--- apiVersion: apps/v1 kind: Deployment metadata: name: piefed-web namespace: piefed-application labels: app.kubernetes.io/name: piefed app.kubernetes.io/component: web spec: replicas: 2 selector: matchLabels: app.kubernetes.io/name: piefed app.kubernetes.io/component: web template: metadata: labels: app.kubernetes.io/name: piefed app.kubernetes.io/component: web spec: serviceAccountName: piefed-init-checker securityContext: fsGroup: 1000 # piefed group - ensures volume mounts are writable imagePullSecrets: - name: harbor-pull-secret initContainers: - name: wait-for-migrations image: bitnami/kubectl@sha256:b407dcce69129c06fabab6c3eb35bf9a2d75a20d0d927b3f32dae961dba4270b command: - sh - -c - | echo "Checking database migration status..." # Check if Job exists if ! kubectl get job piefed-db-init -n piefed-application >/dev/null 2>&1; then echo "ERROR: Migration job does not exist!" echo "Expected job/piefed-db-init in piefed-application namespace" exit 1 fi # Check if Job is complete COMPLETE_STATUS=$(kubectl get job piefed-db-init -n piefed-application -o jsonpath='{.status.conditions[?(@.type=="Complete")].status}' 2>/dev/null) if [ "$COMPLETE_STATUS" = "True" ]; then echo "✓ Migrations already complete, proceeding..." exit 0 fi # Check if Job has failed FAILED_STATUS=$(kubectl get job piefed-db-init -n piefed-application -o jsonpath='{.status.conditions[?(@.type=="Failed")].status}' 2>/dev/null) if [ "$FAILED_STATUS" = "True" ]; then echo "ERROR: Migration job has FAILED!" echo "Job status:" kubectl get job piefed-db-init -n piefed-application -o jsonpath='{.status.conditions[?(@.type=="Failed")]}' | jq . echo "" echo "Recent events:" kubectl get events -n piefed-application --field-selector involvedObject.name=piefed-db-init --sort-by='.lastTimestamp' | tail -5 exit 1 fi # Job exists but is still running, wait for it echo "Migration job running, waiting for completion..." kubectl wait --for=condition=complete --timeout=600s job/piefed-db-init -n piefed-application || { echo "ERROR: Migration job failed or timed out!" exit 1 } echo "✓ Migrations complete, starting web pod..." containers: - name: piefed-web image: registry.keyboardvagabond.com/library/piefed-web:latest imagePullPolicy: Always ports: - containerPort: 80 name: http envFrom: - configMapRef: name: piefed-config - secretRef: name: piefed-secrets env: - name: PYTHONUNBUFFERED value: "1" - name: FLASK_DEBUG value: "0" # Keep production mode but enable better logging - name: WERKZEUG_DEBUG_PIN value: "off" resources: requests: cpu: 600m # Conservative reduction from 1000m considering 200-800x user growth memory: 1.5Gi # Conservative reduction from 2Gi considering scaling needs limits: cpu: 2000m # Keep original limits for burst capacity at scale memory: 4Gi # Keep original limits for growth volumeMounts: - name: app-storage mountPath: /app/app/media subPath: media - name: app-storage mountPath: /app/app/static/media subPath: static - name: cache-storage mountPath: /app/cache livenessProbe: httpGet: path: /health port: 80 initialDelaySeconds: 60 periodSeconds: 30 timeoutSeconds: 10 readinessProbe: httpGet: path: /health port: 80 initialDelaySeconds: 30 periodSeconds: 10 timeoutSeconds: 5 volumes: - name: app-storage persistentVolumeClaim: claimName: piefed-app-storage - name: cache-storage persistentVolumeClaim: claimName: piefed-cache-storage --- apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: name: piefed-web-hpa namespace: piefed-application spec: scaleTargetRef: apiVersion: apps/v1 kind: Deployment name: piefed-web minReplicas: 2 maxReplicas: 6 metrics: - type: Resource resource: name: cpu target: type: AverageValue averageValue: 1400m # 70% of 2000m limit - allow better CPU utilization - type: Resource resource: name: memory target: type: Utilization averageUtilization: 200 #3GB of the 4 available