root
/
NAM-APJATEL
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
NAM-APJATEL/deploy/kubernetes/dev.yaml

336 lines
9.6 KiB
YAML
Raw Permalink Blame History

apiVersion: v1
kind: Secret
metadata:
name: nam-frontend-dev-secret
namespace: nam-frontend-dev
labels:
app.kubernetes.io/name: nam-frontend-dev
app.kubernetes.io/instance: nam-frontend-dev
io.portainer.kubernetes.application.name: nam-frontend-dev
io.portainer.kubernetes.application.owner: admin
type: Opaque
data:
VITE_API_URL: YW1lc2NhZmUuY29t
---
apiVersion: v1
kind: ConfigMap
metadata:
name: nam-frontend-dev-config
namespace: nam-frontend-dev
labels:
app.kubernetes.io/name: nam-frontend-dev
app.kubernetes.io/instance: nam-frontend-dev
io.portainer.kubernetes.application.name: nam-frontend-dev
io.portainer.kubernetes.application.owner: admin
data:
".env": |
VITE_API_URL=https://api-nam.winteraccess.id
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
annotations:
volume.alpha.kubernetes.io/storage-class: generic
volume.beta.kubernetes.io/storage-provisioner: cluster.local/nfs-nfs-subdir-external-provisioner
volume.kubernetes.io/storage-provisioner: cluster.local/nfs-nfs-subdir-external-provisioner
labels:
app.kubernetes.io/name: nam-frontend-dev
app.kubernetes.io/instance: nam-frontend-dev
io.portainer.kubernetes.application.name: nam-frontend-dev
io.portainer.kubernetes.application.owner: admin
name: nam-frontend-dev-storage
namespace: nam-frontend-dev
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
storageClassName: nfs
volumeMode: Filesystem
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
annotations:
volume.alpha.kubernetes.io/storage-class: generic
volume.beta.kubernetes.io/storage-provisioner: cluster.local/nfs-nfs-subdir-external-provisioner
volume.kubernetes.io/storage-provisioner: cluster.local/nfs-nfs-subdir-external-provisioner
labels:
app.kubernetes.io/name: nam-frontend-dev
app.kubernetes.io/instance: nam-frontend-dev
io.portainer.kubernetes.application.name: nam-frontend-dev
io.portainer.kubernetes.application.owner: admin
name: nam-frontend-dev-public
namespace: nam-frontend-dev
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
storageClassName: nfs
volumeMode: Filesystem
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
annotations:
volume.alpha.kubernetes.io/storage-class: generic
volume.beta.kubernetes.io/storage-provisioner: cluster.local/nfs-nfs-subdir-external-provisioner
volume.kubernetes.io/storage-provisioner: cluster.local/nfs-nfs-subdir-external-provisioner
labels:
app.kubernetes.io/instance: nam-frontend-dev
app.kubernetes.io/name: nam-frontend-dev
io.portainer.kubernetes.application.name: nam-frontend-dev
io.portainer.kubernetes.application.owner: admin
name: nam-frontend-dev-public
namespace: nam-frontend-dev
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
storageClassName: nfs
volumeMode: Filesystem
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: nam-frontend-dev
namespace: nam-frontend-dev
labels:
app.kubernetes.io/instance: nam-frontend-dev
app.kubernetes.io/name: nam-frontend-dev
io.portainer.kubernetes.application.name: nam-frontend-dev
io.portainer.kubernetes.application.owner: admin
spec:
progressDeadlineSeconds: 600
replicas: 3
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/instance: nam-frontend-dev
app.kubernetes.io/name: nam-frontend-dev
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
type: RollingUpdate
template:
metadata:
labels:
app.kubernetes.io/instance: nam-frontend-dev
app.kubernetes.io/name: nam-frontend-dev
spec:
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchLabels:
app.kubernetes.io/instance: nam-frontend-dev
app.kubernetes.io/name: nam-frontend-dev
topologyKey: "kubernetes.io/hostname"
containers:
- name: web
image: git.winteraccess.id/winter-access/frontend-nam:dev
imagePullPolicy: Always
envFrom:
- configMapRef:
name: nam-frontend-dev-config
- secretRef:
name: nam-frontend-dev-secret
resources:
limits:
cpu: "250m"
memory: 1024M
requests:
cpu: "100m"
memory: 512M
ports:
- containerPort: 80
name: http
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop: ["ALL"]
add: ["NET_ADMIN", "SYS_TIME"]
readOnlyRootFilesystem: true
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /public
name: public
- mountPath: /storage
name: storage
- mountPath: /tmp
name: tmp
initContainers:
- name: init
image: git.winteraccess.id/winter-access/frontend-nam:dev
imagePullPolicy: Always
command: ["/scripts/initialize"]
env:
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: nam-frontend-dev-secret
key: DB_PASSWORD
resources:
limits:
cpu: "250m"
memory: 1024M
requests:
cpu: "100m"
memory: 512M
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop: ["ALL"]
add: ["NET_ADMIN", "SYS_TIME"]
readOnlyRootFilesystem: true
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /public
name: public
- mountPath: /storage
name: storage
- mountPath: /tmp
name: tmp
imagePullSecrets:
- name: winter-registry
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext:
runAsUser: 10001
runAsGroup: 10001
fsGroup: 10001
runAsNonRoot: true
terminationGracePeriodSeconds: 30
volumes:
- name: cache
emptyDir: {}
- name: run
emptyDir: {}
- name: logs
emptyDir: {}
- name: tmp
emptyDir: {}
- name: psysh
emptyDir: {}
- name: config
configMap:
name: nam-frontend-dev-config
- name: public
persistentVolumeClaim:
claimName: nam-frontend-dev-public
- name: storage
persistentVolumeClaim:
claimName: nam-frontend-dev-storage
---
apiVersion: v1
kind: Service
metadata:
name: nam-frontend-dev
namespace: nam-frontend-dev
annotations:
traefik.ingress.kubernetes.io/service.sticky.cookie: "true"
traefik.ingress.kubernetes.io/service.sticky.cookie.name: "nam-frontend-dev"
traefik.ingress.kubernetes.io/service.sticky.cookie.secure: "true"
traefik.ingress.kubernetes.io/service.sticky.cookie.samesite: "none"
labels:
app.kubernetes.io/name: nam-frontend-dev
app.kubernetes.io/instance: nam-frontend-dev
io.portainer.kubernetes.application.name: nam-frontend-dev
io.portainer.kubernetes.application.owner: admin
spec:
internalTrafficPolicy: Cluster
ipFamilies:
- IPv4
ipFamilyPolicy: SingleStack
ports:
- name: http
port: 80
protocol: TCP
targetPort: 8000
selector:
app.kubernetes.io/instance: nam-frontend-dev
app.kubernetes.io/name: nam-frontend-dev
sessionAffinity: None
type: ClusterIP
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: traefik
traefik.ingress.kubernetes.io/router.entrypoints: web
traefik.ingress.kubernetes.io/router.middlewares: default-https-redirect@kubernetescrd
labels:
app.kubernetes.io/instance: nam-frontend-dev
app.kubernetes.io/name: nam-frontend-dev
io.portainer.kubernetes.application.name: nam-frontend-dev
io.portainer.kubernetes.application.owner: admin
name: nam-frontend-dev-http
namespace: nam-frontend-dev
spec:
ingressClassName: traefik
rules:
- host: dev-nam-frontend.winteraccess.id
http:
paths:
- backend:
service:
name: nam-frontend-dev
port:
number: 80
path: /
pathType: Prefix
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-production
kubernetes.io/ingress.class: traefik
traefik.ingress.kubernetes.io/router.entrypoints: websecure
labels:
app.kubernetes.io/instance: nam-frontend-dev
app.kubernetes.io/name: nam-frontend-dev
io.portainer.kubernetes.application.name: nam-frontend-dev
io.portainer.kubernetes.application.owner: admin
name: nam-frontend-dev-https
namespace: nam-frontend-dev
spec:
ingressClassName: traefik
rules:
- host: dev-nam-frontend.winteraccess.id
http:
paths:
- backend:
service:
name: nam-frontend-dev
port:
number: 80
path: /
pathType: Prefix
tls:
- hosts:
- dev-nam-frontend.winteraccess.id
secretName: nam-frontend-dev-tls
Reference in New Issue View Git Blame Copy Permalink