feat(open-webui): HA deployment with CNPG, PDB, and session persistence
- Switch from SQLite/PVC to CNPG PostgreSQL (3 instances, low-resource) with a transaction-mode PgBouncer pooler (2 instances) - Raise open-webui replicas to 3 with priorityClassName: power - Add PodDisruptionBudget (minAvailable: 1) - Add Gateway API sessionPersistence (cookie) on the HTTPS HTTPRoute so WebSocket connections stick to the same backend pod - Add postgres-credentials VaultStaticSecret; DATABASE_URL must be added to kv/kubernetes/namespace/open-webui/default/open-webui-credentials
This commit is contained in:
@@ -1,6 +1,23 @@
|
||||
---
|
||||
apiVersion: secrets.hashicorp.com/v1beta1
|
||||
kind: VaultStaticSecret
|
||||
metadata:
|
||||
name: postgres-credentials
|
||||
namespace: open-webui
|
||||
spec:
|
||||
destination:
|
||||
create: true
|
||||
name: postgres-credentials
|
||||
overwrite: true
|
||||
hmacSecretData: true
|
||||
mount: kv
|
||||
path: kubernetes/namespace/open-webui/default/postgres-credentials
|
||||
refreshAfter: 5m
|
||||
type: kv-v2
|
||||
vaultAuthRef: default
|
||||
---
|
||||
apiVersion: secrets.hashicorp.com/v1beta1
|
||||
kind: VaultStaticSecret
|
||||
metadata:
|
||||
name: open-webui-credentials
|
||||
namespace: open-webui
|
||||
|
||||
Reference in New Issue
Block a user