From 1f8684483d3ba9d96370b08e942ab351b5e8e2c2 Mon Sep 17 00:00:00 2001 From: Juunini Date: Wed, 14 Aug 2024 19:06:27 +0900 Subject: [PATCH] add dev kustomize --- kustomize/dev/deployment.yaml | 87 ++++++++++++++++++++++++++++++++ kustomize/dev/ingress.yaml | 47 +++++++++++++++++ kustomize/dev/issuer.yaml | 32 ++++++++++++ kustomize/dev/kustomization.yaml | 13 +++++ kustomize/dev/postgres.yaml | 48 ++++++++++++++++++ kustomize/dev/redis.yaml | 43 ++++++++++++++++ kustomize/dev/service.yaml | 12 +++++ 7 files changed, 282 insertions(+) create mode 100644 kustomize/dev/deployment.yaml create mode 100644 kustomize/dev/ingress.yaml create mode 100644 kustomize/dev/issuer.yaml create mode 100644 kustomize/dev/kustomization.yaml create mode 100644 kustomize/dev/postgres.yaml create mode 100644 kustomize/dev/redis.yaml create mode 100644 kustomize/dev/service.yaml diff --git a/kustomize/dev/deployment.yaml b/kustomize/dev/deployment.yaml new file mode 100644 index 0000000000..7c5406592a --- /dev/null +++ b/kustomize/dev/deployment.yaml @@ -0,0 +1,87 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cherrypick-dev + namespace: cherrypick +spec: + selector: + matchLabels: + name: cherrypick-dev + template: + metadata: + labels: + name: cherrypick-dev + spec: + containers: + - name: cherrypick-dev + image: juunini/cherrypick:dev + resources: + requests: + memory: "2Gi" + cpu: "1" + limits: + memory: "2Gi" + cpu: "1" + volumeMounts: + - name: creds + mountPath: /etc/gcp + readOnly: true + - name: config + mountPath: /cherrypick/.config + readOnly: true + ports: + - name: http + containerPort: 3000 + protocol: TCP + env: + - name: GOOGLE_APPLICATION_CREDENTIALS + value: /etc/gcp/creds.json + securityContext: + privileged: true + capabilities: + add: + - SYS_ADMIN + livenessProbe: + httpGet: + path: /.well-known/nodeinfo + port: 3000 + initialDelaySeconds: 60 + periodSeconds: 10 + failureThreshold: 3 + timeoutSeconds: 1 + readinessProbe: + httpGet: + path: /.well-known/nodeinfo + port: 3000 + initialDelaySeconds: 60 + periodSeconds: 10 + failureThreshold: 3 + timeoutSeconds: 1 + startupProbe: + httpGet: + path: /.well-known/nodeinfo + port: 3000 + initialDelaySeconds: 60 + periodSeconds: 10 + failureThreshold: 3 + timeoutSeconds: 1 + lifecycle: + postStart: + exec: + command: ["gcsfuse", "-o", "allow_other", "yodangang-express", "/cherrypick/files"] + preStop: + exec: + command: ["fusermount", "-u", "/cherrypick/files"] + volumes: + - name: creds + secret: + secretName: gcloud + items: + - key: creds + path: creds.json + - name: config + secret: + secretName: cherrypick-dev + items: + - key: config + path: default.yml diff --git a/kustomize/dev/ingress.yaml b/kustomize/dev/ingress.yaml new file mode 100644 index 0000000000..cbb491f0e7 --- /dev/null +++ b/kustomize/dev/ingress.yaml @@ -0,0 +1,47 @@ +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: https-redirectscheme-dev + namespace: cherrypick +spec: + redirectScheme: + permanent: true + scheme: https + +--- + +apiVersion: traefik.containo.us/v1alpha1 +kind: IngressRoute +metadata: + name: cherrypick-secure-dev + namespace: cherrypick +spec: + entryPoints: + - websecure + routes: + - match: Host(`dev.yodangang.express`) + kind: Rule + services: + - name: cherrypick-dev + port: 80 + tls: + secretName: cherrypick-cert-dev + +--- + +apiVersion: traefik.containo.us/v1alpha1 +kind: IngressRoute +metadata: + name: cherryipck-redirect-dev + namespace: cherrypick +spec: + entryPoints: + - web + routes: + - match: Host(`dev.yodangang.express`) + kind: Rule + services: + - name: cherrypick-dev + port: 80 + middlewares: + - name: https-redirectscheme-dev diff --git a/kustomize/dev/issuer.yaml b/kustomize/dev/issuer.yaml new file mode 100644 index 0000000000..5a9638e60e --- /dev/null +++ b/kustomize/dev/issuer.yaml @@ -0,0 +1,32 @@ +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + name: letsencrypt-dev + namespace: cherrypick +spec: + acme: + email: juuni.ni.i@gmail.com + server: https://acme-v02.api.letsencrypt.org/directory + privateKeySecretRef: + name: letsencrypt-issuer-account-key-dev + solvers: + - http01: + ingress: + serviceType: ClusterIP + ingressClassName: traefik + +--- + +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: cherrypick-cert-dev + namespace: cherrypick +spec: + commonName: dev.yodangang.express + secretName: cherrypick-cert-dev + dnsNames: + - dev.yodangang.express + issuerRef: + kind: Issuer + name: letsencrypt-dev diff --git a/kustomize/dev/kustomization.yaml b/kustomize/dev/kustomization.yaml new file mode 100644 index 0000000000..c78109be26 --- /dev/null +++ b/kustomize/dev/kustomization.yaml @@ -0,0 +1,13 @@ +# kubectl create secret generic gcloud --from-file=creds=./creds.json -n cherrypick +# kubectl create secret generic cherrypick --from-file=config=./default-dev.yml -n cherrypick +# kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.15.1/cert-manager.yaml + +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - postgres.yaml + - redis.yaml + - deployment.yaml + - service.yaml + - issuer.yaml + - ingress.yaml diff --git a/kustomize/dev/postgres.yaml b/kustomize/dev/postgres.yaml new file mode 100644 index 0000000000..154a275de6 --- /dev/null +++ b/kustomize/dev/postgres.yaml @@ -0,0 +1,48 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: postgres-dev + namespace: cherrypick +spec: + selector: + matchLabels: + name: postgres-dev + template: + metadata: + labels: + name: postgres-dev + spec: + containers: + - name: postgres-dev + image: postgres:16.3-alpine + resources: + requests: + memory: "2Gi" + cpu: "1" + limits: + memory: "2Gi" + cpu: "1" + ports: + - containerPort: 5432 + env: + - name: POSTGRES_USER + value: postgres + - name: POSTGRES_PASSWORD + value: "1234" + +--- + +apiVersion: v1 +kind: Service +metadata: + name: postgres-dev + namespace: cherrypick + labels: + name: postgres-dev +spec: + selector: + name: postgres-dev + ports: + - port: 5432 + protocol: TCP + targetPort: 5432 diff --git a/kustomize/dev/redis.yaml b/kustomize/dev/redis.yaml new file mode 100644 index 0000000000..f781b26c3f --- /dev/null +++ b/kustomize/dev/redis.yaml @@ -0,0 +1,43 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: redis-dev + namespace: cherrypick +spec: + selector: + matchLabels: + name: redis-dev + template: + metadata: + labels: + name: redis-dev + spec: + containers: + - name: redis-dev + image: redis:7.2.4-alpine3.19 + resources: + requests: + memory: "1Gi" + cpu: "1" + limits: + memory: "2Gi" + cpu: "1" + ports: + - containerPort: 6379 + +--- + +apiVersion: v1 +kind: Service +metadata: + name: redis-dev + namespace: cherrypick + labels: + name: redis-dev +spec: + selector: + name: redis-dev + ports: + - port: 6379 + protocol: TCP + targetPort: 6379 diff --git a/kustomize/dev/service.yaml b/kustomize/dev/service.yaml new file mode 100644 index 0000000000..ac708112ba --- /dev/null +++ b/kustomize/dev/service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: cherrypick-dev + namespace: cherrypick +spec: + selector: + name: cherrypick-dev + ports: + - protocol: TCP + port: 80 + targetPort: 3000