From 7f871b4014b71a930100fa9150f03c35d5789557 Mon Sep 17 00:00:00 2001 From: Antun Franjin Date: Tue, 14 Dec 2021 03:52:25 +0100 Subject: [PATCH] Add qa baseline working instzance and add production deployment(not final). --- 01_onsite/01_dev/baseline/deployment.yaml | 21 +- 01_onsite/02_qa/baseline/deployment.yaml | 42 ++-- 02_hetzner/01_prod/baseline/deployment.yaml | 229 ++++++++++++++++++++ 3 files changed, 250 insertions(+), 42 deletions(-) create mode 100644 02_hetzner/01_prod/baseline/deployment.yaml diff --git a/01_onsite/01_dev/baseline/deployment.yaml b/01_onsite/01_dev/baseline/deployment.yaml index 4c0d2e0..b11e709 100644 --- a/01_onsite/01_dev/baseline/deployment.yaml +++ b/01_onsite/01_dev/baseline/deployment.yaml @@ -21,6 +21,7 @@ spec: containers: - name: baseline-frontend image: packages.semapp.lan:5000/baseline_frontend:develop + workingDir: /srv/web resources: requests: memory: "256Mi" @@ -37,23 +38,15 @@ spec: readOnly: true name: baseline-dev-frontend-conf imagePullPolicy: Always - env: - - name: PORT - value: "8000" - - name: REACT_APP_PROD_API_URL - value: "http://baseline-dev.k3s.semapp.lan/api/" - - name: REACT_APP_DEV_API_URL - value: "http://baseline-dev.k3s.semapp.lan/api/" - - name: REACT_APP_VERSION - value: "v1" - - name: REACT_APP_KEYCLOAK_URL - value: "http://keycloak.semapp.lan/auth/" - - name: REACT_APP_KEYCLOAK_REALM + env: + - name: KEYCLOAK_REALM value: "baseline" - - name: REACT_APP_KEYCLOAK_CLIENT_ID + - name: KEYCLOAK_CLIENT value: "baseline" - - name: REACT_APP_TOKEN_MIN_VALIDITY + - name: KEYCLOAK_TOKEN_VALIDITY value: "600" + - name: KEYCLOAK_URL + value: "http://keycloak.semapp.lan/auth/" - name: baseline-backend image: packages.semapp.lan:5000/baseline_backend:develop diff --git a/01_onsite/02_qa/baseline/deployment.yaml b/01_onsite/02_qa/baseline/deployment.yaml index b482302..cc57d5e 100644 --- a/01_onsite/02_qa/baseline/deployment.yaml +++ b/01_onsite/02_qa/baseline/deployment.yaml @@ -21,7 +21,7 @@ spec: containers: - name: baseline-frontend image: packages.semapp.lan:5000/baseline_frontend:qa1 - workingDir: /opt/web + workingDir: /srv/web resources: requests: memory: "256Mi" @@ -34,13 +34,18 @@ spec: name: baseline-http protocol: TCP volumeMounts: - - mountPath: /etc/nginx/conf.d - readOnly: true - name: baseline-qa-frontend-conf - - mountPath: /etc/web/src/appConf.json - subPath: appConf.json - name: basiline-env-frontend - readOnly: true + - mountPath: /etc/nginx/conf.d + readOnly: true + name: baseline-qa-frontend-conf + env: + - name: KEYCLOAK_REALM + value: "baseline_test" + - name: KEYCLOAK_CLIENT + value: "baseline_qa" + - name: KEYCLOAK_TOKEN_VALIDITY + value: "600" + - name: KEYCLOAK_URL + value: "http://keycloak.semapp.lan/auth/" imagePullPolicy: Always - name: baseline-backend @@ -62,29 +67,10 @@ spec: - configMapRef: name: baseline-qa-backend-conf volumes: - - name: basiline-env-frontend - configMap: - name: basiline-env-frontend - name: baseline-qa-frontend-conf configMap: name: baseline-qa-frontend-conf ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: basiline-env-frontend - namespace: qa-environment - labels: - app: baseline-qa -data: - appConf.json: | - { - "REACT_APP_KEYCLOAK_REALM": "baseline_test", - "REACT_APP_KEYCLOAK_CLIENT_ID": "baseline_qa", - "REACT_APP_TOKEN_MIN_VALIDITY": "600" - } - --- apiVersion: v1 kind: ConfigMap @@ -97,7 +83,7 @@ data: DB_CONNECTION: "pgsql" DB_HOST: "dbpg11.semapp.lan" DB_PORT: "5432" - DB_DATABASE: "baseline_k8s_db" + DB_DATABASE: "baseline_k8s_qa" DB_USERNAME: "baseline_qa" DB_PASSWORD: "baseline_qa" diff --git a/02_hetzner/01_prod/baseline/deployment.yaml b/02_hetzner/01_prod/baseline/deployment.yaml new file mode 100644 index 0000000..9ab995c --- /dev/null +++ b/02_hetzner/01_prod/baseline/deployment.yaml @@ -0,0 +1,229 @@ +# Deployment description +apiVersion: apps/v1 +kind: Deployment +metadata: + name: baseline-deployment + namespace: prod-environment + labels: + app: baseline-prod +spec: + strategy: + type: Recreate + replicas: 1 + selector: + matchLabels: + app: baseline-prod + template: + metadata: + labels: + app: baseline-prod + spec: + containers: + - name: baseline-frontend + image: packages.semapp.lan:5000/baseline_frontend:qa1 + workingDir: /srv/web + resources: + requests: + memory: "256Mi" + cpu: "100m" + limits: + memory: "512Mi" + cpu: "4" + ports: + - containerPort: 8000 + name: baseline-http + protocol: TCP + volumeMounts: + - mountPath: /etc/nginx/conf.d + readOnly: true + name: baseline-prod-frontend-conf + + - mountPath: /srv/web/appConfiguration.json + subPath: appConfiguration.json + name: basiline-prod-env-frontend + readOnly: true + + imagePullPolicy: Always + + - name: baseline-backend + image: packages.semapp.lan:5000/baseline_backend:qa1 + workingDir: /opt/www + resources: + requests: + memory: "256Mi" + cpu: "100m" + limits: + memory: "512Mi" + cpu: "4" + ports: + - containerPort: 5000 + name: bl-bck-http + protocol: TCP + imagePullPolicy: Always + envFrom: + - configMapRef: + name: baseline-prod-backend-conf + volumes: + - name: basiline-prod-env-frontend + configMap: + name: basiline-env-frontend + - name: baseline-prod-frontend-conf + configMap: + name: baseline-prod-frontend-conf + +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: basiline-prod-env-frontend + namespace: prod-environment + labels: + app: baseline-prod +data: + appConfiguration.json: | + { + "REACT_APP_KEYCLOAK_URL": "http://keycloak.semapp.lan/auth/", + "REACT_APP_KEYCLOAK_REALM": "baseline_prod", + "REACT_APP_KEYCLOAK_CLIENT_ID": "baseline_prod", + "REACT_APP_TOKEN_MIN_VALIDITY": "600" + } + +--- +apiVersion: v1 +kind: ConfigMap +metadata: + namespace: prod-environment + name: baseline-prod-backend-conf + labels: + app: baseline-prod +data: + DB_CONNECTION: "pgsql" + DB_HOST: "psql.semprod.local" + DB_PORT: "5432" + DB_DATABASE: "baseline_prod" + DB_USERNAME: "baseline_prod" + DB_PASSWORD: "yZLi2WZ037l9Xcgg" + + APP_NAME: "Baseline" + APP_ENV: "production" + APP_KEY: "base64:14Vg4rilGKEk34XeqNR7ffg6GhFTzA7/z5T1aqy6JHw=" + APP_DEBUG: "true" + APP_URL: "http://baseline.k8s.semprod.local/" + + LOG_CHANNEL: "stack" + BROADCAST_DRIVER: "log" + CACHE_DRIVER: "file" + QUEUE_CONNECTION: "sync" + SESSION_DRIVER: "cookie" + SESSION_LIFETIME: "120" + + + SANCTUM_STATEFUL_DOMAINS: "baseline.k8s.semprod.local" + SESSION_DOMAIN: "baseline.k8s.semprod.local" + + THROTTLE_MAX_ATTEMPTS: "80" + + KEYCLOAK_URL: "http://keycloak.semapp.lan" + KEYCLOAK_PORT: "80" + KEYCLOAK_REALM: "baseline_prod" + + REDIRECT_URL: "http://baseline.k8s.semprod.local/" + +--- +apiVersion: v1 +kind: ConfigMap +metadata: + namespace: prod-environment + name: baseline-prod-frontend-conf +data: + default.conf: | + upstream backend { + server baseline-backend-prod:5000; + } + + server { + listen 8000; + + access_log /var/log/nginx/access.log; + charset utf-8; + client_max_body_size 1G; + + location / { + root /srv/web; + add_header X-Frame-Options "SAMEORIGIN"; + index index.html index.htm; + try_files $uri $uri /index.html =404; + } + + location ~ ^/api { + proxy_pass http://backend; + proxy_redirect off; + + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + + proxy_read_timeout 300s; + proxy_send_timeout 300s; + send_timeout 300s; + } + + error_page 404 =200 /index.html; + + add_header 'Cache-Control' 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0'; + + expires off; + open_file_cache off; + sendfile off; + } + +--- +# EFC Service +apiVersion: v1 +kind: Service +metadata: + name: baseline-frontend-prod + namespace: prod-environment +spec: + selector: + app: baseline-prod + ports: + - name: baseline-http + port: 8000 + targetPort: baseline-http + type: NodePort + +--- +# EFC backend +apiVersion: v1 +kind: Service +metadata: + name: baseline-backend-prod + namespace: prod-environment +spec: + selector: + app: baseline-prod + ports: + - name: bl-bck-http + port: 5000 + targetPort: bl-bck-http + type: NodePort +--- + +# Ingress description +apiVersion: networking.k8s.io/v1beta1 +kind: Ingress +metadata: + name: baseline-prod-ingress + namespace: prod-environment + annotations: + kubernetes.io/ingress.class: "traefik" +spec: + rules: + - host: baseline.k8s.semprod.local + http: + paths: + - path: / + backend: + serviceName: baseline-frontend-prod + servicePort: 8000 \ No newline at end of file