old-portfolio/infra-hideyoshi.com
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Parameterization of NodeSelector

Browse Source
This commit is contained in:
Vitor Hideyoshi
2024-02-18 02:46:26 -03:00
parent bd642fa8cc
commit 039167afc7
10 changed files with 141 additions and 120 deletions
Download Patch File Download Diff File Expand all files Collapse all files

200
template/backend/backend.template.yaml Normal file
View File

@@ -0,0 +1,200 @@
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: portfolio
name: backend-deployment
spec:
replicas: 1
selector:
matchLabels:
app: backend
template:
metadata:
labels:
app: backend
spec:
nodeSelector:
${WORKER_NODE_LABEL}
containers:
- name: backend
image: yoshiunfriendly/backend-hideyoshi.com
imagePullPolicy: Always
resources:
requests:
memory: "256Mi"
cpu: "250m"
limits:
memory: "256Mi"
cpu: "750m"
ports:
- containerPort: 8070
readinessProbe:
httpGet:
path: /health
port: 8070
initialDelaySeconds: 60
env:
- name: FRONTEND_PATH
valueFrom:
secretKeyRef:
name: frontend-secret
key: frontendPath
- name: TOKEN_SECRET
valueFrom:
secretKeyRef:
name: backend-secret
key: tokenSecret
- name: ACCESS_TOKEN_DURATION
valueFrom:
secretKeyRef:
name: backend-secret
key: accessTokenDuration
- name: REFRESH_TOKEN_DURATION
valueFrom:
secretKeyRef:
name: backend-secret
key: refreshTokenDuration
- name: DEFAULT_USER_FULLNAME
valueFrom:
secretKeyRef:
name: backend-secret
key: defaultUserFullName
- name: DEFAULT_USER_EMAIL
valueFrom:
secretKeyRef:
name: backend-secret
key: defaultUserEmail
- name: DEFAULT_USER_USERNAME
valueFrom:
secretKeyRef:
name: backend-secret
key: defaultUserUsername
- name: DEFAULT_USER_PASSWORD
valueFrom:
secretKeyRef:
name: backend-secret
key: defaultUserPassword
- name: PORT
valueFrom:
configMapKeyRef:
name: backend-config
key: backend_port
- name: GOOGLE_CLIENT_ID
valueFrom:
secretKeyRef:
name: backend-secret
key: googleClientId
- name: GOOGLE_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: backend-secret
key: googleClientSecret
- name: GOOGLE_REDIRECT_URL
valueFrom:
secretKeyRef:
name: backend-secret
key: googleRedirectUrl
- name: GITHUB_CLIENT_ID
valueFrom:
secretKeyRef:
name: backend-secret
key: githubClientId
- name: GITHUB_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: backend-secret
key: githubClientSecret
- name: GITHUB_REDIRECT_URL
valueFrom:
secretKeyRef:
name: backend-secret
key: githubRedirectUrl
- name: POSTGRES_URL
valueFrom:
secretKeyRef:
name: postgres-cn-cluster-app
key: host
- name: POSTGRES_DB
valueFrom:
secretKeyRef:
name: postgres-cn-cluster-app
key: dbname
- name: DATABASE_URL
value: "postgresql://$(POSTGRES_URL):5432/$(POSTGRES_DB)"
- name: DATABASE_USERNAME
valueFrom:
secretKeyRef:
name: postgres-cn-cluster-app
key: user
- name: DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: postgres-cn-cluster-app
key: password
- name: REDIS_URL
valueFrom:
configMapKeyRef:
name: redis-config
key: redis-url
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: redis-config
key: redis-port
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secret
key: redisPassword
- name: STORAGE_SERVICE_URL
valueFrom:
configMapKeyRef:
name: storage-config
key: storage_url
- name: STORAGE_SERVICE_PORT
valueFrom:
configMapKeyRef:
name: storage-config
key: storage_port
- name: STORAGE_SERVICE_PATH
value: "http://$(STORAGE_SERVICE_URL):$(STORAGE_SERVICE_PORT)"
---
apiVersion: v1
kind: Service
metadata:
namespace: portfolio
name: backend-service
spec:
selector:
app: backend
ports:
- port: 8070
protocol: TCP
targetPort: 8070
type: ClusterIP

64
template/frontend/frontend.template.yaml Normal file
View File

@@ -0,0 +1,64 @@
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: portfolio
name: frontend-deployment
labels:
app: frontend
spec:
replicas: 1
selector:
matchLabels:
app: frontend
template:
metadata:
labels:
app: frontend
spec:
nodeSelector: ${WORKER_NODE_LABEL}
containers:
- name: frontend
image: yoshiunfriendly/frontend-hideyoshi.com:latest
imagePullPolicy: "Always"
resources:
requests:
memory: "256Mi"
cpu: "250m"
limits:
memory: "256Mi"
cpu: "250m"
ports:
- containerPort: 5000
env:
- name: PORT
value: "5000"
- name: BACKEND_URL
valueFrom:
secretKeyRef:
name: frontend-secret
key: backendUrl
- name: BACKEND_OAUTH_URL
valueFrom:
secretKeyRef:
name: frontend-secret
key: backendOAuthUrl
- name: GITHUB_USER
valueFrom:
secretKeyRef:
name: frontend-secret
key: githubUser
---
apiVersion: v1
kind: Service
metadata:
namespace: portfolio
name: frontend-service
spec:
selector:
app: frontend
ports:
- port: 5000
protocol: TCP
targetPort: 5000
type: ClusterIP

0
template/nginx-ingress/nginx-ingress-root.yaml → template/nginx-ingress/nginx-ingress-root.template.yaml
View File

27
template/postgres/cn-cluster.template.yaml Normal file
View File

@@ -0,0 +1,27 @@
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
name: postgres-cn-cluster
namespace: portfolio
spec:
instances: 3
primaryUpdateStrategy: unsupervised
imageName: ghcr.io/cloudnative-pg/postgresql:14.10-18
storage:
size: 5Gi
resources:
requests:
memory: "32Mi"
cpu: "50m"
limits:
memory: "128Mi"
cpu: "75m"
affinity:
nodeSelector:
${MASTER_NODE_LABEL}
monitoring:
enablePodMonitor: true

93
template/storage/storage-processor.template.yaml Normal file
View File

@@ -0,0 +1,93 @@
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: portfolio
name: storage-processor-deployment
spec:
replicas: 1
selector:
matchLabels:
app: storage-processor
template:
metadata:
labels:
app: storage-processor
spec:
nodeSelector:
${WORKER_NODE_LABEL}
containers:
- name: storage-processor
image: yoshiunfriendly/storage-hideyoshi.com:latest
command: ["./run-queue.sh"]
args: ["-q"]
imagePullPolicy: "Always"
resources:
requests:
memory: "256Mi"
cpu: "250m"
limits:
memory: "512Mi"
cpu: "500m"
env:
- name: REDIS_BASE_URL
valueFrom:
configMapKeyRef:
name: redis-config
key: redis-url
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: redis-config
key: redis-port
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secret
key: redisPassword
- name: REDIS_URL
value: "redis://:$(REDIS_PASSWORD)@$(REDIS_BASE_URL):$(REDIS_PORT)/rq"
- name: STORAGE_TYPE
valueFrom:
secretKeyRef:
name: storage-secret
key: storageType
- name: AWS_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: storage-secret
key: awsAccessKeyId
- name: AWS_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: storage-secret
key: awsSecretAccessKey
- name: AWS_REGION_NAME
valueFrom:
secretKeyRef:
name: storage-secret
key: awsRegion
- name: AWS_BUCKET_NAME
valueFrom:
secretKeyRef:
name: storage-secret
key: awsBucket
- name: VIRUS_CHECKER_TYPE
valueFrom:
secretKeyRef:
name: storage-secret
key: virusCheckerType
- name: VIRUS_CHECKER_API_KEY
valueFrom:
secretKeyRef:
name: storage-secret
key: virusCheckerApiKey

128
template/storage/storage.template.yaml Normal file
View File

@@ -0,0 +1,128 @@
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: portfolio
name: storage-deployment
spec:
replicas: 1
selector:
matchLabels:
app: storage
template:
metadata:
labels:
app: storage
spec:
nodeSelector:
${WORKER_NODE_LABEL}
containers:
- name: storage
image: yoshiunfriendly/storage-hideyoshi.com:latest
imagePullPolicy: "Always"
resources:
requests:
memory: "256Mi"
cpu: "250m"
limits:
memory: "256Mi"
cpu: "250m"
ports:
- containerPort: 8000
readinessProbe:
httpGet:
path: /health
port: 8000
initialDelaySeconds: 30
env:
- name: ALLOWED_ORIGINS
valueFrom:
secretKeyRef:
name: frontend-secret
key: backendUrl
- name: EXPIRES_IN
valueFrom:
secretKeyRef:
name: backend-secret
key: accessTokenDuration
- name: SERVER_PORT
valueFrom:
configMapKeyRef:
name: storage-config
key: storage_port
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: redis-config
key: redis-url
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: redis-config
key: redis-port
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secret
key: redisPassword
- name: STORAGE_TYPE
valueFrom:
secretKeyRef:
name: storage-secret
key: storageType
- name: AWS_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: storage-secret
key: awsAccessKeyId
- name: AWS_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: storage-secret
key: awsSecretAccessKey
- name: AWS_REGION_NAME
valueFrom:
secretKeyRef:
name: storage-secret
key: awsRegion
- name: AWS_BUCKET_NAME
valueFrom:
secretKeyRef:
name: storage-secret
key: awsBucket
- name: VIRUS_CHECKER_TYPE
valueFrom:
secretKeyRef:
name: storage-secret
key: virusCheckerType
- name: VIRUS_CHECKER_API_KEY
valueFrom:
secretKeyRef:
name: storage-secret
key: virusCheckerApiKey
---
apiVersion: v1
kind: Service
metadata:
namespace: portfolio
name: storage-service
spec:
selector:
app: storage
ports:
- port: 8000
protocol: TCP
targetPort: 8000
type: ClusterIP