Andrey/docker-erpnext
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8894bbf56e
docker-erpnext/documentation/deployment-guides/aws-managed/kubernetes-manifests/erpnext-workers.yaml
Brian Tan Seng 8894bbf56e ⏺ Perfect! I have successfully created the complete AWS equivalent of the GCP managed services 
deployment documentation. Here's a summary of what was created:

  📁 AWS Managed Services Documentation Structure

  Main Documentation Files:

  1. README.md - Comprehensive overview and decision guide
  2. 00-prerequisites-managed.md - AWS setup, VPC, security, and managed services
  3. 01-ecs-managed-deployment.md - Amazon ECS with Fargate deployment
  4. 02-eks-managed-deployment.md - Amazon EKS deployment
  5. 03-production-managed-setup.md - Production hardening and advanced features

  Kubernetes Manifests (kubernetes-manifests/):

  - namespace.yaml - Namespace with resource quotas and network policies
  - storage.yaml - EFS and EBS storage classes and PVCs
  - configmap.yaml - Application configuration and Nginx config
  - secrets.yaml - External Secrets Operator integration with AWS Secrets Manager
  - erpnext-backend.yaml - Backend deployment with RDS connectivity
  - erpnext-frontend.yaml - Frontend deployment with load balancing
  - erpnext-workers.yaml - Worker deployments for different queues
  - ingress.yaml - AWS Load Balancer Controller ingress configuration
  - jobs.yaml - Site creation and backup automation jobs

  Deployment Scripts (scripts/):

  - deploy-ecs.sh - Automated ECS deployment script
  - deploy-eks.sh - Automated EKS deployment script

  🔄 Key AWS Managed Services Used:

  Instead of GCP → AWS Equivalent:
  - Cloud SQL → Amazon RDS for MySQL
  - Memorystore → Amazon MemoryDB for Redis
  - Cloud Run → Amazon ECS with Fargate
  - GKE → Amazon EKS
  - Cloud Storage → Amazon S3
  - Secret Manager → AWS Secrets Manager
  - VPC Access Connector → VPC Endpoints/NAT Gateway

  🎯 Key Features Included:

  Production-Ready Features:

  -  High Availability - Multi-AZ RDS and MemoryDB deployment
  -  Auto-scaling - ECS Service Auto Scaling and EKS HPA
  -  Security - VPC isolation, IAM roles, WAF, encryption
  -  Monitoring - CloudWatch, X-Ray, custom metrics
  -  Backup & DR - Automated backups, cross-region replication
  -  Cost Optimization - Reserved instances, spot instances, right-sizing

  Deployment Options:

  - 🚀 Amazon ECS with Fargate - Serverless containers, minimal ops
  - ⚙️ Amazon EKS - Full Kubernetes with advanced features
  - 🛡️ Production Hardening - WAF, enhanced monitoring, security

  Automation Scripts:

  - 📜 One-click deployment scripts for both ECS and EKS
  - 🔧 Infrastructure as Code approach
  - 📊 Cost estimation and optimization guidance

  The documentation provides a complete migration path from GCP to AWS with equivalent managed
  services, maintaining the same level of reliability and operational efficiency while
  leveraging AWS-native services and best practices.
2025-08-22 19:15:03 +08:00

542 lines
14 KiB
YAML
Raw Blame History

apiVersion: apps/v1
kind: Deployment
metadata:
name: erpnext-queue-default
namespace: erpnext
labels:
app: erpnext-queue-default
component: worker
queue: default
environment: production
version: v14
annotations:
deployment.kubernetes.io/revision: "1"
description: "ERPNext default queue worker"
spec:
replicas: 2
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
selector:
matchLabels:
app: erpnext-queue-default
template:
metadata:
labels:
app: erpnext-queue-default
component: worker
queue: default
environment: production
version: v14
spec:
serviceAccountName: erpnext-sa
securityContext:
runAsNonRoot: true
runAsUser: 1000
runAsGroup: 1000
fsGroup: 1000
fsGroupChangePolicy: "OnRootMismatch"
initContainers:
- name: wait-for-backend
image: busybox:1.35
imagePullPolicy: IfNotPresent
command:
- sh
- -c
- |
echo 'Waiting for backend to be ready...'
until nc -z erpnext-backend 8000; do
echo 'Waiting for backend...'
sleep 10
done
echo 'Backend is ready!'
resources:
requests:
cpu: 50m
memory: 64Mi
limits:
cpu: 100m
memory: 128Mi
containers:
- name: queue-worker
image: frappe/erpnext-worker:v14
imagePullPolicy: Always
command: ["bench", "worker", "--queue", "default"]
envFrom:
- configMapRef:
name: erpnext-config
env:
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: erpnext-db-secret
key: password
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: erpnext-redis-secret
key: password
- name: QUEUE_NAME
value: "default"
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
volumeMounts:
- name: sites-data
mountPath: /home/frappe/frappe-bench/sites
resources:
requests:
memory: "512Mi"
cpu: "250m"
ephemeral-storage: "1Gi"
limits:
memory: "1Gi"
cpu: "500m"
ephemeral-storage: "2Gi"
livenessProbe:
exec:
command:
- pgrep
- -f
- "bench worker"
initialDelaySeconds: 60
periodSeconds: 30
timeoutSeconds: 10
failureThreshold: 3
readinessProbe:
exec:
command:
- pgrep
- -f
- "bench worker"
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
volumes:
- name: sites-data
persistentVolumeClaim:
claimName: erpnext-sites-pvc
nodeSelector:
node-type: worker
tolerations:
- key: "node.kubernetes.io/not-ready"
operator: "Exists"
effect: "NoExecute"
tolerationSeconds: 300
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchExpressions:
- key: app
operator: In
values:
- erpnext-queue-default
topologyKey: kubernetes.io/hostname
terminationGracePeriodSeconds: 30
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: erpnext-queue-long
namespace: erpnext
labels:
app: erpnext-queue-long
component: worker
queue: long
environment: production
version: v14
spec:
replicas: 1
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
selector:
matchLabels:
app: erpnext-queue-long
template:
metadata:
labels:
app: erpnext-queue-long
component: worker
queue: long
environment: production
version: v14
spec:
serviceAccountName: erpnext-sa
securityContext:
runAsNonRoot: true
runAsUser: 1000
runAsGroup: 1000
fsGroup: 1000
fsGroupChangePolicy: "OnRootMismatch"
initContainers:
- name: wait-for-backend
image: busybox:1.35
imagePullPolicy: IfNotPresent
command:
- sh
- -c
- |
echo 'Waiting for backend to be ready...'
until nc -z erpnext-backend 8000; do
echo 'Waiting for backend...'
sleep 10
done
echo 'Backend is ready!'
resources:
requests:
cpu: 50m
memory: 64Mi
limits:
cpu: 100m
memory: 128Mi
containers:
- name: queue-worker
image: frappe/erpnext-worker:v14
imagePullPolicy: Always
command: ["bench", "worker", "--queue", "long"]
envFrom:
- configMapRef:
name: erpnext-config
env:
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: erpnext-db-secret
key: password
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: erpnext-redis-secret
key: password
- name: QUEUE_NAME
value: "long"
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
volumeMounts:
- name: sites-data
mountPath: /home/frappe/frappe-bench/sites
resources:
requests:
memory: "512Mi"
cpu: "250m"
ephemeral-storage: "1Gi"
limits:
memory: "1Gi"
cpu: "500m"
ephemeral-storage: "2Gi"
livenessProbe:
exec:
command:
- pgrep
- -f
- "bench worker"
initialDelaySeconds: 60
periodSeconds: 30
timeoutSeconds: 10
failureThreshold: 3
readinessProbe:
exec:
command:
- pgrep
- -f
- "bench worker"
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
volumes:
- name: sites-data
persistentVolumeClaim:
claimName: erpnext-sites-pvc
nodeSelector:
node-type: worker
tolerations:
- key: "node.kubernetes.io/not-ready"
operator: "Exists"
effect: "NoExecute"
tolerationSeconds: 300
terminationGracePeriodSeconds: 60
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: erpnext-queue-short
namespace: erpnext
labels:
app: erpnext-queue-short
component: worker
queue: short
environment: production
version: v14
spec:
replicas: 2
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
selector:
matchLabels:
app: erpnext-queue-short
template:
metadata:
labels:
app: erpnext-queue-short
component: worker
queue: short
environment: production
version: v14
spec:
serviceAccountName: erpnext-sa
securityContext:
runAsNonRoot: true
runAsUser: 1000
runAsGroup: 1000
fsGroup: 1000
fsGroupChangePolicy: "OnRootMismatch"
initContainers:
- name: wait-for-backend
image: busybox:1.35
imagePullPolicy: IfNotPresent
command:
- sh
- -c
- |
echo 'Waiting for backend to be ready...'
until nc -z erpnext-backend 8000; do
echo 'Waiting for backend...'
sleep 10
done
echo 'Backend is ready!'
resources:
requests:
cpu: 50m
memory: 64Mi
limits:
cpu: 100m
memory: 128Mi
containers:
- name: queue-worker
image: frappe/erpnext-worker:v14
imagePullPolicy: Always
command: ["bench", "worker", "--queue", "short"]
envFrom:
- configMapRef:
name: erpnext-config
env:
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: erpnext-db-secret
key: password
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: erpnext-redis-secret
key: password
- name: QUEUE_NAME
value: "short"
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
volumeMounts:
- name: sites-data
mountPath: /home/frappe/frappe-bench/sites
resources:
requests:
memory: "256Mi"
cpu: "100m"
ephemeral-storage: "500Mi"
limits:
memory: "512Mi"
cpu: "250m"
ephemeral-storage: "1Gi"
livenessProbe:
exec:
command:
- pgrep
- -f
- "bench worker"
initialDelaySeconds: 60
periodSeconds: 30
timeoutSeconds: 10
failureThreshold: 3
readinessProbe:
exec:
command:
- pgrep
- -f
- "bench worker"
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
volumes:
- name: sites-data
persistentVolumeClaim:
claimName: erpnext-sites-pvc
nodeSelector:
node-type: worker
tolerations:
- key: "node.kubernetes.io/not-ready"
operator: "Exists"
effect: "NoExecute"
tolerationSeconds: 300
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchExpressions:
- key: app
operator: In
values:
- erpnext-queue-short
topologyKey: kubernetes.io/hostname
terminationGracePeriodSeconds: 30
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: erpnext-scheduler
namespace: erpnext
labels:
app: erpnext-scheduler
component: scheduler
environment: production
version: v14
spec:
replicas: 1
strategy:
type: Recreate # Only one scheduler should run at a time
selector:
matchLabels:
app: erpnext-scheduler
template:
metadata:
labels:
app: erpnext-scheduler
component: scheduler
environment: production
version: v14
spec:
serviceAccountName: erpnext-sa
securityContext:
runAsNonRoot: true
runAsUser: 1000
runAsGroup: 1000
fsGroup: 1000
fsGroupChangePolicy: "OnRootMismatch"
initContainers:
- name: wait-for-backend
image: busybox:1.35
imagePullPolicy: IfNotPresent
command:
- sh
- -c
- |
echo 'Waiting for backend to be ready...'
until nc -z erpnext-backend 8000; do
echo 'Waiting for backend...'
sleep 10
done
echo 'Backend is ready!'
resources:
requests:
cpu: 50m
memory: 64Mi
limits:
cpu: 100m
memory: 128Mi
containers:
- name: scheduler
image: frappe/erpnext-worker:v14
imagePullPolicy: Always
command: ["bench", "schedule"]
envFrom:
- configMapRef:
name: erpnext-config
env:
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: erpnext-db-secret
key: password
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: erpnext-redis-secret
key: password
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
volumeMounts:
- name: sites-data
mountPath: /home/frappe/frappe-bench/sites
resources:
requests:
memory: "256Mi"
cpu: "100m"
ephemeral-storage: "500Mi"
limits:
memory: "512Mi"
cpu: "250m"
ephemeral-storage: "1Gi"
livenessProbe:
exec:
command:
- pgrep
- -f
- "bench schedule"
initialDelaySeconds: 60
periodSeconds: 30
timeoutSeconds: 10
failureThreshold: 3
readinessProbe:
exec:
command:
- pgrep
- -f
- "bench schedule"
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
volumes:
- name: sites-data
persistentVolumeClaim:
claimName: erpnext-sites-pvc
nodeSelector:
node-type: worker
kubernetes.io/arch: amd64
tolerations:
- key: "node.kubernetes.io/not-ready"
operator: "Exists"
effect: "NoExecute"
tolerationSeconds: 300
affinity:
nodeAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
preference:
matchExpressions:
- key: node-type
operator: In
values:
- worker
terminationGracePeriodSeconds: 30
Reference in New Issue View Git Blame Copy Permalink