dzecevic
/
k8s_deployments
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Merge branch 'feat/basline-deployments' into 'master' 

feat/basline-deployments

See merge request devops/k8s-deployments!36
feat/add_trialytix-esculape
Domagoj Zecevic 4 years ago
parent
160e5a58c0 985bc036e7
commit
0e2b846064
5 changed files with 521 additions and 20 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 29
      01_onsite/01_dev/baseline/deployment.yaml
  2. 212
      01_onsite/02_qa/baseline/deployment.yaml
  3. 4
      01_onsite/02_qa/trialytix/deployment.yaml
  4. 84
      02_hetzner/00_infra/keycloak/deployment.yaml
  5. 212
      02_hetzner/01_prod/baseline/deployment.yaml

29
01_onsite/01_dev/baseline/deployment.yaml
View File

@ -20,7 +20,8 @@ spec:
spec:
containers:
- name: baseline-frontend
image: packages.semapp.lan:5000/baseline_frontend:develop
image: packages.semapp.lan:5000/baseline_frontend:qa1
workingDir: /srv/web
resources:
requests:
memory: "256Mi"
@ -37,26 +38,18 @@ spec:
readOnly: true
name: baseline-dev-frontend-conf
imagePullPolicy: Always
env:
- name: PORT
value: "8000"
- name: REACT_APP_PROD_API_URL
value: "http://baseline-dev.k3s.semapp.lan/api/"
- name: REACT_APP_DEV_API_URL
value: "http://baseline-dev.k3s.semapp.lan/api/"
- name: REACT_APP_VERSION
value: "v1"
- name: REACT_APP_KEYCLOAK_URL
value: "http://keycloak.semapp.lan/auth/"
- name: REACT_APP_KEYCLOAK_REALM
value: "baseline"
- name: REACT_APP_KEYCLOAK_CLIENT_ID
env:
- name: KEYCLOAK_REALM
value: "baseline_develop"
- name: KEYCLOAK_CLIENT
value: "baseline"
- name: REACT_APP_TOKEN_MIN_VALIDITY
- name: KEYCLOAK_TOKEN_VALIDITY
value: "600"
- name: KEYCLOAK_URL
value: "http://keycloak.semapp.lan/auth/"
- name: baseline-backend
image: packages.semapp.lan:5000/baseline_backend:develop
image: packages.semapp.lan:5000/baseline_backend:qa1
workingDir: /opt/www
resources:
requests:
@ -117,7 +110,7 @@ data:
KEYCLOAK_URL: "http://keycloak.semapp.lan"
KEYCLOAK_PORT: "80"
KEYCLOAK_REALM: "baseline"
KEYCLOAK_REALM: "baseline_develop"
REDIRECT_URL: "http://baseline-dev.k3s.semapp.lan/"

212
01_onsite/02_qa/baseline/deployment.yaml
View File

@ -0,0 +1,212 @@
# Deployment description
apiVersion: apps/v1
kind: Deployment
metadata:
name: baseline-deployment
namespace: qa-environment
labels:
app: baseline-qa
spec:
strategy:
type: Recreate
replicas: 1
selector:
matchLabels:
app: baseline-qa
template:
metadata:
labels:
app: baseline-qa
spec:
containers:
- name: baseline-frontend
image: packages.semapp.lan:5000/baseline_frontend:qa1
workingDir: /srv/web
resources:
requests:
memory: "256Mi"
cpu: "100m"
limits:
memory: "512Mi"
cpu: "4"
ports:
- containerPort: 8000
name: baseline-http
protocol: TCP
volumeMounts:
- mountPath: /etc/nginx/conf.d
readOnly: true
name: baseline-qa-frontend-conf
env:
- name: KEYCLOAK_REALM
value: "baseline_test"
- name: KEYCLOAK_CLIENT
value: "baseline_qa"
- name: KEYCLOAK_TOKEN_VALIDITY
value: "600"
- name: KEYCLOAK_URL
value: "http://keycloak.semapp.lan/auth/"
imagePullPolicy: Always
- name: baseline-backend
image: packages.semapp.lan:5000/baseline_backend:qa1
workingDir: /opt/www
resources:
requests:
memory: "256Mi"
cpu: "100m"
limits:
memory: "512Mi"
cpu: "4"
ports:
- containerPort: 5000
name: bl-bck-http
protocol: TCP
imagePullPolicy: Always
envFrom:
- configMapRef:
name: baseline-qa-backend-conf
volumes:
- name: baseline-qa-frontend-conf
configMap:
name: baseline-qa-frontend-conf
---
apiVersion: v1
kind: ConfigMap
metadata:
namespace: qa-environment
name: baseline-qa-backend-conf
labels:
app: baseline-qa
data:
DB_CONNECTION: "pgsql"
DB_HOST: "dbpg11.semapp.lan"
DB_PORT: "5432"
DB_DATABASE: "baseline_k8s_qa"
DB_USERNAME: "baseline_qa"
DB_PASSWORD: "baseline_qa"
APP_NAME: "Baseline"
APP_ENV: "development"
APP_KEY: "base64:14Vg4rilGKEk34XeqNR7ffg6GhFTzA7/z5T1aqy6JHw="
APP_DEBUG: "true"
APP_URL: "http://baseline-qa.k3s.semapp.lan/"
LOG_CHANNEL: "stack"
BROADCAST_DRIVER: "log"
CACHE_DRIVER: "file"
QUEUE_CONNECTION: "sync"
SESSION_DRIVER: "cookie"
SESSION_LIFETIME: "120"
SANCTUM_STATEFUL_DOMAINS: "baseline-qa.k3s.semapp.lan"
SESSION_DOMAIN: "baseline-qa.k3s.semapp.lan"
THROTTLE_MAX_ATTEMPTS: "80"
KEYCLOAK_URL: "http://keycloak.semapp.lan"
KEYCLOAK_PORT: "80"
KEYCLOAK_REALM: "baseline_test"
REDIRECT_URL: "http://baseline-qa.k3s.semapp.lan/"
---
apiVersion: v1
kind: ConfigMap
metadata:
namespace: qa-environment
name: baseline-qa-frontend-conf
data:
default.conf: |
upstream backend {
server baseline-backend-qa:5000;
}
server {
listen 8000;
access_log /var/log/nginx/access.log;
charset utf-8;
client_max_body_size 1G;
location / {
root /srv/web;
add_header X-Frame-Options "SAMEORIGIN";
index index.html index.htm;
try_files $uri $uri /index.html =404;
}
location ~ ^/api {
proxy_pass http://backend;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_read_timeout 300s;
proxy_send_timeout 300s;
send_timeout 300s;
}
error_page 404 =200 /index.html;
add_header 'Cache-Control' 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
expires off;
open_file_cache off;
sendfile off;
}
---
# EFC Service
apiVersion: v1
kind: Service
metadata:
name: baseline-frontend-qa
namespace: qa-environment
spec:
selector:
app: baseline-qa
ports:
- name: baseline-http
port: 8000
targetPort: baseline-http
type: NodePort
---
# EFC backend
apiVersion: v1
kind: Service
metadata:
name: baseline-backend-qa
namespace: qa-environment
spec:
selector:
app: baseline-qa
ports:
- name: bl-bck-http
port: 5000
targetPort: bl-bck-http
type: NodePort
---
# Ingress description
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: baseline-qa-ingress
namespace: qa-environment
annotations:
kubernetes.io/ingress.class: "traefik"
spec:
rules:
- host: baseline-qa.k3s.semapp.lan
http:
paths:
- path: /
backend:
serviceName: baseline-frontend-qa
servicePort: 8000

4
01_onsite/02_qa/trialytix/deployment.yaml
View File

@ -18,7 +18,7 @@ spec:
containers:
# Backend container
- name: trialytix-backend
image: packages.semapp.lan:5000/trialytix_backend:$IMAGE_TAG
image: packages.semapp.lan:5000/trialytix_backend:develop
resources:
requests:
@ -37,7 +37,7 @@ spec:
imagePullPolicy: Always
# Frontend container
- name: trialytix-frontend
image: packages.semapp.lan:5000/trialytix_frontend:$IMAGE_TAG
image: packages.semapp.lan:5000/trialytix_frontend:develop
resources:
requests:

84
02_hetzner/00_infra/keycloak/deployment.yaml
View File

@ -0,0 +1,84 @@
---
apiVersion: "apps/v1"
kind: "Deployment"
metadata:
name: "keycloak"
namespace: "infra-environment"
spec:
selector:
matchLabels:
app: "keycloak"
replicas: 1
template:
metadata:
labels:
app: "keycloak"
spec:
containers:
- name: "keycloak-prod"
image: "jboss/keycloak"
resources:
requests:
memory: "512Mi"
cpu: "100m"
limits:
memory: "1Gi"
cpu: "4"
imagePullPolicy: "Always"
env:
- name: "KEYCLOAK_USER"
value: "admin"
- name: "KEYCLOAK_PASSWORD"
value: "admin"
- name: DB_VENDOR
value: postgres
- name: DB_ADDR
value: psql.semprod.local
- name: DB_DATABASE
value: keycloak_db
- name: DB_USER
value: keycloak
- name: DB_PASSWORD
value: e7ov7xx45qr1erk9
ports:
- name: keycloak-http
containerPort: 8080
---
apiVersion: v1
kind: Service
metadata:
name: keycloak-srv
namespace: infra-environment
spec:
selector:
app: keycloak
ports:
- name: keycloak-http
port: 8080
targetPort: keycloak-http
type: NodePort
---
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: keycloak-ingress
namespace: infra-environment
annotations:
kubernetes.io/ingress.class: "traefik"
spec:
rules:
- host: keycloak.k8s.semprod.local
http:
paths:
- path: /
backend:
serviceName: keycloak-srv
servicePort: 8080
- host: keycloak.semprod.local
http:
paths:
- path: /
backend:
serviceName: keycloak-srv
servicePort: 8080

212
02_hetzner/01_prod/baseline/deployment.yaml
View File

@ -0,0 +1,212 @@
# Deployment description
apiVersion: apps/v1
kind: Deployment
metadata:
name: baseline-deployment
namespace: prod-environment
labels:
app: baseline-prod
spec:
strategy:
type: Recreate
replicas: 1
selector:
matchLabels:
app: baseline-prod
template:
metadata:
labels:
app: baseline-prod
spec:
containers:
- name: baseline-frontend
image: packages.semapp.lan:5000/baseline_frontend:qa1
workingDir: /srv/web
resources:
requests:
memory: "256Mi"
cpu: "100m"
limits:
memory: "512Mi"
cpu: "4"
ports:
- containerPort: 8000
name: baseline-http
protocol: TCP
volumeMounts:
- mountPath: /etc/nginx/conf.d
readOnly: true
name: baseline-prod-frontend-conf
env:
- name: KEYCLOAK_REALM
value: "baseline_production"
- name: KEYCLOAK_CLIENT
value: "baseline_prod"
- name: KEYCLOAK_TOKEN_VALIDITY
value: "600"
- name: KEYCLOAK_URL
value: "http://keycloak.semprod.local/auth/"
imagePullPolicy: Always
- name: baseline-backend
image: packages.semapp.lan:5000/baseline_backend:qa1
workingDir: /opt/www
resources:
requests:
memory: "256Mi"
cpu: "100m"
limits:
memory: "512Mi"
cpu: "4"
ports:
- containerPort: 5000
name: bl-bck-http
protocol: TCP
imagePullPolicy: Always
envFrom:
- configMapRef:
name: baseline-prod-backend-conf
volumes:
- name: baseline-prod-frontend-conf
configMap:
name: baseline-prod-frontend-conf
---
apiVersion: v1
kind: ConfigMap
metadata:
namespace: prod-environment
name: baseline-prod-backend-conf
labels:
app: baseline-prod
data:
DB_CONNECTION: "pgsql"
DB_HOST: "psql.semprod.local"
DB_PORT: "5432"
DB_DATABASE: "baseline_prod"
DB_USERNAME: "baseline_prod"
DB_PASSWORD: "yZLi2WZ037l9Xcgg"
APP_NAME: "Baseline"
APP_ENV: "production"
APP_KEY: "base64:14Vg4rilGKEk34XeqNR7ffg6GhFTzA7/z5T1aqy6JHw="
APP_DEBUG: "true"
APP_URL: "http://baseline.k8s.semprod.local/"
LOG_CHANNEL: "stack"
BROADCAST_DRIVER: "log"
CACHE_DRIVER: "file"
QUEUE_CONNECTION: "sync"
SESSION_DRIVER: "cookie"
SESSION_LIFETIME: "120"
SANCTUM_STATEFUL_DOMAINS: "baseline.k8s.semprod.local"
SESSION_DOMAIN: "baseline.k8s.semprod.local"
THROTTLE_MAX_ATTEMPTS: "80"
KEYCLOAK_URL: "http://keycloak.semprod.local"
KEYCLOAK_PORT: "80"
KEYCLOAK_REALM: "baseline_production"
REDIRECT_URL: "http://baseline.k8s.semprod.local/"
---
apiVersion: v1
kind: ConfigMap
metadata:
namespace: prod-environment
name: baseline-prod-frontend-conf
data:
default.conf: |
upstream backend {
server baseline-backend-prod:5000;
}
server {
listen 8000;
access_log /var/log/nginx/access.log;
charset utf-8;
client_max_body_size 1G;
location / {
root /srv/web;
add_header X-Frame-Options "SAMEORIGIN";
index index.html index.htm;
try_files $uri $uri /index.html =404;
}
location ~ ^/api {
proxy_pass http://backend;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_read_timeout 300s;
proxy_send_timeout 300s;
send_timeout 300s;
}
error_page 404 =200 /index.html;
add_header 'Cache-Control' 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
expires off;
open_file_cache off;
sendfile off;
}
---
# EFC Service
apiVersion: v1
kind: Service
metadata:
name: baseline-frontend-prod
namespace: prod-environment
spec:
selector:
app: baseline-prod
ports:
- name: baseline-http
port: 8000
targetPort: baseline-http
type: NodePort
---
# EFC backend
apiVersion: v1
kind: Service
metadata:
name: baseline-backend-prod
namespace: prod-environment
spec:
selector:
app: baseline-prod
ports:
- name: bl-bck-http
port: 5000
targetPort: bl-bck-http
type: NodePort
---
# Ingress description
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: baseline-prod-ingress
namespace: prod-environment
annotations:
kubernetes.io/ingress.class: "traefik"
spec:
rules:
- host: baseline.k8s.semprod.local
http:
paths:
- path: /
backend:
serviceName: baseline-frontend-prod
servicePort: 8000
Write Preview
Loading…
Cancel
Save