + "initialDelaySeconds": 5, + "periodSeconds": 5, + "successThreshold": 1, + "timeoutSeconds": 1 + }, + "terminationMessagePath": "/dev/termination-log", + "terminationMessagePolicy": "File", + "volumeMounts": [ + { + "mountPath": "/data/vector-stores", + "name": "vector-store" + }, + { + "mountPath": "/tmp", + "name": "tmp" + }, + { + "mountPath": "/home/app/logs", + "name": "logs" + } + ] + } + ], + "dnsPolicy": "ClusterFirst", + "restartPolicy": "Always", + "schedulerName": "default-scheduler", + "securityContext": { + "fsGroup": 1654, + "fsGroupChangePolicy": "OnRootMismatch", + "runAsNonRoot": true + }, + "terminationGracePeriodSeconds": 30, + "volumes": [ + { + "name": "vector-store", + "persistentVolumeClaim": { + "claimName": "knowledge-vector-store" + } + }, + { + "emptyDir": {}, + "name": "tmp" + }, + { + "emptyDir": {}, + "name": "logs" + } + ] + } + } + } +} diff --git a/apps-gx10/knowledge/ingressroute-knowledge-web.json b/apps-gx10/knowledge/ingressroute-knowledge-web.json new file mode 100644 index 0000000..85be04d --- /dev/null +++ b/apps-gx10/knowledge/ingressroute-knowledge-web.json @@ -0,0 +1,29 @@ +{ + "apiVersion": "traefik.io/v1alpha1", + "kind": "IngressRoute", + "metadata": { + "name": "knowledge-web", + "namespace": "knowledge" + }, + "spec": { + "entryPoints": [ + "websecure" + ], + "routes": [ + { + "kind": "Rule", + "match": "Host(`knowledge.iamworkin.lan`)", + "priority": 100, + "services": [ + { + "name": "knowledge-web", + "port": 80 + } + ] + } + ], + "tls": { + "secretName": "knowledge-tls" + } + } +} diff --git a/apps-gx10/knowledge/service-knowledge-web.json b/apps-gx10/knowledge/service-knowledge-web.json new file mode 100644 index 0000000..f9974c0 --- /dev/null +++ b/apps-gx10/knowledge/service-knowledge-web.json @@ -0,0 +1,29 @@ +{ + "apiVersion": "v1", + "kind": "Service", + "metadata": { + "labels": { + "app": "knowledge-web", + "app.kubernetes.io/name": "knowledge-web", + "app.kubernetes.io/part-of": "bluejay-infra" + }, + "name": "knowledge-web", + "namespace": "knowledge" + }, + "spec": { + "internalTrafficPolicy": "Cluster", + "ports": [ + { + "name": "http", + "port": 80, + "protocol": "TCP", + "targetPort": 8080 + } + ], + "selector": { + "app": "knowledge-web" + }, + "sessionAffinity": "None", + "type": "ClusterIP" + } +}