imfreedom/k8s-cluster

Add a deployment for lists.pidgin.im

16 months ago, Gary Kramlich
58df72dc379a
Parents 22ca0a0280d4
Children a855f6b1bc55
Add a deployment for lists.pidgin.im

Currently this is just running on liststest.pidgin.im until we are ready to
migrate production.
2 files changed, 142 insertions(+), 0 deletions(-)
  • +5 -0
    50-lists.pidgin.im/kustomization.yaml
  • +137 -0
    50-lists.pidgin.im/manifest.yaml
    • --- /dev/null Thu Jan 01 00:00:00 1970 +0000
    +++ b/50-lists.pidgin.im/kustomization.yaml Wed Dec 21 02:45:37 2022 -0600
    @@ -0,0 +1,5 @@
    +---
    +namespace: roost
    +resources:
    + - manifest.yaml
    +---
    --- /dev/null Thu Jan 01 00:00:00 1970 +0000
    +++ b/50-lists.pidgin.im/manifest.yaml Wed Dec 21 02:45:37 2022 -0600
    @@ -0,0 +1,137 @@
    +---
    +apiVersion: traefik.containo.us/v1alpha1
    +kind: IngressRoute
    +metadata:
    + name: lists-pidgin-im-http
    +spec:
    + entryPoints:
    + - http
    + routes:
    + - match: Host(`lists.pidgin.im`) || Host(`liststemp.pidgin.im`)
    + kind: Rule
    + services:
    + - name: lists-pidgin-im
    + port: 80
    + middlewares:
    + - name: https-redirect
    +---
    +apiVersion: traefik.containo.us/v1alpha1
    +kind: IngressRoute
    +metadata:
    + name: lists-pidgin-im-https
    +spec:
    + entryPoints:
    + - https
    + routes:
    + - match: Host(`lists.pidgin.im`) || Host(`liststemp.pidgin.im`)
    + kind: Rule
    + services:
    + - name: lists-pidgin-im
    + port: 80
    + middlewares:
    + - name: common-headers
    + - name: hsts-headers
    + tls:
    + secretName: lists-pidgin-im-tls
    +---
    +apiVersion: cert-manager.io/v1
    +kind: Certificate
    +metadata:
    + name: lists-pidgin-im-tls
    +spec:
    + secretName: lists-pidgin-im-tls
    + issuerRef:
    + name: letsencrypt
    + commonName: liststemp.pidgin.im
    + dnsNames:
    + - liststemp.pidgin.im
    +---
    +apiVersion: v1
    +kind: Service
    +metadata:
    + name: lists-pidgin-im
    + labels:
    + app: lists-pidgin-im
    +spec:
    + ports:
    + - port: 80
    + protocol: TCP
    + selector:
    + app: lists-pidgin-im
    +---
    +apiVersion: networking.k8s.io/v1
    +kind: NetworkPolicy
    +metadata:
    + name: lists-pidgin-im
    + labels:
    + app: lists-pidgin-im
    +spec:
    + podSelector:
    + matchLabels:
    + app: lists-pidgin-im
    + ingress:
    + - from:
    + - namespaceSelector:
    + matchLabels:
    + name: kube-public
    + podSelector:
    + matchLabels:
    + app: traefik
    + role: controller
    + ports:
    + - port: 80
    + protocol: TCP
    +---
    +apiVersion: policy/v1
    +kind: PodDisruptionBudget
    +metadata:
    + name: lists-pidgin-im
    +spec:
    + minAvailable: 1
    + selector:
    + matchLabels:
    + app: lists-pidgin-im
    +---
    +apiVersion: apps/v1
    +kind: Deployment
    +metadata:
    + name: lists-pidgin-im
    + labels:
    + app: lists-pidgin-im
    + keel.sh/policy: force
    + keel.sh/trigger: poll
    + annotations:
    + keel.sh/pollSchedule: "@every 30m"
    +spec:
    + replicas: 2
    + revisionHistoryLimit: 0
    + selector:
    + matchLabels:
    + app: lists-pidgin-im
    + template:
    + metadata:
    + labels:
    + app: lists-pidgin-im
    + spec:
    + topologySpreadConstraints:
    + # Spreads out pods over the nodes
    + - labelSelector:
    + matchLabels:
    + app: lists-pidgin-im
    + maxSkew: 1
    + topologyKey: kubernetes.io/hostname
    + whenUnsatisfiable: DoNotSchedule
    + containers:
    + - name: lists-pidgin-im
    + image: docker.io/pidgin/list-archives:latest
    + imagePullPolicy: Always
    + ports:
    + - containerPort: 80
    + resources:
    + limits:
    + cpu: 50m
    + memory: 96Mi
    + requests:
    + cpu: 10m
    + memory: 64Mi
    +---