dzecevic
/
k8s_deployments
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
303 Commits
26 Branches
0 Tags
382 KiB
Tree: 2c2ab4e3cb
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '2c2ab4e3cb'
${ noResults }
k8s_deployments/02_hetzner/01_prod/rm-fulda/deployment.yaml

266 lines
6.2 KiB
Raw Blame History

# Deployment description
apiVersion: apps/v1
kind: Deployment
metadata:
name: rm-fulda-deployment
namespace: prod-environment
labels:
app: rm-fulda
spec:
strategy:
type: Recreate
replicas: 1
selector:
matchLabels:
app: rm-fulda
template:
metadata:
labels:
app: rm-fulda
spec:
# securityContext:
# runAsUser: 1000
# runAsGroup: 1000
# fsGroup: 1000
containers:
- name: rm-backend
image: packages.semapp.lan:5000/rm-backend:2.5.6
resources:
requests:
memory: "256Mi"
cpu: "100m"
limits:
memory: "512Mi"
cpu: "4"
ports:
- containerPort: 5000
name: rm-backend
protocol: TCP
volumeMounts:
- mountPath: /etc/flexrm/
readOnly: true
name: rmfulda-conf
env:
- name: DJANGO_ENV
value: "development"
imagePullPolicy: Always
- name: rm-frontend
image: packages.semapp.lan:5000/rm-frontend:2.5.6
resources:
requests:
memory: "256Mi"
cpu: "100m"
limits:
memory: "512Mi"
cpu: "4"
ports:
- containerPort: 80
name: rm-frontend
protocol: TCP
volumeMounts:
- mountPath: /etc/nginx/conf.d/
readOnly: true
name: rmfulda-frontend-conf
imagePullPolicy: Always
volumes:
- name: rmfulda-frontend-conf
configMap:
name: rmfulda-frontend-conf
- name: rmfulda-conf
configMap:
name: rmfulda-conf
---
# Backend configuration
apiVersion: v1
kind: ConfigMap
metadata:
namespace: prod-environment
name: rmfulda-conf
data:
flexrm.conf: |
[general]
allowed_hosts = *
secret_key = some_very_long_and_hyper_random_secret_key
[db]
driver = postgresql
db_name = rm_fulda_prod
db_user = rm_fulda_prod
db_password = 2VXb6g4gChrhA2Wg
db_host = psql.semprod.local
[analytics]
piwik_site_id = 3
[frontend]
frontend_url = https://rmfulda.semapp.de/
[email]
host = smtp.strato.de
port = 587
username = support@semantic-applications.de
password = uN1zPIqN9@br
use_tls = True
auto_from = support@semantic-applications.de
[tex]
host = texservice.semprod.local
delete_after_render = False
[media-storage]
#
# the used media-storage is defined via type:
#
# media_type = django.core.files.storage.FileSystemStorage ... the default django file storage
# -> no additional settings are required
#
# media_type = minio_storage.storage.MinioMediaStorage ... the storage used with minio
# -> additional settings for minio:
# minio_endpoint = 127.0.0.1:9000 ... the endpoint and port
# minio_use_https = True|False ... use https for communication
# minio_media_bucket = media-rm ... the media bucket name
# minio_access_key = #your ACCESS_KEY ... the access key
# minio_secret_key = #your SECRET_KEY ... the secret key
# minio_auto_create_bucket = True|False ... if True the bucket is created
#
# To setup minio storage as default for development just comment the file system storage line and uncomment
# all minio storage lines
#
# media_type = django.core.files.storage.FileSystemStorage
media_type = flexrm.kernel.storage.minio.storage.MinIOMediaStorage
minio_endpoint = minio-api.semprod.local
minio_use_https = False
minio_media_bucket = rm-fulda-prod
minio_access_key = rm-fulda-prod
minio_secret_key = u5w77PS8Dp9qVLuQ
minio_auto_create_bucket = True
---
# Frontend nginx configuration
apiVersion: v1
kind: ConfigMap
metadata:
namespace: prod-environment
name: rmfulda-frontend-conf
data:
default.conf: |
upstream backend {
server rm-fulda-backend-srv:5000;
}
server {
listen 80;
server_name $K8S_HOSTNAME;
#access_log /var/log/rm/access.log;
#error_log /var/log/rm/error.log;
charset utf-8;
client_max_body_size 1G;
location / {
root /srv/rm-web;
try_files $uri /index.html =404;
}
location ~ ^/(api|drf|manage) {
proxy_pass http://backend;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /storage {
proxy_pass http://backend;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /static {
# TODO: still needed when we use minio?
alias /srv/public;
}
# Redirect Angular routes
error_page 404 =200 /index.html;
}
---
# RM backend Service
apiVersion: v1
kind: Service
metadata:
name: rm-fulda-backend-srv
namespace: prod-environment
spec:
selector:
app: rm-fulda
ports:
- name: rm-backend
port: 5000
targetPort: rm-backend
type: NodePort
---
#RM frontend service
apiVersion: v1
kind: Service
metadata:
name: rm-fulda-frontend-srv
namespace: prod-environment
spec:
selector:
app: rm-fulda
ports:
- name: rm-frontend
port: 80
targetPort: rm-frontend
type: NodePort
---
# Ingress description
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: rm-fulda-ingress
namespace: prod-environment
annotations:
kubernetes.io/ingress.class: "traefik"
spec:
rules:
- host: rm-fulda.k8s.semprod.local
http:
paths:
- backend:
service:
name: rm-fulda-frontend-srv
port:
number: 80
path: /
pathType: ImplementationSpecific
- host: rmfulda.semapp.de
http:
paths:
- backend:
service:
name: rm-fulda-frontend-srv
port:
number: 80
path: /
pathType: ImplementationSpecific