-
Notifications
You must be signed in to change notification settings - Fork 67
/
k8s-deployment.yml
159 lines (159 loc) · 3.33 KB
/
k8s-deployment.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
apiVersion: v1
kind: Namespace
metadata:
name: docker-demo-ENVIRONMENT
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
namespace: docker-demo-ENVIRONMENT
name: docker-demo-storage-ENVIRONMENT
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 250Mi
---
apiVersion: v1
kind: Secret
metadata:
name: mysecret
namespace: docker-demo-ENVIRONMENT
type: Opaque
data:
username: ZGVtbw==
password: ZGVtbw==
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: app
namespace: docker-demo-ENVIRONMENT
spec:
replicas: 4
selector:
matchLabels:
app: app
template:
metadata:
labels:
app: app
spec:
containers:
- name: app
image: DTR_URL/demo/docker-demo:TAG
imagePullPolicy: Always
volumeMounts:
- name: mysecret
mountPath: "/etc/mysecrets"
readOnly: true
env:
- name: TITLE
value: "Docker Demo-ENVIRONMENT on k8s"
- name: DB_HOST
value: "db"
- name: DB_PORT
value: "5432"
- name: DB_SSL_MODE
value: "disable"
- name: SECRET_DIR
value: "/etc/mysecrets"
ports:
- containerPort: 8080
volumes:
- name: mysecret
secret:
secretName: mysecret
defaultMode: 0644
items:
- key: username
path: DB_USER
- key: password
path: DB_PASS
nodeSelector:
beta.kubernetes.io/os: linux
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: db
namespace: docker-demo-ENVIRONMENT
spec:
replicas: 1
selector:
matchLabels:
app: db
template:
metadata:
labels:
app: db
spec:
containers:
- name: db
image: DTR_URL/official/postgres:latest
imagePullPolicy: Always
volumeMounts:
- name: mysecret
mountPath: "/etc/mysecrets"
readOnly: true
- name: postgres-data
mountPath: /var/lib/postgresql/data
env:
- name: POSTGRES_USER_FILE
value: "/etc/mysecrets/username"
- name: POSTGRES_PASSWORD_FILE
value: "/etc/mysecrets/password"
ports:
- containerPort: 5432
volumes:
- name: mysecret
secret:
secretName: mysecret
defaultMode: 0644
- name: postgres-data
persistentVolumeClaim:
claimName: docker-demo-storage-ENVIRONMENT
nodeSelector:
beta.kubernetes.io/os: linux
---
apiVersion: v1
kind: Service
metadata:
name: app
namespace: docker-demo-ENVIRONMENT
spec:
selector:
app: app
ports:
- protocol: TCP
port: 8080
targetPort: 8080
---
apiVersion: v1
kind: Service
metadata:
name: db
namespace: docker-demo-ENVIRONMENT
spec:
selector:
app: db
ports:
- protocol: TCP
port: 5432
targetPort: 5432
---
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
namespace: docker-demo-ENVIRONMENT
name: docker-demo-ENVIRONMENT-ingress
spec:
rules:
- host: docker-demo-ENVIRONMENT-k8s.DOMAIN_NAME
http:
paths:
- path: /
backend:
serviceName: app
servicePort: 8080