From 059fdfed3b3a72e8cdd44785e4c77aba402bdbd2 Mon Sep 17 00:00:00 2001
From: Serge Bazanski <q3k@hackerspace.pl>
Date: Sat, 12 Sep 2020 21:44:53 +0000
Subject: [PATCH] k0: add resource requests/limits to nginx, remove gitea

We just had an outage seemingly caused by N-I-C sendings tons of traffic
to gitea, which in turn caused N-I-C to balloon in memory/CPU usage.

I haven't debugged the cause of this traffic, but I have disabled the
gitea TCP forward to Stop The Bleeding.

This change reflects ad-hoc production changes.

Change-Id: I37e11609f408fa3e3fbfafafba44dc83149b90a9
---
 cluster/kube/lib/nginx.libsonnet | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/cluster/kube/lib/nginx.libsonnet b/cluster/kube/lib/nginx.libsonnet
index 94000f1a..510f8515 100644
--- a/cluster/kube/lib/nginx.libsonnet
+++ b/cluster/kube/lib/nginx.libsonnet
@@ -32,7 +32,6 @@ local policies = import "../../../kube/policies.libsonnet";
             tcp: env.maps.make("tcp-services") {
                 data: {
                     "22": "gerrit/gerrit:22",
-                    "222": "gitea-prod/gitea:22",
                 }
             },
             udp: env.maps.make("udp-services"),
@@ -225,6 +224,10 @@ local policies = import "../../../kube/policies.libsonnet";
                                     },
                                     runAsUser: 33,
                                 },
+                                resources: {
+                                    limits: { cpu: "2", memory: "4G" },
+                                    requests: { cpu: "1", memory: "1G" },
+                                },
                             },
                         },
                     },