From feb8002c418078d99b5cf35c76ed0a73d5661341 Mon Sep 17 00:00:00 2001 From: Jun-te Kim Date: Tue, 3 Mar 2026 19:45:59 +0000 Subject: [PATCH 1/3] added ollama --- ollama/ollama.yaml | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 ollama/ollama.yaml diff --git a/ollama/ollama.yaml b/ollama/ollama.yaml new file mode 100644 index 0000000..a41f697 --- /dev/null +++ b/ollama/ollama.yaml @@ -0,0 +1,35 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: dev-juntekim-service +spec: + ports: + - port: 80 + targetPort: 11434 +--- +apiVersion: v1 +kind: Endpoints +metadata: + name: dev-juntekim-service +subsets: + - addresses: + - ip: 192.168.0.96 # ollama machine + ports: + - port: 11434 +--- +apiVersion: traefik.io/v1alpha1 +kind: IngressRoute +metadata: + name: dev-juntekim-ingress +spec: + entryPoints: + - websecure + routes: + - match: Host(`ollama.juntekim.com`) + kind: Rule + services: + - name: dev-juntekim-service + port: 80 + tls: + certResolver: myresolver \ No newline at end of file From c59967b77983053098dd4bd7a37140d6bbe60295 Mon Sep 17 00:00:00 2001 From: Jun-te Kim Date: Tue, 3 Mar 2026 22:28:00 +0000 Subject: [PATCH 2/3] fun to experiment but not needed --- open-webui/open-webui-deployment.yml | 49 ++++++++++++++++++++++ open-webui/open-webui-ingressroute.yml | 19 +++++++++ open-webui/open-webui-pv.yml | 22 ++++++++++ open-webui/open-webui-pvc.yml | 13 ++++++ open-webui/open-webui-service.yml | 15 +++++++ traefik/edge-router/traefik-deployment.yml | 15 ++----- 6 files changed, 121 insertions(+), 12 deletions(-) create mode 100644 open-webui/open-webui-deployment.yml create mode 100644 open-webui/open-webui-ingressroute.yml create mode 100644 open-webui/open-webui-pv.yml create mode 100644 open-webui/open-webui-pvc.yml create mode 100644 open-webui/open-webui-service.yml diff --git a/open-webui/open-webui-deployment.yml b/open-webui/open-webui-deployment.yml new file mode 100644 index 0000000..b09f677 --- /dev/null +++ b/open-webui/open-webui-deployment.yml @@ -0,0 +1,49 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: open-webui + namespace: default + labels: + app: open-webui +spec: + replicas: 1 + selector: + matchLabels: + app: open-webui + template: + metadata: + labels: + app: open-webui + spec: + nodeSelector: + kubernetes.io/hostname: mist + containers: + - name: open-webui + image: ghcr.io/open-webui/open-webui:main + ports: + - name: http + containerPort: 8080 + env: + - name: OLLAMA_BASE_URL + value: "https://ollama.juntekim.com" + - name: ENABLE_SIGNUP + value: "true" + - name: DEFAULT_MODELS + value: "" + - name: DEFAULT_USER_ROLE + value: "user" + resources: + requests: + memory: "512Mi" + cpu: "250m" + limits: + memory: "2Gi" + cpu: "1000m" + volumeMounts: + - name: open-webui-data + mountPath: /app/backend/data + volumes: + - name: open-webui-data + persistentVolumeClaim: + claimName: open-webui-data-pvc diff --git a/open-webui/open-webui-ingressroute.yml b/open-webui/open-webui-ingressroute.yml new file mode 100644 index 0000000..08fe823 --- /dev/null +++ b/open-webui/open-webui-ingressroute.yml @@ -0,0 +1,19 @@ +--- +apiVersion: traefik.io/v1alpha1 +kind: IngressRoute +metadata: + name: open-webui + namespace: default +spec: + entryPoints: + - websecure + routes: + - match: Host(`chatgpt.juntekim.com`) + kind: Rule + services: + - name: open-webui + port: 80 + tls: + certResolver: myresolver + domains: + - main: chatgpt.juntekim.com diff --git a/open-webui/open-webui-pv.yml b/open-webui/open-webui-pv.yml new file mode 100644 index 0000000..0808e2d --- /dev/null +++ b/open-webui/open-webui-pv.yml @@ -0,0 +1,22 @@ +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: open-webui-data-pv +spec: + capacity: + storage: 2Gi + accessModes: + - ReadWriteOnce + persistentVolumeReclaimPolicy: Retain + storageClassName: local-path + local: + path: /home/kimjunte/open-ai + nodeAffinity: + required: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/hostname + operator: In + values: + - mist diff --git a/open-webui/open-webui-pvc.yml b/open-webui/open-webui-pvc.yml new file mode 100644 index 0000000..d376857 --- /dev/null +++ b/open-webui/open-webui-pvc.yml @@ -0,0 +1,13 @@ +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: open-webui-data-pvc + namespace: default +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 2Gi + storageClassName: local-path diff --git a/open-webui/open-webui-service.yml b/open-webui/open-webui-service.yml new file mode 100644 index 0000000..86ceaff --- /dev/null +++ b/open-webui/open-webui-service.yml @@ -0,0 +1,15 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: open-webui + namespace: default +spec: + type: ClusterIP + ports: + - protocol: TCP + name: http + port: 80 + targetPort: 8080 + selector: + app: open-webui diff --git a/traefik/edge-router/traefik-deployment.yml b/traefik/edge-router/traefik-deployment.yml index 059fab4..c93e7bf 100644 --- a/traefik/edge-router/traefik-deployment.yml +++ b/traefik/edge-router/traefik-deployment.yml @@ -14,6 +14,8 @@ spec: app: traefik spec: serviceAccountName: traefik-ingress-controller + nodeSelector: + kubernetes.io/hostname: mist volumes: - name: acme persistentVolumeClaim: @@ -36,24 +38,13 @@ spec: - "--api.insecure=true" - "--entrypoints.web.address=:80" - "--entrypoints.websecure.address=:443" - - # Redirect HTTP → HTTPS - "--entrypoints.web.http.redirections.entrypoint.to=websecure" - "--entrypoints.web.http.redirections.entrypoint.scheme=https" - - # Providers - "--providers.kubernetescrd=true" - "--providers.kubernetescrd.allowCrossNamespace=true" - - - # TLS + ACME - "--certificatesresolvers.myresolver.acme.email=junte.kim@mealcraft.com" - "--certificatesresolvers.myresolver.acme.storage=/acme/acme.json" - "--certificatesresolvers.myresolver.acme.dnschallenge.provider=route53" - - # STAGING (uncomment for first-time) - # - "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory" - env: - name: AWS_REGION valueFrom: @@ -69,4 +60,4 @@ spec: valueFrom: secretKeyRef: name: aws-secrets - key: AWS_SECRET_ACCESS_KEY + key: AWS_SECRET_ACCESS_KEY \ No newline at end of file From c3f2abeed19661bf5d3248c05cf1e7bcff1cfe91 Mon Sep 17 00:00:00 2001 From: Jun-te Kim Date: Sat, 7 Mar 2026 15:46:17 +0000 Subject: [PATCH 3/3] traefik deployment with staging --- traefik/edge-router/traefik-deployment.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/traefik/edge-router/traefik-deployment.yml b/traefik/edge-router/traefik-deployment.yml index c93e7bf..20f5cb2 100644 --- a/traefik/edge-router/traefik-deployment.yml +++ b/traefik/edge-router/traefik-deployment.yml @@ -45,6 +45,8 @@ spec: - "--certificatesresolvers.myresolver.acme.email=junte.kim@mealcraft.com" - "--certificatesresolvers.myresolver.acme.storage=/acme/acme.json" - "--certificatesresolvers.myresolver.acme.dnschallenge.provider=route53" + # STAGING (uncomment for first-time) + # - "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory" env: - name: AWS_REGION valueFrom: