Core Daemon

To correctly set up this service the cluster’s internal endpoint is required to allow Core Daemon to connect to postgres and S3. The default values are usually enough, unless each service is deployed in its own dedicated namespace.

If not using AWS, an key must be generated and mounted inside the pods of core-daemon:

openssl ecparam -name secp256k1 -genkey -noout -out private.pem
openssl ec -in private.pem -pubout -out public.pem

kubectl create secret generic keypair -n <core-daemon-namespace> --from-file=tls.crt=public.pem --from-file=tls.key=private.pem

global:
  namespace: <core-daemon-namespace>

image:
  tag: 2.30.0

configMap:
  # -- REQUIRED IF NOT USING AWS
  keysFileSystemPublicPath: /etc/ssl/keypair/tls.crt
  keysFileSystemPrivatePath: /etc/ssl/keypair/tls.key
  
  coreDaemonConfigEnvironment: <environment>
  cloudAwsRegionStatic: <aws-region>
  awsRegion: <aws-region>
  springProfilesActive: json-logging
  cloudAwsS3BucketName: <bucket-name>
  csSpringDatasourceUrl: jdbc:postgresql://<hostname>:5432/<dbName>
  npSpringDatasourceUrl: jdbc:postgresql://<hostname>:5432/<dbName>
  loggingLevelCoreRequest: DEBUG

# -- REQUIRED IF NOT USING AWS
certificates:
  - name: keypair
    mountPath: /etc/ssl/keypair
    readOnly: true

# -- Suggested sizing
resources:
  ## -- Limits
  limits:
    cpu: 1800m
    memory: 2048Mi
  ## -- Requests
  requests:
    cpu: 100m
    memory: 512Mi

Last updated 7 days ago

Was this helpful?