Fix edge1 Ollama IP (.15->.17), add monitoring ingress, add init container

2026-04-08 17:30:22 +00:00
parent f3919cf728
commit c9f07108bd
1 changed files with 368 additions and 325 deletions
--- a/apps/agent-zero/agent-zero.yaml
+++ b/apps/agent-zero/agent-zero.yaml
@@ -2,7 +2,7 @@
 # Agent Zero AI Stack — NUC Deployment (RKE2 Bare-Metal)
 # =============================================================================
 # Deploys: AgentZero (agent UI) on RKE2 cluster
-# Ollama: edge1 Pi 5 at 10.0.57.15:11434 (qwen2.5-coder:7b, CPU)
+# Ollama: edge1 Pi 5 at 10.0.57.17:11434 (qwen2.5-coder:7b, CPU)
 # Target: RKE2 bare-metal cluster, namespace: agent-zero
 #
 # Differences from LOCAL (WSL K3s):
@@ -99,7 +99,7 @@ metadata:
    app: agent-zero
  annotations:
    agent-zero/deployment: "nuc"
-    agent-zero/ollama: "edge1 Pi 5 (10.0.57.15:11434)"
+    agent-zero/ollama: "edge1 Pi 5 (10.0.57.17:11434)"
 spec:
  replicas: 1
  selector:
@@ -113,6 +113,21 @@ spec:
        app: agent-zero
    spec:
      serviceAccountName: agent-zero
+      initContainers:
+        # Wait for edge1 Pi 5 Ollama to be reachable before starting Agent Zero.
+        # Without this, the FAISS memory system crashes on embed_query()
+        # and Agent Zero enters a broken state on every message.
+        - name: wait-for-ollama
+          image: busybox:1.37
+          command: ["sh", "-c"]
+          args:
+            - |
+              echo "Waiting for Ollama at edge1 (10.0.57.17:11434)..."
+              until wget -qO- --timeout=2 http://10.0.57.17:11434/api/tags >/dev/null 2>&1; do
+                echo "edge1 Ollama not ready, retrying in 5s..."
+                sleep 5
+              done
+              echo "edge1 Ollama is reachable!"
      containers:
        - name: agent-zero
          image: agent0ai/agent-zero:latest
@@ -141,7 +156,7 @@ spec:
            - name: A0_SET_chat_model_name
              value: "qwen2.5-coder:7b"
            - name: A0_SET_chat_model_api_base
-              value: "http://10.0.57.15:11434"
+              value: "http://10.0.57.17:11434"
            - name: A0_SET_chat_model_ctx_length
              value: "32768"
            - name: A0_SET_chat_model_kwargs
@@ -152,7 +167,7 @@ spec:
            - name: A0_SET_util_model_name
              value: "qwen2.5-coder:7b"
            - name: A0_SET_util_model_api_base
-              value: "http://10.0.57.15:11434"
+              value: "http://10.0.57.17:11434"
            - name: A0_SET_util_model_kwargs
              value: '{"num_ctx": 8192}'
            # Embedding model — nomic on edge1 (if installed, fallback to none)
@@ -161,14 +176,14 @@ spec:
            - name: A0_SET_embed_model_name
              value: "nomic-embed-text"
            - name: A0_SET_embed_model_api_base
-              value: "http://10.0.57.15:11434"
+              value: "http://10.0.57.17:11434"
            # Browser model — disabled (no vision model on Pi)
            - name: A0_SET_browser_model_provider
              value: "ollama"
            - name: A0_SET_browser_model_name
              value: "qwen2.5-coder:7b"
            - name: A0_SET_browser_model_api_base
-              value: "http://10.0.57.15:11434"
+              value: "http://10.0.57.17:11434"
            - name: A0_SET_browser_model_vision
              value: "false"
            # Agent profile
@@ -196,6 +211,27 @@ spec:
              mountPath: /a0/work
            - name: knowledge
              mountPath: /a0/knowledge/custom/main
+          startupProbe:
+            httpGet:
+              path: /
+              port: 80
+            initialDelaySeconds: 15
+            periodSeconds: 10
+            failureThreshold: 18
+          livenessProbe:
+            httpGet:
+              path: /
+              port: 80
+            periodSeconds: 30
+            failureThreshold: 3
+          readinessProbe:
+            exec:
+              command:
+                - /bin/bash
+                - -c
+                - "curl -sf http://localhost:80/ > /dev/null && curl -sf --connect-timeout 3 http://10.0.57.17:11434/api/tags > /dev/null"
+            periodSeconds: 30
+            failureThreshold: 2
          resources:
            requests:
              memory: "2Gi"
@@ -292,6 +328,13 @@ spec:
              kubernetes.io/metadata.name: traefik-system
      ports:
        - port: 80
+    # Allow from monitoring (blackbox probe)
+    - from:
+        - namespaceSelector:
+            matchLabels:
+              kubernetes.io/metadata.name: monitoring
+      ports:
+        - port: 80
  egress:
    # DNS
    - to:
@@ -306,7 +349,7 @@ spec:
    # Ollama on edge1
    - to:
        - ipBlock:
-            cidr: 10.0.57.15/32
+            cidr: 10.0.57.17/32
      ports:
        - port: 11434
    # K8s API