add infrastructure manifests
This commit is contained in:
stackops
87
06-stackops/deployment.yaml
Normal file
87
06-stackops/deployment.yaml
Normal file
@@ -0,0 +1,87 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: stackops-api
|
||||
namespace: stackops
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: stackops-api
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: stackops-api
|
||||
spec:
|
||||
serviceAccountName: stackops-api
|
||||
containers:
|
||||
- name: api
|
||||
image: stackops-api:v1
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
env:
|
||||
- name: PORT
|
||||
value: "8080"
|
||||
- name: STACKOPS_API_TOKEN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: stackops-secrets
|
||||
key: api-token
|
||||
- name: DB_PATH
|
||||
value: /data/stackops.db
|
||||
volumeMounts:
|
||||
- name: data
|
||||
mountPath: /data
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /
|
||||
port: 8080
|
||||
initialDelaySeconds: 5
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 128Mi
|
||||
limits:
|
||||
cpu: 500m
|
||||
memory: 256Mi
|
||||
volumes:
|
||||
- name: data
|
||||
persistentVolumeClaim:
|
||||
claimName: stackops-data
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: stackops-api
|
||||
namespace: stackops
|
||||
spec:
|
||||
selector:
|
||||
app: stackops-api
|
||||
ports:
|
||||
- port: 8080
|
||||
targetPort: 8080
|
||||
---
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: stackops-api
|
||||
namespace: stackops
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-prod
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts: [app.nodeup.ru]
|
||||
secretName: stackops-tls
|
||||
rules:
|
||||
- host: app.nodeup.ru
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
backend:
|
||||
service:
|
||||
name: stackops-api
|
||||
port:
|
||||
number: 8080
|
||||
44
06-stackops/rbac.yaml
Normal file
44
06-stackops/rbac.yaml
Normal file
@@ -0,0 +1,44 @@
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: stackops
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: stackops-api
|
||||
namespace: stackops
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: stackops-deployer
|
||||
rules:
|
||||
- apiGroups: ["*"]
|
||||
resources: ["*"]
|
||||
verbs: ["*"]
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: stackops-deployer
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: stackops-deployer
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: stackops-api
|
||||
namespace: stackops
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: stackops-data
|
||||
namespace: stackops
|
||||
spec:
|
||||
accessModes: [ReadWriteOnce]
|
||||
storageClassName: local-path
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
Reference in New Issue
Block a user