forked from pedrolivaresanchez/emergency-cv
-
Notifications
You must be signed in to change notification settings - Fork 0
/
kubernetes.yml
174 lines (174 loc) · 4.86 KB
/
kubernetes.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
apiVersion: apps/v1
kind: Deployment
metadata:
name: emergency-cv--webapp--deployment
namespace: production
spec:
replicas: 12
selector:
matchLabels:
app: emergency-cv--webapp
template:
metadata:
labels:
app: emergency-cv--webapp
annotations:
ad.datadoghq.com/emergency-cv--webapp.logs: '[{"source": "nextjs", "service": "emergency-cv-webapp", "log_processing_rules": [{"type": "multi_line", "name": "log_start_with_date", "pattern": "\\d{4}-\\d{2}-\\d{2}"}]}]'
spec:
serviceAccountName: datadog-agent
containers:
- name: emergency-cv--webapp
image: 'localhost:30500/emergency-cv/webapp:VAR_GITHUB_COMMIT_HASH'
ports:
- containerPort: 3000
env:
- name: NEXT_PUBLIC_SUPABASE_URL
value: 'VAR_SUPABASE_URL'
- name: NEXT_PUBLIC_SUPABASE_ANON_KEY
value: 'VAR_SUPABASE_ANON_KEY'
livenessProbe:
httpGet:
path: /api/health
port: 3000
initialDelaySeconds: 10
periodSeconds: 5
readinessProbe:
httpGet:
path: /api/health
port: 3000
initialDelaySeconds: 5
periodSeconds: 5
- name: datadog-agent
image: gcr.io/datadoghq/agent:latest
env:
- name: DD_API_KEY
value: 'VAR_DATADOG_API_KEY'
- name: DD_SITE
value: 'datadoghq.eu'
- name: DD_LOGS_ENABLED
value: 'true'
- name: DD_LOGS_CONFIG_CONTAINER_COLLECT_ALL
value: 'true'
- name: DD_APM_ENABLED
value: 'true'
- name: DD_APM_NON_LOCAL_TRAFFIC
value: 'true'
- name: DD_KUBELET_TLS_VERIFY
value: 'false'
- name: DD_PROCESS_AGENT_ENABLED
value: 'true'
- name: DD_CONTAINER_EXCLUDE
value: 'image:gcr.io/datadoghq/agent'
- name: DD_CONTAINER_INCLUDE_METRICS
value: 'name:emergency-cv--webapp'
- name: DD_CONTAINER_INCLUDE_LOGS
value: 'name:emergency-cv--webapp'
- name: DD_SYSTEM_PROBE_ENABLED
value: 'false'
- name: DD_KUBERNETES_KUBELET_HOST
valueFrom:
fieldRef:
fieldPath: status.hostIP
securityContext:
privileged: false
capabilities:
add: ['SYS_ADMIN']
ports:
- containerPort: 8126
name: traceport
protocol: TCP
volumeMounts:
- name: podslogdir
mountPath: /var/log/pods
readOnly: true
- name: containerlogdir
mountPath: /var/lib/docker/containers
readOnly: true
volumes:
- name: podslogdir
hostPath:
path: /var/log/pods
- name: containerlogdir
hostPath:
path: /var/lib/docker/containers
---
apiVersion: v1
kind: Service
metadata:
name: emergency-cv--webapp--service
namespace: production
spec:
type: ClusterIP
ports:
- port: 80
targetPort: 3000
selector:
app: emergency-cv--webapp
---
apiVersion: batch/v1
kind: Job
metadata:
name: emergency-cv--webapp--build--job
namespace: production
spec:
template:
spec:
containers:
- name: kaniko
image: gcr.io/kaniko-project/executor:latest
args:
- '--context=git://[email protected]/pedrolivaresanchez/emergency-cv.git'
- '--dockerfile=Dockerfile'
- '--destination=idl-apps--container-registry-service:5000/emergency-cv/webapp:VAR_GITHUB_COMMIT_HASH'
- '--insecure'
- '--skip-tls-verify'
- '--build-arg=NEXT_PUBLIC_SUPABASE_URL=VAR_SUPABASE_URL'
- '--build-arg=NEXT_PUBLIC_SUPABASE_ANON_KEY=VAR_SUPABASE_ANON_KEY'
restartPolicy: Never
backoffLimit: 2
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: datadog-agent
namespace: production
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: datadog-agent
rules:
- apiGroups: ['']
resources:
- nodes
- nodes/metrics
- nodes/proxy
- nodes/spec
- nodes/stats
- pods
- services
- endpoints
- events
verbs: ['get', 'list', 'watch']
- apiGroups: ['']
resources:
- configmaps
resourceNames: ['datadog-leader-election']
verbs: ['get', 'update']
- apiGroups: ['']
resources:
- configmaps
verbs: ['create']
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: datadog-agent
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: datadog-agent
subjects:
- kind: ServiceAccount
name: datadog-agent
namespace: production