dzecevic
/
k8s_deployments
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Merge branch 'master' into 'feat/rm-prod' 

# Conflicts:
#   01_onsite/02_qa/trialytix/deployment.yaml
#   02_hetzner/01_prod/baseline/deployment.yaml
feat/add_trialytix-esculape
Domagoj Zecevic 4 years ago
parent
e70d3d41f9 40e2377441
commit
7d25032101
12 changed files with 779 additions and 7 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 89
      01_onsite/00_infra/mariadb/deployment.yaml
  2. 93
      01_onsite/00_infra/passbolt/deployment.yaml
  3. 71
      01_onsite/00_infra/phpmyadmin/deployment.yaml
  4. 8
      01_onsite/00_infra/texservice/deployment.yaml
  5. 85
      01_onsite/01_dev/passbolt/deployment.yaml
  6. 115
      01_onsite/01_dev/semapp-wagtail/deployment.yaml
  7. 2
      01_onsite/01_dev/shubbkoarnsru/deployment.yaml
  8. 2
      01_onsite/02_qa/rm/deployment.yaml
  9. 4
      01_onsite/02_qa/trialytix/deployment.yaml
  10. 6
      02_hetzner/01_prod/baseline/deployment.yaml
  11. 122
      02_hetzner/01_prod/shubbkoarnsru/deployment.yaml
  12. 189
      02_hetzner/02_trialytix/trialytix-demo/deployment.yaml

89
01_onsite/00_infra/mariadb/deployment.yaml
View File

@ -0,0 +1,89 @@
# Deployment description
apiVersion: apps/v1
kind: Deployment
metadata:
name: mariadb-deployment
namespace: infra-environment
labels:
app: mariadb-infra
spec:
strategy:
type: Recreate
replicas: 1
selector:
matchLabels:
app: mariadb-infra
template:
metadata:
labels:
app: mariadb-infra
spec:
containers:
- name: mariadb
image: mariadb:10.7.1
resources:
requests:
memory: "256Mi"
cpu: "100m"
limits:
memory: "512Mi"
cpu: "4"
ports:
- containerPort: 3306
envFrom:
- configMapRef:
name: mariadb-config
volumeMounts:
- mountPath: /var/lib/mysql
name: mariadb-pv-infra
subPath: mariadb
volumes:
- name: mariadb-pv-infra
persistentVolumeClaim:
claimName: mariadb-pvc-infra
---
# Persistent Volume Claim description
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: mariadb-pvc-infra
namespace: infra-environment
labels:
app: mariadb-infra
spec:
storageClassName: longhorn
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
---
# ConfigMap description
apiVersion: v1
kind: ConfigMap
metadata:
name: mariadb-config
namespace: infra-environment
labels:
app: mariadb-infra
data:
MYSQL_ROOT_PASSWORD: Semapp123456!
MYSQL_DATABASE: mariadb
MYSQL_USER: mysqluser
MYSQL_PASSWORD: Semapp123456!
---
# mariadb StatefulSet Service
apiVersion: v1
kind: Service
metadata:
name: mariadb-infra
namespace: infra-environment
spec:
selector:
app: mariadb-infra
type: LoadBalancer
ports:
- port: 3306
targetPort: 3306
---

93
01_onsite/00_infra/passbolt/deployment.yaml
View File

@ -0,0 +1,93 @@
# Deployment description
apiVersion: apps/v1
kind: Deployment
metadata:
name: passbolt-deployment
namespace: infra-environment
labels:
app: passbolt-infra
spec:
strategy:
type: Recreate
replicas: 1
selector:
matchLabels:
app: passbolt-infra
template:
metadata:
labels:
app: passbolt-infra
spec:
containers:
- name: passbolt
image: passbolt/passbolt:3.3.1
resources:
requests:
memory: "256Mi"
cpu: "100m"
limits:
memory: "512Mi"
cpu: "4"
ports:
- containerPort: 8080
name: passbolt-http
protocol: TCP
envFrom:
- configMapRef:
name: passbolt-config-infra
---
# passbolt ConfigMap
apiVersion: v1
kind: ConfigMap
metadata:
namespace: infra-environment
name: passbolt-config-infra
labels:
app: passbolt-infra
data:
DATASOURCES_DEFAULT_HOST: mariadb-infra
DATASOURCES_DEFAULT_PASSWORD: passbolt
DATASOURCES_DEFAULT_USERNAME: passbolt
DATASOURCES_DEFAULT_DATABASE: passbolt
APP_FULL_BASE_URL: http://passbolt.k3s.semapp.lan
## Email config
EMAIL_DEFAULT_FROM: support@semantic-applications.de
EMAIL_TRANSPORT_DEFAULT_HOST: smtp.strato.de
EMAIL_TRANSPORT_DEFAULT_PORT: "587"
EMAIL_TRANSPORT_DEFAULT_USERNAME: support@semantic-applications.de
EMAIL_TRANSPORT_DEFAULT_PASSWORD: "uN1zPIqN9@br"
EMAIL_TRANSPORT_DEFAULT_TLS: "true"
---
# passbolt Service
apiVersion: v1
kind: Service
metadata:
name: passbolt
namespace: infra-environment
spec:
selector:
app: passbolt-infra
ports:
- name: passbolt-http
port: 8080
targetPort: passbolt-http
type: NodePort
---
# Ingress description
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: passbolt-infra-ingress
namespace: infra-environment
annotations:
kubernetes.io/ingress.class: "traefik"
spec:
rules:
- host: passbolt.k3s.semapp.lan
http:
paths:
- path: /
backend:
serviceName: passbolt
servicePort: 8080

71
01_onsite/00_infra/phpmyadmin/deployment.yaml
View File

@ -0,0 +1,71 @@
# Deployment description
apiVersion: apps/v1
kind: Deployment
metadata:
name: phpmyadmin-deployment
namespace: infra-environment
labels:
app: phpmyadmin-infra
spec:
strategy:
type: Recreate
replicas: 1
selector:
matchLabels:
app: phpmyadmin-infra
template:
metadata:
labels:
app: phpmyadmin-infra
spec:
containers:
- name: phpmyadmin
image: phpmyadmin/phpmyadmin
resources:
requests:
memory: "256Mi"
cpu: "100m"
limits:
memory: "512Mi"
cpu: "4"
ports:
- containerPort: 80
name: phpmyadmin-http
protocol: TCP
env:
- name: PMA_HOST
value: "mariadb-infra"
---
# phpmyadmin Service
apiVersion: v1
kind: Service
metadata:
name: phpmyadmin
namespace: infra-environment
spec:
selector:
app: phpmyadmin-infra
ports:
- name: phpmyadmin-http
port: 80
targetPort: phpmyadmin-http
type: NodePort
---
# Ingress description
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: phpmyadmin-infra-ingress
namespace: infra-environment
annotations:
kubernetes.io/ingress.class: "traefik"
spec:
rules:
- host: phpmyadmin.k3s.semapp.lan
http:
paths:
- path: /
backend:
serviceName: phpmyadmin
servicePort: 80

8
01_onsite/00_infra/texservice/deployment.yaml
View File

@ -60,6 +60,14 @@ metadata:
spec: spec:
rules: rules:
- host: texservice.k3s.semapp.lan - host: texservice.k3s.semapp.lan
http:
paths:
- path: /
backend:
serviceName: texservice
servicePort: 5010
rules:
- host: texservice.semapp.lan
http: http:
paths: paths:
- path: / - path: /

85
01_onsite/01_dev/passbolt/deployment.yaml
View File

@ -0,0 +1,85 @@
# Deployment description
apiVersion: apps/v1
kind: Deployment
metadata:
name: passbolt-deployment
namespace: dev-environment
labels:
app: passbolt-dev
spec:
strategy:
type: Recreate
replicas: 1
selector:
matchLabels:
app: passbolt-dev
template:
metadata:
labels:
app: passbolt-dev
spec:
containers:
- name: passbolt
image: passbolt/passbolt:3.3.1
resources:
requests:
memory: "256Mi"
cpu: "100m"
limits:
memory: "512Mi"
cpu: "4"
ports:
- containerPort: 8080
name: passbolt-http
protocol: TCP
envFrom:
- configMapRef:
name: passbolt-dev-config-dev
---
# passbolt ConfigMap
apiVersion: v1
kind: ConfigMap
metadata:
namespace: dev-environment
name: passbolt-dev-config-dev
labels:
app: efc-dev
data:
DATASOURCES_DEFAULT_HOST: mariadb-lb
DATASOURCES_DEFAULT_PASSWORD: passbolt
DATASOURCES_DEFAULT_USERNAME: passbolt
DATASOURCES_DEFAULT_DATABASE: passbolt
APP_FULL_BASE_URL: http://passbolt-dev.k3s.semapp.lan
---
# passbolt Service
apiVersion: v1
kind: Service
metadata:
name: passbolt
namespace: dev-environment
spec:
selector:
app: passbolt-dev
ports:
- name: passbolt-http
port: 8080
targetPort: passbolt-http
type: NodePort
---
# Ingress description
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: passbolt-dev-ingress
namespace: dev-environment
annotations:
kubernetes.io/ingress.class: "traefik"
spec:
rules:
- host: passbolt-dev.k3s.semapp.lan
http:
paths:
- path: /
backend:
serviceName: passbolt
servicePort: 8080

115
01_onsite/01_dev/semapp-wagtail/deployment.yaml
View File

@ -0,0 +1,115 @@
# Deployment description
apiVersion: apps/v1
kind: Deployment
metadata:
name: semapp-deployment
namespace: dev-environment
labels:
app: semapp-dev
spec:
strategy:
type: Recreate
replicas: 1
selector:
matchLabels:
app: semapp-dev
template:
metadata:
labels:
app: semapp-dev
spec:
securityContext:
runAsUser: 1000
runAsGroup: 1000
fsGroup: 1000
containers:
- name: semapp
image: packages.semapp.lan:5000/semapp-wagtail:V0.0.1
imagePullPolicy: Always
resources:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "256Mi"
cpu: "4"
ports:
- containerPort: 8000
name: semapp-http
protocol: TCP
envFrom:
- configMapRef:
name: semapp-dev-config-dev
volumeMounts:
- mountPath: /app/media/
name: semapp-pv-dev
volumes:
- name: semapp-pv-dev
persistentVolumeClaim:
claimName: semapp-pvc-dev
---
apiVersion: v1
kind: ConfigMap
metadata:
namespace: dev-environment
name: semapp-dev-config-dev
labels:
app: semapp-dev
data:
DJANGO_DB_ENGINE: "django.db.backends.postgresql_psycopg2"
DJANGO_DB_NAME: "semapp-wagtail"
DJANGO_DB_USER: "semapp-wagtail"
DJANGO_DB_PASSWORD: "semapp-wagtail"
DJANGO_DB_HOST: "postgres-lb"
DJANGO_DB_PORT: "5432"
---
# Persistent Volume Claim description
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: semapp-pvc-dev
namespace: dev-environment
labels:
app: semapp-dev
spec:
storageClassName: longhorn
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
---
# semapp Service
apiVersion: v1
kind: Service
metadata:
name: semapp
namespace: dev-environment
spec:
selector:
app: semapp-dev
ports:
- name: semapp-http
port: 8000
targetPort: semapp-http
type: NodePort
---
# Ingress description
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: semapp-dev-ingress
namespace: dev-environment
annotations:
kubernetes.io/ingress.class: "traefik"
spec:
rules:
- host: semapp-dev.k3s.semapp.lan
http:
paths:
- path: /
backend:
serviceName: semapp
servicePort: 8000

2
01_onsite/01_dev/shubbkoarnsru/deployment.yaml
View File

@ -24,7 +24,7 @@ spec:
fsGroup: 1000 fsGroup: 1000
containers: containers:
- name: schubbkoarnsru - name: schubbkoarnsru
image: packages.semapp.lan:5000/schubbkoarnsru:v0.0.10 image: packages.semapp.lan:5000/schubbkoarnsru:v1.0.0RC1
imagePullPolicy: Always imagePullPolicy: Always
resources: resources:
requests: requests:

2
01_onsite/02_qa/rm/deployment.yaml
View File

@ -106,7 +106,7 @@ data:
auto_from = support@semantic-applications.de auto_from = support@semantic-applications.de
[tex] [tex]
host = texservice.k3s.semapp.lan host = texservice.semapp.lan
delete_after_render = False delete_after_render = False
[media-storage] [media-storage]

4
01_onsite/02_qa/trialytix/deployment.yaml
View File

@ -18,7 +18,7 @@ spec:
containers: containers:
# Backend container # Backend container
- name: trialytix-backend - name: trialytix-backend
image: packages.semapp.lan:5000/trialytix_backend:1.5.2-rc1 image: packages.semapp.lan:5000/trialytix_backend:develop
resources: resources:
requests: requests:
@ -37,7 +37,7 @@ spec:
imagePullPolicy: Always imagePullPolicy: Always
# Frontend container # Frontend container
- name: trialytix-frontend - name: trialytix-frontend
image: packages.semapp.lan:5000/trialytix_frontend:1.5.2-rc1 image: packages.semapp.lan:5000/trialytix_frontend:develop
resources: resources:
requests: requests:

6
02_hetzner/01_prod/baseline/deployment.yaml
View File

@ -45,7 +45,7 @@ spec:
- name: KEYCLOAK_TOKEN_VALIDITY - name: KEYCLOAK_TOKEN_VALIDITY
value: "600" value: "600"
- name: KEYCLOAK_URL - name: KEYCLOAK_URL
value: "http://keycloak.semapp.lan/auth/" value: "http://keycloak.semprod.local/auth/"
imagePullPolicy: Always imagePullPolicy: Always
- name: baseline-backend - name: baseline-backend
@ -106,9 +106,9 @@ data:
THROTTLE_MAX_ATTEMPTS: "80" THROTTLE_MAX_ATTEMPTS: "80"
KEYCLOAK_URL: "http://keycloak.semapp.lan" KEYCLOAK_URL: "http://keycloak.semprod.local"
KEYCLOAK_PORT: "80" KEYCLOAK_PORT: "80"
KEYCLOAK_REALM: "baseline_prod" KEYCLOAK_REALM: "baseline_production"
REDIRECT_URL: "http://baseline.k8s.semprod.local/" REDIRECT_URL: "http://baseline.k8s.semprod.local/"

122
02_hetzner/01_prod/shubbkoarnsru/deployment.yaml
View File

@ -0,0 +1,122 @@
# Deployment description
apiVersion: apps/v1
kind: Deployment
metadata:
name: skr-deployment
namespace: prod-environment
labels:
app: skr-prod
spec:
strategy:
type: Recreate
replicas: 1
selector:
matchLabels:
app: skr-prod
template:
metadata:
labels:
app: skr-prod
spec:
securityContext:
runAsUser: 1000
runAsGroup: 1000
fsGroup: 1000
containers:
- name: schubbkoarnsru
image: packages.semapp.lan:5000/schubbkoarnsru:v1.0.0RC1
imagePullPolicy: Always
resources:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "256Mi"
cpu: "4"
ports:
- containerPort: 8000
name: skr-http
protocol: TCP
envFrom:
- configMapRef:
name: skr-prod-config-prod
volumeMounts:
- mountPath: /app/media/
name: skr-pv-prod
volumes:
- name: skr-pv-prod
persistentVolumeClaim:
claimName: skr-pvc-prod
---
apiVersion: v1
kind: ConfigMap
metadata:
namespace: prod-environment
name: skr-prod-config-prod
labels:
app: skr-prod
data:
DJANGO_DB_ENGINE: "django.db.backends.postgresql_psycopg2"
DJANGO_DB_NAME: "schubbkoarnsruh"
DJANGO_DB_USER: "schubbkoarnsruh"
DJANGO_DB_PASSWORD: "rHeVZxhSBc6UPsnF"
DJANGO_DB_HOST: "psql.semprod.local"
DJANGO_DB_PORT: "5432"
---
# Persistent Volume Claim description
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: skr-pvc-prod
namespace: prod-environment
labels:
app: skr-prod
spec:
storageClassName: longhorn
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
---
# schubbkoarnsru Service
apiVersion: v1
kind: Service
metadata:
name: skr
namespace: prod-environment
spec:
selector:
app: skr-prod
ports:
- name: skr-http
port: 8000
targetPort: skr-http
type: NodePort
---
# Ingress description
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: skr-prod-ingress
namespace: prod-environment
annotations:
kubernetes.io/ingress.class: "traefik"
spec:
rules:
- host: schubbkoarnsru.k8s.semprod.local
http:
paths:
- path: /
backend:
serviceName: skr
servicePort: 8000
- host: schubbkoarnsruh.semapp.de
http:
paths:
- path: /
backend:
serviceName: skr
servicePort: 8000

189
02_hetzner/02_trialytix/trialytix-demo/deployment.yaml
View File

@ -0,0 +1,189 @@
# Deployment description
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: trialytix-demo
namespace: trialytix-environment
spec:
replicas: 1
selector:
matchLabels:
app: trialytix-demo
template:
metadata:
labels:
app: trialytix-demo
spec:
containers:
# Backend container
- name: trialytix-backend
image: packages.semapp.lan:5000/trialytix_backend:develop
resources:
requests:
memory: "256Mi"
cpu: "100m"
limits:
memory: "512Mi"
cpu: "4"
ports:
- containerPort: 5100
name: trialytix-back
protocol: TCP
envFrom:
- configMapRef:
name: trialytix-config-backend-prod
imagePullPolicy: Always
# Frontend container
- name: trialytix-frontend
image: packages.semapp.lan:5000/trialytix_frontend:develop
resources:
requests:
memory: "256Mi"
cpu: "100m"
limits:
memory: "512Mi"
cpu: "4"
ports:
- containerPort: 8100
name: trialytix-front
protocol: TCP
volumeMounts:
- mountPath: /etc/nginx/conf.d
readOnly: true
name: nginx-trialytix-demo-conf
envFrom:
- configMapRef:
name: trialytix-config-backend-prod
imagePullPolicy: Always
volumes:
- name: nginx-trialytix-demo-conf
configMap:
name: nginx-trialytix-demo-conf
# Env Configuration
---
apiVersion: v1
kind: ConfigMap
metadata:
namespace: trialytix-environment
name: trialytix-config-backend-prod
labels:
app: trialytix-demo
data:
DJANGO_DB_ENGINE: 'django.db.backends.postgresql'
DJANGO_DB_NAME: 'trialytix-demo'
DJANGO_DB_USER: 'trialytix-demo'
DJANGO_DB_PASSWORD: 'CiF\9G{;/Y~y--}V,<'
DJANGO_DB_HOST: 'psql.semprod.local'
DJANGO_DB_PORT: '5432'
ALLOWED_HOSTS: '["*"]'
FRONTEND_URL: 'http://demo.trialytix.io'
API_URL: 'http://demo.trialytix.io'
FRONTEND_PORT: '8100'
BACKEND_PORT: '5100'
# Nginx configuration
---
apiVersion: v1
kind: ConfigMap
metadata:
namespace: trialytix-environment
name: nginx-trialytix-demo-conf
data:
default.conf: |
upstream backend {
server backend-trialytix-demo:5100;
}
server {
listen 8100;
access_log /var/log/nginx/access.log;
charset utf-8;
client_max_body_size 1G;
location / {
root /srv/trialytix;
index index.html index.htm;
try_files $uri /index.html =404;
}
location ~ ^/api {
proxy_pass http://backend;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_read_timeout 300s;
proxy_send_timeout 300s;
send_timeout 300s;
}
error_page 404 =200 /index.html;
add_header 'Cache-Control' 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
expires off;
open_file_cache off;
sendfile off;
}
# Trialytix service
---
apiVersion: v1
kind: Service
metadata:
name: backend-trialytix-demo
namespace: trialytix-environment
spec:
selector:
app: trialytix-demo
ports:
- name: trialytix-back
port: 5100
targetPort: trialytix-back
type: NodePort
---
apiVersion: v1
kind: Service
metadata:
name: frontend-trialytix-demo
namespace: trialytix-environment
spec:
selector:
app: trialytix-demo
ports:
- name: trialytix-front
port: 8100
targetPort: trialytix-front
type: NodePort
# Ingress description
---
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: trialytix-demo-ingress
namespace: trialytix-environment
annotations:
kubernetes.io/ingress.class: "traefik"
spec:
rules:
- host: trialytix-demo.k8s.semprod.local
http:
paths:
- path: /
backend:
serviceName: frontend-trialytix-demo
servicePort: 8100
- host: demo.trialytix.io
http:
paths:
- path: /
backend:
serviceName: frontend-trialytix-demo
servicePort: 8100
Write Preview
Loading…
Cancel
Save