Архитектура ISP (OSS/BSS)
Kubernetes-архитектура
Helm-чарт ISP Platform — DRY defaults, 11 приложений, конфигурация по окружениям
Обзор
Единый Helm-чарт (infra/chart/) для staging и production (ArgoCD). В dev приложения запускаются нативно через bun dev / go run.
Ключевые принципы:
- DRY defaults — общая конфигурация в
defaults:, приложения только переопределяют нужное - range over apps — шаблоны итерируют по
appsmap, нет дублирования при добавлении приложений - merge в helpers —
mustMergeOverwrite(defaults, app)объединяет конфиг автоматически - healthPath / readyPath — каждое приложение может задать свои пути для проб
Приложения (11 deployments)
| Приложение | Образ | Порт | Стек | Health Path |
|---|---|---|---|---|
| docs | isp-platform/docs | 3000 | Next.js | / |
| web | isp-platform/web | 3000 | Next.js | / |
| customer-core | isp-platform/customer-core | 3010 | NestJS | /healthz |
| product-catalog | isp-platform/product-catalog | 3011 | NestJS | /healthz |
| billing | isp-platform/billing | 3012 | NestJS | /healthz |
| notification | isp-platform/notification | 3013 | NestJS | /healthz |
| oms | isp-platform/oms | 3014 | NestJS | /healthz |
| network-inventory | isp-platform/network-inventory | 3015 | NestJS | /healthz |
| provisioning-go | isp-platform/provisioning-go | 8080 | Go | /healthz |
| aaa-go | isp-platform/aaa-go | 8081 | Go | /healthz |
| mediation-go | isp-platform/mediation-go | 8082 | Go | /healthz |
Helm values.yaml (структура)
defaults:
image:
pullPolicy: IfNotPresent
replicas: 1
port: 3000
healthPath: /api/health # NestJS default
readyPath: /api/health
resources:
requests: { cpu: 50m, memory: 128Mi }
limits: { cpu: 500m, memory: 512Mi }
apps:
# --- Frontend ---
docs:
image: { repository: isp-platform/docs, tag: latest }
web:
image: { repository: isp-platform/web, tag: latest }
# --- BSS (NestJS) ---
customer-core:
image: { repository: isp-platform/customer-core, tag: latest }
port: 3010
product-catalog:
image: { repository: isp-platform/product-catalog, tag: latest }
port: 3011
billing:
image: { repository: isp-platform/billing, tag: latest }
port: 3012
notification:
image: { repository: isp-platform/notification, tag: latest }
port: 3013
oms:
image: { repository: isp-platform/oms, tag: latest }
port: 3014
network-inventory:
image: { repository: isp-platform/network-inventory, tag: latest }
port: 3015
# --- OSS (Go) ---
provisioning-go:
image: { repository: isp-platform/provisioning-go, tag: latest }
port: 8080
healthPath: /healthz
readyPath: /readyz
aaa-go:
image: { repository: isp-platform/aaa-go, tag: latest }
port: 8081
healthPath: /healthz
readyPath: /readyz
mediation-go:
image: { repository: isp-platform/mediation-go, tag: latest }
port: 8082
healthPath: /healthz
readyPath: /readyzProduction overrides (values.production.yaml)
apps:
# Go-сервисы — меньше памяти (distroless, ~10MB binary)
provisioning-go:
resources:
requests: { cpu: 100m, memory: 64Mi }
limits: { cpu: 500m, memory: 256Mi }
aaa-go:
resources:
requests: { cpu: 100m, memory: 64Mi }
limits: { cpu: 500m, memory: 256Mi }
mediation-go:
resources:
requests: { cpu: 200m, memory: 128Mi }
limits: { cpu: 1000m, memory: 512Mi }
# NestJS-сервисы — стандартные ресурсы
billing:
resources:
requests: { cpu: 200m, memory: 256Mi }
limits: { cpu: 1000m, memory: 1Gi }Компоненты
| Компонент | Dev | Production |
|---|---|---|
| SecurityContext | — | pod: runAsNonRoot, container: drop ALL |
| Probes | off | startup + readiness + liveness |
| HPA | off | 2–20 реплик, CPU 70% |
| PDB | off | minAvailable: 1 |
| NetworkPolicy | off | ingress-nginx only, egress DNS + external |
| TopologySpread | — | maxSkew: 1 по hostname |
| Ingress | — (apps via bun dev) | nginx + cert-manager TLS |
Конфигурация по окружениям
| Dev | Staging | Production | |
|---|---|---|---|
| Replicas | 1 | 2 | HPA 2–20 |
| Resources CPU | 50m–2 | 100m–500m | 200m–1 |
| Resources Memory | 128Mi–2Gi | 256Mi–512Mi | 512Mi–1Gi |
NODE_ENV | development | production | production |
| TLS | — | staging issuer | prod issuer |
Команды
helm template isp infra/chart/ # dry-run (default values)
helm template isp infra/chart/ -f infra/chart/values.production.yaml # production dry-run
helm upgrade --install isp infra/chart \
-f infra/chart/values.production.yaml \
-n isp-platform --create-namespace # manual install