imfreedom/k8s-cluster

Add a deployment for reviewboard

2020-02-11, Gary Kramlich
951a7052a1f8
Parents 585a58194c6e
Children eb0308192c56
Add a deployment for reviewboard
1 files changed, 357 insertions(+), 0 deletions(-)
  • +357 -0
    50-reviews.imfreedom.org.yaml
    • --- /dev/null Thu Jan 01 00:00:00 1970 +0000
    +++ b/50-reviews.imfreedom.org.yaml Tue Feb 11 03:36:15 2020 -0600
    @@ -0,0 +1,357 @@
    +# This is an installation of https://www.reviewboard.org/.
    +---
    +apiVersion: traefik.containo.us/v1alpha1
    +kind: IngressRoute
    +metadata:
    + name: reviews
    + namespace: roost
    +spec:
    + entryPoints:
    + - https
    + routes:
    + - match: Host(`reviews.imfreedom.org`)
    + kind: Rule
    + services:
    + - name: reviews-reviewboard
    + port: 8000
    + middlewares:
    + - name: common-headers
    + tls:
    + secretName: reviews-tls
    +---
    +apiVersion: cert-manager.io/v1alpha2
    +kind: Certificate
    +metadata:
    + namespace: roost
    + name: reviews-tls
    +spec:
    + secretName: reviews-tls
    + issuerRef:
    + name: letsencrypt
    + commonName: reviews.imfreedom.org
    + dnsNames:
    + - reviews.imfreedom.org
    +---
    +apiVersion: v1
    +kind: Service
    +metadata:
    + namespace: roost
    + labels:
    + app: reviews
    + role: memcached
    + name: reviews-memcached
    +spec:
    + ports:
    + - port: 11211
    + protocol: TCP
    + name: memcached
    + selector:
    + app: reviews
    + role: memcached
    +---
    +apiVersion: networking.k8s.io/v1
    +kind: NetworkPolicy
    +metadata:
    + namespace: roost
    + name: reviews-memcached
    + labels:
    + app: reviews
    + role: memcached
    +spec:
    + podSelector:
    + matchLabels:
    + app: reviews
    + role: memcached
    + ingress:
    + - from:
    + - podSelector:
    + matchLabels:
    + app: reviews
    + role: reviewboard
    + ports:
    + - port: memcached
    + protocol: TCP
    +---
    +apiVersion: apps/v1
    +kind: Deployment
    +metadata:
    + namespace: roost
    + name: reviews-memcached
    + labels:
    + app: reviews
    + role: memcached
    +spec:
    + replicas: 1
    + selector:
    + matchLabels:
    + app: reviews
    + role: memcached
    + strategy:
    + type: Recreate
    + template:
    + metadata:
    + labels:
    + app: reviews
    + role: memcached
    + spec:
    + containers:
    + - name: memcached
    + image: memcached:1.5.20-alpine
    + imagePullPolicy: Always
    + ports:
    + - name: memcached
    + containerPort: 11211
    + resources:
    + limits:
    + cpu: 50m
    + memory: 256Mi
    + requests:
    + cpu: 10m
    + memory: 128Mi
    + securityContext:
    + fsGroup: 11211
    + runAsUser: 11211
    +---
    +apiVersion: v1
    +kind: Service
    +metadata:
    + namespace: roost
    + labels:
    + app: reviews
    + role: postgres
    + name: reviews-postgres
    +spec:
    + ports:
    + - port: 5432
    + protocol: TCP
    + name: postgres
    + selector:
    + app: reviews
    + role: postgres
    +---
    +apiVersion: networking.k8s.io/v1
    +kind: NetworkPolicy
    +metadata:
    + namespace: roost
    + name: reviews-postgres
    + labels:
    + app: reviews
    + role: postgres
    +spec:
    + podSelector:
    + matchLabels:
    + app: reviews
    + role: postgres
    + ingress:
    + - from:
    + - podSelector:
    + matchLabels:
    + app: reviews
    + role: reviewboard
    + ports:
    + - port: postgres
    + protocol: TCP
    +---
    +apiVersion: apps/v1
    +kind: Deployment
    +metadata:
    + namespace: roost
    + name: reviews-postgres
    + labels:
    + app: reviews
    + role: postgres
    +spec:
    + replicas: 1
    + selector:
    + matchLabels:
    + app: reviews
    + role: postgres
    + strategy:
    + type: Recreate
    + template:
    + metadata:
    + labels:
    + app: reviews
    + role: postgres
    + spec:
    + containers:
    + - name: postgres
    + image: postgres:11
    + imagePullPolicy: Always
    + env:
    + - name: POSTGRES_USER
    + valueFrom:
    + secretKeyRef:
    + name: reviews-postgres
    + key: username
    + - name: POSTGRES_PASSWORD
    + valueFrom:
    + secretKeyRef:
    + name: reviews-postgres
    + key: password
    + - name: POSTGRES_DB
    + valueFrom:
    + secretKeyRef:
    + name: reviews-postgres
    + key: db
    + ports:
    + - name: postgres
    + containerPort: 5432
    + resources:
    + limits:
    + cpu: 200m
    + memory: 256Mi
    + requests:
    + cpu: 100m
    + memory: 128Mi
    + volumeMounts:
    + - mountPath: /var/lib/postgresql/data
    + name: reviews-postgres
    + readOnly: false
    + subPath: postgresql
    + volumes:
    + - name: reviews-postgres
    + persistentVolumeClaim:
    + claimName: reviews-postgres
    +---
    +apiVersion: v1
    +kind: PersistentVolumeClaim
    +metadata:
    + namespace: roost
    + name: reviews-postgres
    + labels:
    + app: reviews
    + role: postgres
    +spec:
    + accessModes:
    + - ReadWriteOnce
    + resources:
    + requests:
    + storage: 5Gi
    + volumeName: pvc-7aa02e8f-d9cc-47ae-8ef9-fa9599b419e7
    +---
    +apiVersion: v1
    +kind: Service
    +metadata:
    + namespace: roost
    + labels:
    + app: reviews
    + role: reviewboard
    + name: reviews-reviewboard
    +spec:
    + ports:
    + - port: 8000
    + protocol: TCP
    + name: http
    + selector:
    + app: reviews
    + role: reviewboard
    +---
    +apiVersion: networking.k8s.io/v1
    +kind: NetworkPolicy
    +metadata:
    + namespace: roost
    + name: reviews-reviewboard
    + labels:
    + app: reviews
    + role: reviewboard
    +spec:
    + podSelector:
    + matchLabels:
    + app: reviews
    + role: reviewboard
    + ingress:
    + - from:
    + - namespaceSelector:
    + matchLabels:
    + name: kube-public
    + podSelector:
    + matchLabels:
    + app: traefik
    + role: controller
    + ports:
    + - port: http
    + protocol: TCP
    +---
    +apiVersion: apps/v1
    +kind: Deployment
    +metadata:
    + namespace: roost
    + name: reviews-reviewboard
    + labels:
    + app: reviews
    + role: reviewboard
    +spec:
    + replicas: 1
    + selector:
    + matchLabels:
    + app: reviews
    + role: reviewboard
    + strategy:
    + type: Recreate
    + template:
    + metadata:
    + labels:
    + app: reviews
    + role: reviewboard
    + spec:
    + containers:
    + - name: reviewboard
    + image: ikatson/reviewboard:latest
    + imagePullPolicy: Always
    + env:
    + - name: PGUSER
    + valueFrom:
    + secretKeyRef:
    + name: reviews-postgres
    + key: username
    + - name: PGPASSWORD
    + valueFrom:
    + secretKeyRef:
    + name: reviews-postgres
    + key: password
    + - name: PGDB
    + valueFrom:
    + secretKeyRef:
    + name: reviews-postgres
    + key: db
    + - name: PGHOST
    + value: reviews-postgres
    + - name: MEMCACHED
    + value: reviews-memcached
    + ports:
    + - name: http
    + containerPort: 8000
    + resources:
    + limits:
    + cpu: 500m
    + memory: 512Mi
    + requests:
    + cpu: 250m
    + memory: 256Mi
    + volumeMounts:
    + - mountPath: /var/www/
    + name: reviews-reviewboard
    + readOnly: false
    + subPath: reviewboard
    + volumes:
    + - name: reviews-reviewboard
    + persistentVolumeClaim:
    + claimName: reviews-reviewboard
    +---
    +apiVersion: v1
    +kind: PersistentVolumeClaim
    +metadata:
    + namespace: roost
    + name: reviews-reviewboard
    + labels:
    + app: reviews
    + role: reviewboard
    +spec:
    + accessModes:
    + - ReadWriteOnce
    + resources:
    + requests:
    + storage: 5Gi
    + volumeName: pvc-7895cb6a-0b99-46ef-b2c4-2aa15ed73d1e
    +---