root
/
NAM-APJATEL
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fixing:deployment

This commit is contained in:
rheiga19 2025-03-26 22:17:18 +07:00
parent e100f4ab0d
commit d3ba8a85c3
2 changed files with 210 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Jenkinsfile vendored
View File

@ -49,7 +49,7 @@ spec:
stage('Checkout Code') {
steps {
cleanWs()
git branch: 'master', url: 'https://git.winteraccess.id/winter-access/frontend-nam.git', credentialsId: "${CREDENTIALS_ID}"
git branch: 'dev', url: 'https://git.winteraccess.id/winter-access/frontend-nam.git', credentialsId: "${CREDENTIALS_ID}"
}
}
@ -81,12 +81,12 @@ spec:
def imageTag = "dev-${env.SHORT_SHA}"
sh """
docker build -t ${REGISTRY_URL}/${IMAGE_NAME}:${imageTag} \
-t ${REGISTRY_URL}/${IMAGE_NAME}:master \
-t ${REGISTRY_URL}/${IMAGE_NAME}:dev \
-t ${REGISTRY_URL}/${IMAGE_NAME}:latest \
-f deploy/docker/Dockerfile .
docker push ${REGISTRY_URL}/${IMAGE_NAME}:${imageTag}
docker push ${REGISTRY_URL}/${IMAGE_NAME}:master
docker push ${REGISTRY_URL}/${IMAGE_NAME}:dev
docker push ${REGISTRY_URL}/${IMAGE_NAME}:latest
"""
}

263
kubernetes/dev.yaml
View File

@ -1,32 +1,122 @@
apiVersion: v1
kind: Secret
metadata:
name: nam-frontend-dev-secret
namespace: nam-frontend-dev
labels:
app.kubernetes.io/name: nam-frontend-dev
app.kubernetes.io/instance: nam-frontend-dev
io.portainer.kubernetes.application.name: nam-frontend-dev
io.portainer.kubernetes.application.owner: admin
type: Opaque
data:
VITE_API_URL: YW1lc2NhZmUuY29t
---
apiVersion: v1
kind: ConfigMap
metadata:
name: frontend-nam-dev-config
name: nam-frontend-dev-config
namespace: nam-frontend-dev
labels:
app.kubernetes.io/name: frontend-nam-dev
app.kubernetes.io/instance: frontend-nam-dev
app.kubernetes.io/name: nam-frontend-dev
app.kubernetes.io/instance: nam-frontend-dev
io.portainer.kubernetes.application.name: nam-frontend-dev
io.portainer.kubernetes.application.owner: admin
data:
".env": |
VITE_API_URL=https://api.example.com
VITE_APP_ENV=development
VITE_API_URL=https://api-nam.winteraccess.id
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
annotations:
volume.alpha.kubernetes.io/storage-class: generic
volume.beta.kubernetes.io/storage-provisioner: cluster.local/nfs-nfs-subdir-external-provisioner
volume.kubernetes.io/storage-provisioner: cluster.local/nfs-nfs-subdir-external-provisioner
labels:
app.kubernetes.io/name: nam-frontend-dev
app.kubernetes.io/instance: nam-frontend-dev
io.portainer.kubernetes.application.name: nam-frontend-dev
io.portainer.kubernetes.application.owner: admin
name: nam-frontend-dev-storage
namespace: nam-frontend-dev
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
storageClassName: nfs
volumeMode: Filesystem
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
annotations:
volume.alpha.kubernetes.io/storage-class: generic
volume.beta.kubernetes.io/storage-provisioner: cluster.local/nfs-nfs-subdir-external-provisioner
volume.kubernetes.io/storage-provisioner: cluster.local/nfs-nfs-subdir-external-provisioner
labels:
app.kubernetes.io/name: nam-frontend-dev
app.kubernetes.io/instance: nam-frontend-dev
io.portainer.kubernetes.application.name: nam-frontend-dev
io.portainer.kubernetes.application.owner: admin
name: nam-frontend-dev-public
namespace: nam-frontend-dev
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
storageClassName: nfs
volumeMode: Filesystem
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
annotations:
volume.alpha.kubernetes.io/storage-class: generic
volume.beta.kubernetes.io/storage-provisioner: cluster.local/nfs-nfs-subdir-external-provisioner
volume.kubernetes.io/storage-provisioner: cluster.local/nfs-nfs-subdir-external-provisioner
labels:
app.kubernetes.io/instance: nam-frontend-dev
app.kubernetes.io/name: nam-frontend-dev
io.portainer.kubernetes.application.name: nam-frontend-dev
io.portainer.kubernetes.application.owner: admin
name: nam-frontend-dev-public
namespace: nam-frontend-dev
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
storageClassName: nfs
volumeMode: Filesystem
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: frontend-nam-dev
name: nam-frontend-dev
namespace: nam-frontend-dev
labels:
app.kubernetes.io/instance: frontend-nam-dev
app.kubernetes.io/name: frontend-nam-dev
app.kubernetes.io/instance: nam-frontend-dev
app.kubernetes.io/name: nam-frontend-dev
io.portainer.kubernetes.application.name: nam-frontend-dev
io.portainer.kubernetes.application.owner: admin
spec:
progressDeadlineSeconds: 600
replicas: 2
replicas: 3
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/instance: frontend-nam-dev
app.kubernetes.io/name: frontend-nam-dev
app.kubernetes.io/instance: nam-frontend-dev
app.kubernetes.io/name: nam-frontend-dev
strategy:
rollingUpdate:
maxSurge: 1
@ -35,73 +125,128 @@ spec:
template:
metadata:
labels:
app.kubernetes.io/instance: frontend-nam-dev
app.kubernetes.io/name: frontend-nam-dev
app.kubernetes.io/instance: nam-frontend-dev
app.kubernetes.io/name: nam-frontend-dev
spec:
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchLabels:
app.kubernetes.io/instance: frontend-nam-dev
app.kubernetes.io/name: frontend-nam-dev
topologyKey: "kubernetes.io/hostname"
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchLabels:
app.kubernetes.io/instance: nam-frontend-dev
app.kubernetes.io/name: nam-frontend-dev
topologyKey: "kubernetes.io/hostname"
containers:
- name: web
image: git.winteraccess.id/winter-access/frontend-nam:dev
image: https://git.winteraccess.id/winter-access/frontend-nam:dev
imagePullPolicy: Always
env:
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: nam-frontend-dev-secret
key: DB_PASSWORD
resources:
limits:
cpu: "250m"
memory: 512M
memory: 1024M
requests:
cpu: "100m"
memory: 256M
memory: 512M
ports:
- containerPort: 80
name: http
protocol: TCP
livenessProbe:
httpGet:
path: /
port: 80
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
httpGet:
path: /
port: 80
initialDelaySeconds: 5
periodSeconds: 5
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop: ["ALL"]
readOnlyRootFilesystem: false
add: ["NET_ADMIN", "SYS_TIME"]
readOnlyRootFilesystem: true
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
envFrom:
- configMapRef:
name: frontend-nam-dev-config
volumeMounts:
- mountPath: /app
name: app
initContainers:
- name: init
image: https://git.winteraccess.id/winter-access/frontend-nam:dev
imagePullPolicy: Always
command: ["/scripts/initialize"]
env:
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: nam-frontend-dev-secret
key: DB_PASSWORD
resources:
limits:
cpu: "250m"
memory: 1024M
requests:
cpu: "100m"
memory: 512M
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop: ["ALL"]
add: ["NET_ADMIN", "SYS_TIME"]
readOnlyRootFilesystem: true
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /app
name: app
imagePullSecrets:
- name: winter-registry
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext:
runAsUser: 10001
runAsGroup: 10001
fsGroup: 10001
runAsNonRoot: true
terminationGracePeriodSeconds: 30
volumes:
- name: cache
emptyDir: {}
- name: run
emptyDir: {}
- name: logs
emptyDir: {}
- name: tmp
emptyDir: {}
- name: psysh
emptyDir: {}
- name: config
configMap:
name: nam-frontend-dev-config
- name: public
persistentVolumeClaim:
claimName: nam-frontend-dev-public
- name: storage
persistentVolumeClaim:
claimName: nam-frontend-dev-storage
---
apiVersion: v1
kind: Service
metadata:
name: frontend-nam-dev
name: nam-frontend-dev
namespace: nam-frontend-dev
annotations:
traefik.ingress.kubernetes.io/service.sticky.cookie: "true"
traefik.ingress.kubernetes.io/service.sticky.cookie.name: "nam-frontend-dev"
traefik.ingress.kubernetes.io/service.sticky.cookie.secure: "true"
traefik.ingress.kubernetes.io/service.sticky.cookie.samesite: "none"
labels:
app.kubernetes.io/name: frontend-nam-dev
app.kubernetes.io/instance: frontend-nam-dev
app.kubernetes.io/name: nam-frontend-dev
app.kubernetes.io/instance: nam-frontend-dev
io.portainer.kubernetes.application.name: nam-frontend-dev
io.portainer.kubernetes.application.owner: admin
spec:
internalTrafficPolicy: Cluster
ipFamilies:
@ -111,12 +256,13 @@ spec:
- name: http
port: 80
protocol: TCP
targetPort: 80
targetPort: 5678
selector:
app.kubernetes.io/instance: frontend-nam-dev
app.kubernetes.io/name: frontend-nam-dev
app.kubernetes.io/instance: nam-frontend-dev
app.kubernetes.io/name: nam-frontend-dev
sessionAffinity: None
type: ClusterIP
---
apiVersion: networking.k8s.io/v1
kind: Ingress
@ -126,9 +272,11 @@ metadata:
traefik.ingress.kubernetes.io/router.entrypoints: web
traefik.ingress.kubernetes.io/router.middlewares: default-https-redirect@kubernetescrd
labels:
app.kubernetes.io/instance: frontend-nam-dev
app.kubernetes.io/name: frontend-nam-dev
name: frontend-nam-dev-http
app.kubernetes.io/instance: nam-frontend-dev
app.kubernetes.io/name: nam-frontend-dev
io.portainer.kubernetes.application.name: nam-frontend-dev
io.portainer.kubernetes.application.owner: admin
name: nam-frontend-dev-http
namespace: nam-frontend-dev
spec:
ingressClassName: traefik
@ -138,7 +286,7 @@ spec:
paths:
- backend:
service:
name: frontend-nam-dev
name: nam-frontend-dev
port:
number: 80
path: /
@ -152,9 +300,11 @@ metadata:
kubernetes.io/ingress.class: traefik
traefik.ingress.kubernetes.io/router.entrypoints: websecure
labels:
app.kubernetes.io/instance: frontend-nam-dev
app.kubernetes.io/name: frontend-nam-dev
name: frontend-nam-dev-https
app.kubernetes.io/instance: nam-frontend-dev
app.kubernetes.io/name: nam-frontend-dev
io.portainer.kubernetes.application.name: nam-frontend-dev
io.portainer.kubernetes.application.owner: admin
name: nam-frontend-dev-https
namespace: nam-frontend-dev
spec:
ingressClassName: traefik
@ -164,7 +314,7 @@ spec:
paths:
- backend:
service:
name: frontend-nam-dev
name: nam-frontend-dev
port:
number: 80
path: /
@ -172,4 +322,5 @@ spec:
tls:
- hosts:
- dev-nam-frontend.winteraccess.id
secretName: frontend-nam-dev-tls
secretName: nam-frontend-dev-tls