From 16b8ed4110a4881662a16f92fbfb1e4fc1064a5a Mon Sep 17 00:00:00 2001 From: Frank Hamand Date: Wed, 12 Jul 2023 17:47:37 +0100 Subject: [PATCH] Add nginx proxy --- .../templates/deployment-nginx.yaml | 55 +++++++++++++++++++ .../housewatch/templates/deployment-web.yaml | 35 ++---------- .../housewatch/templates/nginx-configmap.yaml | 33 +++++++++++ charts/housewatch/templates/service.yaml | 19 ++++++- charts/housewatch/values.yaml | 5 ++ 5 files changed, 115 insertions(+), 32 deletions(-) create mode 100644 charts/housewatch/templates/deployment-nginx.yaml create mode 100644 charts/housewatch/templates/nginx-configmap.yaml diff --git a/charts/housewatch/templates/deployment-nginx.yaml b/charts/housewatch/templates/deployment-nginx.yaml new file mode 100644 index 0000000..9ad2ca5 --- /dev/null +++ b/charts/housewatch/templates/deployment-nginx.yaml @@ -0,0 +1,55 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "housewatch.fullname" . }}-nginx + labels: + {{- include "housewatch.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + {{- include "housewatch.selectorLabels" . | nindent 6 }} + app.kubernetes.io/service: nginx + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "housewatch.selectorLabels" . | nindent 8 }} + app.kubernetes.io/service: nginx + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + volumes: + - name: frontend + emptyDir: {} + - name: nginx-config + configMap: + name: {{ include "housewatch.fullname" . }}-nginx + initContainers: + - name: frontend-copy + image: "{{ .Values.image.frontendRepository }}:{{ .Values.image.tag }}" + command: [sh, -cex] + args: + - cp -r /frontend/build/* /http/ + volumeMounts: + - mountPath: /http + name: frontend + containers: + - name: nginx + image: "{{ .Values.nginx.image.repository }}:{{ .Values.nginx.image.tag }}" + ports: + - name: http + containerPort: 80 + protocol: TCP + volumeMounts: + - mountPath: /http + name: frontend + - mountPath: /etc/nginx/nginx.conf + name: nginx-config + subPath: nginx.conf + resources: + {{- toYaml .Values.nginx.resources | nindent 12 }} diff --git a/charts/housewatch/templates/deployment-web.yaml b/charts/housewatch/templates/deployment-web.yaml index d9c3313..3da6d3c 100644 --- a/charts/housewatch/templates/deployment-web.yaml +++ b/charts/housewatch/templates/deployment-web.yaml @@ -24,33 +24,6 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} containers: - - name: frontend - image: "{{ .Values.image.frontendRepository }}:{{ .Values.image.tag }}" - # would be nice to figure out a way other than react dev server but ¯\_(ツ)_/¯ - command: ["npm", "run", "start"] - ports: - - name: frontend - containerPort: 3000 - protocol: TCP - env: - - name: DANGEROUSLY_DISABLE_HOST_CHECK - value: "true" - livenessProbe: - httpGet: - path: / - port: frontend - readinessProbe: - httpGet: - path: / - port: frontend - startupProbe: - httpGet: - path: / - port: frontend - failureThreshold: 60 - periodSeconds: 10 - resources: - {{- toYaml .Values.frontend.resources | nindent 12 }} - name: web image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" command: ["bash", "-c"] @@ -59,7 +32,7 @@ spec: python manage.py migrate python manage.py runserver 0.0.0.0:8000 ports: - - name: http + - name: api containerPort: 8000 protocol: TCP env: @@ -72,7 +45,7 @@ spec: - name: CLICKHOUSE_USER value: "{{ .Values.clickhouse.user }}" - name: CLICKHOUSE_PASSWORD - value: "" # todo: secret + value: "{{ .Values.clickhouse.password }}" - name: CLICKHOUSE_CLUSTER value: {{ .Values.clickhouse.cluster }} - name: CLICKHOUSE_SECURE @@ -84,10 +57,10 @@ spec: livenessProbe: httpGet: path: / - port: http + port: api readinessProbe: httpGet: path: / - port: http + port: api resources: {{- toYaml .Values.web.resources | nindent 12 }} diff --git a/charts/housewatch/templates/nginx-configmap.yaml b/charts/housewatch/templates/nginx-configmap.yaml new file mode 100644 index 0000000..4b8f2d1 --- /dev/null +++ b/charts/housewatch/templates/nginx-configmap.yaml @@ -0,0 +1,33 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "housewatch.fullname" . }}-nginx +data: + nginx.conf: | + events { + worker_connections 1024; + } + http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + + sendfile on; + keepalive_timeout 65; + + server { + listen 80; + + location / { + root /http; + try_files $uri $uri/ =404; + } + + location /api { + proxy_pass http://{{ include "housewatch.fullname" . }}-api:8000; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_set_header Host $host; + } + } + } diff --git a/charts/housewatch/templates/service.yaml b/charts/housewatch/templates/service.yaml index 20a0011..b1116db 100644 --- a/charts/housewatch/templates/service.yaml +++ b/charts/housewatch/templates/service.yaml @@ -10,9 +10,26 @@ spec: type: ClusterIP ports: - port: 80 - targetPort: frontend + targetPort: http protocol: TCP name: http + selector: + {{- include "housewatch.selectorLabels" . | nindent 4 }} + app.kubernetes.io/service: nginx +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "housewatch.fullname" . }}-api + labels: + {{- include "housewatch.labels" . | nindent 4 }} +spec: + type: ClusterIP + ports: + - port: 8000 + targetPort: api + protocol: TCP + name: api selector: {{- include "housewatch.selectorLabels" . | nindent 4 }} app.kubernetes.io/service: web diff --git a/charts/housewatch/values.yaml b/charts/housewatch/values.yaml index c5e5077..19733b2 100644 --- a/charts/housewatch/values.yaml +++ b/charts/housewatch/values.yaml @@ -3,6 +3,11 @@ image: frontendRepository: ghcr.io/posthog/housewatch/frontend tag: sha-4cbdf5e +nginx: + image: + repository: nginx + tag: stable + clickhouse: user: default host: clickhouse