From 7757beb05984050d5aac2189f3dbd4a855420d7a Mon Sep 17 00:00:00 2001 From: Florian Wilhelm <2292245+fwilhe@users.noreply.github.com> Date: Wed, 18 Sep 2024 15:17:42 +0200 Subject: [PATCH] Bootstrap k8s deployment (#110) --- 00_db-statefulset.yaml | 78 ++++++++++++++++++++++++++ 01_glvd-deployment.yaml | 118 ++++++++++++++++++++++++++++++++++++++++ deploy-k8s.sh | 15 +++++ 3 files changed, 211 insertions(+) create mode 100644 00_db-statefulset.yaml create mode 100644 01_glvd-deployment.yaml create mode 100755 deploy-k8s.sh diff --git a/00_db-statefulset.yaml b/00_db-statefulset.yaml new file mode 100644 index 0000000..587cc83 --- /dev/null +++ b/00_db-statefulset.yaml @@ -0,0 +1,78 @@ +apiVersion: v1 +kind: Service +metadata: + name: glvd-database + labels: + app.kubernetes.io/name: glvd + gardenlinux.io/glvd-component: database +spec: + selector: + app.kubernetes.io/name: glvd + gardenlinux.io/glvd-component: database + ports: + - protocol: TCP + port: 5432 + name: postgres + targetPort: postgres + type: ClusterIP + clusterIP: None +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: glvd-database + labels: + app.kubernetes.io/name: glvd + gardenlinux.io/glvd-component: database +spec: + replicas: 1 + serviceName: "glvd-database" + selector: + matchLabels: + app.kubernetes.io/name: glvd + gardenlinux.io/glvd-component: database + template: + metadata: + labels: + app.kubernetes.io/name: glvd + gardenlinux.io/glvd-component: database + spec: + containers: + - image: ghcr.io/gardenlinux/glvd-postgres:latest + name: glvd-postgres + ports: + - containerPort: 5432 + protocol: TCP + name: postgres + env: + - name: POSTGRES_DATABASE + value: glvd + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + name: postgres-credentials + key: username + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: postgres-credentials + key: password + - name: POSTGRES_HOST + value: glvd-postgres + - name: POSTGRES_PORT + value: "5432" + - name: PGDATA + value: /var/lib/postgresql/data/pgdata + volumeMounts: + - mountPath: "/var/lib/postgresql/data" + name: postgres-storage + volumeClaimTemplates: + - metadata: + name: postgres-storage + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 5Gi + storageClassName: 'default' diff --git a/01_glvd-deployment.yaml b/01_glvd-deployment.yaml new file mode 100644 index 0000000..4142bbb --- /dev/null +++ b/01_glvd-deployment.yaml @@ -0,0 +1,118 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: glvd-config + labels: + app.kubernetes.io/name: glvd + gardenlinux.io/glvd-component: glvd-tracker +data: + connectionString: jdbc:postgresql://glvd-database-0.glvd-database:5432/glvd + databaseName: glvd +--- +apiVersion: v1 +kind: Service +metadata: + name: glvd + labels: + app.kubernetes.io/name: glvd + gardenlinux.io/glvd-component: glvd-tracker +spec: + ports: + - port: 8080 + protocol: TCP + targetPort: glvd + selector: + app.kubernetes.io/name: glvd + gardenlinux.io/glvd-component: glvd-tracker + type: ClusterIP +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: glvd + labels: + app.kubernetes.io/name: glvd + gardenlinux.io/glvd-component: glvd-tracker +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: glvd + gardenlinux.io/glvd-component: glvd-tracker + template: + metadata: + labels: + app.kubernetes.io/name: glvd + gardenlinux.io/glvd-component: glvd-tracker + spec: + containers: + - image: ghcr.io/gardenlinux/glvd-api:latest + name: glvd-api + # resources: + # requests: + # cpu: "1" + # memory: "2Gi" + # limits: + # cpu: "2" + # memory: "4Gi" + ports: + - containerPort: 8080 + protocol: TCP + name: glvd + env: + # cf https://github.com/spring-projects/spring-lifecycle-smoke-tests/tree/main/data/data-jpa#prevent-early-database-interaction + - name: SPRING_DATASOURCE_URL + valueFrom: + configMapKeyRef: + name: glvd-config + key: connectionString + - name: SPRING_DATASOURCE_USERNAME + valueFrom: + secretKeyRef: + name: postgres-credentials + key: username + - name: SPRING_DATASOURCE_PASSWORD + valueFrom: + secretKeyRef: + name: postgres-credentials + key: password + - name: SPRING_JPA_DATABASEPLATFORM + value: "org.hibernate.dialect.PostgreSQLDialect" + - name: SPRING_JPA_PROPERTIES_HIBERNATE_BOOT_ALLOW_JDBC_METADATA_ACCESS + value: "false" + - name: SPRING_JPA_HIBERNATE_DDLAUTO + value: "none" + - name: SPRING_SQL_INIT_MODE + value: "never" + livenessProbe: + httpGet: + path: "/actuator/health/liveness" + port: 8080 + readinessProbe: + httpGet: + path: "/actuator/health/readiness" + port: 8080 + +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: glvd-api-ingress + annotations: + cert.gardener.cloud/purpose: managed +spec: + rules: + - host: glvd.ingress.glvd.gardnlinux.shoot.canary.k8s-hana.ondemand.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: glvd + port: + number: 8080 + tls: + - hosts: + - glvd.ingress.glvd.gardnlinux.shoot.canary.k8s-hana.ondemand.com + secretName: glvd-ingress-tls diff --git a/deploy-k8s.sh b/deploy-k8s.sh new file mode 100755 index 0000000..19548ee --- /dev/null +++ b/deploy-k8s.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +DB_PASSWORD=$(pwgen 42 1) + +kubectl create secret generic postgres-credentials --type=string --from-literal=username=glvd --from-literal=password="$DB_PASSWORD" + +kubectl apply -f 00_db-statefulset.yaml + +sleep 20 + +kubectl run init-pg --image=ghcr.io/gardenlinux/glvd-postgres-init:latest --restart=Never --env=PGHOST=glvd-database-0.glvd-database --env=PGPASSWORD="$DB_PASSWORD" + +sleep 60 + +kubectl apply -f 01_glvd-deployment.yaml