chore: bootstrap deploy no hml2 (Dockerfile + k8s + workflow CD) #1

dalton.alvarenga · 2026-05-05T20:57:05Z

dalton.alvarenga commented

2026-05-05 20:57:05 +00:00

Bootstrap inicial pra deploy no hml2-cluster.

O que tem

Dockerfile multi-stage: Node 18 builda webcomponent (~7.5MB) → Python 3.11 com vanna upstream editable (commit pinned 365d0617c)
requirements.txt + .env.example + .dockerignore
k8s/:
- deployment.yaml — 1 réplica (ChromaDB SQLite não suporta multi-writer), strategy Recreate (PVC RWO), PVC montado em /app/chroma_db + /app/data_storage + ~/.cache/chroma, probes TCP, --workers 1 no uvicorn
- service.yaml — ClusterIP 80→8765
- ingress.yaml — lab.clubpetro.com/api/vanna/* com timeouts altos pra SSE/WebSocket (3600s) e proxy-buffering: off
- pvc.yaml — 5Gi standard-rwo
.gitea/workflows/cd.yml — PR só valida build (sem push); merge em main faz kubectl apply -f k8s/ (idempotente) + kubectl set image com tag lab-<run_number>

URL final

https://lab.clubpetro.com/api/vanna/...

Pendência pra serviço subir

Depois do merge, criar Secret K8s vanna-clubpetro-secret no ns default do hml2 com:

OPENAI_API_KEY (peço depois)
CLICKHOUSE_HOST, CLICKHOUSE_PORT, CLICKHOUSE_DATABASE, CLICKHOUSE_USER, CLICKHOUSE_PASSWORD, CLICKHOUSE_SECURE (idem ao front)

Sem o secret, pod fica em CrashLoop até receber as creds.

Bootstrap inicial pra deploy no `hml2-cluster`. ## O que tem - **Dockerfile** multi-stage: Node 18 builda webcomponent (~7.5MB) → Python 3.11 com vanna upstream editable (commit pinned `365d0617c`) - **requirements.txt** + **.env.example** + **.dockerignore** - **k8s/**: - `deployment.yaml` — 1 réplica (ChromaDB SQLite não suporta multi-writer), strategy `Recreate` (PVC RWO), PVC montado em `/app/chroma_db` + `/app/data_storage` + `~/.cache/chroma`, probes TCP, `--workers 1` no uvicorn - `service.yaml` — ClusterIP 80→8765 - `ingress.yaml` — `lab.clubpetro.com/api/vanna/*` com timeouts altos pra SSE/WebSocket (3600s) e `proxy-buffering: off` - `pvc.yaml` — 5Gi `standard-rwo` - **.gitea/workflows/cd.yml** — PR só valida build (sem push); merge em `main` faz `kubectl apply -f k8s/` (idempotente) + `kubectl set image` com tag `lab-<run_number>` ## URL final `https://lab.clubpetro.com/api/vanna/...` ## Pendência pra serviço subir Depois do merge, criar `Secret` K8s `vanna-clubpetro-secret` no ns `default` do hml2 com: - `OPENAI_API_KEY` (peço depois) - `CLICKHOUSE_HOST`, `CLICKHOUSE_PORT`, `CLICKHOUSE_DATABASE`, `CLICKHOUSE_USER`, `CLICKHOUSE_PASSWORD`, `CLICKHOUSE_SECURE` (idem ao front) Sem o secret, pod fica em CrashLoop até receber as creds.

dalton.alvarenga added 1 commit 2026-05-05 20:57:06 +00:00

chore: bootstrap deploy no hml2 (Dockerfile + k8s + workflow CD)

CD / build (pull_request) Has been skipped

Details

9f58b9afa5

- Dockerfile multi-stage Node 18 (webcomponent) + Python 3.11
- vanna upstream pinned em 365d0617c1a4567ffee1b19b40c27feb4206bfcf
- requirements.txt + .env.example + .dockerignore
- k8s/: deployment (1 replica, PVC, Recreate), service, ingress (SSE/WS timeouts), PVC 5Gi
- .gitea/workflows/cd.yml seguindo template do lab

Pendência: criar Secret K8s vanna-clubpetro-secret com OPENAI_API_KEY + CLICKHOUSE_*

dalton.alvarenga merged commit 8de9b5c0cb into main

2026-05-06 12:11:55 +00:00

dalton.alvarenga referenced this issue from a commit

2026-05-06 12:11:57 +00:00

chore: bootstrap deploy no hml2 (#1)

Sign in to join this conversation.

No reviewers

No Label

No Milestone

No project

No Assignees

1 Participants

Notifications

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: Clubpetro-Lab/vanna-clubpetro#1