nocodelytics
/
infrastructure
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

start deploying nocodelytics

This commit is contained in:
Florian Herrengt 2023-12-19 18:49:30 +01:00
parent ac9b34da97
commit 0b78ee40b4
23 changed files with 248 additions and 565 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
apps/drone.yaml
View File

@ -58,10 +58,7 @@ spec:
- name: DRONE_DATABASE_DRIVER - name: DRONE_DATABASE_DRIVER
value: postgres value: postgres
- name: DRONE_DATABASE_DATASOURCE - name: DRONE_DATABASE_DATASOURCE
valueFrom: value: postgres://postgres:$(POSTGRES_PASSWORD)@postgres.databases:5432/drone?sslmode=disable
secretKeyRef:
name: secrets
key: POSTGRES_URL
- name: DRONE_S3_PATH_STYLE - name: DRONE_S3_PATH_STYLE
value: "true" value: "true"
- name: AWS_REGION - name: AWS_REGION

9
databases/nats.yaml
View File

@ -31,10 +31,14 @@ data:
} }
authorization: { authorization: {
users: [ users: [
{user: $SYS, password: $NATS_PASSWORD},
{user: default, password: $NATS_PASSWORD} {user: default, password: $NATS_PASSWORD}
] ]
} }
accounts: {
$SYS: {
users: [{user: sys, password: $NATS_PASSWORD}]
}
}
--- ---
apiVersion: apps/v1 apiVersion: apps/v1
kind: Deployment kind: Deployment
@ -57,12 +61,15 @@ spec:
containers: containers:
- name: nats - name: nats
image: nats:2.10.5 image: nats:2.10.5
args: ["-c", "/etc/nats/server.conf"]
ports: ports:
- containerPort: 4222 - containerPort: 4222
- containerPort: 8222 - containerPort: 8222
volumeMounts: volumeMounts:
- name: data - name: data
mountPath: /data mountPath: /data
- name: config
mountPath: /etc/nats
env: env:
- name: NATS_PASSWORD - name: NATS_PASSWORD
valueFrom: valueFrom:

2
databases/postgres.yaml
View File

@ -125,7 +125,7 @@ spec:
restartPolicy: Never restartPolicy: Never
containers: containers:
- name: postgres-backup - name: postgres-backup
image: localhost:30007/postgres-s3 image: container-registry.nocodelytics.com/postgres-s3
command: command:
- /bin/sh - /bin/sh
- -c - -c

10
dependencies/01-namespaces.yml vendored
View File

@ -7,3 +7,13 @@ apiVersion: v1
kind: Namespace kind: Namespace
metadata: metadata:
name: databases name: databases
---
apiVersion: v1
kind: Namespace
metadata:
name: staging
---
apiVersion: v1
kind: Namespace
metadata:
name: production

14
kustomization/bases/cert-manager.yaml
View File

@ -1,14 +0,0 @@
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: letsencrypt-prod
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
email: florian@nocodelytics.com
privateKeySecretRef:
name: letsencrypt-prod
solvers:
- http01:
ingress:
class: traefik

94
kustomization/bases/clickhouse.yaml
View File

@ -1,94 +0,0 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: clickhouse-data-pvc
spec:
accessModes:
- ReadWriteOnce
storageClassName: local-path
resources:
requests:
storage: 100Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: clickhouse-log-pvc
spec:
accessModes:
- ReadWriteOnce
storageClassName: local-path
resources:
requests:
storage: 5Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: nocodelytics-clickhouse
spec:
replicas: 1
selector:
matchLabels:
ms: nocodelytics-clickhouse
template:
metadata:
labels:
ms: nocodelytics-clickhouse
spec:
containers:
- name: nocodelytics-clickhouse
imagePullPolicy: Always
image: clickhouse/clickhouse-server
volumeMounts:
- name: data-volv
mountPath: /var/lib/clickhouse/
- name: log-volv
mountPath: /var/log/clickhouse-server/
- name: clickhouse-config
mountPath: /etc/clickhouse-server/config.xml
subPath: config.xml
resources:
requests:
memory: "1Gi"
cpu: "200m"
ephemeral-storage: "1Mi"
limits:
memory: "1Gi"
cpu: "200m"
ephemeral-storage: "1Mi"
volumes:
- name: data-volv
persistentVolumeClaim:
claimName: clickhouse-data-pvc
- name: log-volv
persistentVolumeClaim:
claimName: clickhouse-log-pvc
- name: clickhouse-config
configMap:
name: clickhouse-config
nodeSelector:
kubernetes.io/arch: arm64
tolerations:
- key: "arch"
operator: "Equal"
value: "arm64"
effect: "NoSchedule"
---
apiVersion: v1
kind: Service
metadata:
name: nocodelytics-clickhouse
spec:
type: NodePort
selector:
ms: nocodelytics-clickhouse
ports:
- port: 9000
name: "clickhouse-client"
targetPort: 9000
nodePort: 31006
- port: 8123
name: "clickhouse-http"
targetPort: 8123
nodePort: 31007

29
kustomization/bases/kustomization.yaml
View File

@ -3,15 +3,20 @@ resources:
- ./nocodelytics-dashboard.yaml - ./nocodelytics-dashboard.yaml
- ./nocodelytics-events-worker.yaml - ./nocodelytics-events-worker.yaml
- ./nocodelytics-tracker-api.yaml - ./nocodelytics-tracker-api.yaml
- ./cert-manager.yaml apiVersion: kustomize.config.k8s.io/v1beta1
- ./traefik.yaml kind: Kustomization
# - ./clickhouse.yaml patches:
secretGenerator: - target:
- name: regcred group: apps
type: kubernetes.io/dockerconfigjson version: v1
envs: kind: Deployment
- ./secrets/.dockerconfigjson.env patch: |-
- name: secrets - op: add
type: Secret path: /spec/template/spec/containers/0/env/-
envs: value: {name: NATS_URL, value: http://nats.databases}
- ./secrets/.secrets.env - op: add
path: /spec/template/spec/containers/0/env/-
value: {name: CLICKHOUSE_HOST, value: http://clickhouse.databases}
- op: add
path: /spec/template/spec/containers/0/env/-
value: {name: POSTGRES_HOST, value: postgres.databases}

103
kustomization/bases/nocodelytics-dashboard.yaml
View File

@ -1,22 +1,9 @@
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: nocodelytics-dashboard
spec:
secretName: nocodelytics-dashboard-net-tls
issuerRef:
name: letsencrypt-prod
kind: Issuer
commonName: default.nocodelytics.com
dnsNames:
- default.nocodelytics.com
---
apiVersion: apps/v1 apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
name: nocodelytics-dashboard name: nocodelytics-dashboard
spec: spec:
replicas: 1 replicas: 2
strategy: strategy:
type: RollingUpdate type: RollingUpdate
rollingUpdate: rollingUpdate:
@ -30,12 +17,10 @@ spec:
labels: labels:
ms: nocodelytics-dashboard ms: nocodelytics-dashboard
spec: spec:
imagePullSecrets:
- name: regcred
containers: containers:
- name: nocodelytics-dashboard - name: nocodelytics-dashboard
imagePullPolicy: Always imagePullPolicy: Always
image: container-registry.nocodelytics.com/nocodelytics/dashboard:latest image: container-registry.nocodelytics.com/nocodelytics:latest
readinessProbe: readinessProbe:
tcpSocket: tcpSocket:
port: 8080 port: 8080
@ -51,68 +36,52 @@ spec:
env: env:
- name: PORT - name: PORT
value: "8080" value: "8080"
- name: K8S_NODE_NAME envFrom:
valueFrom: - secretRef:
fieldRef: name: secrets
fieldPath: spec.nodeName
- name: K8S_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: ENCRYPTION_KEY
valueFrom:
secretKeyRef:
name: secrets
key: ENCRYPTION_KEY
resources:
requests:
memory: "256Mi"
cpu: "50m"
ephemeral-storage: "1Mi"
limits:
memory: "512Mi"
cpu: "200m"
ephemeral-storage: "1Mi"
nodeSelector:
kubernetes.io/arch: arm64
tolerations:
- key: "arch"
operator: "Equal"
value: "arm64"
effect: "NoSchedule"
--- ---
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: nocodelytics-dashboard name: nocodelytics-dashboard
spec: spec:
type: NodePort type: ClusterIP
selector: selector:
ms: nocodelytics-dashboard ms: nocodelytics-dashboard
ports: ports:
- port: 8080 - port: 8080
targetPort: 8080 targetPort: 8080
--- ---
apiVersion: networking.k8s.io/v1 apiVersion: traefik.containo.us/v1alpha1
kind: Ingress kind: IngressRoute
metadata: metadata:
name: nocodelytics-dashboard-nginx-ingress name: nocodelytics-dashboard
annotations:
kubernetes.io/ingress.class: "traefik"
cert-manager.io/issuer: letsencrypt-prod
traefik.ingress.kubernetes.io/redirect-entry-point: https
cert-manager.io/acme-challenge-type: http01
spec: spec:
rules: entryPoints:
- host: default.nocodelytics.com - websecure
http: routes:
paths: - match: Host(`default.nocodelytics.com`)
- path: / kind: Rule
pathType: Prefix services:
backend: - name: nocodelytics-dashboard
service: port: 8080
name: nocodelytics-dashboard
tls: tls:
- hosts: certResolver: letsencrypt
- default.nocodelytics.com domains:
secretName: nocodelytics-dashboard-net-tls - main: default.nocodelytics.com
---
apiVersion: v1
kind: Pod
metadata:
name: nocodelytics-debug
spec:
containers:
- name: nocodelytics-debug
image: container-registry.nocodelytics.com/nocodelytics:latest
command: ["/bin/sh"]
args: ["-c", "while true; do sleep 30; done;"]
envFrom:
- secretRef:
name: secrets
---

23
kustomization/bases/nocodelytics-events-worker.yaml
View File

@ -15,26 +15,13 @@ spec:
containers: containers:
- name: nocodelytics-events-worker - name: nocodelytics-events-worker
imagePullPolicy: Always imagePullPolicy: Always
image: container-registry.nocodelytics.com/nocodelytics/dashboard:latest image: container-registry.nocodelytics.com/nocodelytics:latest
command: command:
[ [
"node", "node",
"./api/.build/src/queue/workers/metricEventWorker/metricEventWorker.js", "./api/.build/src/queue/workers/metricEventWorker/metricEventWorker.js",
] ]
resources: env: []
requests: envFrom:
memory: "256Mi" - secretRef:
cpu: "50m" name: secrets
ephemeral-storage: "1Mi"
limits:
memory: "512Mi"
cpu: "200m"
ephemeral-storage: "1Mi"
env:
- name: ENCRYPTION_KEY
valueFrom:
secretKeyRef:
name: secrets
key: ENCRYPTION_KEY
imagePullSecrets:
- name: regcred

103
kustomization/bases/nocodelytics-tracker-api.yaml
View File

@ -1,22 +1,9 @@
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: nocodelytics-tracker-api
spec:
secretName: nocodelytics-tracker-api-net-tls
issuerRef:
name: letsencrypt-prod
kind: Issuer
commonName: nocodelytics-tracker-api.nocodelytics.com
dnsNames:
- nocodelytics-tracker-api.nocodelytics.com
---
apiVersion: apps/v1 apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
name: nocodelytics-tracker-api name: nocodelytics-tracker-api
spec: spec:
replicas: 1 replicas: 2
selector: selector:
matchLabels: matchLabels:
ms: nocodelytics-tracker-api ms: nocodelytics-tracker-api
@ -25,87 +12,41 @@ spec:
labels: labels:
ms: nocodelytics-tracker-api ms: nocodelytics-tracker-api
spec: spec:
imagePullSecrets:
- name: regcred
containers: containers:
- name: nocodelytics-tracker-api - name: nocodelytics-tracker-api
imagePullPolicy: Always image: container-registry.nocodelytics.com/nocodelytics:latest
image: container-registry.nocodelytics.com/nocodelytics/dashboard:latest command: ["node", "./api/.build/src/tracker/index.js"]
command: ["forever", "./api/.build/src/tracker/index.js"] env: []
resources: envFrom:
requests: - secretRef:
memory: "128Mi" name: secrets
cpu: "200m"
ephemeral-storage: "1Mi"
limits:
memory: "512Mi"
cpu: "200m"
ephemeral-storage: "1Mi"
env:
- name: PORT
value: "3001"
- name: K8S_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: K8S_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: NATS_USER
value: nocodelytics-nats
- name: ENCRYPTION_KEY
valueFrom:
secretKeyRef:
name: secrets
key: ENCRYPTION_KEY
nodeSelector:
kubernetes.io/arch: arm64
tolerations:
- key: "arch"
operator: "Equal"
value: "arm64"
effect: "NoSchedule"
--- ---
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: nocodelytics-tracker-api name: nocodelytics-tracker-api
spec: spec:
type: NodePort type: ClusterIP
selector: selector:
ms: nocodelytics-tracker-api ms: nocodelytics-tracker-api
ports: ports:
- port: 3001 - port: 3001
targetPort: 3001 targetPort: 3001
--- ---
apiVersion: networking.k8s.io/v1 apiVersion: traefik.containo.us/v1alpha1
kind: Ingress kind: IngressRoute
metadata: metadata:
name: nocodelytics-tracker-api-nginx-ingress name: nocodelytics-tracker-api
annotations:
kubernetes.io/ingress.class: "traefik"
cert-manager.io/issuer: letsencrypt-prod
traefik.ingress.kubernetes.io/redirect-entry-point: https
cert-manager.io/acme-challenge-type: http01
spec: spec:
rules: entryPoints:
- host: nocodelytics-tracker-api.nocodelytics.com - websecure
http: routes:
paths: - match: Host(`default.nocodelytics.com`)
- path: / kind: Rule
pathType: Prefix services:
backend: - name: nocodelytics-tracker-api
service: port: 3001
name: ssl-redirect
port:
name: use-annotation
- path: /
pathType: Prefix
backend:
service:
name: nocodelytics-tracker-api
tls: tls:
- hosts: certResolver: letsencrypt
- nocodelytics-tracker-api.nocodelytics.com domains:
secretName: nocodelytics-tracker-api-net-tls - main: default.nocodelytics.com

8
kustomization/bases/traefik.yaml
View File

@ -1,8 +0,0 @@
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: https-redirect
spec:
redirectScheme:
scheme: https
permanent: true

18
kustomization/overlays/production/kustomization.yaml
View File

@ -1,16 +1,16 @@
namespace: production namespace: production
resources: resources:
- ../../bases - ../../bases
patchesStrategicMerge:
- ./nocodelytics-dashboard.yaml
- ./nocodelytics-events-worker.yaml
- ./nocodelytics-tracker-api.yaml
# - ./nats.yaml
patches: patches:
- target: - patch: |-
kind: Namespace
name: default
patch: |-
- op: replace - op: replace
path: /metadata/name path: /metadata/name
value: production value: production
target:
kind: Namespace
name: default
- path: ./nocodelytics-dashboard.yaml
- path: ./nocodelytics-tracker-api.yaml
- path: ./nocodelytics-events-worker.yaml
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

21
kustomization/overlays/production/nats.yaml
View File

@ -1,21 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: nats
spec:
type: NodePort
selector:
app.kubernetes.io/name: nats
ports:
- port: 4222
name: nats
targetPort: 4222
nodePort: 32225
- port: 7422
name: leafnodes
targetPort: 7422
nodePort: 32226
- port: 7522
name: gateways
targetPort: 7522
nodePort: 32227

62
kustomization/overlays/production/nocodelytics-dashboard.yaml
View File

@ -1,59 +1,27 @@
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: nocodelytics-dashboard
spec:
commonName: api.nocodelytics.com
dnsNames:
- api.nocodelytics.com
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nocodelytics-dashboard-nginx-ingress
annotations:
traefik.ingress.kubernetes.io/router.middlewares: production-https-redirect@kubernetescrd
spec:
rules:
- host: api.nocodelytics.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: ssl-redirect
port:
name: use-annotation
- path: /
pathType: Prefix
backend:
service:
name: nocodelytics-dashboard
port:
number: 8080
tls:
- hosts:
- api.nocodelytics.com
secretName: nocodelytics-dashboard-net-tls
---
apiVersion: apps/v1 apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
name: nocodelytics-dashboard name: nocodelytics-dashboard
spec: spec:
replicas: 1
selector:
matchLabels:
ms: nocodelytics-dashboard
template: template:
metadata:
labels:
ms: nocodelytics-dashboard
spec: spec:
containers: containers:
- name: nocodelytics-dashboard - name: nocodelytics-dashboard
image: container-registry.nocodelytics.com/nocodelytics/dashboard:latest
env: env:
- name: NODE_ENV - name: NODE_ENV
value: production value: production
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: nocodelytics-dashboard
spec:
routes:
- match: Host(`app.nocodelytics.com`)
kind: Rule
services:
- name: nocodelytics-dashboard
port: 8080
tls:
domains:
- main: app.nocodelytics.com

3
kustomization/overlays/production/nocodelytics-events-worker.yaml
View File

@ -3,7 +3,6 @@ kind: Deployment
metadata: metadata:
name: nocodelytics-events-worker name: nocodelytics-events-worker
spec: spec:
replicas: 1
selector: selector:
matchLabels: matchLabels:
ms: nocodelytics-events-worker ms: nocodelytics-events-worker
@ -16,4 +15,4 @@ spec:
- name: nocodelytics-events-worker - name: nocodelytics-events-worker
env: env:
- name: NODE_ENV - name: NODE_ENV
value: production value: staging

66
kustomization/overlays/production/nocodelytics-tracker-api.yaml
View File

@ -1,63 +1,27 @@
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: nocodelytics-tracker-api
spec:
commonName: tracker.nocodelytics.com
dnsNames:
- tracker.nocodelytics.com
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nocodelytics-tracker-api-nginx-ingress
spec:
rules:
- host: tracker.nocodelytics.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: ssl-redirect
port:
name: use-annotation
- path: /
pathType: Prefix
backend:
service:
name: nocodelytics-tracker-api
port:
number: 3001
tls:
- hosts:
- tracker.nocodelytics.com
secretName: nocodelytics-tracker-api-net-tls
---
apiVersion: apps/v1 apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
name: nocodelytics-tracker-api name: nocodelytics-tracker-api
spec: spec:
replicas: 4
selector:
matchLabels:
ms: nocodelytics-tracker-api
template: template:
metadata:
labels:
ms: nocodelytics-tracker-api
spec: spec:
containers: containers:
- name: nocodelytics-tracker-api - name: nocodelytics-tracker-api
env: env:
- name: NODE_ENV - name: NODE_ENV
value: production value: production
- name: NATS_URL ---
value: nocodelytics-nats.production.svc.cluster.local:4222 apiVersion: traefik.containo.us/v1alpha1
- name: NATS_PASSWORD kind: IngressRoute
valueFrom: metadata:
secretKeyRef: name: nocodelytics-tracker-api
name: secrets spec:
key: NATS_PRODUCTION_PASSWORD routes:
- match: Host(`tracker.nocodelytics.com`)
kind: Rule
services:
- name: nocodelytics-tracker-api
port: 3001
tls:
domains:
- main: tracker.nocodelytics.com

33
kustomization/overlays/staging/kustomization.yaml
View File

@ -1,17 +1,30 @@
namespace: staging namespace: staging
resources: resources:
- ../../bases - ../../bases
- ./nats.yaml
patchesStrategicMerge:
- ./nocodelytics-dashboard.yaml
- ./nocodelytics-tracker-api.yaml
- ./nocodelytics-events-worker.yaml
- ./nats.yaml
patches: patches:
- target: - patch: |-
kind: Namespace
name: default
patch: |-
- op: replace - op: replace
path: /metadata/name path: /metadata/name
value: staging value: staging
target:
kind: Namespace
name: default
- path: ./nocodelytics-dashboard.yaml
- path: ./nocodelytics-tracker-api.yaml
- path: ./nocodelytics-events-worker.yaml
- target:
group: apps
version: v1
kind: Deployment
patch: |-
- op: add
path: /spec/template/spec/containers/0/env/-
value: {name: NODE_ENV, value: staging}
- op: add
path: /spec/template/spec/containers/0/env/-
value: {name: CLICKHOUSE_DATABASE, value: nocodelytics_staging}
- op: add
path: /spec/template/spec/containers/0/env/-
value: {name: POSTGRES_DATABASE, value: nocodelytics_staging}
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

21
kustomization/overlays/staging/nats.yaml
View File

@ -1,21 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: nats
spec:
type: NodePort
selector:
app.kubernetes.io/name: nats
ports:
- port: 4222
name: nats
targetPort: 4222
nodePort: 32222
- port: 7422
name: leafnodes
targetPort: 7422
nodePort: 32223
- port: 7522
name: gateways
targetPort: 7522
nodePort: 32224

58
kustomization/overlays/staging/nocodelytics-dashboard.yaml
View File

@ -1,52 +1,14 @@
apiVersion: cert-manager.io/v1 apiVersion: traefik.containo.us/v1alpha1
kind: Certificate kind: IngressRoute
metadata: metadata:
name: nocodelytics-dashboard name: nocodelytics-dashboard
spec: spec:
commonName: staging.nocodelytics.com routes:
dnsNames: - match: Host(`staging.nocodelytics.com`)
- staging.nocodelytics.com kind: Rule
--- services:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nocodelytics-dashboard-nginx-ingress
annotations:
traefik.ingress.kubernetes.io/router.middlewares: staging-https-redirect@kubernetescrd
spec:
rules:
- host: staging.nocodelytics.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: nocodelytics-dashboard
port:
number: 8080
tls:
- hosts:
- staging.nocodelytics.com
secretName: nocodelytics-dashboard-net-tls
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: nocodelytics-dashboard
spec:
replicas: 1
selector:
matchLabels:
ms: nocodelytics-dashboard
template:
metadata:
labels:
ms: nocodelytics-dashboard
spec:
containers:
- name: nocodelytics-dashboard - name: nocodelytics-dashboard
image: container-registry.nocodelytics.com/nocodelytics/dashboard:latest port: 8080
env: tls:
- name: NODE_ENV domains:
value: stage - main: staging.nocodelytics.com

3
kustomization/overlays/staging/nocodelytics-events-worker.yaml
View File

@ -3,7 +3,6 @@ kind: Deployment
metadata: metadata:
name: nocodelytics-events-worker name: nocodelytics-events-worker
spec: spec:
replicas: 1
selector: selector:
matchLabels: matchLabels:
ms: nocodelytics-events-worker ms: nocodelytics-events-worker
@ -16,4 +15,4 @@ spec:
- name: nocodelytics-events-worker - name: nocodelytics-events-worker
env: env:
- name: NODE_ENV - name: NODE_ENV
value: stage value: staging

70
kustomization/overlays/staging/nocodelytics-tracker-api.yaml
View File

@ -1,65 +1,27 @@
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: nocodelytics-tracker-api
spec:
commonName: stagingtracker.nocodelytics.com
dnsNames:
- stagingtracker.nocodelytics.com
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nocodelytics-tracker-api-nginx-ingress
spec:
rules:
- host: stagingtracker.nocodelytics.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: ssl-redirect
port:
name: use-annotation
- path: /
pathType: Prefix
backend:
service:
name: nocodelytics-tracker-api
port:
number: 3001
tls:
- hosts:
- stagingtracker.nocodelytics.com
secretName: nocodelytics-tracker-api-net-tls
---
apiVersion: apps/v1 apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
name: nocodelytics-tracker-api name: nocodelytics-tracker-api
spec: spec:
replicas: 1
selector:
matchLabels:
ms: nocodelytics-tracker-api
template: template:
metadata:
labels:
ms: nocodelytics-tracker-api
spec: spec:
containers: containers:
- name: nocodelytics-tracker-api - name: nocodelytics-tracker-api
env: env:
- name: NODE_ENV - name: NODE_ENV
value: stage value: staging
- name: BASE_URL ---
value: https://stagingtracker.nocodelytics.com apiVersion: traefik.containo.us/v1alpha1
- name: NATS_URL kind: IngressRoute
value: nocodelytics-nats.staging.svc.cluster.local:4222 metadata:
- name: NATS_PASSWORD name: nocodelytics-tracker-api
valueFrom: spec:
secretKeyRef: routes:
name: secrets - match: Host(`tracker-staging.nocodelytics.com`)
key: NATS_STAGING_PASSWORD kind: Rule
services:
- name: nocodelytics-tracker-api
port: 3001
tls:
domains:
- main: tracker-staging.nocodelytics.com

1
secrets Submodule

@ -0,0 +1 @@
Subproject commit 1ae16392f63e8e95de8b3482d045ee64e3be5408

57
sysadmin/00-container-registry.yaml
View File

@ -10,6 +10,8 @@ data:
fields: fields:
service: registry service: registry
storage: storage:
delete:
enabled: true
cache: cache:
blobdescriptor: inmemory blobdescriptor: inmemory
s3: s3:
@ -116,3 +118,58 @@ spec:
certResolver: letsencrypt certResolver: letsencrypt
domains: domains:
- main: container-registry.nocodelytics.com - main: container-registry.nocodelytics.com
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: container-registry-ui
namespace: sysadmin
spec:
replicas: 1
selector:
matchLabels:
name: container-registry-ui
template:
metadata:
labels:
name: container-registry-ui
spec:
containers:
- name: docker-registry-ui
image: joxit/docker-registry-ui:main
env:
- name: SINGLE_REGISTRY
value: "true"
- name: REGISTRY_TITLE
value: "Docker Registry UI"
- name: DELETE_IMAGES
value: "true"
- name: SHOW_CONTENT_DIGEST
value: "true"
- name: NGINX_PROXY_PASS_URL
value: "http://container-registry-server.sysadmin:5000"
- name: SHOW_CATALOG_NB_TAGS
value: "true"
- name: CATALOG_MIN_BRANCHES
value: "1"
- name: CATALOG_MAX_BRANCHES
value: "1"
- name: TAGLIST_PAGE_SIZE
value: "100"
- name: REGISTRY_SECURED
value: "false"
- name: CATALOG_ELEMENTS_LIMIT
value: "1000"
---
apiVersion: v1
kind: Service
metadata:
name: container-registry-ui
namespace: sysadmin
spec:
type: ClusterIP
selector:
name: container-registry-ui
ports:
- port: 80
targetPort: 80