Skip to content

Commit

Permalink
Merge pull request #66 from CodeForPhilly/releases/k8s-manifests
Browse files Browse the repository at this point in the history 
Deploy releases/k8s-manifests c12c9cb
  • Loading branch information
@themightychris
themightychris authored May 14, 2024
2 parents 871db0e + c12c9cb commit 13b30ef
Show file tree
Hide file tree
Showing 13 changed files with 302 additions and 103 deletions.
17 changes: 17 additions & 0 deletions balancer/ConfigMap/backend-env.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
apiVersion: v1
data:
DATABASE: postgres
DEBUG: 'FALSE'
DJANGO_ALLOWED_HOSTS: 'frontend localhost 127.0.0.1 [::1]'
EMAIL_HOST: smtp.gmail.com
EMAIL_HOST_USER: [email protected]
EMAIL_PORT: '587'
LOGIN_REDIRECT_URL: 'https://balancertestsite.com/login'
SQL_ENGINE: django.db.backends.postgresql
SQL_PORT: '5432'
kind: ConfigMap
metadata:
labels:
app.kubernetes.io/component: backend
name: backend-env
namespace: balancer
90 changes: 64 additions & 26 deletions balancer/ConfigMap/nginx-conf.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,44 +1,82 @@
apiVersion: v1
data:
nginx.conf: |
user nginx;
worker_processes 1;
worker_processes 1;
user nobody nogroup;
# 'user nobody nobody;' for systems with 'nobody' as a group instead
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
worker_connections 1024; # increase if you have lots of clients
accept_mutex off; # set to 'on' if nginx worker_processes > 1
# 'use epoll;' to enable for Linux 2.6+
# 'use kqueue;' to enable for FreeBSD, OSX
}
http {
include /etc/nginx/mime.types;
error_log /var/log/nginx/error_log;
access_log /var/log/nginx/access_log;
include mime.types;
# fallback in case we can't determine a type
default_type application/octet-stream;
access_log /var/log/nginx/access.log combined;
sendfile on;
upstream gunicorn_server {
# fail_timeout=0 means we always retry an upstream even if it failed
# to return a good HTTP response
# for UNIX domain socket setups
# server unix:/tmp/gunicorn.sock fail_timeout=0;
# for a TCP configuration
# "backend" here is the name of the kubernetes service
server backend:8000 fail_timeout=0;
}
server {
listen 80;
listen [::]:80;
server_name localhost;
# if no Host match, close the connection to prevent host spoofing
listen 80 default_server;
return 444;
}
location /access_log {
alias /var/log/nginx/access_log;
}
location /error_log {
alias /var/log/nginx/error_log;
server {
# use 'listen 80 deferred;' for Linux
# use 'listen 80 accept_filter=httpready;' for FreeBSD
listen 80 deferred;
client_max_body_size 4G;
# set the correct host(s) for your site
server_name localhost;
keepalive_timeout 5;
# path for static files
root /usr/share/nginx/html;
location ~ (^\/api\/|^\/auth\/|^\/admin) {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
# we don't want nginx trying to do something clever with
# redirects, we set the Host: header above already.
proxy_redirect off;
proxy_pass http://gunicorn_server;
}
location / {
root /usr/share/nginx/html;
index index.html index.htm;
index index.html;
try_files $uri $uri/ /index.html;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
#error_page 500 502 503 504 /50x.html;
#location = /50x.html {
# root /usr/share/nginx/html;
#}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
}
kind: ConfigMap
metadata:
labels:
app.kubernetes.io/component: frontend
name: nginx-conf
namespace: balancer
55 changes: 55 additions & 0 deletions balancer/Deployment/backend.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,55 @@
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/component: backend
name: backend
namespace: balancer
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/component: backend
strategy: {}
template:
metadata:
labels:
app.kubernetes.io/component: backend
spec:
containers:
- args:
- gunicorn
- 'balancer_backend.wsgi:application'
- '--bind'
- '0.0.0.0:8000'
env:
- name: SQL_HOST
value: db-service
- name: SQL_USER
valueFrom:
secretKeyRef:
key: POSTGRES_USER
name: postgresql
- name: SQL_DATABASE
valueFrom:
secretKeyRef:
key: POSTGRES_DB
name: postgresql
- name: SQL_PASSWORD
valueFrom:
secretKeyRef:
key: POSTGRES_PASSWORD
name: postgresql
envFrom:
- configMapRef:
name: backend-env
- secretRef:
name: backend
image: 'ghcr.io/codeforphilly/balancer-main/backend:latest'
imagePullPolicy: Always
name: backend
ports:
- containerPort: 8000
protocol: TCP
resources: {}
restartPolicy: Always
54 changes: 0 additions & 54 deletions balancer/Deployment/frontend-static.yaml
View file

This file was deleted.

43 changes: 43 additions & 0 deletions balancer/Deployment/frontend.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/component: frontend
name: frontend
namespace: balancer
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/component: frontend
strategy: {}
template:
metadata:
annotations:
kompose.cmd: kompose convert -c -f docker-compose.prod.yml -o helm-chart
kompose.version: 1.31.2 (a92241f79)
labels:
app.kubernetes.io/component: frontend
io.kompose.network/balancer-main-default: 'true'
spec:
containers:
- image: 'ghcr.io/codeforphilly/balancer-main/frontend:latest'
imagePullPolicy: Always
name: frontend
ports:
- containerPort: 80
protocol: TCP
resources: {}
volumeMounts:
- mountPath: /etc/nginx/nginx.conf
name: nginx-conf
readOnly: true
subPath: nginx.conf
restartPolicy: Always
volumes:
- configMap:
items:
- key: nginx.conf
path: nginx.conf
name: nginx-conf
name: nginx-conf
29 changes: 29 additions & 0 deletions balancer/Ingress/balancer-ingress.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
name: balancer-ingress
namespace: balancer
spec:
rules:
- host: balancer.sandbox.k8s.phl.io
http:
paths:
- backend:
service:
name: frontend
port:
name: http
path: /
pathType: Prefix
- host: balancertestsite.com
http:
paths:
- backend:
service:
name: frontend
port:
name: http
path: /
pathType: Prefix
13 changes: 13 additions & 0 deletions balancer/PersistentVolumeClaim/postgres-data-claim.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
labels:
app.kubernetes.io/component: db
name: postgres-data-claim
namespace: balancer
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 100Mi
8 changes: 5 additions & 3 deletions balancer/SealedSecret/backend.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,13 @@ metadata:
spec:
encryptedData:
EMAIL_HOST_PASSWORD: >-
AgC/1ooxNBa/IT8EHI1ImULDg0vcNOcgEpMsNFuD05+f9QM2RBRCVlw6hWZRWyqNPFa3+LrEPGyo+LwrAAdJUVjs1vvq9C/GevDzkSRPwdjMeR5dCsRBIZxC3TSiiF/xTwUheBFRoUstsqGt1jRV8crknkHeUzmMT0NahkV5vfnkCrvLgTuZrHduWNBreUT12SQwS3o62/r8aK9MTXUjwdrXdr25zQYvisSfODoJpApWjpurM28iHT+5pt3bxJfxxRg8rNTBCI4TxJ1vCLZNKYACyaHTQcsStsQqH5f7yoOPf7tH89GVZN+fjWSwhVbaL5VDdE6Qi6U8+yKHSI80gV3okczHUt9d8mrbh7m2RIHbLLIK9xq/WSos3MC+i1bNfLGA5gOfIDSIBkovqDh2lIwlV4qTYrSqdZlyyc/djf4dMmxbTtCb6FjplmGAEQCGmERg9TIg/XZcGfhkiJEVIZ1wcov8zAs7KwydpMLJFFpbFfmkb7akIq1tDlYWrpygO2tGcZIXr9sMnjsG09hLTx9EbUArdhMCsol6mM+q9OuZtDVg9Kzb59F5DhrbtnIheTyONvu7X/0Rn9arUxjdzBKf5gaw69MuPyynbpwRjSEqmHv5mp/VkBtDXObWeEi4IM0+cgi2il/y2rIxIHu/lPoZ290fx343FceXsJUuwc3PUCOEk6Sajw2j8j3x0iP9W8/lhdHcJ0uBrmNPVdiuIoJS
AgBYzAgOfX97gTS3lrQWGQaHK0WuspPRETmhX/tKGN1aDqbGdRg6oaUX7/aajW4MRF/iTT+m/xIZfRtOPuPpVuI/NxTQ+dNx4L7LytxKNxCv7Hj3aNzTdyD8JZgW5GOlsAbRCIVU3o0hkIeislkEaKbLJAVEY1kJgVA4z1iDxr5vCPpdfu7hqzdpOOOVqDolarNkPBZuxwrZ1os1BDzOWNMm6kPQLUmNciHOsJy5tPGAbA+JYa08VCg2jVqa+oH62xWBVEU00hOu8EkxTogVUPrcHJ7xzLtroSCUQTvbZipQLxwHoW2aE9KiKOxW2llJvBEMX1fGNWyw6qRxdeck7NV/yhbH+fjYgbufnLfT1uggAbvUYovWM3cAiBNPkm1TSYaqL5RlRDqWuKPEwCnMagk30JjKu21jrsPQCoJ4QgKa/v4eFuadFC4xLB6enVVhD4CQFThiVXRUK4jb6CG1o4vrPFuPPTkZC5FBUzrq2aan3Z9K9dFaQixKv5sDliqs4cgL31TclZyCTD7v+WE0khZ7NQYo8E7RkwQX8n6X5xj9BH1h5xLGEyNxu0lohp2Y3FLOGqqEbk0YL7uIAR436ExD93ndaINZdsC4N6ftkDozWl+G9tM1EBymyPvIpBFmELs9klqnEpWN6fKC7ssDRDk0Bcge5hZDsFaUnotTs+wNtwZwZsA2xQV05rtvU20LY0zk75bpreYLQHCo85DgCYjX
OPENAI_API_KEY: >-
AgAHE47E6TVbwOLQXpMAxdmCAlGBXfcSUwuu3adZryrL7c7hdGERaBxk7fW/OzBjgrVs1Q5czfpOpJJWPbXMerGdQTOaYcFZ+J0cwrgydlEaXQxUeI5NBvKVMYZJK8GMZDfZk19dTyb6C2WqpEIca7BKTQJ8r7y4QlgFtmjGtWIcAADXMTioAMks6Fao2S3t3wanXpXEs1BVk4QnxyWVoo4qgiq5aAv8eqHiGsRTz+4UklFxITG4OJWCR8mnts+1RWl2LJAuLWPnJn9Bq+8efjPNLRnxZGs2ggoZ7K5ecERWqrLNNPsK7qBJQpj9YM9ITYkVMmY6/3OZixhe7+rcjRnwBq6iTBZhP91zdx4OrEg34Hbv50N9jqVIXGrzjskUD/mfOqQ8smRYXceEjAkXGrkuGu09+r/T2uUc3ipxWuxmEXL5cswe5nn1ch0fBiw64IglglB5iIskc3buUjOpmw5nwaG5S8J+WWqplst+Ike6iFwlfTqlfIwvIInhhY5v8XbiXJtEJhcK3nuGKM3Xi+waQuZTBm+jD+byTKA1CpD5D0zR6PCyD9QL5s/pfu0sKVR1hDD7JQh5tXI1e7GY1tYRYh3uaRxstvDf5oR+69r3dnV4Wqo4vjzoLIxZ4o4FcMx2tBpMK1KHjK5o4VDcdx4Jo4F+4jnwWZ9Ur0clCCEiNZxRspR3l05DBz2Z6k/BxKpjoJ1G3KAzPQQJMRqh4Hanv5gNQEaRofay28zNwqu/iF0lpFUbgoZwOtJJjqYGeOyxAc0=
AgAPhyHQA6lOR7ZajLTLvcBvNIJrEmFXPk61euOMec02vuS4MsXweiWddmrm9EtOKedRR7P+HtcT2edemPvuXaLAQVFyjM59nQrZ/w+P+4KINOojs+hKbixVEVaGPcdG/gb5r1qiyfqpwcMOjOpaRb8I4Xfc2DDBQPYcoZ7wOqlW464R4OKgSJQhB0HGwoGhFaugT8fJlJoG0KGVSUfcPqn8EvtwzvcCD+qoSQOoGt2E9qHRMt9qJxYYEHI53JhmAW7if+w0EhdrgmlwBsyvOBo04G/l9u9xNf6KRbkTUy2UTQJJX2mDhUYxglDDrFBPTJScqVeNCA0oMA7JbdxXyx1Y4/RoTjrDkeMTF2v8lbZaKbLITXGFu7EuKLZl6Ek6ZZHCIzTJCM4Y9Rs4a8lzTcdLvhj1pCeMgCtoeSFOMHKgzQt//j4dg/R66Vax9/+w5S7FipFi8PZM1Qw8p/I37ZmVxSxseneZqZNqs0UVvaxRtsX0bwZQMO9wlVHgI2fxovYv/8DkBHqmbcvo5Cu0jIOPUBaEKeqnuibo8FBV2VfqIJ7tlATo4f7OXMfwJFQ3q64f7dR3ZeDHqx4dPDpqh9Yqk866QcET9eIQLJYpZAeVFuyLFf3uw88dA1xCLW8ZO7VAFxnQyDP2nEzc9CdbeoTZ0X7Bd30fK/uP4FUTVNBsLDKtyf0UXH2qYzeawWo9dD0i8UZDeabcqZHh66NCMxi2Sr4pkJnfjDplxjltMol3YoiTc6wkt/B7aZltA73PlNmNrTg=
SECRET_KEY: >-
AgCGzKbxIXQXJrCAD+0kSjC95HAFIHT239RVaGnczd8QMr8DdBDQ/gFOh/XuBqFGLoW4PMyj8w8ddMzyBo3TFnvev59yeky7L1GwA6xYdUp+czo9/pQXsreZ1yz9VH02+zN5UrJPPpDeb3r56lDiU81uiBoMgniCuWplQGo9GbSXQ0SxC+R7d5dju91hksObKq87xaBoHhWA8kDl/a5p/wxWvoY52FfbiljZLC4NHSRcA75dbftgMLf2GyxcUIUoUM83OoYbewDv7AnGV9I5d0kzHV0zoRcGQdkCaEYFwkQ/OeuPJEkbW66tfWnxUmLVhOSuNNBNFYZ15yAOC/yHnwj7Ur++rG1Z0IsPwA9kfyFuMQVqa8sO8w34bHjVaNhYevA6XIa/wfIByZGmKwUny0jeg6Fkg7yTNycokHzVT1DJ63rT7x2yNfuxGQ9EmuuDZ2zgBtairMRAtGChFaafF1gi68g/AT+0KwoRRmfzDIgHhoO+MjWdPMl0jVrPug0t0szx16WyaKUte35fjDrBnceEr2jyeguKuE6KCy1BQHPYFC1PCDAHnztsa60kpgKNxjSXs1f/6PpEzI2AZMUK1DRfU8tvlmpcRb0o1VCdXI7TPa1iDkGPKKNRgIxDAiTICnWtjkjGw93PWaZzyEybkbw4SA/JycOtsCvjRxIvNWHMx9ocfE+Yo3GCgNa3jNcbj/IGV3yXseYiNA8PS5L6SDjAD/hz2rxOcz1rcB9VGZhPixzRixBU+HqGWNkWT0CsM7vzWg==
AgBNmxRcFTtstVVNEapaCrCS8Ju+1BaocIeUXpMe3B3L4Vm0o2VLXdr0ryCR7zdC19+YXpzQcEH3BWBagnzmgNoyXoMl9XItK3eHLlLZWm5im9Ke+o70lwELWosXswRgkpRwyV+UcKM4SdS4PdLW9gQnvnfkBOS/sSWUVuHk4yTpbnUy7jJPQKQPchuP/afJmygkawU5pn0AUiyb45hUghpB1Sd0/cqU0iApSwQvXvPGkuru5gPvn3XUCC+7zxwyIOClBaetyLpHRGjz6jjjTnlf7vNYm0lf3A4kY1Y7k5CxUVERgEqq+33VFVL56eiiB0uphlfcbfbvw8njpvf1nV8p/rJXuGoSH38MEMSeuv4M5xCz5p08loDfhqKyA5E2nbrCV2M87otHr/oSAErAKJ1F+ECUtgGrPG3avhVQm7xSos8ttJsfOioj3S//UkEtKtBL06ZlRX7mNtrXx6wn/gAO0v5B8cQRbyzf+mE2iCNtMBgNtaFIuGyMHTKFMeYiwEfwUP94r21MPv5mrbMpBLIQlnrqDbzdSBdnGPysm12c5SN/6iU1YjUwabbGBh49OHOTCqJjcNBMdCHzbSvrb7CQcILIcjUHpm+CpasqgBxB3AGJey9GwEXyLvJXYY36oSRNCEMK1JqMq7/t/aKIjGgA/MrCaceSk1qCGPt4wAy2pg4LtyF3TbYc03ZRkRGsFkQmMC9kkCwf+Ja5J/+TwHvuzmXsm4BJOZK3N0gxD1XZfuuMZOTnniqdCVKxrwCXrdbc+w==
SUPER_USER_PASSWORD: >-
AgCU9T7s3wEIfr9MdIrKFCE3i2s8BQEvzaakJcv6QqyqtiYW2ZSRgz3dED9Ouro0JiHU8PP5eb5K8qO0HPLb4KQ52vfis7GNlXiYn2O9iEtEIksvhlr6bqeytvuHFxv3MPtTt6Ffami8NCTCv5dscNeTLh0TxriNw7Cis5xsVDZBoY+/1yx1IzqRZKunTvThAh+pUhqJCnNiB8beCfhrgCREN+Yhmm1kbcQOzuO9jSEKmREq0YT76N5YRkkStlIyJk5ZjotqFGmIUdaX6PQ/3pZMQphMZ000Tg3qc/kHcl9b122OHdG6S+xOqFUWZQU5NyTYFUWwfqlkh5+PrIH4tH7TnK8Yk/v0e+pIvBf3y2TCat6+48oWLAFHSWJJGUEeHtyvpv+BbLvKzahbg+xZtNIUGdUrBTJVEk7Js6Y8nGc2vVx90wMF+UV2egf/MgGl6cTONLt/Xtaf6KLXJMFhGmoOAl8tonkN/gdi4f6tcEaa7cZne2AraFDwBPYUu20iAaFNdw+rHPAK92vsjqfNG0yjsCPVLaw5kR2Uynmcpkn75zbPlVDC3IzwAeZqdV0PqD01Iqc+ACqodidvqGTaJ5ot2maz1ZUnt/bkbgnxE4Tad1KLQPgmB/Bj1fhanz+H+zuP/eSQGxcELLojfXzGEN9MECLqhkeyRwYa5/PgKXt+ZIm5qydsfeBD4WoCLKUbWrxkYCclvyfAc45KJqHzwiAK
template:
metadata:
creationTimestamp: null
Expand Down
14 changes: 14 additions & 0 deletions balancer/Service/backend.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/component: backend
name: backend
namespace: balancer
spec:
ports:
- name: gunicorn
port: 8000
targetPort: 8000
selector:
app.kubernetes.io/component: backend
12 changes: 12 additions & 0 deletions balancer/Service/db-service.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
apiVersion: v1
kind: Service
metadata:
name: db-service
namespace: balancer
spec:
ports:
- port: 5432
protocol: TCP
selector:
app.kubernetes.io/component: db
type: NodePort
20 changes: 0 additions & 20 deletions balancer/Service/frontend-static.yaml
View file

This file was deleted.

Loading

0 comments on commit 13b30ef

Please sign in to comment.