feat: Add container registry support and Kustomize foundation
- Add registry secret template for private container registry authentication - Fix frontend deployment to use imagePullSecrets for private registry - Enhance deploy-k8s.sh with registry authentication handling - Add PVC storage size validation to prevent storage reduction errors - Add graceful StatefulSet update error handling - Fix template variable substitution for DOCKER_IMAGE - Remove conflicting static PVC file that had unprocessed template variables - Add Kustomize structure as alternative to shell script templates: - Base configuration with common resources - Development overlay with dev-specific configurations - Support for environment-specific image tags and resource limits Registry setup requires setting REGISTRY_USERNAME, REGISTRY_PASSWORD, and optionally REGISTRY_HOST in .env file for private registry authentication.
This commit is contained in:
William Valentin
45
k8s-kustomize/base/frontend-deployment.yaml
Normal file
45
k8s-kustomize/base/frontend-deployment.yaml
Normal file
@@ -0,0 +1,45 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: rxminder-frontend
|
||||
labels:
|
||||
component: frontend
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
component: frontend
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
component: frontend
|
||||
spec:
|
||||
imagePullSecrets:
|
||||
- name: rxminder-registry-secret
|
||||
containers:
|
||||
- name: frontend
|
||||
image: frontend-image
|
||||
ports:
|
||||
- containerPort: 80
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: rxminder-config
|
||||
resources:
|
||||
requests:
|
||||
memory: '32Mi'
|
||||
cpu: '20m'
|
||||
limits:
|
||||
memory: '64Mi'
|
||||
cpu: '40m'
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /
|
||||
port: 80
|
||||
initialDelaySeconds: 30
|
||||
periodSeconds: 30
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: /
|
||||
port: 80
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 5
|
||||
60
k8s-kustomize/base/kustomization.yaml
Normal file
60
k8s-kustomize/base/kustomization.yaml
Normal file
@@ -0,0 +1,60 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
metadata:
|
||||
name: rxminder-base
|
||||
|
||||
namespace: rxminder
|
||||
|
||||
resources:
|
||||
- frontend-deployment.yaml
|
||||
- frontend-service.yaml
|
||||
- couchdb-statefulset.yaml
|
||||
- couchdb-service.yaml
|
||||
- couchdb-pvc.yaml
|
||||
- ingress.yaml
|
||||
- configmap.yaml
|
||||
- network-policy.yaml
|
||||
- hpa.yaml
|
||||
- db-seed-job.yaml
|
||||
|
||||
# Common labels applied to all resources
|
||||
commonLabels:
|
||||
app: rxminder
|
||||
version: v1.0.0
|
||||
|
||||
# Generate ConfigMap from environment files
|
||||
configMapGenerator:
|
||||
- name: rxminder-config
|
||||
envs:
|
||||
- config.env
|
||||
|
||||
# Generate Secret for CouchDB
|
||||
secretGenerator:
|
||||
- name: couchdb-secret
|
||||
literals:
|
||||
- username=admin
|
||||
- password=changeme
|
||||
type: Opaque
|
||||
|
||||
# Generate registry secret from credentials
|
||||
- name: rxminder-registry-secret
|
||||
files:
|
||||
- .dockerconfigjson=registry-config.json
|
||||
type: kubernetes.io/dockerconfigjson
|
||||
|
||||
# Images to be used (can be overridden in overlays)
|
||||
images:
|
||||
- name: frontend-image
|
||||
newName: gitea-http.taildb3494.ts.net/will/rxminder
|
||||
newTag: latest
|
||||
- name: couchdb-image
|
||||
newName: couchdb
|
||||
newTag: 3.3.2
|
||||
|
||||
# Replicas (can be overridden in overlays)
|
||||
replicas:
|
||||
- name: rxminder-frontend
|
||||
count: 1
|
||||
- name: rxminder-couchdb
|
||||
count: 1
|
||||
83
k8s-kustomize/overlays/dev/kustomization.yaml
Normal file
83
k8s-kustomize/overlays/dev/kustomization.yaml
Normal file
@@ -0,0 +1,83 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
metadata:
|
||||
name: rxminder-dev
|
||||
|
||||
namespace: rxminder-dev
|
||||
|
||||
resources:
|
||||
- ../../base
|
||||
|
||||
# Development-specific labels
|
||||
commonLabels:
|
||||
environment: dev
|
||||
|
||||
# Override images for development
|
||||
images:
|
||||
- name: frontend-image
|
||||
newName: gitea-http.taildb3494.ts.net/will/rxminder
|
||||
newTag: dev
|
||||
- name: couchdb-image
|
||||
newName: couchdb
|
||||
newTag: 3.3.2
|
||||
|
||||
# Development replicas (lower for resource conservation)
|
||||
replicas:
|
||||
- name: rxminder-frontend
|
||||
count: 1
|
||||
|
||||
# Development-specific patches
|
||||
patches:
|
||||
- target:
|
||||
kind: Deployment
|
||||
name: rxminder-frontend
|
||||
patch: |-
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/resources/requests/memory
|
||||
value: "16Mi"
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/resources/limits/memory
|
||||
value: "32Mi"
|
||||
- op: add
|
||||
path: /spec/template/spec/containers/0/env
|
||||
value:
|
||||
- name: NODE_ENV
|
||||
value: "development"
|
||||
- name: LOG_LEVEL
|
||||
value: "debug"
|
||||
|
||||
- target:
|
||||
kind: Ingress
|
||||
name: rxminder-ingress
|
||||
patch: |-
|
||||
- op: replace
|
||||
path: /spec/rules/0/host
|
||||
value: "rxminder-dev.local"
|
||||
|
||||
- target:
|
||||
kind: PersistentVolumeClaim
|
||||
name: rxminder-couchdb-pvc
|
||||
patch: |-
|
||||
- op: replace
|
||||
path: /spec/resources/requests/storage
|
||||
value: "1Gi"
|
||||
|
||||
# Development-specific ConfigMap
|
||||
configMapGenerator:
|
||||
- name: rxminder-config
|
||||
literals:
|
||||
- NODE_ENV=development
|
||||
- API_URL=http://rxminder-couchdb-service:5984
|
||||
- LOG_LEVEL=debug
|
||||
- DEBUG=true
|
||||
behavior: replace
|
||||
|
||||
# Development secrets (use weak passwords for dev)
|
||||
secretGenerator:
|
||||
- name: couchdb-secret
|
||||
literals:
|
||||
- username=admin
|
||||
- password=devpass123
|
||||
type: Opaque
|
||||
behavior: replace
|
||||
Reference in New Issue
Block a user