dzecevic
/
k8s_deployments
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Merge branch 'refactor/baseline-production-deployments' into 'master' 

refactor/baseline-production-deployments

See merge request devops/k8s-deployments!71
master
Antun Franjin 4 years ago
parent
5bed226b1a dbb9500d67
commit
97bf4ab2d4
6 changed files with 371 additions and 31 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      02_hetzner/01_prod/efc/deployment.yaml
  2. 2
      02_hetzner/01_prod/semapp-wagtail/deployment.yaml
  3. 12
      02_hetzner/01_prod/semcust/deployment.yaml
  4. 229
      02_hetzner/03_baseline/baseline-demo/deployment.yaml
  5. 63
      02_hetzner/03_baseline/baseline/deployment.yaml
  6. 92
      02_hetzner/03_baseline/keycloak/deployment.yaml

4
02_hetzner/01_prod/efc/deployment.yaml
View File

@ -20,7 +20,7 @@ spec:
spec:
containers:
- name: efc-frontend
image: packages.semapp.lan:5000/efc-admin_frontend:prod
image: packages.semapp.lan:5000/efc-admin_frontend:1.0.8-rc1
resources:
requests:
memory: "256Mi"
@ -41,7 +41,7 @@ spec:
- configMapRef:
name: efc-prod-config
- name: efc-backend
image: packages.semapp.lan:5000/efc-admin_backend:prod
image: packages.semapp.lan:5000/efc-admin_backend:1.0.8-rc1
resources:
requests:
memory: "256Mi"

2
02_hetzner/01_prod/semapp-wagtail/deployment.yaml
View File

@ -41,7 +41,7 @@ spec:
- configMapRef:
name: semapp-prod-config
volumeMounts:
- mountPath: /app/media/
- mountPath: semapp_wagtail/media/.
name: semapp-pv-prod
volumes:
- name: semapp-pv-prod

12
02_hetzner/01_prod/semcust/deployment.yaml
View File

@ -20,7 +20,7 @@ spec:
spec:
containers:
- name: semcust-frontend
image: packages.semapp.lan:5000/semcust_frontend:1.2.2
image: packages.semapp.lan:5000/semcust_frontend:1.3.1
resources:
requests:
memory: "256Mi"
@ -38,7 +38,7 @@ spec:
name: nginx-conf
imagePullPolicy: Always
- name: semcust-backend
image: packages.semapp.lan:5000/semcust_backend:1.2.2
image: packages.semapp.lan:5000/semcust_backend:1.3.1
resources:
requests:
memory: "256Mi"
@ -93,13 +93,13 @@ data:
EMAIL_HOST_PASSWORD: "uN1zPIqN9@br"
# BASELINE NEDDED VARIABLES (this will be need changed then keyclak will be on internet)
BASELINE_KEY: "AESNEwfqJVwaI4aLwyVl7kzTqdmWeQQq9hCpLRGahYI"
BASE_KEYCLOAK_URL: "http://keycloak.semprod.local"
BASELINE_KEY: "AESNEwfqJVwaI4aLwyVl7kzTqdmWeQQq9hCpLRGahYI="
BASE_KEYCLOAK_URL: "https://kc.semapp.de/"
BASELINE_KEYCLOAK_CLIENT_ID: "baseline_prod"
BASELINE_KEYCLOAK_REALM: "baseline_production"
BASELINE_KEYCLOAK_REALM: "baseline"
KEYCLOAK_ADMIN_USERNAME: "admin"
KEYCLOAK_ADMIN_PASSWORD: "admin"
KEYCLOAK_ADMIN_PASSWORD: "yEu2hr7j8WjYW2wXp3UQq6qN"
KEYCLOAK_ADMIN_CLIENT_ID: "admin-cli"
---

229
02_hetzner/03_baseline/baseline-demo/deployment.yaml
View File

@ -0,0 +1,229 @@
# Deployment description
apiVersion: apps/v1
kind: Deployment
metadata:
name: baseline-demo-deployment
namespace: baseline-environment
labels:
app: baseline-demo
spec:
strategy:
type: Recreate
replicas: 1
selector:
matchLabels:
app: baseline-demo
template:
metadata:
labels:
app: baseline-demo
spec:
containers:
- name: baseline-frontend
image: packages.semapp.lan:5000/baseline_frontend:qa1
workingDir: /srv/web
resources:
requests:
memory: "256Mi"
cpu: "100m"
limits:
memory: "512Mi"
cpu: "4"
ports:
- containerPort: 8000
name: baseline-http
protocol: TCP
volumeMounts:
- mountPath: /etc/nginx/conf.d
readOnly: true
name: baseline-demo-frontend-conf
env:
- name: KEYCLOAK_REALM
value: "baseline_demo"
- name: KEYCLOAK_CLIENT
value: "baseline_demo"
- name: KEYCLOAK_TOKEN_VALIDITY
value: "600"
- name: KEYCLOAK_URL
value: "https://kc.semapp.de/auth/"
imagePullPolicy: Always
- name: baseline-backend
image: packages.semapp.lan:5000/baseline_backend:qa1
workingDir: /opt/www
resources:
requests:
memory: "256Mi"
cpu: "100m"
limits:
memory: "512Mi"
cpu: "4"
ports:
- containerPort: 5000
name: bl-bck-http
protocol: TCP
imagePullPolicy: Always
envFrom:
- configMapRef:
name: baseline-demo-backend-conf
volumes:
- name: baseline-demo-frontend-conf
configMap:
name: baseline-demo-frontend-conf
---
apiVersion: v1
kind: ConfigMap
metadata:
namespace: baseline-environment
name: baseline-demo-backend-conf
labels:
app: baseline-demo
data:
DB_CONNECTION: "pgsql"
DB_HOST: "psql.semprod.local"
DB_PORT: "5432"
DB_DATABASE: "baseline_demo"
DB_USERNAME: "baseline_demo"
DB_PASSWORD: "SZH8wYW4RTEtj6jg"
APP_NAME: "Baseline"
APP_ENV: "production"
APP_KEY: "base64:14Vg4rilGKEk34XeqNR7ffg6GhFTzA7/z5T1aqy6JHw="
APPLICATION_KEY: "0X6UivJQtB1rqMFtBGTTsDcRq2OpTHo1jb8z6tDj2EQ="
SEMCUST_URL: "https://portal.semapp.de/"
APP_DEBUG: "true"
APP_URL: "https://demo-baseline.semapp.de/"
LOG_CHANNEL: "stack"
BROADCAST_DRIVER: "log"
CACHE_DRIVER: "file"
QUEUE_CONNECTION: "sync"
SESSION_DRIVER: "cookie"
SESSION_LIFETIME: "120"
SANCTUM_STATEFUL_DOMAINS: "demo-baseline.semapp.de"
SESSION_DOMAIN: "demo-baseline.semapp.de"
THROTTLE_MAX_ATTEMPTS: "80"
KEYCLOAK_URL: "https://kc.semapp.de"
KEYCLOAK_PORT: "80"
KEYCLOAK_REALM: "baseline_demo"
REDIRECT_URL: "https://demo-baseline.semapp.de/"
---
apiVersion: v1
kind: ConfigMap
metadata:
namespace: baseline-environment
name: baseline-demo-frontend-conf
data:
default.conf: |
upstream backend {
server baseline-backend-demo:5000;
}
server {
listen 8000;
access_log /var/log/nginx/access.log;
charset utf-8;
client_max_body_size 1G;
location / {
root /srv/web;
add_header X-Frame-Options "SAMEORIGIN";
index index.html index.htm;
try_files $uri $uri /index.html =404;
}
location ~ ^/api {
proxy_pass http://backend;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_read_timeout 300s;
proxy_send_timeout 300s;
send_timeout 300s;
}
error_page 404 =200 /index.html;
add_header 'Cache-Control' 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
expires off;
open_file_cache off;
sendfile off;
}
---
# EFC Service
apiVersion: v1
kind: Service
metadata:
name: baseline-frontend-demo
namespace: basline-environment
spec:
selector:
app: baseline-demo
ports:
- name: baseline-http
port: 8000
targetPort: baseline-http
type: NodePort
---
# EFC backend
apiVersion: v1
kind: Service
metadata:
name: baseline-backend-demo
namespace: baseline-environment
spec:
selector:
app: baseline-demo
ports:
- name: bl-bck-http
port: 5000
targetPort: bl-bck-http
type: NodePort
---
# Ingress description
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: baseline-demo-ingress
namespace: baseline-environment
annotations:
kubernetes.io/ingress.class: "traefik"
spec:
rules:
- host: baseline-demo.k8s.semprod.local
http:
paths:
- backend:
service:
name: baseline-frontend-demo
port:
number: 8000
path: /
pathType: ImplementationSpecific
- host: demo-baseline.semapp.de
http:
paths:
- backend:
service:
name: baseline-frontend-demo
port:
number: 8000
path: /
pathType: ImplementationSpecific

63
02_hetzner/01_prod/baseline/deployment.yaml → 02_hetzner/03_baseline/baseline/deployment.yaml
View File

@ -2,8 +2,8 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: baseline-deployment
namespace: prod-environment
name: baseline-prod-deployment
namespace: baseline-environment
labels:
app: baseline-prod
spec:
@ -20,7 +20,8 @@ spec:
spec:
containers:
- name: baseline-frontend
image: packages.semapp.lan:5000/baseline_frontend:qa1
image: packages.semapp.lan:5000/baseline_frontend:1.1.1-baseline
workingDir: /srv/web
resources:
requests:
@ -45,11 +46,12 @@ spec:
- name: KEYCLOAK_TOKEN_VALIDITY
value: "600"
- name: KEYCLOAK_URL
value: "http://keycloak.semprod.local/auth/"
value: "https://kc.semapp.de/auth/"
imagePullPolicy: Always
- name: baseline-backend
image: packages.semapp.lan:5000/baseline_backend:qa1
image: packages.semapp.lan:5000/baseline_backend:1.1.1-baseline
workingDir: /opt/www
resources:
requests:
@ -75,7 +77,7 @@ spec:
apiVersion: v1
kind: ConfigMap
metadata:
namespace: prod-environment
namespace: baseline-environment
name: baseline-prod-backend-conf
labels:
app: baseline-prod
@ -90,8 +92,12 @@ data:
APP_NAME: "Baseline"
APP_ENV: "production"
APP_KEY: "base64:14Vg4rilGKEk34XeqNR7ffg6GhFTzA7/z5T1aqy6JHw="
APPLICATION_KEY: "0X6UivJQtB1rqMFtBGTTsDcRq2OpTHo1jb8z6tDj2EQ="
SEMCUST_URL: "https://portal.semapp.de/"
APP_DEBUG: "true"
APP_URL: "http://baseline.k8s.semprod.local/"
APP_URL: "https://baseline.semapp.de/"
LOG_CHANNEL: "stack"
BROADCAST_DRIVER: "log"
@ -101,22 +107,22 @@ data:
SESSION_LIFETIME: "120"
SANCTUM_STATEFUL_DOMAINS: "baseline.k8s.semprod.local"
SESSION_DOMAIN: "baseline.k8s.semprod.local"
SANCTUM_STATEFUL_DOMAINS: "baseline.semapp.de"
SESSION_DOMAIN: "baseline.semapp.de"
THROTTLE_MAX_ATTEMPTS: "80"
KEYCLOAK_URL: "http://keycloak.semprod.local"
KEYCLOAK_PORT: "80"
KEYCLOAK_REALM: "baseline_production"
KEYCLOAK_URL: "http://kc.k8s.semprod.local"
KEYCLOAK_PORT: "8080"
KEYCLOAK_REALM: "baseline"
REDIRECT_URL: "http://baseline.k8s.semprod.local/"
REDIRECT_URL: "https://baseline.semapp.de/"
---
apiVersion: v1
kind: ConfigMap
metadata:
namespace: prod-environment
namespace: baseline-environment
name: baseline-prod-frontend-conf
data:
default.conf: |
@ -166,7 +172,7 @@ apiVersion: v1
kind: Service
metadata:
name: baseline-frontend-prod
namespace: prod-environment
namespace: baseline-environment
spec:
selector:
app: baseline-prod
@ -182,7 +188,7 @@ apiVersion: v1
kind: Service
metadata:
name: baseline-backend-prod
namespace: prod-environment
namespace: baseline-environment
spec:
selector:
app: baseline-prod
@ -194,11 +200,11 @@ spec:
---
# Ingress description
apiVersion: networking.k8s.io/v1beta1
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: baseline-prod-ingress
namespace: prod-environment
namespace: baseline-environment
annotations:
kubernetes.io/ingress.class: "traefik"
spec:
@ -206,7 +212,20 @@ spec:
- host: baseline.k8s.semprod.local
http:
paths:
- path: /
backend:
serviceName: baseline-frontend-prod
servicePort: 8000
- backend:
service:
name: baseline-frontend-prod
port:
number: 8000
path: /
pathType: ImplementationSpecific
- host: baseline.semapp.de
http:
paths:
- backend:
service:
name: baseline-frontend-prod
port:
number: 8000
path: /
pathType: ImplementationSpecific

92
02_hetzner/03_baseline/keycloak/deployment.yaml
View File

@ -0,0 +1,92 @@
---
apiVersion: "apps/v1"
kind: "Deployment"
metadata:
name: "keycloak"
namespace: "baseline-environment"
spec:
selector:
matchLabels:
app: "keycloak"
replicas: 1
template:
metadata:
labels:
app: "keycloak"
spec:
containers:
- name: "keycloak-prod"
image: "jboss/keycloak"
resources:
requests:
memory: "512Mi"
cpu: "100m"
limits:
memory: "1Gi"
cpu: "4"
imagePullPolicy: "Always"
env:
- name: "KEYCLOAK_USER"
value: "admin"
- name: "KEYCLOAK_PASSWORD"
value: "yEu2hr7j8WjYW2wXp3UQq6qN"
- name: DB_VENDOR
value: postgres
- name: DB_ADDR
value: psql.semprod.local
- name: DB_DATABASE
value: keycloak_db
- name: DB_USER
value: keycloak
- name: DB_PASSWORD
value: e7ov7xx45qr1erk9
- name: KEYCLOAK_FRONTEND_URL
value: https://kc.semapp.de/auth/
ports:
- name: keycloak-http
containerPort: 8080
---
apiVersion: v1
kind: Service
metadata:
name: kc-srv
namespace: baseline-environment
spec:
selector:
app: keycloak
ports:
- name: keycloak-http
port: 8080
targetPort: keycloak-http
type: NodePort
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: keycloak-ingress
namespace: baseline-environment
annotations:
kubernetes.io/ingress.class: "traefik"
spec:
rules:
- host: kc.k8s.semprod.local
http:
paths:
- backend:
service:
name: kc-srv
port:
number: 8080
path: /
pathType: ImplementationSpecific
- host: kc.semapp.de
http:
paths:
- backend:
service:
name: kc-srv
port:
number: 8080
path: /
pathType: ImplementationSpecific
Write Preview
Loading…
Cancel
Save