Further review changes

templates/_resources.tpl

@@ -6,35 +6,35 @@ These presets are for basic testing and not meant to be used in production
 {{ include "deploy.resources.preset" (dict "type" "nano") -}}
 */}}
 {{- define "deploy.resources.preset" -}}
-{{/* The limits are the requests increased by 50%*/}}
+{{/* The limits are as per the documentation. The requests are limits reduced by approximately 150% and rounded.*/}}
 {{- $presets := dict 
   "nano" (dict 
-      "requests" (dict "cpu" "1.0" "memory" "2Gi")
-      "limits" (dict "cpu" "1.5" "memory" "3Gi")
+      "requests" (dict "cpu" "500m" "memory" "1Gi")
+      "limits" (dict "cpu" "1.0" "memory" "2Gi")
    )
   "micro" (dict 
-      "requests" (dict "cpu" "2.0" "memory" "4Gi")
-      "limits" (dict "cpu" "3.0" "memory" "6Gi")
+      "requests" (dict "cpu" "1.0" "memory" "2Gi")
+      "limits" (dict "cpu" "2.0" "memory" "4Gi")
    )
   "small" (dict 
-      "requests" (dict "cpu" "4.0" "memory" "8Gi")
-      "limits" (dict "cpu" "6.0" "memory" "12Gi")
+      "requests" (dict "cpu" "2.0" "memory" "5Gi")
+      "limits" (dict "cpu" "4.0" "memory" "8Gi")
    )
   "medium" (dict 
-      "requests" (dict "cpu" "8.0" "memory" "16Gi")
-      "limits" (dict "cpu" "12.0" "memory" "24Gi")
+      "requests" (dict "cpu" "5.0" "memory" "10Gi")
+      "limits" (dict "cpu" "8.0" "memory" "16Gi")
    )
   "large" (dict 
-      "requests" (dict "cpu" "16.0" "memory" "32Gi")
-      "limits" (dict "cpu" "24.0" "memory" "48Gi")
+      "requests" (dict "cpu" "10.0" "memory" "21Gi")
+      "limits" (dict "cpu" "16.0" "memory" "32Gi")
    )
   "xlarge" (dict 
-      "requests" (dict "cpu" "32.0" "memory" "64Gi")
-      "limits" (dict "cpu" "64.0" "memory" "96Gi")
+      "requests" (dict "cpu" "21.0" "memory" "42Gi")
+      "limits" (dict "cpu" "32.0" "memory" "64Gi")
    )
   "2xlarge" (dict 
-      "requests" (dict "cpu" "64.0" "memory" "128Gi")
-      "limits" (dict "cpu" "128.0" "memory" "256Gi")
+      "requests" (dict "cpu" "42.0" "memory" "85Gi")
+      "limits" (dict "cpu" "64.0" "memory" "128Gi")
    )
  }}
 {{- if hasKey $presets .type -}}

templates/deploy-master-statefulset.yaml

@@ -118,7 +118,9 @@ spec:
               {{- else }}
               value: {{ .Values.centralConfiguration.service.ports.ccHttp | quote }}
               {{- end }}
-          resources: {{- include "common.resources.preset" (dict "type" "nano") | nindent 12 }}
+          {{- if .Values.master.defaultInitContainers.resources }}
+          resources: {{- toYaml .Values.master.defaultInitContainers.resources | nindent 12 }}
+          {{- end }}
         {{- if and (not .Values.external.db.enabled) .Values.postgresql.install }}
         - name: wait-for-postgresql
           image: {{ include "deploy.busyBox.image" . }}
@@ -136,7 +138,9 @@ spec:
               value: {{ include "postgresql.subchart" . }}
             - name: POSTGRESQL_PORT
               value: {{ (include "deploy.postgresql.service.port" .) | quote }}
-          resources: {{- include "common.resources.preset" (dict "type" "nano") | nindent 12 }}
+          {{- if .Values.master.defaultInitContainers.resources }}
+          resources: {{- toYaml .Values.master.defaultInitContainers.resources | nindent 12 }}
+          {{- end }}
         {{- end }}
         {{- if and (not .Values.external.mq.enabled) .Values.rabbitmq.install }}
         - name: wait-for-rabbitmq
@@ -155,7 +159,9 @@ spec:
               value: {{ include "rabbitmq.subchart" . }}
             - name: RABBITMQ_PORT
               value: {{ .Values.rabbitmq.service.ports.amqp | quote }}
-          resources: {{- include "common.resources.preset" (dict "type" "nano") | nindent 12 }}
+          {{- if .Values.master.defaultInitContainers.resources }}
+          resources: {{- toYaml .Values.master.defaultInitContainers.resources | nindent 12 }}
+          {{- end }}
         {{- end }}
         {{- end }}
         {{- if and .Values.master.volumePermissions.enabled .Values.master.persistence.enabled }}
@@ -171,8 +177,6 @@ spec:
           securityContext: {{- .Values.master.volumePermissions.containerSecurityContext | toYaml | nindent 12 }}
           {{- if .Values.master.volumePermissions.resources }}
           resources: {{- toYaml .Values.master.volumePermissions.resources | nindent 12 }}
-          {{- else }}
-          resources: {{- include "common.resources.preset" (dict "type" "nano") | nindent 12 }}
           {{- end }}
           volumeMounts:
           {{- range $path := .Values.master.persistence.paths }}

templates/deploy-worker-statefulset.yaml

@@ -122,7 +122,9 @@ spec:
               {{- else }}
               value: {{ .Values.centralConfiguration.service.ports.ccHttp | quote }}
               {{- end }}
-          resources: {{- include "common.resources.preset" (dict "type" "nano") | nindent 12 }}
+          {{- if .Values.worker.defaultInitContainers.resources }}
+          resources: {{- toYaml .Values.worker.defaultInitContainers.resources | nindent 12 }}
+          {{- end }}
         {{- if and (not .Values.external.db.enabled) .Values.postgresql.install }}
         - name: wait-for-postgresql
           image: {{ include "deploy.busyBox.image" . }}
@@ -140,7 +142,9 @@ spec:
               value: {{ include "postgresql.subchart" . }}
             - name: POSTGRESQL_PORT
               value: {{ (include "deploy.postgresql.service.port" .) | quote }}
-          resources: {{- include "common.resources.preset" (dict "type" "nano") | nindent 12 }}
+          {{- if .Values.worker.defaultInitContainers.resources }}
+          resources: {{- toYaml .Values.worker.defaultInitContainers.resources | nindent 12 }}
+          {{- end }}
         {{- end }}
         {{- if and (not .Values.external.mq.enabled) .Values.rabbitmq.install }}
         - name: wait-for-rabbitmq
@@ -159,7 +163,9 @@ spec:
               value: {{ include "rabbitmq.subchart" . }}
             - name: RABBITMQ_PORT
               value: {{ .Values.rabbitmq.service.ports.amqp | quote }}
-          resources: {{- include "common.resources.preset" (dict "type" "nano") | nindent 12 }}
+          {{- if .Values.worker.defaultInitContainers.resources }}
+          resources: {{- toYaml .Values.worker.defaultInitContainers.resources | nindent 12 }}
+          {{- end }}
         {{- end }}
         - name: wait-for-master
           image: {{ include "deploy.busyBox.image" . }}
@@ -181,7 +187,9 @@ spec:
               {{- else }}
               value: {{ .Values.master.services.lb.ports.deployHttp | quote }}
               {{- end }}
-          resources: {{- include "common.resources.preset" (dict "type" "nano") | nindent 12 }}
+          {{- if .Values.worker.defaultInitContainers.resources }}
+          resources: {{- toYaml .Values.worker.defaultInitContainers.resources | nindent 12 }}
+          {{- end }}
         {{- end }}
         {{- if and .Values.worker.volumePermissions.enabled .Values.worker.persistence.enabled }}
         - name: volume-permissions
@@ -196,8 +204,6 @@ spec:
           securityContext: {{- .Values.worker.volumePermissions.containerSecurityContext | toYaml | nindent 12 }}
           {{- if .Values.worker.volumePermissions.resources }}
           resources: {{- toYaml .Values.worker.volumePermissions.resources | nindent 12 }}
-          {{- else }}
-          resources: {{- include "common.resources.preset" (dict "type" "nano") | nindent 12 }}
           {{- end }}
           volumeMounts:
             {{- range $path := .Values.worker.persistence.paths }}

values.yaml

@@ -552,6 +552,7 @@ centralConfiguration:
   ##     ports:
   ##       - name: portname
   ##         containerPort: 1234
+  ##     resources: {}
   ##
   initContainers: []
   ## @param centralConfiguration.sidecars Add sidecar containers to the deploy pod
@@ -563,6 +564,7 @@ centralConfiguration:
   ##     ports:
   ##       - name: portname
   ##         containerPort: 1234
+  ##     resources: {}
   ##
   sidecars: []
 
@@ -1198,6 +1200,17 @@ master:
     runAsUser: 10001
     runAsNonRoot: true
 
+  ## @param master.defaultInitContainers Default init containers for the Deploy pod
+  defaultInitContainers:
+    ## @param master.defaultInitContainers.resources Set default init container requests and limits for different resources like CPU or memory (essential for production workloads)
+    ##
+    resources:
+      limits:
+        cpu: 150m
+        memory: 192Mi
+      requests:
+        cpu: 100m
+        memory: 128Mi
   ## @param master.initContainers Add init containers to the deploy master pod
   ## Example:
   ## initContainers:
@@ -1207,6 +1220,7 @@ master:
   ##     ports:
   ##       - name: portname
   ##         containerPort: 1234
+  ##     resources: {}
   ##
   initContainers: []
   ## @param master.sidecars Add sidecar containers to the deploy master pod
@@ -1218,6 +1232,7 @@ master:
   ##     ports:
   ##       - name: portname
   ##         containerPort: 1234
+  ##     resources: {}
   ##
   sidecars: []
 
@@ -1267,16 +1282,14 @@ master:
     ## @param master.volumePermissions.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
     ## @param master.volumePermissions.resources.limits Init container volume-permissions resource limits
     ## @param master.volumePermissions.resources.requests Init container volume-permissions resource requests
-    ## Example:
-    ## resources:
-    ##   limits:
-    ##     cpu: 100m
-    ##     memory: 128Mi
-    ##   requests:
-    ##     cpu: 100m
-    ##     memory: 128Mi    
-    ##
-    resources: {}
+    ##
+    resources:
+      limits:
+        cpu: 100m
+        memory: 128Mi
+      requests:
+        cpu: 100m
+        memory: 128Mi
     ## Init container' Security Context
     ## Note: the chown of the data folder is done to containerSecurityContext.runAsUser
     ## and not the below volumePermissions.containerSecurityContext.runAsUser
@@ -1998,6 +2011,17 @@ worker:
     runAsUser: 10001
     runAsNonRoot: true
 
+  ## @param worker.defaultInitContainers Default init containers for the worker pod
+  defaultInitContainers:
+    ## @param worker.defaultInitContainers.resources Set default init container requests and limits for different resources like CPU or memory (essential for production workloads)
+    ##
+    resources:
+      limits:
+        cpu: 150m
+        memory: 192Mi
+      requests:
+        cpu: 100m
+        memory: 128Mi
   ## @param worker.initContainers Add init containers to the Deploy worker pod
   ## Example:
   ## initContainers:
@@ -2007,6 +2031,7 @@ worker:
   ##     ports:
   ##       - name: portname
   ##         containerPort: 1234
+  ##     resources: {}
   ##
   initContainers: []
   ## @param worker.sidecars Add sidecar containers to the Deploy worker pod
@@ -2018,6 +2043,7 @@ worker:
   ##     ports:
   ##       - name: portname
   ##         containerPort: 1234
+  ##     resources: {}
   ##
   sidecars: []
 
@@ -2064,19 +2090,17 @@ worker:
         find "${path}" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | \
           xargs -r chown -R "{{ .Values.worker.containerSecurityContext.runAsUser }}:{{ .Values.worker.podSecurityContext.fsGroup }}"
       done
-    ## @param volumePermissions.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
+    ## @param worker.volumePermissions.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
     ## @param worker.volumePermissions.resources.limits Init container volume-permissions resource limits
     ## @param worker.volumePermissions.resources.requests Init container volume-permissions resource requests
-    ## Example:
-    ## resources:
-    ##   limits:
-    ##     cpu: 100m
-    ##     memory: 128Mi
-    ##   requests:
-    ##     cpu: 100m
-    ##     memory: 128Mi    
-    ##
-    resources: {}
+    ##
+    resources:
+      limits:
+        cpu: 100m
+        memory: 128Mi
+      requests:
+        cpu: 100m
+        memory: 128Mi
     ## Init container' Security Context
     ## Note: the chown of the data folder is done to containerSecurityContext.runAsUser
     ## and not the below volumePermissions.containerSecurityContext.runAsUser