-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathpodman-pod.yaml
More file actions
252 lines (243 loc) · 5.63 KB
/
podman-pod.yaml
File metadata and controls
252 lines (243 loc) · 5.63 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
# Red Hat Learning Paths Podman Pod Configuration
# Run with: podman play kube podman-pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: redhat-learning-paths
labels:
app: redhat-learning-paths
version: "1.0.0"
spec:
restartPolicy: Always
# Shared volumes
volumes:
- name: postgres-data
persistentVolumeClaim:
claimName: postgres-data-pvc
- name: ollama-data
persistentVolumeClaim:
claimName: ollama-data-pvc
containers:
# PostgreSQL Database
- name: postgres
image: docker.io/postgres:15-alpine
ports:
- containerPort: 5432
protocol: TCP
env:
- name: POSTGRES_DB
value: "redhat_learning_paths"
- name: POSTGRES_USER
value: "postgres"
- name: POSTGRES_PASSWORD
value: "password"
- name: PGDATA
value: "/var/lib/postgresql/data/pgdata"
volumeMounts:
- name: postgres-data
mountPath: /var/lib/postgresql/data
resources:
requests:
memory: "256Mi"
cpu: "250m"
limits:
memory: "512Mi"
cpu: "500m"
livenessProbe:
exec:
command:
- pg_isready
- -U
- postgres
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
readinessProbe:
exec:
command:
- pg_isready
- -U
- postgres
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 3
failureThreshold: 3
# Ollama LLM Service
- name: ollama
image: docker.io/ollama/ollama:latest
ports:
- containerPort: 11434
protocol: TCP
env:
- name: OLLAMA_HOST
value: "0.0.0.0:11434"
- name: OLLAMA_ORIGINS
value: "*"
volumeMounts:
- name: ollama-data
mountPath: /root/.ollama
resources:
requests:
memory: "2Gi"
cpu: "1000m"
limits:
memory: "4Gi"
cpu: "2000m"
# Note: GPU support would require additional configuration
securityContext:
allowPrivilegeEscalation: false
runAsNonRoot: false
capabilities:
drop:
- ALL
# Backend API Service
- name: backend
image: localhost/redhat-learning-paths-backend:latest
ports:
- containerPort: 8000
protocol: TCP
env:
- name: DATABASE_URL
value: "postgresql://postgres:password@localhost:5432/redhat_learning_paths"
- name: OLLAMA_BASE_URL
value: "http://localhost:11434"
- name: OLLAMA_MODEL
value: "llama3.1"
- name: PYTHONPATH
value: "/app"
- name: ENVIRONMENT
value: "production"
resources:
requests:
memory: "512Mi"
cpu: "500m"
limits:
memory: "1Gi"
cpu: "1000m"
livenessProbe:
httpGet:
path: /health
port: 8000
initialDelaySeconds: 60
periodSeconds: 30
timeoutSeconds: 10
failureThreshold: 3
readinessProbe:
httpGet:
path: /health
port: 8000
initialDelaySeconds: 30
periodSeconds: 15
timeoutSeconds: 5
failureThreshold: 3
securityContext:
allowPrivilegeEscalation: false
runAsNonRoot: true
runAsUser: 1000
capabilities:
drop:
- ALL
# Frontend Web Service
- name: frontend
image: localhost/redhat-learning-paths-frontend:latest
ports:
- containerPort: 3000
protocol: TCP
env:
- name: REACT_APP_API_URL
value: "http://localhost:8000"
resources:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "256Mi"
cpu: "250m"
livenessProbe:
httpGet:
path: /health
port: 3000
initialDelaySeconds: 30
periodSeconds: 30
timeoutSeconds: 5
failureThreshold: 3
readinessProbe:
httpGet:
path: /health
port: 3000
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 3
failureThreshold: 3
securityContext:
allowPrivilegeEscalation: false
runAsNonRoot: true
runAsUser: 1001
capabilities:
drop:
- ALL
---
# Persistent Volume Claims
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: postgres-data-pvc
labels:
app: redhat-learning-paths
component: database
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
storageClassName: local-storage
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: ollama-data-pvc
labels:
app: redhat-learning-paths
component: ollama
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
storageClassName: local-storage
---
# Service definitions for port mapping
apiVersion: v1
kind: Service
metadata:
name: redhat-learning-paths-service
labels:
app: redhat-learning-paths
spec:
type: NodePort
ports:
- name: frontend
port: 3000
targetPort: 3000
nodePort: 30000
protocol: TCP
- name: backend
port: 8000
targetPort: 8000
nodePort: 30001
protocol: TCP
- name: postgres
port: 5432
targetPort: 5432
nodePort: 30002
protocol: TCP
- name: ollama
port: 11434
targetPort: 11434
nodePort: 30003
protocol: TCP
selector:
app: redhat-learning-paths