deploy
All checks were successful
Build and Push Container Image / build-and-push (push) Successful in 8m29s
All checks were successful
Build and Push Container Image / build-and-push (push) Successful in 8m29s
This commit is contained in:
0
deploy/.gitkeep
Normal file
0
deploy/.gitkeep
Normal file
12
deploy/base/app-secret.yaml
Normal file
12
deploy/base/app-secret.yaml
Normal file
@@ -0,0 +1,12 @@
|
||||
apiVersion: secrets.hashicorp.com/v1beta1
|
||||
kind: VaultStaticSecret
|
||||
metadata:
|
||||
name: mal-app
|
||||
spec:
|
||||
type: kv-v2
|
||||
mount: secret
|
||||
path: mal
|
||||
destination:
|
||||
name: mal
|
||||
create: true
|
||||
refreshAfter: 1h
|
||||
11
deploy/base/cert.yaml
Normal file
11
deploy/base/cert.yaml
Normal file
@@ -0,0 +1,11 @@
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Certificate
|
||||
metadata:
|
||||
name: mal-tls
|
||||
spec:
|
||||
secretName: mal-tls
|
||||
issuerRef:
|
||||
name: letsencrypt-prod
|
||||
kind: ClusterIssuer
|
||||
dnsNames:
|
||||
- mal.melosh.tech
|
||||
72
deploy/base/deployment.yaml
Normal file
72
deploy/base/deployment.yaml
Normal file
@@ -0,0 +1,72 @@
|
||||
# https://kubernetes.io/docs/concepts/workloads/controllers/deployment/
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: mal
|
||||
labels:
|
||||
app: mal
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: mal
|
||||
strategy:
|
||||
rollingUpdate:
|
||||
maxSurge: 25%
|
||||
maxUnavailable: 25%
|
||||
type: RollingUpdate
|
||||
template:
|
||||
metadata:
|
||||
annotations:
|
||||
kubectl.kubernetes.io/default-container: mal
|
||||
labels:
|
||||
app: mal
|
||||
spec:
|
||||
containers:
|
||||
- name: mal
|
||||
image: main
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- containerPort: 3000
|
||||
name: http
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 100Mi
|
||||
limits:
|
||||
cpu: 100m
|
||||
memory: 100Mi
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
port: 3000
|
||||
initialDelaySeconds: 5
|
||||
timeoutSeconds: 5
|
||||
successThreshold: 1
|
||||
failureThreshold: 3
|
||||
periodSeconds: 10
|
||||
readinessProbe:
|
||||
tcpSocket:
|
||||
port: 3000
|
||||
initialDelaySeconds: 2
|
||||
timeoutSeconds: 5
|
||||
successThreshold: 1
|
||||
failureThreshold: 3
|
||||
periodSeconds: 10
|
||||
env:
|
||||
- name: DATABASE_FILE
|
||||
value: /app/data/mal.db
|
||||
- name: GIN_MODE
|
||||
value: release
|
||||
- name: PLAYBACK_PROXY_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: mal
|
||||
key: PLAYBACK_PROXY_SECRET
|
||||
volumeMounts:
|
||||
- name: data
|
||||
mountPath: /app/data
|
||||
volumes:
|
||||
- name: data
|
||||
persistentVolumeClaim:
|
||||
claimName: mal-data
|
||||
restartPolicy: Always
|
||||
16
deploy/base/ingress.yaml
Normal file
16
deploy/base/ingress.yaml
Normal file
@@ -0,0 +1,16 @@
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: mal-ingress
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
- web
|
||||
routes:
|
||||
- match: Host(`mal.melosh.tech`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: mal
|
||||
port: 3000
|
||||
tls:
|
||||
secretName: mal-tls
|
||||
11
deploy/base/kustomization.yaml
Normal file
11
deploy/base/kustomization.yaml
Normal file
@@ -0,0 +1,11 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
namespace: mal
|
||||
|
||||
resources:
|
||||
- ./deployment.yaml
|
||||
- ./ingress.yaml
|
||||
- ./cert.yaml
|
||||
- ./service.yaml
|
||||
- ./pvc.yaml
|
||||
- ./app-secret.yaml
|
||||
10
deploy/base/pvc.yaml
Normal file
10
deploy/base/pvc.yaml
Normal file
@@ -0,0 +1,10 @@
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: mal-data
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
14
deploy/base/service.yaml
Normal file
14
deploy/base/service.yaml
Normal file
@@ -0,0 +1,14 @@
|
||||
# https://kubernetes.io/docs/concepts/services-networking/service/
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: mal
|
||||
spec:
|
||||
selector:
|
||||
app: mal
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- name: mal
|
||||
protocol: TCP
|
||||
port: 3000
|
||||
targetPort: 3000
|
||||
20
deploy/overlays/production/deployment.yaml
Normal file
20
deploy/overlays/production/deployment.yaml
Normal file
@@ -0,0 +1,20 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: mal
|
||||
spec:
|
||||
replicas: 1
|
||||
template:
|
||||
spec:
|
||||
containers:
|
||||
- name: mal
|
||||
resources:
|
||||
limits:
|
||||
cpu: "1"
|
||||
memory: "1Gi"
|
||||
requests:
|
||||
cpu: "500m"
|
||||
memory: "512Mi"
|
||||
env:
|
||||
- name: ENV
|
||||
value: production
|
||||
20
deploy/overlays/production/kustomization.yaml
Normal file
20
deploy/overlays/production/kustomization.yaml
Normal file
@@ -0,0 +1,20 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
# 1. Point to the base manifests
|
||||
resources:
|
||||
- ../../base
|
||||
|
||||
# 2. Apply the production-specific changes
|
||||
patches:
|
||||
- path: deployment.yaml
|
||||
target:
|
||||
kind: Deployment
|
||||
name: mal
|
||||
|
||||
namespace: mal
|
||||
|
||||
images:
|
||||
- name: main
|
||||
newName: reg.milasholsting.dk/apps/mal
|
||||
newTag: latest
|
||||
Reference in New Issue
Block a user