luis.erlacher/Archon
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
Archon/k8s-manifests-complete.yaml
Luis Erlacher e2e1201d62
Some checks failed
Build Images / build-server-docker (push) Has been cancelled
Details
Build Images / build-mcp-docker (push) Has been cancelled
Details
Build Images / build-agents-docker (push) Has been cancelled
Details
Build Images / build-frontend-docker (push) Has been cancelled
Details
Build Images / build-server-k8s (push) Has been cancelled
Details
Build Images / build-mcp-k8s (push) Has been cancelled
Details
Build Images / build-agents-k8s (push) Has been cancelled
Details
Build Images / build-frontend-k8s (push) Has been cancelled
Details
feat: Enhance Playwright and MCP configuration for Kubernetes deployment 
- Updated docker-compose.yml to include PLAYWRIGHT_BROWSERS_PATH and MCP_PUBLIC_URL environment variables.
- Modified k8s-manifests-complete.yaml to add Playwright and MCP configurations in the ConfigMap and deployment spec.
- Adjusted resource limits in k8s manifests for improved performance during crawling.
- Updated Dockerfiles to install Playwright browsers in accessible locations for appuser.
- Added HTTP health check endpoint in mcp_server.py for better monitoring.
- Enhanced MCP API to utilize MCP_PUBLIC_URL for generating client configuration.
- Created MCP_PUBLIC_URL_GUIDE.md for detailed configuration instructions.
- Documented changes and recommendations in K8S_COMPLETE_ADJUSTMENTS.md.
2025-11-04 15:38:32 -03:00

544 lines
15 KiB
YAML
Raw Permalink Blame History

# =============================================================================
# NAMESPACE
# =============================================================================
apiVersion: v1
kind: Namespace
metadata:
name: archon
---
# =============================================================================
# SECRETS - Encode seus valores com: echo -n "valor" | base64
# =============================================================================
apiVersion: v1
kind: Secret
metadata:
name: archon-secrets
namespace: archon
type: Opaque
stringData:
# Use stringData para valores em texto plano (K8s converte automaticamente)
SUPABASE_URL: "https://seu-projeto.supabase.co"
SUPABASE_SERVICE_KEY: "sua-service-role-key-aqui"
OPENAI_API_KEY: "sua-openai-key-aqui"
LOGFIRE_TOKEN: "" # Opcional
---
# =============================================================================
# CONFIGMAP - Configurações não-sensíveis
# =============================================================================
apiVersion: v1
kind: ConfigMap
metadata:
name: archon-config
namespace: archon
data:
# Service Discovery - Kubernetes mode
SERVICE_DISCOVERY_MODE: "kubernetes"
LOG_LEVEL: "INFO"
# Portas dos serviços
ARCHON_SERVER_PORT: "8181"
ARCHON_MCP_PORT: "8051"
ARCHON_UI_PORT: "3737"
# Host para comunicação interna
ARCHON_HOST: "localhost"
# MCP Configuration
TRANSPORT: "sse"
AGENTS_ENABLED: "false"
# Playwright Configuration
PLAYWRIGHT_BROWSERS_PATH: "/app/ms-playwright"
# MCP Public URL Configuration
# Format: "domain.com" or "domain.com:8051" or "localhost:8051"
# This is used to generate the MCP client configuration JSON
# IMPORTANTE: Configure this with your actual domain!
# Example: "archon.automatizase.com.br" (port will be inferred from ARCHON_MCP_PORT)
# Example: "archon.automatizase.com.br:8051" (explicit port)
MCP_PUBLIC_URL: "localhost:8051" # CHANGE THIS TO YOUR DOMAIN!
---
# =============================================================================
# DEPLOYMENT - ARCHON SERVER (Backend Principal)
# =============================================================================
apiVersion: apps/v1
kind: Deployment
metadata:
name: archon-server
namespace: archon
labels:
app: archon-server
spec:
replicas: 2
selector:
matchLabels:
app: archon-server
template:
metadata:
labels:
app: archon-server
spec:
securityContext:
runAsNonRoot: true
runAsUser: 1001
runAsGroup: 1001
fsGroup: 1001
terminationGracePeriodSeconds: 30
containers:
- name: server
# IMPORTANTE: Usando imagem K8s otimizada (non-root, graceful shutdown)
# Para Docker Compose, use: server:latest ou server:docker-latest
# Para Kubernetes, use: server:k8s-latest (RECOMENDADO)
image: git.automatizase.com.br/luis.erlacher/archon/server:k8s-latest
imagePullPolicy: Always
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: false
ports:
- containerPort: 8181
name: http
env:
# Secrets
- name: SUPABASE_URL
valueFrom:
secretKeyRef:
name: archon-secrets
key: SUPABASE_URL
- name: SUPABASE_SERVICE_KEY
valueFrom:
secretKeyRef:
name: archon-secrets
key: SUPABASE_SERVICE_KEY
- name: OPENAI_API_KEY
valueFrom:
secretKeyRef:
name: archon-secrets
key: OPENAI_API_KEY
- name: LOGFIRE_TOKEN
valueFrom:
secretKeyRef:
name: archon-secrets
key: LOGFIRE_TOKEN
# ConfigMap
- name: SERVICE_DISCOVERY_MODE
valueFrom:
configMapKeyRef:
name: archon-config
key: SERVICE_DISCOVERY_MODE
- name: LOG_LEVEL
valueFrom:
configMapKeyRef:
name: archon-config
key: LOG_LEVEL
- name: ARCHON_SERVER_PORT
valueFrom:
configMapKeyRef:
name: archon-config
key: ARCHON_SERVER_PORT
- name: ARCHON_MCP_PORT
valueFrom:
configMapKeyRef:
name: archon-config
key: ARCHON_MCP_PORT
- name: ARCHON_HOST
valueFrom:
configMapKeyRef:
name: archon-config
key: ARCHON_HOST
- name: AGENTS_ENABLED
valueFrom:
configMapKeyRef:
name: archon-config
key: AGENTS_ENABLED
# URLs dos serviços internos (DNS do Kubernetes)
- name: MCP_SERVICE_URL
value: "http://archon-mcp-service.archon.svc.cluster.local:8051"
# Playwright configuration
- name: PLAYWRIGHT_BROWSERS_PATH
value: "/app/ms-playwright"
# MCP Public URL (for client configuration)
- name: MCP_PUBLIC_URL
valueFrom:
configMapKeyRef:
name: archon-config
key: MCP_PUBLIC_URL
resources:
requests:
memory: "768Mi"
cpu: "500m"
limits:
memory: "2Gi"
cpu: "2000m"
ephemeral-storage: "5Gi"
startupProbe:
httpGet:
path: /health
port: 8181
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 12
livenessProbe:
httpGet:
path: /health
port: 8181
initialDelaySeconds: 60
periodSeconds: 30
timeoutSeconds: 15
failureThreshold: 5
readinessProbe:
httpGet:
path: /health
port: 8181
initialDelaySeconds: 15
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
---
# =============================================================================
# SERVICE - ARCHON SERVER
# =============================================================================
apiVersion: v1
kind: Service
metadata:
name: archon-server-service
namespace: archon
labels:
app: archon-server
spec:
type: ClusterIP
selector:
app: archon-server
ports:
- name: http
protocol: TCP
port: 8181
targetPort: 8181
---
# =============================================================================
# DEPLOYMENT - ARCHON MCP (Model Context Protocol Server)
# =============================================================================
apiVersion: apps/v1
kind: Deployment
metadata:
name: archon-mcp
namespace: archon
labels:
app: archon-mcp
spec:
replicas: 1 # MCP geralmente só precisa de 1 réplica
selector:
matchLabels:
app: archon-mcp
template:
metadata:
labels:
app: archon-mcp
spec:
securityContext:
runAsNonRoot: true
runAsUser: 1001
runAsGroup: 1001
fsGroup: 1001
terminationGracePeriodSeconds: 30
containers:
- name: mcp
# IMPORTANTE: Usando imagem K8s otimizada (non-root, graceful shutdown)
# Para Docker Compose, use: mcp:latest ou mcp:docker-latest
# Para Kubernetes, use: mcp:k8s-latest (RECOMENDADO)
image: git.automatizase.com.br/luis.erlacher/archon/mcp:k8s-latest
imagePullPolicy: Always
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: false
ports:
- containerPort: 8051
name: http
env:
# Secrets
- name: SUPABASE_URL
valueFrom:
secretKeyRef:
name: archon-secrets
key: SUPABASE_URL
- name: SUPABASE_SERVICE_KEY
valueFrom:
secretKeyRef:
name: archon-secrets
key: SUPABASE_SERVICE_KEY
- name: LOGFIRE_TOKEN
valueFrom:
secretKeyRef:
name: archon-secrets
key: LOGFIRE_TOKEN
# ConfigMap
- name: SERVICE_DISCOVERY_MODE
valueFrom:
configMapKeyRef:
name: archon-config
key: SERVICE_DISCOVERY_MODE
- name: LOG_LEVEL
valueFrom:
configMapKeyRef:
name: archon-config
key: LOG_LEVEL
- name: TRANSPORT
valueFrom:
configMapKeyRef:
name: archon-config
key: TRANSPORT
- name: ARCHON_MCP_PORT
valueFrom:
configMapKeyRef:
name: archon-config
key: ARCHON_MCP_PORT
- name: ARCHON_SERVER_PORT
valueFrom:
configMapKeyRef:
name: archon-config
key: ARCHON_SERVER_PORT
- name: AGENTS_ENABLED
valueFrom:
configMapKeyRef:
name: archon-config
key: AGENTS_ENABLED
# URL do API Server para comunicação reversa
- name: API_SERVICE_URL
value: "http://archon-server-service.archon.svc.cluster.local:8181"
resources:
requests:
memory: "256Mi"
cpu: "250m"
limits:
memory: "512Mi"
cpu: "500m"
livenessProbe:
tcpSocket:
port: 8051
initialDelaySeconds: 60
periodSeconds: 30
timeoutSeconds: 10
failureThreshold: 3
readinessProbe:
tcpSocket:
port: 8051
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
---
# =============================================================================
# SERVICE - ARCHON MCP
# =============================================================================
apiVersion: v1
kind: Service
metadata:
name: archon-mcp-service
namespace: archon
labels:
app: archon-mcp
spec:
type: ClusterIP
selector:
app: archon-mcp
ports:
- name: http
protocol: TCP
port: 8051
targetPort: 8051
---
# =============================================================================
# DEPLOYMENT - ARCHON FRONTEND (React UI)
# =============================================================================
apiVersion: apps/v1
kind: Deployment
metadata:
name: archon-frontend
namespace: archon
labels:
app: archon-frontend
spec:
replicas: 2
selector:
matchLabels:
app: archon-frontend
template:
metadata:
labels:
app: archon-frontend
spec:
securityContext:
runAsNonRoot: true
runAsUser: 101 # nginx user in alpine
runAsGroup: 101
fsGroup: 101
terminationGracePeriodSeconds: 30
containers:
- name: frontend
# IMPORTANTE: Usando imagem K8s otimizada (non-root nginx)
# Para Docker Compose, use: frontend:latest ou frontend:docker-latest
# Para Kubernetes, use: frontend:k8s-latest (RECOMENDADO)
image: git.automatizase.com.br/luis.erlacher/archon/frontend:k8s-latest
imagePullPolicy: Always
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: false
ports:
- containerPort: 3737
name: http
env:
# Frontend precisa saber onde está o backend (via proxy reverso)
- name: VITE_ARCHON_SERVER_PORT
value: "8181"
- name: ARCHON_SERVER_PORT
value: "8181"
- name: HOST
value: "archon.automatizase.com.br"
- name: PROD
value: "true"
- name: DOCKER_ENV
value: "false"
- name: VITE_SHOW_DEVTOOLS
value: "false"
resources:
requests:
memory: "256Mi"
cpu: "250m"
limits:
memory: "512Mi"
cpu: "500m"
livenessProbe:
httpGet:
path: /
port: 3737
initialDelaySeconds: 30
periodSeconds: 30
timeoutSeconds: 10
readinessProbe:
httpGet:
path: /
port: 3737
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
---
# =============================================================================
# SERVICE - ARCHON FRONTEND
# =============================================================================
apiVersion: v1
kind: Service
metadata:
name: archon-frontend-service
namespace: archon
labels:
app: archon-frontend
spec:
type: ClusterIP
selector:
app: archon-frontend
ports:
- name: http
protocol: TCP
port: 3737
targetPort: 3737
---
# =============================================================================
# INGRESS - Nginx Ingress com todos os serviços no mesmo domínio
# =============================================================================
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: archon-ingress
namespace: archon
annotations:
kubernetes.io/ingress.class: "nginx"
cert-manager.io/cluster-issuer: "letsencrypt-prod"
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/proxy-body-size: "50m"
nginx.ingress.kubernetes.io/proxy-read-timeout: "300"
nginx.ingress.kubernetes.io/proxy-send-timeout: "300"
# WebSocket support para Socket.IO
nginx.ingress.kubernetes.io/websocket-services: "archon-server-service"
nginx.ingress.kubernetes.io/proxy-http-version: "1.1"
nginx.ingress.kubernetes.io/configuration-snippet: |
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
spec:
tls:
- hosts:
- archon.automatizase.com.br
secretName: archon-tls-cert
rules:
- host: archon.automatizase.com.br
http:
paths:
# API Backend (todas as rotas /api/*)
- path: /api
pathType: Prefix
backend:
service:
name: archon-server-service
port:
number: 8181
# Health check
- path: /health
pathType: Prefix
backend:
service:
name: archon-server-service
port:
number: 8181
# Socket.IO
- path: /socket.io
pathType: Prefix
backend:
service:
name: archon-server-service
port:
number: 8181
# Frontend (tudo o resto)
- path: /
pathType: Prefix
backend:
service:
name: archon-frontend-service
port:
number: 3737
Reference in New Issue View Git Blame Copy Permalink