# Deployment description apiVersion: apps/v1 kind: Deployment metadata: name: rm-fulda-deployment namespace: prod-environment labels: app: rm-fulda spec: strategy: type: Recreate replicas: 1 selector: matchLabels: app: rm-fulda template: metadata: labels: app: rm-fulda spec: # securityContext: # runAsUser: 1000 # runAsGroup: 1000 # fsGroup: 1000 containers: - name: rm-backend image: packages.semapp.lan:5000/rm-backend:2.5.9 resources: requests: memory: "256Mi" cpu: "100m" limits: memory: "512Mi" cpu: "4" ports: - containerPort: 5000 name: rm-backend protocol: TCP volumeMounts: - mountPath: /etc/flexrm/ readOnly: true name: rmfulda-conf env: - name: DJANGO_ENV value: "development" imagePullPolicy: Always - name: rm-frontend image: packages.semapp.lan:5000/rm-frontend:2.5.9 resources: requests: memory: "256Mi" cpu: "100m" limits: memory: "512Mi" cpu: "4" ports: - containerPort: 80 name: rm-frontend protocol: TCP volumeMounts: - mountPath: /etc/nginx/conf.d/ readOnly: true name: rmfulda-frontend-conf imagePullPolicy: Always volumes: - name: rmfulda-frontend-conf configMap: name: rmfulda-frontend-conf - name: rmfulda-conf configMap: name: rmfulda-conf --- # Backend configuration apiVersion: v1 kind: ConfigMap metadata: namespace: prod-environment name: rmfulda-conf data: flexrm.conf: | [general] allowed_hosts = * secret_key = some_very_long_and_hyper_random_secret_key [db] driver = postgresql db_name = rm_fulda_prod db_user = rm_fulda_prod db_password = 2VXb6g4gChrhA2Wg db_host = psql.semprod.local [analytics] piwik_site_id = 3 [frontend] frontend_url = https://rmfulda.semapp.de/ [email] host = smtp.strato.de port = 587 username = support@semantic-applications.de password = uN1zPIqN9@br use_tls = True auto_from = support@semantic-applications.de [tex] host = texservice.semprod.local delete_after_render = False [media-storage] # # the used media-storage is defined via type: # # media_type = django.core.files.storage.FileSystemStorage ... the default django file storage # -> no additional settings are required # # media_type = minio_storage.storage.MinioMediaStorage ... the storage used with minio # -> additional settings for minio: # minio_endpoint = 127.0.0.1:9000 ... the endpoint and port # minio_use_https = True|False ... use https for communication # minio_media_bucket = media-rm ... the media bucket name # minio_access_key = #your ACCESS_KEY ... the access key # minio_secret_key = #your SECRET_KEY ... the secret key # minio_auto_create_bucket = True|False ... if True the bucket is created # # To setup minio storage as default for development just comment the file system storage line and uncomment # all minio storage lines # # media_type = django.core.files.storage.FileSystemStorage media_type = flexrm.kernel.storage.minio.storage.MinIOMediaStorage minio_endpoint = minio-api.semprod.local minio_use_https = False minio_media_bucket = rm-fulda-prod minio_access_key = rm-fulda-prod minio_secret_key = u5w77PS8Dp9qVLuQ minio_auto_create_bucket = True --- # Frontend nginx configuration apiVersion: v1 kind: ConfigMap metadata: namespace: prod-environment name: rmfulda-frontend-conf data: default.conf: | upstream backend { server rm-fulda-backend-srv:5000; } server { listen 80; server_name $K8S_HOSTNAME; #access_log /var/log/rm/access.log; #error_log /var/log/rm/error.log; charset utf-8; client_max_body_size 1G; location / { root /srv/rm-web; try_files $uri /index.html =404; } location ~ ^/(api|drf|manage) { proxy_pass http://backend; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location /storage { proxy_pass http://backend; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location /static { # TODO: still needed when we use minio? alias /srv/public; } # Redirect Angular routes error_page 404 =200 /index.html; } --- # RM backend Service apiVersion: v1 kind: Service metadata: name: rm-fulda-backend-srv namespace: prod-environment spec: selector: app: rm-fulda ports: - name: rm-backend port: 5000 targetPort: rm-backend type: NodePort --- #RM frontend service apiVersion: v1 kind: Service metadata: name: rm-fulda-frontend-srv namespace: prod-environment spec: selector: app: rm-fulda ports: - name: rm-frontend port: 80 targetPort: rm-frontend type: NodePort --- # Ingress description apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: rm-fulda-ingress namespace: prod-environment annotations: kubernetes.io/ingress.class: "traefik" spec: rules: - host: rm-fulda.k8s.semprod.local http: paths: - backend: service: name: rm-fulda-frontend-srv port: number: 80 path: / pathType: ImplementationSpecific - host: rmfulda.semapp.de http: paths: - backend: service: name: rm-fulda-frontend-srv port: number: 80 path: / pathType: ImplementationSpecific