From 750b888845a2625b47985f8174e568f9aa55ccbb Mon Sep 17 00:00:00 2001 From: "Milki, Rodrigo Salvador" Date: Wed, 1 Apr 2026 01:53:43 -0300 Subject: [PATCH] commit inicial --- k8s/base/deployment.yaml | 35 ++++++++ k8s/base/ingress.yaml | 19 +++++ k8s/base/kustomization.yaml | 9 +++ k8s/base/namespace.yaml | 4 + k8s/base/service.yaml | 13 +++ k8s/overlays/box/configmaps.yaml | 9 +++ k8s/overlays/box/kustomization.yaml | 27 +++++++ k8s/overlays/box/namespace.yaml | 4 + k8s/overlays/box/postgres.yaml | 60 ++++++++++++++ k8s/overlays/box/redis.yaml | 53 +++++++++++++ k8s/overlays/dev/configmaps.yaml | 9 +++ k8s/overlays/dev/kustomization.yaml | 28 +++++++ k8s/overlays/dev/litellm-patch.yaml | 15 ++++ k8s/overlays/dev/postgres.yaml | 47 +++++++++++ k8s/overlays/dev/redis.yaml | 40 ++++++++++ k8s/overlays/prd/configmaps.yaml | 8 ++ k8s/overlays/prd/kustomization.yaml | 26 ++++++ k8s/overlays/prd/litellm-patch.yaml | 15 ++++ k8s/overlays/qat/configmaps.yaml | 9 +++ k8s/overlays/qat/kustomization.yaml | 29 +++++++ k8s/overlays/qat/litellm-patch.yaml | 15 ++++ k8s/overlays/qat/postgres.yaml | 47 +++++++++++ k8s/overlays/qat/redis.yaml | 40 ++++++++++ .../Secrets/litellm-secrets-dev.yaml | 8 ++ .../Secrets/litellm-secrets-prd.yaml | 10 +++ .../Secrets/litellm-secrets-qat.yaml | 8 ++ k8s/service-config/config.box/config.yaml | 21 +++++ k8s/service-config/config.dev/config.yaml | 19 +++++ k8s/service-config/config.prd/config.yaml | 20 +++++ k8s/service-config/config.qat/config.yaml | 12 +++ sync-secrets.sh | 79 +++++++++++++++++++ 31 files changed, 738 insertions(+) create mode 100644 k8s/base/deployment.yaml create mode 100644 k8s/base/ingress.yaml create mode 100644 k8s/base/kustomization.yaml create mode 100644 k8s/base/namespace.yaml create mode 100644 k8s/base/service.yaml create mode 100644 k8s/overlays/box/configmaps.yaml create mode 100644 k8s/overlays/box/kustomization.yaml create mode 100644 k8s/overlays/box/namespace.yaml create mode 100644 k8s/overlays/box/postgres.yaml create mode 100644 k8s/overlays/box/redis.yaml create mode 100644 k8s/overlays/dev/configmaps.yaml create mode 100644 k8s/overlays/dev/kustomization.yaml create mode 100644 k8s/overlays/dev/litellm-patch.yaml create mode 100644 k8s/overlays/dev/postgres.yaml create mode 100644 k8s/overlays/dev/redis.yaml create mode 100644 k8s/overlays/prd/configmaps.yaml create mode 100644 k8s/overlays/prd/kustomization.yaml create mode 100644 k8s/overlays/prd/litellm-patch.yaml create mode 100644 k8s/overlays/qat/configmaps.yaml create mode 100644 k8s/overlays/qat/kustomization.yaml create mode 100644 k8s/overlays/qat/litellm-patch.yaml create mode 100644 k8s/overlays/qat/postgres.yaml create mode 100644 k8s/overlays/qat/redis.yaml create mode 100644 k8s/service-config/Secrets/litellm-secrets-dev.yaml create mode 100644 k8s/service-config/Secrets/litellm-secrets-prd.yaml create mode 100644 k8s/service-config/Secrets/litellm-secrets-qat.yaml create mode 100644 k8s/service-config/config.box/config.yaml create mode 100644 k8s/service-config/config.dev/config.yaml create mode 100644 k8s/service-config/config.prd/config.yaml create mode 100644 k8s/service-config/config.qat/config.yaml create mode 100755 sync-secrets.sh diff --git a/k8s/base/deployment.yaml b/k8s/base/deployment.yaml new file mode 100644 index 0000000..3a6dc6e --- /dev/null +++ b/k8s/base/deployment.yaml @@ -0,0 +1,35 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: litellm + namespace: litellm +spec: + replicas: 1 + selector: + matchLabels: + app: litellm + template: + metadata: + labels: + app: litellm + spec: + containers: + - name: litellm + image: ghcr.io/berriai/litellm:main-latest + args: + - "--detailed_debug" + - "--config" + - "/app/config/config.yaml" + ports: + - containerPort: 4000 + envFrom: + - configMapRef: + name: litellm-env + volumeMounts: + - name: config-volume + mountPath: /app/config + readOnly: true + volumes: + - name: config-volume + configMap: + name: litellm-config diff --git a/k8s/base/ingress.yaml b/k8s/base/ingress.yaml new file mode 100644 index 0000000..ffeeda4 --- /dev/null +++ b/k8s/base/ingress.yaml @@ -0,0 +1,19 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: litellm + namespace: litellm + annotations: + kubernetes.io/ingress.class: traefik +spec: + rules: + - host: litellm-placeholder.local + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: litellm + port: + number: 4000 diff --git a/k8s/base/kustomization.yaml b/k8s/base/kustomization.yaml new file mode 100644 index 0000000..90be872 --- /dev/null +++ b/k8s/base/kustomization.yaml @@ -0,0 +1,9 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: litellm + +resources: +- deployment.yaml +- service.yaml +- ingress.yaml +- namespace.yaml \ No newline at end of file diff --git a/k8s/base/namespace.yaml b/k8s/base/namespace.yaml new file mode 100644 index 0000000..529a8aa --- /dev/null +++ b/k8s/base/namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: litellm \ No newline at end of file diff --git a/k8s/base/service.yaml b/k8s/base/service.yaml new file mode 100644 index 0000000..297491d --- /dev/null +++ b/k8s/base/service.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + name: litellm + namespace: litellm +spec: + selector: + app: litellm + ports: + - protocol: TCP + port: 4000 + targetPort: 4000 + type: ClusterIP diff --git a/k8s/overlays/box/configmaps.yaml b/k8s/overlays/box/configmaps.yaml new file mode 100644 index 0000000..03a85c0 --- /dev/null +++ b/k8s/overlays/box/configmaps.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: litellm-env + namespace: litellm +data: + DATABASE_URL: postgresql://litellm:litellm@postgres:5432/litellm + REDIS_HOST: redis + REDIS_PORT: "6379" diff --git a/k8s/overlays/box/kustomization.yaml b/k8s/overlays/box/kustomization.yaml new file mode 100644 index 0000000..6475138 --- /dev/null +++ b/k8s/overlays/box/kustomization.yaml @@ -0,0 +1,27 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: litellm +resources: + - ../../base + - postgres.yaml + - redis.yaml + - configmaps.yaml +configMapGenerator: + - name: litellm-config + files: + - config.yaml=../../service-config/config.box/config.yaml +patches: + - target: + kind: Ingress + name: litellm + patch: |- + - op: replace + path: /spec/rules/0/host + value: litellm.box.local + - target: + kind: Deployment + name: litellm + patch: |- + - op: replace + path: /spec/replicas + value: 1 diff --git a/k8s/overlays/box/namespace.yaml b/k8s/overlays/box/namespace.yaml new file mode 100644 index 0000000..6f4294e --- /dev/null +++ b/k8s/overlays/box/namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: litellm diff --git a/k8s/overlays/box/postgres.yaml b/k8s/overlays/box/postgres.yaml new file mode 100644 index 0000000..69b8d46 --- /dev/null +++ b/k8s/overlays/box/postgres.yaml @@ -0,0 +1,60 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: postgres + namespace: litellm +spec: + replicas: 1 + selector: + matchLabels: + app: postgres + template: + metadata: + labels: + app: postgres + spec: + containers: + - name: postgres + image: postgres:15 + ports: + - containerPort: 5432 + env: + - name: POSTGRES_DB + value: litellm + - name: POSTGRES_USER + value: litellm + - name: POSTGRES_PASSWORD + value: litellm + volumeMounts: + - name: postgres-storage + mountPath: /var/lib/postgresql/data + volumes: + - name: postgres-storage + persistentVolumeClaim: + claimName: postgres-pvc +--- +apiVersion: v1 +kind: Service +metadata: + name: postgres + namespace: litellm +spec: + selector: + app: postgres + ports: + - protocol: TCP + port: 5432 + targetPort: 5432 +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: postgres-pvc + namespace: litellm +spec: + accessModes: + - ReadWriteOnce + storageClassName: local-path + resources: + requests: + storage: 5Gi diff --git a/k8s/overlays/box/redis.yaml b/k8s/overlays/box/redis.yaml new file mode 100644 index 0000000..40dfe3c --- /dev/null +++ b/k8s/overlays/box/redis.yaml @@ -0,0 +1,53 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: redis + namespace: litellm +spec: + replicas: 1 + selector: + matchLabels: + app: redis + template: + metadata: + labels: + app: redis + spec: + containers: + - name: redis + image: redis:7-alpine + ports: + - containerPort: 6379 + volumeMounts: + - name: redis-storage + mountPath: /data + volumes: + - name: redis-storage + persistentVolumeClaim: + claimName: redis-pvc +--- +apiVersion: v1 +kind: Service +metadata: + name: redis + namespace: litellm +spec: + selector: + app: redis + ports: + - protocol: TCP + port: 6379 + targetPort: 6379 +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: redis-pvc + namespace: litellm +spec: + accessModes: + - ReadWriteOnce + storageClassName: local-path + resources: + requests: + storage: 2Gi diff --git a/k8s/overlays/dev/configmaps.yaml b/k8s/overlays/dev/configmaps.yaml new file mode 100644 index 0000000..03a85c0 --- /dev/null +++ b/k8s/overlays/dev/configmaps.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: litellm-env + namespace: litellm +data: + DATABASE_URL: postgresql://litellm:litellm@postgres:5432/litellm + REDIS_HOST: redis + REDIS_PORT: "6379" diff --git a/k8s/overlays/dev/kustomization.yaml b/k8s/overlays/dev/kustomization.yaml new file mode 100644 index 0000000..6db3b60 --- /dev/null +++ b/k8s/overlays/dev/kustomization.yaml @@ -0,0 +1,28 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ../../base + - postgres.yaml + - redis.yaml + - configmaps.yaml + - ../../service-config/Secrets/litellm-secrets-dev.yaml +configMapGenerator: + - name: litellm-config + files: + - config.yaml=../../service-config/config.dev/config.yaml +patches: + - target: + kind: Ingress + name: litellm + patch: |- + - op: replace + path: /spec/rules/0/host + value: litellm.dev.local + - target: + kind: Deployment + name: litellm + patch: |- + - op: replace + path: /spec/replicas + value: 1 + - path: litellm-patch.yaml diff --git a/k8s/overlays/dev/litellm-patch.yaml b/k8s/overlays/dev/litellm-patch.yaml new file mode 100644 index 0000000..42cf2b3 --- /dev/null +++ b/k8s/overlays/dev/litellm-patch.yaml @@ -0,0 +1,15 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: litellm + namespace: litellm +spec: + template: + spec: + containers: + - name: litellm + envFrom: + - configMapRef: + name: litellm-env + - secretRef: + name: litellm-secrets-dev diff --git a/k8s/overlays/dev/postgres.yaml b/k8s/overlays/dev/postgres.yaml new file mode 100644 index 0000000..5a01a32 --- /dev/null +++ b/k8s/overlays/dev/postgres.yaml @@ -0,0 +1,47 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: postgres + namespace: litellm +spec: + replicas: 1 + selector: + matchLabels: + app: postgres + template: + metadata: + labels: + app: postgres + spec: + containers: + - name: postgres + image: postgres:15 + ports: + - containerPort: 5432 + env: + - name: POSTGRES_DB + value: litellm + - name: POSTGRES_USER + value: litellm + - name: POSTGRES_PASSWORD + value: litellm + volumeMounts: + - name: postgres-storage + mountPath: /var/lib/postgresql/data + volumes: + - name: postgres-storage + persistentVolumeClaim: + claimName: postgres-pvc +--- +apiVersion: v1 +kind: Service +metadata: + name: postgres + namespace: litellm +spec: + selector: + app: postgres + ports: + - protocol: TCP + port: 5432 + targetPort: 5432 diff --git a/k8s/overlays/dev/redis.yaml b/k8s/overlays/dev/redis.yaml new file mode 100644 index 0000000..e9a0b06 --- /dev/null +++ b/k8s/overlays/dev/redis.yaml @@ -0,0 +1,40 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: redis + namespace: litellm +spec: + replicas: 1 + selector: + matchLabels: + app: redis + template: + metadata: + labels: + app: redis + spec: + containers: + - name: redis + image: redis:7-alpine + ports: + - containerPort: 6379 + volumeMounts: + - name: redis-storage + mountPath: /data + volumes: + - name: redis-storage + persistentVolumeClaim: + claimName: redis-pvc +--- +apiVersion: v1 +kind: Service +metadata: + name: redis + namespace: litellm +spec: + selector: + app: redis + ports: + - protocol: TCP + port: 6379 + targetPort: 6379 diff --git a/k8s/overlays/prd/configmaps.yaml b/k8s/overlays/prd/configmaps.yaml new file mode 100644 index 0000000..feaf16e --- /dev/null +++ b/k8s/overlays/prd/configmaps.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: litellm-env + namespace: litellm +data: + REDIS_HOST: redis-cluster-placeholder + REDIS_PORT: "6379" diff --git a/k8s/overlays/prd/kustomization.yaml b/k8s/overlays/prd/kustomization.yaml new file mode 100644 index 0000000..0878f5f --- /dev/null +++ b/k8s/overlays/prd/kustomization.yaml @@ -0,0 +1,26 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ../../base + - configmaps.yaml + - ../../service-config/Secrets/litellm-secrets-prd.yaml +configMapGenerator: + - name: litellm-config + files: + - config.yaml=../../service-config/config.prd/config.yaml +patches: + - target: + kind: Ingress + name: litellm + patch: |- + - op: replace + path: /spec/rules/0/host + value: litellm.prd.local + - target: + kind: Deployment + name: litellm + patch: |- + - op: replace + path: /spec/replicas + value: 3 + - path: litellm-patch.yaml diff --git a/k8s/overlays/prd/litellm-patch.yaml b/k8s/overlays/prd/litellm-patch.yaml new file mode 100644 index 0000000..20cb651 --- /dev/null +++ b/k8s/overlays/prd/litellm-patch.yaml @@ -0,0 +1,15 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: litellm + namespace: litellm +spec: + template: + spec: + containers: + - name: litellm + envFrom: + - configMapRef: + name: litellm-env + - secretRef: + name: litellm-secrets-prd diff --git a/k8s/overlays/qat/configmaps.yaml b/k8s/overlays/qat/configmaps.yaml new file mode 100644 index 0000000..03a85c0 --- /dev/null +++ b/k8s/overlays/qat/configmaps.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: litellm-env + namespace: litellm +data: + DATABASE_URL: postgresql://litellm:litellm@postgres:5432/litellm + REDIS_HOST: redis + REDIS_PORT: "6379" diff --git a/k8s/overlays/qat/kustomization.yaml b/k8s/overlays/qat/kustomization.yaml new file mode 100644 index 0000000..27fda33 --- /dev/null +++ b/k8s/overlays/qat/kustomization.yaml @@ -0,0 +1,29 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ../../base + - postgres.yaml + - redis.yaml + - configmaps.yaml + - namespace.yaml + - ../../service-config/Secrets/litellm-secrets-qat.yaml +configMapGenerator: + - name: litellm-config + files: + - config.yaml=../../service-config/config.qat/config.yaml +patches: + - target: + kind: Ingress + name: litellm + patch: |- + - op: replace + path: /spec/rules/0/host + value: litellm.qat.local + - target: + kind: Deployment + name: litellm + patch: |- + - op: replace + path: /spec/replicas + value: 1 + - path: litellm-patch.yaml diff --git a/k8s/overlays/qat/litellm-patch.yaml b/k8s/overlays/qat/litellm-patch.yaml new file mode 100644 index 0000000..686fe83 --- /dev/null +++ b/k8s/overlays/qat/litellm-patch.yaml @@ -0,0 +1,15 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: litellm + namespace: litellm +spec: + template: + spec: + containers: + - name: litellm + envFrom: + - configMapRef: + name: litellm-env + - secretRef: + name: litellm-secrets-qat diff --git a/k8s/overlays/qat/postgres.yaml b/k8s/overlays/qat/postgres.yaml new file mode 100644 index 0000000..5a01a32 --- /dev/null +++ b/k8s/overlays/qat/postgres.yaml @@ -0,0 +1,47 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: postgres + namespace: litellm +spec: + replicas: 1 + selector: + matchLabels: + app: postgres + template: + metadata: + labels: + app: postgres + spec: + containers: + - name: postgres + image: postgres:15 + ports: + - containerPort: 5432 + env: + - name: POSTGRES_DB + value: litellm + - name: POSTGRES_USER + value: litellm + - name: POSTGRES_PASSWORD + value: litellm + volumeMounts: + - name: postgres-storage + mountPath: /var/lib/postgresql/data + volumes: + - name: postgres-storage + persistentVolumeClaim: + claimName: postgres-pvc +--- +apiVersion: v1 +kind: Service +metadata: + name: postgres + namespace: litellm +spec: + selector: + app: postgres + ports: + - protocol: TCP + port: 5432 + targetPort: 5432 diff --git a/k8s/overlays/qat/redis.yaml b/k8s/overlays/qat/redis.yaml new file mode 100644 index 0000000..e9a0b06 --- /dev/null +++ b/k8s/overlays/qat/redis.yaml @@ -0,0 +1,40 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: redis + namespace: litellm +spec: + replicas: 1 + selector: + matchLabels: + app: redis + template: + metadata: + labels: + app: redis + spec: + containers: + - name: redis + image: redis:7-alpine + ports: + - containerPort: 6379 + volumeMounts: + - name: redis-storage + mountPath: /data + volumes: + - name: redis-storage + persistentVolumeClaim: + claimName: redis-pvc +--- +apiVersion: v1 +kind: Service +metadata: + name: redis + namespace: litellm +spec: + selector: + app: redis + ports: + - protocol: TCP + port: 6379 + targetPort: 6379 diff --git a/k8s/service-config/Secrets/litellm-secrets-dev.yaml b/k8s/service-config/Secrets/litellm-secrets-dev.yaml new file mode 100644 index 0000000..7bc26e2 --- /dev/null +++ b/k8s/service-config/Secrets/litellm-secrets-dev.yaml @@ -0,0 +1,8 @@ +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + name: litellm-secrets-dev + namespace: litellm +spec: + encryptedData: + OPENAI_API_KEY: AgA... diff --git a/k8s/service-config/Secrets/litellm-secrets-prd.yaml b/k8s/service-config/Secrets/litellm-secrets-prd.yaml new file mode 100644 index 0000000..fd94b98 --- /dev/null +++ b/k8s/service-config/Secrets/litellm-secrets-prd.yaml @@ -0,0 +1,10 @@ +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + name: litellm-secrets-prd + namespace: litellm +spec: + encryptedData: + DATABASE_URL: AgA... + OPENAI_API_KEY: AgA... + REDIS_PASSWORD: AgA... diff --git a/k8s/service-config/Secrets/litellm-secrets-qat.yaml b/k8s/service-config/Secrets/litellm-secrets-qat.yaml new file mode 100644 index 0000000..976b2b4 --- /dev/null +++ b/k8s/service-config/Secrets/litellm-secrets-qat.yaml @@ -0,0 +1,8 @@ +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + name: litellm-secrets-qat + namespace: litellm +spec: + encryptedData: + OPENAI_API_KEY: AgA... diff --git a/k8s/service-config/config.box/config.yaml b/k8s/service-config/config.box/config.yaml new file mode 100644 index 0000000..171334a --- /dev/null +++ b/k8s/service-config/config.box/config.yaml @@ -0,0 +1,21 @@ +model_list: + - model_name: ollama-model + litellm_params: + model: ollama/llama2 + api_base: http://10.0.0.107:11434 + +litellm_settings: + set_verbose: True + cache: True + cache_params: + type: redis + host: os.environ/REDIS_HOST + port: os.environ/REDIS_PORT + password: os.environ/REDIS_PASSWORD + +router_settings: + routing_strategy: simple-shuffle + +general_settings: + master_key: admin + database_url: "os.environ/DATABASE_URL" diff --git a/k8s/service-config/config.dev/config.yaml b/k8s/service-config/config.dev/config.yaml new file mode 100644 index 0000000..f6bd1b6 --- /dev/null +++ b/k8s/service-config/config.dev/config.yaml @@ -0,0 +1,19 @@ +model_list: + - model_name: gpt-3.5-turbo + litellm_params: + model: gpt-3.5-turbo + api_key: os.environ/OPENAI_API_KEY + - model_name: claude-3-opus + litellm_params: + model: claude-3-opus + api_key: os.environ/ANTHROPIC_API_KEY + +litellm_settings: + drop_params: True + set_verbose: True + database_url: "os.environ/DATABASE_URL" + redis_host: "os.environ/REDIS_HOST" + redis_port: "os.environ/REDIS_PORT" + +router_settings: + routing_strategy: simple-shuffle diff --git a/k8s/service-config/config.prd/config.yaml b/k8s/service-config/config.prd/config.yaml new file mode 100644 index 0000000..15c988b --- /dev/null +++ b/k8s/service-config/config.prd/config.yaml @@ -0,0 +1,20 @@ +model_list: + - model_name: gpt-4-production + litellm_params: + model: gpt-4 + api_key: os.environ/OPENAI_API_KEY + - model_name: claude-3-production + litellm_params: + model: claude-3-opus + api_key: os.environ/ANTHROPIC_API_KEY + +litellm_settings: + drop_params: True + set_verbose: False + database_url: "os.environ/DATABASE_URL" + redis_host: "os.environ/REDIS_HOST" + redis_port: "os.environ/REDIS_PORT" + redis_password: "os.environ/REDIS_PASSWORD" + +router_settings: + routing_strategy: latency-based-routing diff --git a/k8s/service-config/config.qat/config.yaml b/k8s/service-config/config.qat/config.yaml new file mode 100644 index 0000000..5bd14ac --- /dev/null +++ b/k8s/service-config/config.qat/config.yaml @@ -0,0 +1,12 @@ +model_list: + - model_name: gpt-4 + litellm_params: + model: gpt-4 + api_key: os.environ/OPENAI_API_KEY + +litellm_settings: + drop_params: True + set_verbose: False + database_url: "os.environ/DATABASE_URL" + redis_host: "os.environ/REDIS_HOST" + redis_port: "os.environ/REDIS_PORT" diff --git a/sync-secrets.sh b/sync-secrets.sh new file mode 100755 index 0000000..e7ce77a --- /dev/null +++ b/sync-secrets.sh @@ -0,0 +1,79 @@ +#!/bin/bash + +# sync-secrets.sh +# Automically updates kustomization resources and deployment patches using yq. + +BASE_DIR="k8s/overlays" +SECRETS_DIR="k8s/service-config/Secrets" + +# Determinar qué ambientes procesar +if [ -n "$1" ]; then + ENVS=("$1") +else + ENVS=("dev" "qat" "prd" "box") +fi + +for ENV in "${ENVS[@]}"; do + echo "Processing environment: $ENV..." + KUST_FILE="$BASE_DIR/$ENV/kustomization.yaml" + PATCH_FILE="$BASE_DIR/$ENV/litellm-patch.yaml" + + if [ ! -f "$KUST_FILE" ]; then + echo "Error: Kustomization file not found at $KUST_FILE" + continue + fi + + # 1. Clear existing dynamic secret resources from kustomization.yaml + yq -i 'del(.resources[] | select(. == "../../service-config/Secrets/*"))' "$KUST_FILE" + + # 2. Clear existing deployment patches that manage envFrom (by path or by content) + yq -i 'del(.patches[] | select(.path == "litellm-patch.yaml" or .patch == "*envFrom*"))' "$KUST_FILE" + + # 3. Identify environment-specific secrets + FILES=$(ls $SECRETS_DIR/*-${ENV}.yaml 2>/dev/null) + + # 4. Generate the Strategic Merge Patch content (envFrom list) + ENV_FROM_LIST=" - configMapRef: + name: litellm-env" + + if [ -n "$FILES" ]; then + for FILE in $FILES; do + REL_PATH="../../service-config/Secrets/$(basename $FILE)" + SECRET_NAME=$(yq '.metadata.name' "$FILE" | tr -d '"') + + echo " Adding secret: $SECRET_NAME ($REL_PATH)" + + # Add secret to kustomization resources + yq -i ".resources += [\"$REL_PATH\"]" "$KUST_FILE" + + # Append to patch content + ENV_FROM_LIST="$ENV_FROM_LIST + - secretRef: + name: $SECRET_NAME" + done + + # 5. Create the dedicated patch file with NAMESPACE included + cat < "$PATCH_FILE" +apiVersion: apps/v1 +kind: Deployment +metadata: + name: litellm + namespace: litellm +spec: + template: + spec: + containers: + - name: litellm + envFrom: +$ENV_FROM_LIST +EOF + + # 6. Reference the patch file in kustomization.yaml + yq -i ".patches += [{\"path\": \"litellm-patch.yaml\"}]" "$KUST_FILE" + else + echo " No secrets found for $ENV, skipping patch." + rm -f "$PATCH_FILE" + fi +done + +echo "¡Synchronization complete with namespaced external patch files!"