diff --git a/apps/drone.yaml b/apps/drone.yaml index 03ebe06..1fbce47 100644 --- a/apps/drone.yaml +++ b/apps/drone.yaml @@ -58,10 +58,7 @@ spec: - name: DRONE_DATABASE_DRIVER value: postgres - name: DRONE_DATABASE_DATASOURCE - valueFrom: - secretKeyRef: - name: secrets - key: POSTGRES_URL + value: postgres://postgres:$(POSTGRES_PASSWORD)@postgres.databases:5432/drone?sslmode=disable - name: DRONE_S3_PATH_STYLE value: "true" - name: AWS_REGION diff --git a/databases/nats.yaml b/databases/nats.yaml index 18c053d..72a77ec 100644 --- a/databases/nats.yaml +++ b/databases/nats.yaml @@ -31,10 +31,14 @@ data: } authorization: { users: [ - {user: $SYS, password: $NATS_PASSWORD}, {user: default, password: $NATS_PASSWORD} ] } + accounts: { + $SYS: { + users: [{user: sys, password: $NATS_PASSWORD}] + } + } --- apiVersion: apps/v1 kind: Deployment @@ -57,12 +61,15 @@ spec: containers: - name: nats image: nats:2.10.5 + args: ["-c", "/etc/nats/server.conf"] ports: - containerPort: 4222 - containerPort: 8222 volumeMounts: - name: data mountPath: /data + - name: config + mountPath: /etc/nats env: - name: NATS_PASSWORD valueFrom: diff --git a/databases/postgres.yaml b/databases/postgres.yaml index 656f612..2ec9abe 100644 --- a/databases/postgres.yaml +++ b/databases/postgres.yaml @@ -125,7 +125,7 @@ spec: restartPolicy: Never containers: - name: postgres-backup - image: localhost:30007/postgres-s3 + image: container-registry.nocodelytics.com/postgres-s3 command: - /bin/sh - -c diff --git a/dependencies/01-namespaces.yml b/dependencies/01-namespaces.yml index 33367ee..e64af1d 100644 --- a/dependencies/01-namespaces.yml +++ b/dependencies/01-namespaces.yml @@ -7,3 +7,13 @@ apiVersion: v1 kind: Namespace metadata: name: databases +--- +apiVersion: v1 +kind: Namespace +metadata: + name: staging +--- +apiVersion: v1 +kind: Namespace +metadata: + name: production diff --git a/kustomization/bases/cert-manager.yaml b/kustomization/bases/cert-manager.yaml deleted file mode 100644 index 4ad355c..0000000 --- a/kustomization/bases/cert-manager.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: cert-manager.io/v1 -kind: Issuer -metadata: - name: letsencrypt-prod -spec: - acme: - server: https://acme-v02.api.letsencrypt.org/directory - email: florian@nocodelytics.com - privateKeySecretRef: - name: letsencrypt-prod - solvers: - - http01: - ingress: - class: traefik diff --git a/kustomization/bases/clickhouse.yaml b/kustomization/bases/clickhouse.yaml deleted file mode 100644 index 0d42fcd..0000000 --- a/kustomization/bases/clickhouse.yaml +++ /dev/null @@ -1,94 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: clickhouse-data-pvc -spec: - accessModes: - - ReadWriteOnce - storageClassName: local-path - resources: - requests: - storage: 100Gi ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: clickhouse-log-pvc -spec: - accessModes: - - ReadWriteOnce - storageClassName: local-path - resources: - requests: - storage: 5Gi ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: nocodelytics-clickhouse -spec: - replicas: 1 - selector: - matchLabels: - ms: nocodelytics-clickhouse - template: - metadata: - labels: - ms: nocodelytics-clickhouse - spec: - containers: - - name: nocodelytics-clickhouse - imagePullPolicy: Always - image: clickhouse/clickhouse-server - volumeMounts: - - name: data-volv - mountPath: /var/lib/clickhouse/ - - name: log-volv - mountPath: /var/log/clickhouse-server/ - - name: clickhouse-config - mountPath: /etc/clickhouse-server/config.xml - subPath: config.xml - resources: - requests: - memory: "1Gi" - cpu: "200m" - ephemeral-storage: "1Mi" - limits: - memory: "1Gi" - cpu: "200m" - ephemeral-storage: "1Mi" - volumes: - - name: data-volv - persistentVolumeClaim: - claimName: clickhouse-data-pvc - - name: log-volv - persistentVolumeClaim: - claimName: clickhouse-log-pvc - - name: clickhouse-config - configMap: - name: clickhouse-config - nodeSelector: - kubernetes.io/arch: arm64 - tolerations: - - key: "arch" - operator: "Equal" - value: "arm64" - effect: "NoSchedule" ---- -apiVersion: v1 -kind: Service -metadata: - name: nocodelytics-clickhouse -spec: - type: NodePort - selector: - ms: nocodelytics-clickhouse - ports: - - port: 9000 - name: "clickhouse-client" - targetPort: 9000 - nodePort: 31006 - - port: 8123 - name: "clickhouse-http" - targetPort: 8123 - nodePort: 31007 diff --git a/kustomization/bases/kustomization.yaml b/kustomization/bases/kustomization.yaml index 19ae0d5..eeb4f39 100644 --- a/kustomization/bases/kustomization.yaml +++ b/kustomization/bases/kustomization.yaml @@ -3,15 +3,20 @@ resources: - ./nocodelytics-dashboard.yaml - ./nocodelytics-events-worker.yaml - ./nocodelytics-tracker-api.yaml - - ./cert-manager.yaml - - ./traefik.yaml - # - ./clickhouse.yaml -secretGenerator: - - name: regcred - type: kubernetes.io/dockerconfigjson - envs: - - ./secrets/.dockerconfigjson.env - - name: secrets - type: Secret - envs: - - ./secrets/.secrets.env +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +patches: + - target: + group: apps + version: v1 + kind: Deployment + patch: |- + - op: add + path: /spec/template/spec/containers/0/env/- + value: {name: NATS_URL, value: http://nats.databases} + - op: add + path: /spec/template/spec/containers/0/env/- + value: {name: CLICKHOUSE_HOST, value: http://clickhouse.databases} + - op: add + path: /spec/template/spec/containers/0/env/- + value: {name: POSTGRES_HOST, value: postgres.databases} diff --git a/kustomization/bases/nocodelytics-dashboard.yaml b/kustomization/bases/nocodelytics-dashboard.yaml index 5abf62b..b5dc971 100644 --- a/kustomization/bases/nocodelytics-dashboard.yaml +++ b/kustomization/bases/nocodelytics-dashboard.yaml @@ -1,22 +1,9 @@ -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: nocodelytics-dashboard -spec: - secretName: nocodelytics-dashboard-net-tls - issuerRef: - name: letsencrypt-prod - kind: Issuer - commonName: default.nocodelytics.com - dnsNames: - - default.nocodelytics.com ---- apiVersion: apps/v1 kind: Deployment metadata: name: nocodelytics-dashboard spec: - replicas: 1 + replicas: 2 strategy: type: RollingUpdate rollingUpdate: @@ -30,12 +17,10 @@ spec: labels: ms: nocodelytics-dashboard spec: - imagePullSecrets: - - name: regcred containers: - name: nocodelytics-dashboard imagePullPolicy: Always - image: container-registry.nocodelytics.com/nocodelytics/dashboard:latest + image: container-registry.nocodelytics.com/nocodelytics:latest readinessProbe: tcpSocket: port: 8080 @@ -51,68 +36,52 @@ spec: env: - name: PORT value: "8080" - - name: K8S_NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - - name: K8S_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: ENCRYPTION_KEY - valueFrom: - secretKeyRef: - name: secrets - key: ENCRYPTION_KEY - resources: - requests: - memory: "256Mi" - cpu: "50m" - ephemeral-storage: "1Mi" - limits: - memory: "512Mi" - cpu: "200m" - ephemeral-storage: "1Mi" - nodeSelector: - kubernetes.io/arch: arm64 - tolerations: - - key: "arch" - operator: "Equal" - value: "arm64" - effect: "NoSchedule" + envFrom: + - secretRef: + name: secrets --- apiVersion: v1 kind: Service metadata: name: nocodelytics-dashboard spec: - type: NodePort + type: ClusterIP selector: ms: nocodelytics-dashboard ports: - port: 8080 targetPort: 8080 --- -apiVersion: networking.k8s.io/v1 -kind: Ingress +apiVersion: traefik.containo.us/v1alpha1 +kind: IngressRoute metadata: - name: nocodelytics-dashboard-nginx-ingress - annotations: - kubernetes.io/ingress.class: "traefik" - cert-manager.io/issuer: letsencrypt-prod - traefik.ingress.kubernetes.io/redirect-entry-point: https - cert-manager.io/acme-challenge-type: http01 + name: nocodelytics-dashboard spec: - rules: - - host: default.nocodelytics.com - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: nocodelytics-dashboard + entryPoints: + - websecure + routes: + - match: Host(`default.nocodelytics.com`) + kind: Rule + services: + - name: nocodelytics-dashboard + port: 8080 tls: - - hosts: - - default.nocodelytics.com - secretName: nocodelytics-dashboard-net-tls + certResolver: letsencrypt + domains: + - main: default.nocodelytics.com +--- +apiVersion: v1 +kind: Pod +metadata: + name: nocodelytics-debug +spec: + containers: + - name: nocodelytics-debug + image: container-registry.nocodelytics.com/nocodelytics:latest + command: ["/bin/sh"] + args: ["-c", "while true; do sleep 30; done;"] + envFrom: + - secretRef: + name: secrets +--- + diff --git a/kustomization/bases/nocodelytics-events-worker.yaml b/kustomization/bases/nocodelytics-events-worker.yaml index 550185a..1143379 100644 --- a/kustomization/bases/nocodelytics-events-worker.yaml +++ b/kustomization/bases/nocodelytics-events-worker.yaml @@ -15,26 +15,13 @@ spec: containers: - name: nocodelytics-events-worker imagePullPolicy: Always - image: container-registry.nocodelytics.com/nocodelytics/dashboard:latest + image: container-registry.nocodelytics.com/nocodelytics:latest command: [ "node", "./api/.build/src/queue/workers/metricEventWorker/metricEventWorker.js", ] - resources: - requests: - memory: "256Mi" - cpu: "50m" - ephemeral-storage: "1Mi" - limits: - memory: "512Mi" - cpu: "200m" - ephemeral-storage: "1Mi" - env: - - name: ENCRYPTION_KEY - valueFrom: - secretKeyRef: - name: secrets - key: ENCRYPTION_KEY - imagePullSecrets: - - name: regcred + env: [] + envFrom: + - secretRef: + name: secrets diff --git a/kustomization/bases/nocodelytics-tracker-api.yaml b/kustomization/bases/nocodelytics-tracker-api.yaml index 1856e57..7189c1d 100644 --- a/kustomization/bases/nocodelytics-tracker-api.yaml +++ b/kustomization/bases/nocodelytics-tracker-api.yaml @@ -1,22 +1,9 @@ -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: nocodelytics-tracker-api -spec: - secretName: nocodelytics-tracker-api-net-tls - issuerRef: - name: letsencrypt-prod - kind: Issuer - commonName: nocodelytics-tracker-api.nocodelytics.com - dnsNames: - - nocodelytics-tracker-api.nocodelytics.com ---- apiVersion: apps/v1 kind: Deployment metadata: name: nocodelytics-tracker-api spec: - replicas: 1 + replicas: 2 selector: matchLabels: ms: nocodelytics-tracker-api @@ -25,87 +12,41 @@ spec: labels: ms: nocodelytics-tracker-api spec: - imagePullSecrets: - - name: regcred containers: - name: nocodelytics-tracker-api - imagePullPolicy: Always - image: container-registry.nocodelytics.com/nocodelytics/dashboard:latest - command: ["forever", "./api/.build/src/tracker/index.js"] - resources: - requests: - memory: "128Mi" - cpu: "200m" - ephemeral-storage: "1Mi" - limits: - memory: "512Mi" - cpu: "200m" - ephemeral-storage: "1Mi" - env: - - name: PORT - value: "3001" - - name: K8S_NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - - name: K8S_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: NATS_USER - value: nocodelytics-nats - - name: ENCRYPTION_KEY - valueFrom: - secretKeyRef: - name: secrets - key: ENCRYPTION_KEY - nodeSelector: - kubernetes.io/arch: arm64 - tolerations: - - key: "arch" - operator: "Equal" - value: "arm64" - effect: "NoSchedule" + image: container-registry.nocodelytics.com/nocodelytics:latest + command: ["node", "./api/.build/src/tracker/index.js"] + env: [] + envFrom: + - secretRef: + name: secrets --- apiVersion: v1 kind: Service metadata: name: nocodelytics-tracker-api spec: - type: NodePort + type: ClusterIP selector: ms: nocodelytics-tracker-api ports: - port: 3001 targetPort: 3001 --- -apiVersion: networking.k8s.io/v1 -kind: Ingress +apiVersion: traefik.containo.us/v1alpha1 +kind: IngressRoute metadata: - name: nocodelytics-tracker-api-nginx-ingress - annotations: - kubernetes.io/ingress.class: "traefik" - cert-manager.io/issuer: letsencrypt-prod - traefik.ingress.kubernetes.io/redirect-entry-point: https - cert-manager.io/acme-challenge-type: http01 + name: nocodelytics-tracker-api spec: - rules: - - host: nocodelytics-tracker-api.nocodelytics.com - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: ssl-redirect - port: - name: use-annotation - - path: / - pathType: Prefix - backend: - service: - name: nocodelytics-tracker-api + entryPoints: + - websecure + routes: + - match: Host(`default.nocodelytics.com`) + kind: Rule + services: + - name: nocodelytics-tracker-api + port: 3001 tls: - - hosts: - - nocodelytics-tracker-api.nocodelytics.com - secretName: nocodelytics-tracker-api-net-tls + certResolver: letsencrypt + domains: + - main: default.nocodelytics.com diff --git a/kustomization/bases/traefik.yaml b/kustomization/bases/traefik.yaml deleted file mode 100644 index 01ce4fd..0000000 --- a/kustomization/bases/traefik.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: traefik.containo.us/v1alpha1 -kind: Middleware -metadata: - name: https-redirect -spec: - redirectScheme: - scheme: https - permanent: true diff --git a/kustomization/overlays/production/kustomization.yaml b/kustomization/overlays/production/kustomization.yaml index 06fb083..3242fb4 100644 --- a/kustomization/overlays/production/kustomization.yaml +++ b/kustomization/overlays/production/kustomization.yaml @@ -1,16 +1,16 @@ namespace: production resources: - ../../bases -patchesStrategicMerge: - - ./nocodelytics-dashboard.yaml - - ./nocodelytics-events-worker.yaml - - ./nocodelytics-tracker-api.yaml - # - ./nats.yaml patches: - - target: - kind: Namespace - name: default - patch: |- + - patch: |- - op: replace path: /metadata/name value: production + target: + kind: Namespace + name: default + - path: ./nocodelytics-dashboard.yaml + - path: ./nocodelytics-tracker-api.yaml + - path: ./nocodelytics-events-worker.yaml +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization diff --git a/kustomization/overlays/production/nats.yaml b/kustomization/overlays/production/nats.yaml deleted file mode 100644 index 3e4c29f..0000000 --- a/kustomization/overlays/production/nats.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: nats -spec: - type: NodePort - selector: - app.kubernetes.io/name: nats - ports: - - port: 4222 - name: nats - targetPort: 4222 - nodePort: 32225 - - port: 7422 - name: leafnodes - targetPort: 7422 - nodePort: 32226 - - port: 7522 - name: gateways - targetPort: 7522 - nodePort: 32227 diff --git a/kustomization/overlays/production/nocodelytics-dashboard.yaml b/kustomization/overlays/production/nocodelytics-dashboard.yaml index 59f8145..d4aef3c 100644 --- a/kustomization/overlays/production/nocodelytics-dashboard.yaml +++ b/kustomization/overlays/production/nocodelytics-dashboard.yaml @@ -1,59 +1,27 @@ -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: nocodelytics-dashboard -spec: - commonName: api.nocodelytics.com - dnsNames: - - api.nocodelytics.com ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: nocodelytics-dashboard-nginx-ingress - annotations: - traefik.ingress.kubernetes.io/router.middlewares: production-https-redirect@kubernetescrd -spec: - rules: - - host: api.nocodelytics.com - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: ssl-redirect - port: - name: use-annotation - - path: / - pathType: Prefix - backend: - service: - name: nocodelytics-dashboard - port: - number: 8080 - tls: - - hosts: - - api.nocodelytics.com - secretName: nocodelytics-dashboard-net-tls ---- apiVersion: apps/v1 kind: Deployment metadata: name: nocodelytics-dashboard spec: - replicas: 1 - selector: - matchLabels: - ms: nocodelytics-dashboard template: - metadata: - labels: - ms: nocodelytics-dashboard spec: containers: - name: nocodelytics-dashboard - image: container-registry.nocodelytics.com/nocodelytics/dashboard:latest env: - name: NODE_ENV value: production +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: IngressRoute +metadata: + name: nocodelytics-dashboard +spec: + routes: + - match: Host(`app.nocodelytics.com`) + kind: Rule + services: + - name: nocodelytics-dashboard + port: 8080 + tls: + domains: + - main: app.nocodelytics.com diff --git a/kustomization/overlays/production/nocodelytics-events-worker.yaml b/kustomization/overlays/production/nocodelytics-events-worker.yaml index 2c32f9c..74e52c1 100644 --- a/kustomization/overlays/production/nocodelytics-events-worker.yaml +++ b/kustomization/overlays/production/nocodelytics-events-worker.yaml @@ -3,7 +3,6 @@ kind: Deployment metadata: name: nocodelytics-events-worker spec: - replicas: 1 selector: matchLabels: ms: nocodelytics-events-worker @@ -16,4 +15,4 @@ spec: - name: nocodelytics-events-worker env: - name: NODE_ENV - value: production + value: staging diff --git a/kustomization/overlays/production/nocodelytics-tracker-api.yaml b/kustomization/overlays/production/nocodelytics-tracker-api.yaml index 9777df4..fd56110 100644 --- a/kustomization/overlays/production/nocodelytics-tracker-api.yaml +++ b/kustomization/overlays/production/nocodelytics-tracker-api.yaml @@ -1,63 +1,27 @@ -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: nocodelytics-tracker-api -spec: - commonName: tracker.nocodelytics.com - dnsNames: - - tracker.nocodelytics.com ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: nocodelytics-tracker-api-nginx-ingress -spec: - rules: - - host: tracker.nocodelytics.com - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: ssl-redirect - port: - name: use-annotation - - path: / - pathType: Prefix - backend: - service: - name: nocodelytics-tracker-api - port: - number: 3001 - tls: - - hosts: - - tracker.nocodelytics.com - secretName: nocodelytics-tracker-api-net-tls ---- apiVersion: apps/v1 kind: Deployment metadata: name: nocodelytics-tracker-api spec: - replicas: 4 - selector: - matchLabels: - ms: nocodelytics-tracker-api template: - metadata: - labels: - ms: nocodelytics-tracker-api spec: containers: - name: nocodelytics-tracker-api env: - name: NODE_ENV value: production - - name: NATS_URL - value: nocodelytics-nats.production.svc.cluster.local:4222 - - name: NATS_PASSWORD - valueFrom: - secretKeyRef: - name: secrets - key: NATS_PRODUCTION_PASSWORD +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: IngressRoute +metadata: + name: nocodelytics-tracker-api +spec: + routes: + - match: Host(`tracker.nocodelytics.com`) + kind: Rule + services: + - name: nocodelytics-tracker-api + port: 3001 + tls: + domains: + - main: tracker.nocodelytics.com diff --git a/kustomization/overlays/staging/kustomization.yaml b/kustomization/overlays/staging/kustomization.yaml index 9678cde..d50a826 100644 --- a/kustomization/overlays/staging/kustomization.yaml +++ b/kustomization/overlays/staging/kustomization.yaml @@ -1,17 +1,30 @@ namespace: staging resources: - ../../bases - - ./nats.yaml -patchesStrategicMerge: - - ./nocodelytics-dashboard.yaml - - ./nocodelytics-tracker-api.yaml - - ./nocodelytics-events-worker.yaml - - ./nats.yaml patches: - - target: - kind: Namespace - name: default - patch: |- + - patch: |- - op: replace path: /metadata/name value: staging + target: + kind: Namespace + name: default + - path: ./nocodelytics-dashboard.yaml + - path: ./nocodelytics-tracker-api.yaml + - path: ./nocodelytics-events-worker.yaml + - target: + group: apps + version: v1 + kind: Deployment + patch: |- + - op: add + path: /spec/template/spec/containers/0/env/- + value: {name: NODE_ENV, value: staging} + - op: add + path: /spec/template/spec/containers/0/env/- + value: {name: CLICKHOUSE_DATABASE, value: nocodelytics_staging} + - op: add + path: /spec/template/spec/containers/0/env/- + value: {name: POSTGRES_DATABASE, value: nocodelytics_staging} +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization diff --git a/kustomization/overlays/staging/nats.yaml b/kustomization/overlays/staging/nats.yaml deleted file mode 100644 index ae5867c..0000000 --- a/kustomization/overlays/staging/nats.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: nats -spec: - type: NodePort - selector: - app.kubernetes.io/name: nats - ports: - - port: 4222 - name: nats - targetPort: 4222 - nodePort: 32222 - - port: 7422 - name: leafnodes - targetPort: 7422 - nodePort: 32223 - - port: 7522 - name: gateways - targetPort: 7522 - nodePort: 32224 diff --git a/kustomization/overlays/staging/nocodelytics-dashboard.yaml b/kustomization/overlays/staging/nocodelytics-dashboard.yaml index c154934..7231461 100644 --- a/kustomization/overlays/staging/nocodelytics-dashboard.yaml +++ b/kustomization/overlays/staging/nocodelytics-dashboard.yaml @@ -1,52 +1,14 @@ -apiVersion: cert-manager.io/v1 -kind: Certificate +apiVersion: traefik.containo.us/v1alpha1 +kind: IngressRoute metadata: name: nocodelytics-dashboard spec: - commonName: staging.nocodelytics.com - dnsNames: - - staging.nocodelytics.com ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: nocodelytics-dashboard-nginx-ingress - annotations: - traefik.ingress.kubernetes.io/router.middlewares: staging-https-redirect@kubernetescrd -spec: - rules: - - host: staging.nocodelytics.com - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: nocodelytics-dashboard - port: - number: 8080 - tls: - - hosts: - - staging.nocodelytics.com - secretName: nocodelytics-dashboard-net-tls ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: nocodelytics-dashboard -spec: - replicas: 1 - selector: - matchLabels: - ms: nocodelytics-dashboard - template: - metadata: - labels: - ms: nocodelytics-dashboard - spec: - containers: + routes: + - match: Host(`staging.nocodelytics.com`) + kind: Rule + services: - name: nocodelytics-dashboard - image: container-registry.nocodelytics.com/nocodelytics/dashboard:latest - env: - - name: NODE_ENV - value: stage + port: 8080 + tls: + domains: + - main: staging.nocodelytics.com diff --git a/kustomization/overlays/staging/nocodelytics-events-worker.yaml b/kustomization/overlays/staging/nocodelytics-events-worker.yaml index 1e8d0c8..74e52c1 100644 --- a/kustomization/overlays/staging/nocodelytics-events-worker.yaml +++ b/kustomization/overlays/staging/nocodelytics-events-worker.yaml @@ -3,7 +3,6 @@ kind: Deployment metadata: name: nocodelytics-events-worker spec: - replicas: 1 selector: matchLabels: ms: nocodelytics-events-worker @@ -16,4 +15,4 @@ spec: - name: nocodelytics-events-worker env: - name: NODE_ENV - value: stage + value: staging diff --git a/kustomization/overlays/staging/nocodelytics-tracker-api.yaml b/kustomization/overlays/staging/nocodelytics-tracker-api.yaml index b694579..30c8747 100644 --- a/kustomization/overlays/staging/nocodelytics-tracker-api.yaml +++ b/kustomization/overlays/staging/nocodelytics-tracker-api.yaml @@ -1,65 +1,27 @@ -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: nocodelytics-tracker-api -spec: - commonName: stagingtracker.nocodelytics.com - dnsNames: - - stagingtracker.nocodelytics.com ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: nocodelytics-tracker-api-nginx-ingress -spec: - rules: - - host: stagingtracker.nocodelytics.com - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: ssl-redirect - port: - name: use-annotation - - path: / - pathType: Prefix - backend: - service: - name: nocodelytics-tracker-api - port: - number: 3001 - tls: - - hosts: - - stagingtracker.nocodelytics.com - secretName: nocodelytics-tracker-api-net-tls ---- apiVersion: apps/v1 kind: Deployment metadata: name: nocodelytics-tracker-api spec: - replicas: 1 - selector: - matchLabels: - ms: nocodelytics-tracker-api template: - metadata: - labels: - ms: nocodelytics-tracker-api spec: containers: - name: nocodelytics-tracker-api env: - name: NODE_ENV - value: stage - - name: BASE_URL - value: https://stagingtracker.nocodelytics.com - - name: NATS_URL - value: nocodelytics-nats.staging.svc.cluster.local:4222 - - name: NATS_PASSWORD - valueFrom: - secretKeyRef: - name: secrets - key: NATS_STAGING_PASSWORD + value: staging +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: IngressRoute +metadata: + name: nocodelytics-tracker-api +spec: + routes: + - match: Host(`tracker-staging.nocodelytics.com`) + kind: Rule + services: + - name: nocodelytics-tracker-api + port: 3001 + tls: + domains: + - main: tracker-staging.nocodelytics.com diff --git a/secrets b/secrets new file mode 160000 index 0000000..1ae1639 --- /dev/null +++ b/secrets @@ -0,0 +1 @@ +Subproject commit 1ae16392f63e8e95de8b3482d045ee64e3be5408 diff --git a/sysadmin/00-container-registry.yaml b/sysadmin/00-container-registry.yaml index 44aeaf0..17d9ec4 100644 --- a/sysadmin/00-container-registry.yaml +++ b/sysadmin/00-container-registry.yaml @@ -10,6 +10,8 @@ data: fields: service: registry storage: + delete: + enabled: true cache: blobdescriptor: inmemory s3: @@ -116,3 +118,58 @@ spec: certResolver: letsencrypt domains: - main: container-registry.nocodelytics.com +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: container-registry-ui + namespace: sysadmin +spec: + replicas: 1 + selector: + matchLabels: + name: container-registry-ui + template: + metadata: + labels: + name: container-registry-ui + spec: + containers: + - name: docker-registry-ui + image: joxit/docker-registry-ui:main + env: + - name: SINGLE_REGISTRY + value: "true" + - name: REGISTRY_TITLE + value: "Docker Registry UI" + - name: DELETE_IMAGES + value: "true" + - name: SHOW_CONTENT_DIGEST + value: "true" + - name: NGINX_PROXY_PASS_URL + value: "http://container-registry-server.sysadmin:5000" + - name: SHOW_CATALOG_NB_TAGS + value: "true" + - name: CATALOG_MIN_BRANCHES + value: "1" + - name: CATALOG_MAX_BRANCHES + value: "1" + - name: TAGLIST_PAGE_SIZE + value: "100" + - name: REGISTRY_SECURED + value: "false" + - name: CATALOG_ELEMENTS_LIMIT + value: "1000" +--- +apiVersion: v1 +kind: Service +metadata: + name: container-registry-ui + namespace: sysadmin +spec: + type: ClusterIP + selector: + name: container-registry-ui + ports: + - port: 80 + targetPort: 80