nocodelytics
/
infrastructure
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

start deploying nocodelytics

This commit is contained in:
Florian Herrengt 2023-12-19 18:49:30 +01:00
parent ac9b34da97
commit 0b78ee40b4
23 changed files with 248 additions and 565 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
apps/drone.yaml
View File

@ -58,10 +58,7 @@ spec:
- name: DRONE_DATABASE_DRIVER
value: postgres
- name: DRONE_DATABASE_DATASOURCE
valueFrom:
secretKeyRef:
name: secrets
key: POSTGRES_URL
value: postgres://postgres:$(POSTGRES_PASSWORD)@postgres.databases:5432/drone?sslmode=disable
- name: DRONE_S3_PATH_STYLE
value: "true"
- name: AWS_REGION

9
databases/nats.yaml
View File

@ -31,10 +31,14 @@ data:
}
authorization: {
users: [
{user: $SYS, password: $NATS_PASSWORD},
{user: default, password: $NATS_PASSWORD}
]
}
accounts: {
$SYS: {
users: [{user: sys, password: $NATS_PASSWORD}]
}
}
---
apiVersion: apps/v1
kind: Deployment
@ -57,12 +61,15 @@ spec:
containers:
- name: nats
image: nats:2.10.5
args: ["-c", "/etc/nats/server.conf"]
ports:
- containerPort: 4222
- containerPort: 8222
volumeMounts:
- name: data
mountPath: /data
- name: config
mountPath: /etc/nats
env:
- name: NATS_PASSWORD
valueFrom:

2
databases/postgres.yaml
View File

@ -125,7 +125,7 @@ spec:
restartPolicy: Never
containers:
- name: postgres-backup
image: localhost:30007/postgres-s3
image: container-registry.nocodelytics.com/postgres-s3
command:
- /bin/sh
- -c

10
dependencies/01-namespaces.yml vendored
View File

@ -7,3 +7,13 @@ apiVersion: v1
kind: Namespace
metadata:
name: databases
---
apiVersion: v1
kind: Namespace
metadata:
name: staging
---
apiVersion: v1
kind: Namespace
metadata:
name: production

14
kustomization/bases/cert-manager.yaml
View File

@ -1,14 +0,0 @@
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: letsencrypt-prod
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
email: florian@nocodelytics.com
privateKeySecretRef:
name: letsencrypt-prod
solvers:
- http01:
ingress:
class: traefik

94
kustomization/bases/clickhouse.yaml
View File

@ -1,94 +0,0 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: clickhouse-data-pvc
spec:
accessModes:
- ReadWriteOnce
storageClassName: local-path
resources:
requests:
storage: 100Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: clickhouse-log-pvc
spec:
accessModes:
- ReadWriteOnce
storageClassName: local-path
resources:
requests:
storage: 5Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: nocodelytics-clickhouse
spec:
replicas: 1
selector:
matchLabels:
ms: nocodelytics-clickhouse
template:
metadata:
labels:
ms: nocodelytics-clickhouse
spec:
containers:
- name: nocodelytics-clickhouse
imagePullPolicy: Always
image: clickhouse/clickhouse-server
volumeMounts:
- name: data-volv
mountPath: /var/lib/clickhouse/
- name: log-volv
mountPath: /var/log/clickhouse-server/
- name: clickhouse-config
mountPath: /etc/clickhouse-server/config.xml
subPath: config.xml
resources:
requests:
memory: "1Gi"
cpu: "200m"
ephemeral-storage: "1Mi"
limits:
memory: "1Gi"
cpu: "200m"
ephemeral-storage: "1Mi"
volumes:
- name: data-volv
persistentVolumeClaim:
claimName: clickhouse-data-pvc
- name: log-volv
persistentVolumeClaim:
claimName: clickhouse-log-pvc
- name: clickhouse-config
configMap:
name: clickhouse-config
nodeSelector:
kubernetes.io/arch: arm64
tolerations:
- key: "arch"
operator: "Equal"
value: "arm64"
effect: "NoSchedule"
---
apiVersion: v1
kind: Service
metadata:
name: nocodelytics-clickhouse
spec:
type: NodePort
selector:
ms: nocodelytics-clickhouse
ports:
- port: 9000
name: "clickhouse-client"
targetPort: 9000
nodePort: 31006
- port: 8123
name: "clickhouse-http"
targetPort: 8123
nodePort: 31007

29
kustomization/bases/kustomization.yaml
View File

@ -3,15 +3,20 @@ resources:
- ./nocodelytics-dashboard.yaml
- ./nocodelytics-events-worker.yaml
- ./nocodelytics-tracker-api.yaml
- ./cert-manager.yaml
- ./traefik.yaml
# - ./clickhouse.yaml
secretGenerator:
- name: regcred
type: kubernetes.io/dockerconfigjson
envs:
- ./secrets/.dockerconfigjson.env
- name: secrets
type: Secret
envs:
- ./secrets/.secrets.env
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
patches:
- target:
group: apps
version: v1
kind: Deployment
patch: |-
- op: add
path: /spec/template/spec/containers/0/env/-
value: {name: NATS_URL, value: http://nats.databases}
- op: add
path: /spec/template/spec/containers/0/env/-
value: {name: CLICKHOUSE_HOST, value: http://clickhouse.databases}
- op: add
path: /spec/template/spec/containers/0/env/-
value: {name: POSTGRES_HOST, value: postgres.databases}

103
kustomization/bases/nocodelytics-dashboard.yaml
View File

@ -1,22 +1,9 @@
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: nocodelytics-dashboard
spec:
secretName: nocodelytics-dashboard-net-tls
issuerRef:
name: letsencrypt-prod
kind: Issuer
commonName: default.nocodelytics.com
dnsNames:
- default.nocodelytics.com
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: nocodelytics-dashboard
spec:
replicas: 1
replicas: 2
strategy:
type: RollingUpdate
rollingUpdate:
@ -30,12 +17,10 @@ spec:
labels:
ms: nocodelytics-dashboard
spec:
imagePullSecrets:
- name: regcred
containers:
- name: nocodelytics-dashboard
imagePullPolicy: Always
image: container-registry.nocodelytics.com/nocodelytics/dashboard:latest
image: container-registry.nocodelytics.com/nocodelytics:latest
readinessProbe:
tcpSocket:
port: 8080
@ -51,68 +36,52 @@ spec:
env:
- name: PORT
value: "8080"
- name: K8S_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: K8S_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: ENCRYPTION_KEY
valueFrom:
secretKeyRef:
name: secrets
key: ENCRYPTION_KEY
resources:
requests:
memory: "256Mi"
cpu: "50m"
ephemeral-storage: "1Mi"
limits:
memory: "512Mi"
cpu: "200m"
ephemeral-storage: "1Mi"
nodeSelector:
kubernetes.io/arch: arm64
tolerations:
- key: "arch"
operator: "Equal"
value: "arm64"
effect: "NoSchedule"
envFrom:
- secretRef:
name: secrets
---
apiVersion: v1
kind: Service
metadata:
name: nocodelytics-dashboard
spec:
type: NodePort
type: ClusterIP
selector:
ms: nocodelytics-dashboard
ports:
- port: 8080
targetPort: 8080
---
apiVersion: networking.k8s.io/v1
kind: Ingress
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: nocodelytics-dashboard-nginx-ingress
annotations:
kubernetes.io/ingress.class: "traefik"
cert-manager.io/issuer: letsencrypt-prod
traefik.ingress.kubernetes.io/redirect-entry-point: https
cert-manager.io/acme-challenge-type: http01
name: nocodelytics-dashboard
spec:
rules:
- host: default.nocodelytics.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: nocodelytics-dashboard
entryPoints:
- websecure
routes:
- match: Host(`default.nocodelytics.com`)
kind: Rule
services:
- name: nocodelytics-dashboard
port: 8080
tls:
- hosts:
- default.nocodelytics.com
secretName: nocodelytics-dashboard-net-tls
certResolver: letsencrypt
domains:
- main: default.nocodelytics.com
---
apiVersion: v1
kind: Pod
metadata:
name: nocodelytics-debug
spec:
containers:
- name: nocodelytics-debug
image: container-registry.nocodelytics.com/nocodelytics:latest
command: ["/bin/sh"]
args: ["-c", "while true; do sleep 30; done;"]
envFrom:
- secretRef:
name: secrets
---

23
kustomization/bases/nocodelytics-events-worker.yaml
View File

@ -15,26 +15,13 @@ spec:
containers:
- name: nocodelytics-events-worker
imagePullPolicy: Always
image: container-registry.nocodelytics.com/nocodelytics/dashboard:latest
image: container-registry.nocodelytics.com/nocodelytics:latest
command:
[
"node",
"./api/.build/src/queue/workers/metricEventWorker/metricEventWorker.js",
]
resources:
requests:
memory: "256Mi"
cpu: "50m"
ephemeral-storage: "1Mi"
limits:
memory: "512Mi"
cpu: "200m"
ephemeral-storage: "1Mi"
env:
- name: ENCRYPTION_KEY
valueFrom:
secretKeyRef:
name: secrets
key: ENCRYPTION_KEY
imagePullSecrets:
- name: regcred
env: []
envFrom:
- secretRef:
name: secrets

103
kustomization/bases/nocodelytics-tracker-api.yaml
View File

@ -1,22 +1,9 @@
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: nocodelytics-tracker-api
spec:
secretName: nocodelytics-tracker-api-net-tls
issuerRef:
name: letsencrypt-prod
kind: Issuer
commonName: nocodelytics-tracker-api.nocodelytics.com
dnsNames:
- nocodelytics-tracker-api.nocodelytics.com
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: nocodelytics-tracker-api
spec:
replicas: 1
replicas: 2
selector:
matchLabels:
ms: nocodelytics-tracker-api
@ -25,87 +12,41 @@ spec:
labels:
ms: nocodelytics-tracker-api
spec:
imagePullSecrets:
- name: regcred
containers:
- name: nocodelytics-tracker-api
imagePullPolicy: Always
image: container-registry.nocodelytics.com/nocodelytics/dashboard:latest
command: ["forever", "./api/.build/src/tracker/index.js"]
resources:
requests:
memory: "128Mi"
cpu: "200m"
ephemeral-storage: "1Mi"
limits:
memory: "512Mi"
cpu: "200m"
ephemeral-storage: "1Mi"
env:
- name: PORT
value: "3001"
- name: K8S_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: K8S_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: NATS_USER
value: nocodelytics-nats
- name: ENCRYPTION_KEY
valueFrom:
secretKeyRef:
name: secrets
key: ENCRYPTION_KEY
nodeSelector:
kubernetes.io/arch: arm64
tolerations:
- key: "arch"
operator: "Equal"
value: "arm64"
effect: "NoSchedule"
image: container-registry.nocodelytics.com/nocodelytics:latest
command: ["node", "./api/.build/src/tracker/index.js"]
env: []
envFrom:
- secretRef:
name: secrets
---
apiVersion: v1
kind: Service
metadata:
name: nocodelytics-tracker-api
spec:
type: NodePort
type: ClusterIP
selector:
ms: nocodelytics-tracker-api
ports:
- port: 3001
targetPort: 3001
---
apiVersion: networking.k8s.io/v1
kind: Ingress
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: nocodelytics-tracker-api-nginx-ingress
annotations:
kubernetes.io/ingress.class: "traefik"
cert-manager.io/issuer: letsencrypt-prod
traefik.ingress.kubernetes.io/redirect-entry-point: https
cert-manager.io/acme-challenge-type: http01
name: nocodelytics-tracker-api
spec:
rules:
- host: nocodelytics-tracker-api.nocodelytics.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: ssl-redirect
port:
name: use-annotation
- path: /
pathType: Prefix
backend:
service:
name: nocodelytics-tracker-api
entryPoints:
- websecure
routes:
- match: Host(`default.nocodelytics.com`)
kind: Rule
services:
- name: nocodelytics-tracker-api
port: 3001
tls:
- hosts:
- nocodelytics-tracker-api.nocodelytics.com
secretName: nocodelytics-tracker-api-net-tls
certResolver: letsencrypt
domains:
- main: default.nocodelytics.com

8
kustomization/bases/traefik.yaml
View File

@ -1,8 +0,0 @@
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: https-redirect
spec:
redirectScheme:
scheme: https
permanent: true

18
kustomization/overlays/production/kustomization.yaml
View File

@ -1,16 +1,16 @@
namespace: production
resources:
- ../../bases
patchesStrategicMerge:
- ./nocodelytics-dashboard.yaml
- ./nocodelytics-events-worker.yaml
- ./nocodelytics-tracker-api.yaml
# - ./nats.yaml
patches:
- target:
kind: Namespace
name: default
patch: |-
- patch: |-
- op: replace
path: /metadata/name
value: production
target:
kind: Namespace
name: default
- path: ./nocodelytics-dashboard.yaml
- path: ./nocodelytics-tracker-api.yaml
- path: ./nocodelytics-events-worker.yaml
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

21
kustomization/overlays/production/nats.yaml
View File

@ -1,21 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: nats
spec:
type: NodePort
selector:
app.kubernetes.io/name: nats
ports:
- port: 4222
name: nats
targetPort: 4222
nodePort: 32225
- port: 7422
name: leafnodes
targetPort: 7422
nodePort: 32226
- port: 7522
name: gateways
targetPort: 7522
nodePort: 32227

62
kustomization/overlays/production/nocodelytics-dashboard.yaml
View File

@ -1,59 +1,27 @@
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: nocodelytics-dashboard
spec:
commonName: api.nocodelytics.com
dnsNames:
- api.nocodelytics.com
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nocodelytics-dashboard-nginx-ingress
annotations:
traefik.ingress.kubernetes.io/router.middlewares: production-https-redirect@kubernetescrd
spec:
rules:
- host: api.nocodelytics.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: ssl-redirect
port:
name: use-annotation
- path: /
pathType: Prefix
backend:
service:
name: nocodelytics-dashboard
port:
number: 8080
tls:
- hosts:
- api.nocodelytics.com
secretName: nocodelytics-dashboard-net-tls
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: nocodelytics-dashboard
spec:
replicas: 1
selector:
matchLabels:
ms: nocodelytics-dashboard
template:
metadata:
labels:
ms: nocodelytics-dashboard
spec:
containers:
- name: nocodelytics-dashboard
image: container-registry.nocodelytics.com/nocodelytics/dashboard:latest
env:
- name: NODE_ENV
value: production
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: nocodelytics-dashboard
spec:
routes:
- match: Host(`app.nocodelytics.com`)
kind: Rule
services:
- name: nocodelytics-dashboard
port: 8080
tls:
domains:
- main: app.nocodelytics.com

3
kustomization/overlays/production/nocodelytics-events-worker.yaml
View File

@ -3,7 +3,6 @@ kind: Deployment
metadata:
name: nocodelytics-events-worker
spec:
replicas: 1
selector:
matchLabels:
ms: nocodelytics-events-worker
@ -16,4 +15,4 @@ spec:
- name: nocodelytics-events-worker
env:
- name: NODE_ENV
value: production
value: staging

66
kustomization/overlays/production/nocodelytics-tracker-api.yaml
View File

@ -1,63 +1,27 @@
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: nocodelytics-tracker-api
spec:
commonName: tracker.nocodelytics.com
dnsNames:
- tracker.nocodelytics.com
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nocodelytics-tracker-api-nginx-ingress
spec:
rules:
- host: tracker.nocodelytics.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: ssl-redirect
port:
name: use-annotation
- path: /
pathType: Prefix
backend:
service:
name: nocodelytics-tracker-api
port:
number: 3001
tls:
- hosts:
- tracker.nocodelytics.com
secretName: nocodelytics-tracker-api-net-tls
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: nocodelytics-tracker-api
spec:
replicas: 4
selector:
matchLabels:
ms: nocodelytics-tracker-api
template:
metadata:
labels:
ms: nocodelytics-tracker-api
spec:
containers:
- name: nocodelytics-tracker-api
env:
- name: NODE_ENV
value: production
- name: NATS_URL
value: nocodelytics-nats.production.svc.cluster.local:4222
- name: NATS_PASSWORD
valueFrom:
secretKeyRef:
name: secrets
key: NATS_PRODUCTION_PASSWORD
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: nocodelytics-tracker-api
spec:
routes:
- match: Host(`tracker.nocodelytics.com`)
kind: Rule
services:
- name: nocodelytics-tracker-api
port: 3001
tls:
domains:
- main: tracker.nocodelytics.com

33
kustomization/overlays/staging/kustomization.yaml
View File

@ -1,17 +1,30 @@
namespace: staging
resources:
- ../../bases
- ./nats.yaml
patchesStrategicMerge:
- ./nocodelytics-dashboard.yaml
- ./nocodelytics-tracker-api.yaml
- ./nocodelytics-events-worker.yaml
- ./nats.yaml
patches:
- target:
kind: Namespace
name: default
patch: |-
- patch: |-
- op: replace
path: /metadata/name
value: staging
target:
kind: Namespace
name: default
- path: ./nocodelytics-dashboard.yaml
- path: ./nocodelytics-tracker-api.yaml
- path: ./nocodelytics-events-worker.yaml
- target:
group: apps
version: v1
kind: Deployment
patch: |-
- op: add
path: /spec/template/spec/containers/0/env/-
value: {name: NODE_ENV, value: staging}
- op: add
path: /spec/template/spec/containers/0/env/-
value: {name: CLICKHOUSE_DATABASE, value: nocodelytics_staging}
- op: add
path: /spec/template/spec/containers/0/env/-
value: {name: POSTGRES_DATABASE, value: nocodelytics_staging}
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

21
kustomization/overlays/staging/nats.yaml
View File

@ -1,21 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: nats
spec:
type: NodePort
selector:
app.kubernetes.io/name: nats
ports:
- port: 4222
name: nats
targetPort: 4222
nodePort: 32222
- port: 7422
name: leafnodes
targetPort: 7422
nodePort: 32223
- port: 7522
name: gateways
targetPort: 7522
nodePort: 32224

58
kustomization/overlays/staging/nocodelytics-dashboard.yaml
View File

@ -1,52 +1,14 @@
apiVersion: cert-manager.io/v1
kind: Certificate
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: nocodelytics-dashboard
spec:
commonName: staging.nocodelytics.com
dnsNames:
- staging.nocodelytics.com
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nocodelytics-dashboard-nginx-ingress
annotations:
traefik.ingress.kubernetes.io/router.middlewares: staging-https-redirect@kubernetescrd
spec:
rules:
- host: staging.nocodelytics.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: nocodelytics-dashboard
port:
number: 8080
tls:
- hosts:
- staging.nocodelytics.com
secretName: nocodelytics-dashboard-net-tls
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: nocodelytics-dashboard
spec:
replicas: 1
selector:
matchLabels:
ms: nocodelytics-dashboard
template:
metadata:
labels:
ms: nocodelytics-dashboard
spec:
containers:
routes:
- match: Host(`staging.nocodelytics.com`)
kind: Rule
services:
- name: nocodelytics-dashboard
image: container-registry.nocodelytics.com/nocodelytics/dashboard:latest
env:
- name: NODE_ENV
value: stage
port: 8080
tls:
domains:
- main: staging.nocodelytics.com

3
kustomization/overlays/staging/nocodelytics-events-worker.yaml
View File

@ -3,7 +3,6 @@ kind: Deployment
metadata:
name: nocodelytics-events-worker
spec:
replicas: 1
selector:
matchLabels:
ms: nocodelytics-events-worker
@ -16,4 +15,4 @@ spec:
- name: nocodelytics-events-worker
env:
- name: NODE_ENV
value: stage
value: staging

70
kustomization/overlays/staging/nocodelytics-tracker-api.yaml
View File

@ -1,65 +1,27 @@
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: nocodelytics-tracker-api
spec:
commonName: stagingtracker.nocodelytics.com
dnsNames:
- stagingtracker.nocodelytics.com
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nocodelytics-tracker-api-nginx-ingress
spec:
rules:
- host: stagingtracker.nocodelytics.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: ssl-redirect
port:
name: use-annotation
- path: /
pathType: Prefix
backend:
service:
name: nocodelytics-tracker-api
port:
number: 3001
tls:
- hosts:
- stagingtracker.nocodelytics.com
secretName: nocodelytics-tracker-api-net-tls
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: nocodelytics-tracker-api
spec:
replicas: 1
selector:
matchLabels:
ms: nocodelytics-tracker-api
template:
metadata:
labels:
ms: nocodelytics-tracker-api
spec:
containers:
- name: nocodelytics-tracker-api
env:
- name: NODE_ENV
value: stage
- name: BASE_URL
value: https://stagingtracker.nocodelytics.com
- name: NATS_URL
value: nocodelytics-nats.staging.svc.cluster.local:4222
- name: NATS_PASSWORD
valueFrom:
secretKeyRef:
name: secrets
key: NATS_STAGING_PASSWORD
value: staging
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: nocodelytics-tracker-api
spec:
routes:
- match: Host(`tracker-staging.nocodelytics.com`)
kind: Rule
services:
- name: nocodelytics-tracker-api
port: 3001
tls:
domains:
- main: tracker-staging.nocodelytics.com

1
secrets Submodule

@ -0,0 +1 @@
Subproject commit 1ae16392f63e8e95de8b3482d045ee64e3be5408

57
sysadmin/00-container-registry.yaml
View File

@ -10,6 +10,8 @@ data:
fields:
service: registry
storage:
delete:
enabled: true
cache:
blobdescriptor: inmemory
s3:
@ -116,3 +118,58 @@ spec:
certResolver: letsencrypt
domains:
- main: container-registry.nocodelytics.com
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: container-registry-ui
namespace: sysadmin
spec:
replicas: 1
selector:
matchLabels:
name: container-registry-ui
template:
metadata:
labels:
name: container-registry-ui
spec:
containers:
- name: docker-registry-ui
image: joxit/docker-registry-ui:main
env:
- name: SINGLE_REGISTRY
value: "true"
- name: REGISTRY_TITLE
value: "Docker Registry UI"
- name: DELETE_IMAGES
value: "true"
- name: SHOW_CONTENT_DIGEST
value: "true"
- name: NGINX_PROXY_PASS_URL
value: "http://container-registry-server.sysadmin:5000"
- name: SHOW_CATALOG_NB_TAGS
value: "true"
- name: CATALOG_MIN_BRANCHES
value: "1"
- name: CATALOG_MAX_BRANCHES
value: "1"
- name: TAGLIST_PAGE_SIZE
value: "100"
- name: REGISTRY_SECURED
value: "false"
- name: CATALOG_ELEMENTS_LIMIT
value: "1000"
---
apiVersion: v1
kind: Service
metadata:
name: container-registry-ui
namespace: sysadmin
spec:
type: ClusterIP
selector:
name: container-registry-ui
ports:
- port: 80
targetPort: 80