feat: scaffold files service
This commit is contained in:
12
k8s/configmap.yaml
Normal file
12
k8s/configmap.yaml
Normal file
@@ -0,0 +1,12 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: files-config
|
||||
namespace: files
|
||||
data:
|
||||
SERVER_PORT: "3001"
|
||||
PUBLIC_BASE_URL: "https://portal.estateliga.work"
|
||||
MINIO_ENDPOINT: "minio.minio.svc.cluster.local:9000"
|
||||
MINIO_BUCKET: "portal-files"
|
||||
MINIO_USE_SSL: "false"
|
||||
|
||||
10
k8s/kustomization.yaml
Normal file
10
k8s/kustomization.yaml
Normal file
@@ -0,0 +1,10 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- namespace.yaml
|
||||
- configmap.yaml
|
||||
- secrets.yaml
|
||||
- postgres.yaml
|
||||
- server-service.yaml
|
||||
- server-deployment.yaml
|
||||
|
||||
5
k8s/namespace.yaml
Normal file
5
k8s/namespace.yaml
Normal file
@@ -0,0 +1,5 @@
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: files
|
||||
|
||||
55
k8s/postgres.yaml
Normal file
55
k8s/postgres.yaml
Normal file
@@ -0,0 +1,55 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: postgres
|
||||
namespace: files
|
||||
spec:
|
||||
selector:
|
||||
app: files-postgres
|
||||
ports:
|
||||
- port: 5432
|
||||
targetPort: 5432
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: StatefulSet
|
||||
metadata:
|
||||
name: postgres
|
||||
namespace: files
|
||||
spec:
|
||||
serviceName: postgres
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: files-postgres
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: files-postgres
|
||||
spec:
|
||||
containers:
|
||||
- name: postgres
|
||||
image: postgres:17-alpine
|
||||
ports:
|
||||
- containerPort: 5432
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: postgres-secret
|
||||
volumeMounts:
|
||||
- name: data
|
||||
mountPath: /var/lib/postgresql/data
|
||||
resources:
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 128Mi
|
||||
limits:
|
||||
cpu: 500m
|
||||
memory: 512Mi
|
||||
volumeClaimTemplates:
|
||||
- metadata:
|
||||
name: data
|
||||
spec:
|
||||
accessModes: ["ReadWriteOnce"]
|
||||
resources:
|
||||
requests:
|
||||
storage: 10Gi
|
||||
|
||||
24
k8s/secrets.yaml
Normal file
24
k8s/secrets.yaml
Normal file
@@ -0,0 +1,24 @@
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: files-secrets
|
||||
namespace: files
|
||||
type: Opaque
|
||||
stringData:
|
||||
DATABASE_URL: "postgres://files:files@postgres.files.svc.cluster.local:5432/files?sslmode=disable"
|
||||
PORTAL_INTERNAL_API_KEY: "36fe89ed40c01fdc54d3cf4e3fcacc8751dc456a4a1acd394e9fed48257c5734"
|
||||
INTERNAL_API_KEY: "36fe89ed40c01fdc54d3cf4e3fcacc8751dc456a4a1acd394e9fed48257c5734"
|
||||
MINIO_ACCESS_KEY: "files-svc"
|
||||
MINIO_SECRET_KEY: "REPLACE_AFTER_FIRST_DEPLOY"
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: postgres-secret
|
||||
namespace: files
|
||||
type: Opaque
|
||||
stringData:
|
||||
POSTGRES_USER: files
|
||||
POSTGRES_PASSWORD: files
|
||||
POSTGRES_DB: files
|
||||
|
||||
87
k8s/server-deployment.yaml
Normal file
87
k8s/server-deployment.yaml
Normal file
@@ -0,0 +1,87 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: files-server
|
||||
namespace: files
|
||||
spec:
|
||||
replicas: 2
|
||||
selector:
|
||||
matchLabels:
|
||||
app: files-server
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: files-server
|
||||
spec:
|
||||
terminationGracePeriodSeconds: 15
|
||||
securityContext:
|
||||
runAsNonRoot: true
|
||||
runAsUser: 65532
|
||||
runAsGroup: 65532
|
||||
fsGroup: 65532
|
||||
seccompProfile:
|
||||
type: RuntimeDefault
|
||||
containers:
|
||||
- name: files-server
|
||||
image: localhost:30300/admin/files-server:latest
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
||||
ports:
|
||||
- containerPort: 3001
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: files-config
|
||||
- secretRef:
|
||||
name: files-secrets
|
||||
env:
|
||||
- name: POD_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.name
|
||||
startupProbe:
|
||||
httpGet:
|
||||
path: /healthz
|
||||
port: 3001
|
||||
periodSeconds: 5
|
||||
failureThreshold: 30
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /healthz
|
||||
port: 3001
|
||||
periodSeconds: 10
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: /readyz
|
||||
port: 3001
|
||||
periodSeconds: 5
|
||||
resources:
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 64Mi
|
||||
limits:
|
||||
cpu: 500m
|
||||
memory: 512Mi
|
||||
---
|
||||
apiVersion: autoscaling/v2
|
||||
kind: HorizontalPodAutoscaler
|
||||
metadata:
|
||||
name: files-server
|
||||
namespace: files
|
||||
spec:
|
||||
scaleTargetRef:
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
name: files-server
|
||||
minReplicas: 2
|
||||
maxReplicas: 5
|
||||
metrics:
|
||||
- type: Resource
|
||||
resource:
|
||||
name: cpu
|
||||
target:
|
||||
type: Utilization
|
||||
averageUtilization: 70
|
||||
|
||||
12
k8s/server-service.yaml
Normal file
12
k8s/server-service.yaml
Normal file
@@ -0,0 +1,12 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: files-server
|
||||
namespace: files
|
||||
spec:
|
||||
selector:
|
||||
app: files-server
|
||||
ports:
|
||||
- port: 80
|
||||
targetPort: 3001
|
||||
|
||||
Reference in New Issue
Block a user