From 4226940ef556b4e696f9f8e4571a8195194fe98c Mon Sep 17 00:00:00 2001 From: Antun Franjin Date: Thu, 28 Apr 2022 10:33:29 +0200 Subject: [PATCH] Add new deployments for rmcroatia and rm fulda domains. --- 02_hetzner/01_prod/rm-croatia/deployment.yaml | 266 ++++++++++++++++++ 02_hetzner/01_prod/rm-fulda/deployment.yaml | 266 ++++++++++++++++++ 2 files changed, 532 insertions(+) create mode 100644 02_hetzner/01_prod/rm-croatia/deployment.yaml create mode 100644 02_hetzner/01_prod/rm-fulda/deployment.yaml diff --git a/02_hetzner/01_prod/rm-croatia/deployment.yaml b/02_hetzner/01_prod/rm-croatia/deployment.yaml new file mode 100644 index 0000000..214368e --- /dev/null +++ b/02_hetzner/01_prod/rm-croatia/deployment.yaml @@ -0,0 +1,266 @@ +# Deployment description +apiVersion: apps/v1 +kind: Deployment +metadata: + name: rm-cro-deployment + namespace: prod-environment + labels: + app: rm-cro +spec: + strategy: + type: Recreate + replicas: 1 + selector: + matchLabels: + app: rm-cro + template: + metadata: + labels: + app: rm-cro + spec: + # securityContext: + # runAsUser: 1000 + # runAsGroup: 1000 + # fsGroup: 1000 + containers: + - name: rm-backend + image: packages.semapp.lan:5000/rm-backend:2.5.1 + resources: + requests: + memory: "512Mi" + cpu: "1" + limits: + memory: "2Gi" + cpu: "4" + ports: + - containerPort: 5000 + name: rm-backend + protocol: TCP + volumeMounts: + - mountPath: /etc/flexrm/ + readOnly: true + name: flexrm-conf + env: + - name: DJANGO_ENV + value: "development" + imagePullPolicy: Always + - name: rm-frontend + image: packages.semapp.lan:5000/rm-frontend:2.5.1 + resources: + requests: + memory: "512Mi" + cpu: "1" + limits: + memory: "2Gi" + cpu: "4" + ports: + - containerPort: 80 + name: rm-frontend + protocol: TCP + volumeMounts: + - mountPath: /etc/nginx/conf.d/ + readOnly: true + name: flexrm-frontend-conf + imagePullPolicy: Always + volumes: + - name: flexrm-frontend-conf + configMap: + name: flexrm-frontend-conf + - name: flexrm-conf + configMap: + name: flexrm-conf + +--- + +# Backend configuration +apiVersion: v1 +kind: ConfigMap +metadata: + namespace: prod-environment + name: flexrm-conf +data: + flexrm.conf: | + [general] + allowed_hosts = * + secret_key = some_very_long_and_hyper_random_secret_key + + [db] + driver = postgresql + db_name = rm_cro_prod + db_user = rm_cro_prod + db_password = NsG}e(EgT\b+95Q'L:+{ + db_host = psql.semprod.local + + [analytics] + piwik_site_id = 3 + + [frontend] + frontend_url = http://rm-cro.k8s.semprod.local/ + + [email] + host = smtp.strato.de + port = 587 + username = support@semantic-applications.de + password = uN1zPIqN9@br + use_tls = True + auto_from = support@semantic-applications.de + + [tex] + host = texservice.semprod.local + delete_after_render = False + + [media-storage] + # + # the used media-storage is defined via type: + # + # media_type = django.core.files.storage.FileSystemStorage ... the default django file storage + # -> no additional settings are required + # + # media_type = minio_storage.storage.MinioMediaStorage ... the storage used with minio + # -> additional settings for minio: + # minio_endpoint = 127.0.0.1:9000 ... the endpoint and port + # minio_use_https = True|False ... use https for communication + # minio_media_bucket = media-rm ... the media bucket name + # minio_access_key = #your ACCESS_KEY ... the access key + # minio_secret_key = #your SECRET_KEY ... the secret key + # minio_auto_create_bucket = True|False ... if True the bucket is created + + # + # To setup minio storage as default for development just comment the file system storage line and uncomment + # all minio storage lines + # + + + # media_type = django.core.files.storage.FileSystemStorage + + media_type = flexrm.kernel.storage.minio.storage.MinIOMediaStorage + minio_endpoint = minio-api.semprod.local + minio_use_https = False + minio_media_bucket = rm-cro-prod + minio_access_key = rm-cro-prod + minio_secret_key = uM7(zFm3;4H9PTz!m~ww + minio_auto_create_bucket = True +--- + +# Frontend nginx configuration +apiVersion: v1 +kind: ConfigMap +metadata: + namespace: prod-environment + name: flexrm-frontend-conf +data: + default.conf: | + upstream backend { + server rm-backend-srv:5000; + } + + server { + listen 80; + + server_name $K8S_HOSTNAME; + + #access_log /var/log/rm/access.log; + #error_log /var/log/rm/error.log; + + charset utf-8; + client_max_body_size 1G; + + location / { + root /srv/rm-web; + + try_files $uri /index.html =404; + } + + location ~ ^/(api|drf|manage) { + proxy_pass http://backend; + proxy_redirect off; + + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + location /storage { + proxy_pass http://backend; + proxy_redirect off; + + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + location /static { + # TODO: still needed when we use minio? + alias /srv/public; + } + + # Redirect Angular routes + error_page 404 =200 /index.html; + } + +--- + +# RM backend Service +apiVersion: v1 +kind: Service +metadata: + name: rm-backend-srv + namespace: prod-environment +spec: + selector: + app: rm-cro + ports: + - name: rm-backend + port: 5000 + targetPort: rm-backend + type: NodePort + +--- + +#RM frontend service +apiVersion: v1 +kind: Service +metadata: + name: rm-frontend-srv + namespace: prod-environment +spec: + selector: + app: rm-cro + ports: + - name: rm-frontend + port: 80 + targetPort: rm-frontend + type: NodePort + +--- + + # Ingress description +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: rm-cro-ingress + namespace: prod-environment + annotations: + kubernetes.io/ingress.class: "traefik" +spec: + rules: + - host: rm-cro.k8s.semprod.local + http: + paths: + - backend: + service: + name: rm-frontend-srv + port: + number: 80 + path: / + pathType: ImplementationSpecific + - host: rmcroatia.semapp.de + http: + paths: + - backend: + service: + name: rm-frontend-srv + port: + number: 80 + path: / + pathType: ImplementationSpecific \ No newline at end of file diff --git a/02_hetzner/01_prod/rm-fulda/deployment.yaml b/02_hetzner/01_prod/rm-fulda/deployment.yaml new file mode 100644 index 0000000..8935d16 --- /dev/null +++ b/02_hetzner/01_prod/rm-fulda/deployment.yaml @@ -0,0 +1,266 @@ +# Deployment description +apiVersion: apps/v1 +kind: Deployment +metadata: + name: rm-fulda-deployment + namespace: prod-environment + labels: + app: rm-fulda +spec: + strategy: + type: Recreate + replicas: 1 + selector: + matchLabels: + app: rm-fulda + template: + metadata: + labels: + app: rm-fulda + spec: + # securityContext: + # runAsUser: 1000 + # runAsGroup: 1000 + # fsGroup: 1000 + containers: + - name: rm-backend + image: packages.semapp.lan:5000/rm-backend:2.5.1 + resources: + requests: + memory: "512Mi" + cpu: "1" + limits: + memory: "2Gi" + cpu: "4" + ports: + - containerPort: 5000 + name: rm-backend + protocol: TCP + volumeMounts: + - mountPath: /etc/flexrm/ + readOnly: true + name: flexrm-conf + env: + - name: DJANGO_ENV + value: "development" + imagePullPolicy: Always + - name: rm-frontend + image: packages.semapp.lan:5000/rm-frontend:2.5.1 + resources: + requests: + memory: "512Mi" + cpu: "1" + limits: + memory: "2Gi" + cpu: "4" + ports: + - containerPort: 80 + name: rm-frontend + protocol: TCP + volumeMounts: + - mountPath: /etc/nginx/conf.d/ + readOnly: true + name: flexrm-frontend-conf + imagePullPolicy: Always + volumes: + - name: flexrm-frontend-conf + configMap: + name: flexrm-frontend-conf + - name: flexrm-conf + configMap: + name: flexrm-conf + +--- + +# Backend configuration +apiVersion: v1 +kind: ConfigMap +metadata: + namespace: prod-environment + name: flexrm-conf +data: + flexrm.conf: | + [general] + allowed_hosts = * + secret_key = some_very_long_and_hyper_random_secret_key + + [db] + driver = postgresql + db_name = rm_fulda_prod + db_user = rm_fulda_prod + db_password = NsG}e(EgT\b+95Q'L:+{ + db_host = psql.semprod.local + + [analytics] + piwik_site_id = 3 + + [frontend] + frontend_url = http://rm-fulda.k8s.semprod.local/ + + [email] + host = smtp.strato.de + port = 587 + username = support@semantic-applications.de + password = uN1zPIqN9@br + use_tls = True + auto_from = support@semantic-applications.de + + [tex] + host = texservice.semprod.local + delete_after_render = False + + [media-storage] + # + # the used media-storage is defined via type: + # + # media_type = django.core.files.storage.FileSystemStorage ... the default django file storage + # -> no additional settings are required + # + # media_type = minio_storage.storage.MinioMediaStorage ... the storage used with minio + # -> additional settings for minio: + # minio_endpoint = 127.0.0.1:9000 ... the endpoint and port + # minio_use_https = True|False ... use https for communication + # minio_media_bucket = media-rm ... the media bucket name + # minio_access_key = #your ACCESS_KEY ... the access key + # minio_secret_key = #your SECRET_KEY ... the secret key + # minio_auto_create_bucket = True|False ... if True the bucket is created + + # + # To setup minio storage as default for development just comment the file system storage line and uncomment + # all minio storage lines + # + + + # media_type = django.core.files.storage.FileSystemStorage + + media_type = flexrm.kernel.storage.minio.storage.MinIOMediaStorage + minio_endpoint = minio-api.semprod.local + minio_use_https = False + minio_media_bucket = rm-fulda-prod + minio_access_key = rm-fulda-prod + minio_secret_key = uM7(zFm3;4H9PTz!m~ww + minio_auto_create_bucket = True +--- + +# Frontend nginx configuration +apiVersion: v1 +kind: ConfigMap +metadata: + namespace: prod-environment + name: flexrm-frontend-conf +data: + default.conf: | + upstream backend { + server rm-backend-srv:5000; + } + + server { + listen 80; + + server_name $K8S_HOSTNAME; + + #access_log /var/log/rm/access.log; + #error_log /var/log/rm/error.log; + + charset utf-8; + client_max_body_size 1G; + + location / { + root /srv/rm-web; + + try_files $uri /index.html =404; + } + + location ~ ^/(api|drf|manage) { + proxy_pass http://backend; + proxy_redirect off; + + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + location /storage { + proxy_pass http://backend; + proxy_redirect off; + + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + location /static { + # TODO: still needed when we use minio? + alias /srv/public; + } + + # Redirect Angular routes + error_page 404 =200 /index.html; + } + +--- + +# RM backend Service +apiVersion: v1 +kind: Service +metadata: + name: rm-backend-srv + namespace: prod-environment +spec: + selector: + app: rm-fulda + ports: + - name: rm-backend + port: 5000 + targetPort: rm-backend + type: NodePort + +--- + +#RM frontend service +apiVersion: v1 +kind: Service +metadata: + name: rm-frontend-srv + namespace: prod-environment +spec: + selector: + app: rm-fulda + ports: + - name: rm-frontend + port: 80 + targetPort: rm-frontend + type: NodePort + +--- + + # Ingress description +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: rm-fulda-ingress + namespace: prod-environment + annotations: + kubernetes.io/ingress.class: "traefik" +spec: + rules: + - host: rm-fulda.k8s.semprod.local + http: + paths: + - backend: + service: + name: rm-frontend-srv + port: + number: 80 + path: / + pathType: ImplementationSpecific + - host: rmfulda.semapp.de + http: + paths: + - backend: + service: + name: rm-frontend-srv + port: + number: 80 + path: / + pathType: ImplementationSpecific \ No newline at end of file