Skip to content

Instantly share code, notes, and snippets.

@looztra

looztra/deploy-app.yml

Last active April 5, 2019 09:47
Show Gist options
  • Save looztra/dc48d8031f895c53e3ae49cb227c796c to your computer and use it in GitHub Desktop.
Save looztra/dc48d8031f895c53e3ae49cb227c796c to your computer and use it in GitHub Desktop.
Download ZIP

Revisions

  1. looztra revised this gist Apr 5, 2019. 1 changed file with 32 additions and 0 deletions.
    32 changes: 32 additions & 0 deletions gittrack.yml
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,32 @@
    ---
    apiVersion: faros.pusher.com/v1alpha1
    kind: GitTrack
    metadata:
    name: apps-integration
    annotations:
    gitops.company.com/target: integration
    spec:
    # Repository accepts any valid Git repository reference, the most common formats
    # are:
    # https://<server>/<organisation>/<repository>
    # <user>@<server>:<organisation>/<repository>
    repository: https://github.com/company/k8s-apps-descriptors.git
    # Reference accepts any valid Git reference, this could be a branch name, tag
    # or commit SHA, eg:
    # master or refs/remotes/origin/master
    # v1.0.0 or refs/tags/v1.0.0
    # ec32c240b7f9b440aa727c9d931751fdd0c40b49
    reference: integration
    # (Optional) SubPath expects a path to a folder within the repository.
    # Note: Faros loads all .yml/.yaml/.json files recursively within the path.
    subPath: auto/environments/integration
    # (Optional) DeployKey allows you to specify credentials for repository access
    # over SSH
    deployKey:
    # SecretName is the name of the secret containing the secret
    secretName: companybot-gitops-apps-integration
    # Key is the Secret's key containing the secret
    key: companybot-faros-token
    # (Optional) Type is the type of credential. Accepted values are "SSH", "HTTPBasicAuth". Defaults to "SSH"
    # When set to "HTTPBasicAuth" the expected secret format is "<username>:<password>".
    type: HTTPBasicAuth
  2. looztra created this gist Apr 5, 2019.
    143 changes: 143 additions & 0 deletions deploy-app.yml
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,143 @@
    ---
    apiVersion: apps/v1
    kind: Deployment
    metadata:
    name: api
    labels:
    app: platform
    component: api
    annotations:
    company.com/owner: devel
    spec:
    replicas: 1
    minReadySeconds: 5
    revisionHistoryLimit: 3
    strategy:
    type: RollingUpdate
    rollingUpdate:
    maxSurge: 1
    maxUnavailable: 0
    selector:
    matchLabels:
    app: platform
    component: api
    template:
    metadata:
    labels:
    app: platform
    component: api
    annotations:
    company.com/owner: devel
    data.company.com/dns-name: postgres
    spec:
    initContainers:
    - name: init-wait-for-db
    image: busybox:latest
    env:
    - name: DB_DNS_NAME
    valueFrom:
    fieldRef:
    fieldPath: metadata.annotations['data.company.com/dns-name']
    command:
    - "/bin/sh"
    args:
    - "-c"
    - |
    IN_ARGS_DB_DNS_NAME=$(DB_DNS_NAME)
    echo "Searching for DB at [$IN_ARGS_DB_DNS_NAME]"
    while true
    do
    rt=$(nc -z -w 1 ${IN_ARGS_DB_DNS_NAME} 5432)
    if [ $? -eq 0 ]; then
    echo "DB is UP"
    break
    fi
    echo "DB is not yet reachable at [$IN_ARGS_DB_DNS_NAME];sleep for 10s before retry"
    sleep 10
    done
    containers:
    - name: api
    image: looztra/guestbook-filter:0.6.2-aio
    imagePullPolicy: Always
    envFrom:
    - configMapRef:
    name: api-configuration
    env:
    - name: SPRING_PROFILES_ACTIVE
    value: prod
    - name: JHIPSTER_SECURITY_AUTHENTICATION_JWT_BASE64_SECRET
    valueFrom:
    secretKeyRef:
    name: jwt-secret
    key: secret
    - name: DB_DNS_NAME
    valueFrom:
    fieldRef:
    fieldPath: metadata.annotations['data.company.com/dns-name']
    - name: SPRING_DATASOURCE_URL
    value: jdbc:postgresql://$(DB_DNS_NAME):5432/companyPlatformAPI
    - name: SPRING_DATASOURCE_USERNAME
    value: companyplatformapi
    - name: SPRING_DATASOURCE_PASSWORD
    valueFrom:
    secretKeyRef:
    name: postgres-creds
    key: postgres-password
    - name: SPRING_MAIL_PROTOCOL
    value: smtps
    - name: SPRING_MAIL_HOST
    value: email-smtp.us-east-1.amazonaws.com
    - name: SPRING_MAIL_PORT
    value: "465"
    - name: SPRING_MAIL_PROPERTIES_MAIL_SMTP_STARTTLS_ENABLE
    value: "true"
    - name: SPRING_MAIL_PROPERTIES_MAIL_SMTP_STARTTLS_REQUIRED
    value: "true"
    - name: SPRING_MAIL_PROPERTIES_MAIL_SMTP_SSL_ENABLE
    value: "true"
    - name: SPRING_MAIL_PROPERTIES_MAIL_SMTPS_AUTH
    value: "true"
    - name: SPRING_MAIL_PROPERTIES_MAIL_TRANSPORT_PROTOCOL
    value: smtps
    - name: SPRING_MAIL_USERNAME
    valueFrom:
    secretKeyRef:
    name: ses-smtp-creds
    key: smtp-user
    - name: SPRING_MAIL_PASSWORD
    valueFrom:
    secretKeyRef:
    name: ses-smtp-creds
    key: smtp-password
    - name: JHIPSTER_MAIL_FROM
    value: [email protected]
    - name: JHIPSTER_MAIL_BASE_URL
    value: $(JHIPSTER_MAIL_BASE_URL)
    resources:
    requests:
    memory: "512Mi"
    cpu: "100m"
    limits:
    memory: "512Mi"
    cpu: "1000m"
    ports:
    - name: http
    containerPort: 8080
    livenessProbe:
    httpGet:
    path: /admin/info
    port: http
    initialDelaySeconds: 50
    timeoutSeconds: 1
    failureThreshold: 3
    successThreshold: 1
    periodSeconds: 10
    readinessProbe:
    httpGet:
    path: /admin/health
    port: http
    initialDelaySeconds: 50
    timeoutSeconds: 1
    failureThreshold: 3
    successThreshold: 1
    periodSeconds: 10
    99 changes: 99 additions & 0 deletions postgres-all-in-one.yml
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,99 @@
    ---
    apiVersion: v1
    kind: Secret
    metadata:
    name: postgres-creds
    labels:
    app: api
    annotations:
    company.com/owner: devel
    type: Opaque
    data:
    postgres-password: d2UtdXNlLWZhcm9z
    ---
    apiVersion: extensions/v1beta1
    kind: Deployment
    metadata:
    name: postgres
    labels:
    app: platform
    component: postgres
    annotations:
    company.com/owner: devel
    spec:
    replicas: 1
    template:
    metadata:
    labels:
    app: platform
    component: postgres
    spec:
    volumes:
    - name: data
    emptyDir: {}
    containers:
    - name: postgres
    image: postgres:9.6
    env:
    - name: PGDATA
    value: /var/lib/postgresql/data/pgdata
    - name: POSTGRES_DB
    value: companyPlatformAPI
    - name: POSTGRES_USER
    value: companyplatformapi
    - name: POSTGRES_PASSWORD
    valueFrom:
    secretKeyRef:
    name: postgres-creds
    key: postgres-password
    - name: POD_IP
    valueFrom:
    fieldRef:
    fieldPath: status.podIP
    ports:
    - name: pg
    containerPort: 5432
    volumeMounts:
    - name: data
    mountPath: /var/lib/postgresql/data
    resources:
    requests:
    cpu: 100m
    limits:
    memory: 128Mi
    cpu: 500m
    livenessProbe:
    exec:
    command:
    - sh
    - -c
    - exec pg_isready --host $POD_IP
    initialDelaySeconds: 60
    timeoutSeconds: 5
    failureThreshold: 6
    successThreshold: 1
    periodSeconds: 10
    readinessProbe:
    exec:
    command:
    - sh
    - -c
    - exec pg_isready --host $POD_IP
    initialDelaySeconds: 5
    timeoutSeconds: 3
    failureThreshold: 3
    successThreshold: 1
    periodSeconds: 10
    ---
    apiVersion: v1
    kind: Service
    metadata:
    name: postgres
    spec:
    selector:
    app: platform
    component: postgres
    ports:
    - name: pg
    port: 5432
    targetPort: pg