From 6570c13f3a3ad5864de5afe6afb4c60483cd489f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thorsten=20Ro=C3=9Fner?= Date: Fri, 17 May 2024 11:52:05 +0200 Subject: [PATCH] fix(jitsi): Raise Jibri memory limits to fullfil Jibri's 2Gi /dev/shm requirement and update Helm chart; To update an existing installation you need to manually delete the `jitsi-prosody` stateful set before the update e.g. `kubectl -n delete --cascade=orphan statefulsets jitsi-prosody`. Ensure you use the `--cascade=orphan` part, otherwise you have to remove and reinstall the complete deployment. --- .gitlab-ci.yml | 6 ++++-- .gitlab/lint/lint-opendesk.yml | 3 ++- .renovate/config.yaml | 8 ++++---- docs/enhanced-configuration.md | 2 +- helmfile/environments/default/charts.yaml | 2 +- helmfile/environments/default/functional.yaml | 3 ++- helmfile/environments/default/resources.yaml | 4 +++- 7 files changed, 17 insertions(+), 11 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index f47e0dab..00b0d40b 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -61,7 +61,8 @@ variables: - "yes" - "no" DEBUG_ENABLED: - description: "Allows to set `debug.enabled` to true for a deployment, needs to be supported by stage specific configuration containting: `debug.enabled: {{ env \"DEBUG_ENABLED\" | default false }}`" + description: "Allows to set `debug.enabled` to true for a deployment, needs to be supported by stage specific\ + configuration containting: `debug.enabled: {{ env \"DEBUG_ENABLED\" | default false }}`" value: "no" options: - "yes" @@ -636,7 +637,8 @@ release: renovate: rules: - - if: $RUN_RENOVATE == "yes" + - if: > + $RUN_RENOVATE == "yes" when: "on_success" # The `-full` image does not install the dependencies on the fly, that is our preferred approach image: "${CI_DEPENDENCY_PROXY_DIRECT_GROUP_IMAGE_PREFIX}/renovate/renovate:37.356-full" diff --git a/.gitlab/lint/lint-opendesk.yml b/.gitlab/lint/lint-opendesk.yml index 922450de..8e118a30 100644 --- a/.gitlab/lint/lint-opendesk.yml +++ b/.gitlab/lint/lint-opendesk.yml @@ -8,7 +8,8 @@ lint-opendesk: extends: ".lint-common" image: "${OPENDESK_CI_CLI_IMAGE}" rules: - - if: $RUN_RENOVATE == "yes" + - if: > + $RUN_RENOVATE == "yes" when: "never" - when: "always" script: diff --git a/.renovate/config.yaml b/.renovate/config.yaml index b3da66fb..b53d5729 100644 --- a/.renovate/config.yaml +++ b/.renovate/config.yaml @@ -41,17 +41,17 @@ repositories: - "helmfile/environments/default/images.yaml" datasourceTemplate: "docker" matchStrings: - # yamllint disable rule:line-length + # yamllint disable rule:line-length rule:quoted-strings - ' providerResponsible: "(?.+?)"[\s\S]+? upstreamRegistry: "(?.+?)"[\s\S]+? upstreamRepository: "(?.+?)"[\s\S]+? tag: "(?[^@]+)@(?sha256:[a-f0-9]+)"' - # yamllint enable rule:line-length + # yamllint enable rule:line-length rule:quoted-strings - customType: "regex" fileMatch: - "helmfile/environments/default/charts.yaml" datasourceTemplate: "docker" matchStrings: - # yamllint disable rule:quoted-strings + # yamllint disable rule:line-length rule:quoted-strings - ' providerResponsible: "(?.+?)"[\s\S]+? upstreamRegistry: "(?.+?)"[\s\S]+? upstreamRepository: "(?.+?)"[\s\S]+? version: "(?.+?)"' - # yamllint enable rule:line-length + # yamllint enable rule:line-length rule:quoted-strings # Rules for matching packages packageRules: - matchDatasources: [ "docker" ] diff --git a/docs/enhanced-configuration.md b/docs/enhanced-configuration.md index 397be354..6c140e70 100644 --- a/docs/enhanced-configuration.md +++ b/docs/enhanced-configuration.md @@ -7,7 +7,7 @@ SPDX-License-Identifier: Apache-2.0 # Overview -The follownig enhanced configuration use cases are described in separate documents. +The following enhanced configuration use cases are described in separate documents. - [Separate mail & Matrix domain](enhanced-configuration/separate-mail-matrix-domain.md) - [Federation with external identity provider](enhanced-configuration/idp-federation.md) diff --git a/helmfile/environments/default/charts.yaml b/helmfile/environments/default/charts.yaml index c55a50e7..6a56c490 100644 --- a/helmfile/environments/default/charts.yaml +++ b/helmfile/environments/default/charts.yaml @@ -120,7 +120,7 @@ charts: registry: "registry.opencode.de" repository: "bmi/opendesk/components/platform-development/charts/opendesk-jitsi" name: "opendesk-jitsi" - version: "1.7.8" + version: "1.7.9" verify: true mariadb: # providerCategory: "Platform" diff --git a/helmfile/environments/default/functional.yaml b/helmfile/environments/default/functional.yaml index 42f23df9..bd710e4a 100644 --- a/helmfile/environments/default/functional.yaml +++ b/helmfile/environments/default/functional.yaml @@ -3,7 +3,8 @@ --- authentication: twoFactor: - # Define a list of groups to enable 2FA for. Removing a group from the list will not disable 2FA for the removed group. + # Define a list of groups to enable 2FA for. + # Note: Removing a group from the list will not disable 2FA for the removed group. groups: - "Domain Admins" ... diff --git a/helmfile/environments/default/resources.yaml b/helmfile/environments/default/resources.yaml index 89993741..7a14a00e 100644 --- a/helmfile/environments/default/resources.yaml +++ b/helmfile/environments/default/resources.yaml @@ -60,10 +60,12 @@ resources: requests: cpu: 0.1 memory: "64Mi" + # The Jibri container requires 2Gi /dev/shm so we need a limit based on the expected memory consumption of the + # service plus the 2Gi /dev/shm jibri: limits: cpu: 99 - memory: "768Mi" + memory: "3Gi" requests: cpu: 0.1 memory: "384Mi"